Framework: Disable native-bridge for non-zygote
Non-zygotes may not have the permissions/capabilities to run a
bridge and may abort attempts to load a bridge because of seccomp
rules. So don't tell the runtime to load a bridge when starting
a non-zygote.
Bug: 77878177
Bug: 80118963
Test: m
Test: cts-tradefed run commandAndExit cts-dev -m CtsWrapWrapDebugTestCases
Change-Id: I7894b89feec79e4bd478f649c004ad29fc46597e
diff --git a/core/jni/AndroidRuntime.cpp b/core/jni/AndroidRuntime.cpp
index b1e1dd3..a7e0fec 100644
--- a/core/jni/AndroidRuntime.cpp
+++ b/core/jni/AndroidRuntime.cpp
@@ -907,10 +907,13 @@
}
// Native bridge library. "0" means that native bridge is disabled.
+ //
+ // Note: bridging is only enabled for the zygote. Other runs of
+ // app_process may not have the permissions to mount etc.
property_get("ro.dalvik.vm.native.bridge", propBuf, "");
if (propBuf[0] == '\0') {
ALOGW("ro.dalvik.vm.native.bridge is not expected to be empty");
- } else if (strcmp(propBuf, "0") != 0) {
+ } else if (zygote && strcmp(propBuf, "0") != 0) {
snprintf(nativeBridgeLibrary, sizeof("-XX:NativeBridge=") + PROPERTY_VALUE_MAX,
"-XX:NativeBridge=%s", propBuf);
addOption(nativeBridgeLibrary);