Set capabilities sooner.
Bug 3135433.
Change-Id: I4e34b60c0a01b85ce0d80eb96ff3510604a68c71
diff --git a/core/java/com/android/internal/os/ZygoteConnection.java b/core/java/com/android/internal/os/ZygoteConnection.java
index da0c5a2..c473fd2 100644
--- a/core/java/com/android/internal/os/ZygoteConnection.java
+++ b/core/java/com/android/internal/os/ZygoteConnection.java
@@ -681,19 +681,6 @@
throws ZygoteInit.MethodAndArgsCaller {
/*
- * First, set the capabilities if necessary
- */
-
- if (parsedArgs.uid != 0) {
- try {
- ZygoteInit.setCapabilities(parsedArgs.permittedCapabilities,
- parsedArgs.effectiveCapabilities);
- } catch (IOException ex) {
- Log.e(TAG, "Error setting capabilities", ex);
- }
- }
-
- /*
* Close the socket, unless we're in "peer wait" mode, in which
* case it's used to track the liveness of this process.
*/
diff --git a/core/java/com/android/internal/os/ZygoteInit.java b/core/java/com/android/internal/os/ZygoteInit.java
index 397ae60..f0e5517 100644
--- a/core/java/com/android/internal/os/ZygoteInit.java
+++ b/core/java/com/android/internal/os/ZygoteInit.java
@@ -491,18 +491,6 @@
private static void handleSystemServerProcess(
ZygoteConnection.Arguments parsedArgs)
throws ZygoteInit.MethodAndArgsCaller {
- /*
- * First, set the capabilities if necessary
- */
-
- if (parsedArgs.uid != 0) {
- try {
- setCapabilities(parsedArgs.permittedCapabilities,
- parsedArgs.effectiveCapabilities);
- } catch (IOException ex) {
- Log.e(TAG, "Error setting capabilities", ex);
- }
- }
closeServerSocket();
@@ -548,7 +536,9 @@
/* Request to fork the system server process */
pid = Zygote.forkSystemServer(
parsedArgs.uid, parsedArgs.gid,
- parsedArgs.gids, debugFlags, null);
+ parsedArgs.gids, debugFlags, null,
+ parsedArgs.permittedCapabilities,
+ parsedArgs.effectiveCapabilities);
} catch (IllegalArgumentException ex) {
throw new RuntimeException(ex);
}