commit 8d005a6ffb40ce56b4804be34821bf9da862b57e
author Orion Hodson <oth@google.com> Wed Dec 05 12:28:53 2018 +0000
committer Orion Hodson <oth@google.com> Wed Dec 05 12:28:53 2018 +0000
tree f2c77d376b6c41ad4eae71847eac93613e5188ff
parent d413c3288ccb65675cad3fdcff53a61e96c669db

Move EnableDebuggger from ART to zygote

Bug: 120485385
Test: cts
Change-Id: I17dc7048b3b1c4acb0b5816c45b52f9523a480ca

core/jni/com_android_internal_os_Zygote.cpp

diff --git a/core/jni/com_android_internal_os_Zygote.cpp b/core/jni/com_android_internal_os_Zygote.cpp
index b96b8ec..7a3f49a 100644
--- a/core/jni/com_android_internal_os_Zygote.cpp
+++ b/core/jni/com_android_internal_os_Zygote.cpp
@@ -99,6 +99,11 @@
   MOUNT_EXTERNAL_WRITE = 3,
 };
 
+// Must match values in com.android.internal.os.Zygote.
+enum RuntimeFlags : uint32_t {
+  DEBUG_ENABLE_JDWP = 1,
+};
+
 static void RuntimeAbort(JNIEnv* env, int line, const char* msg) {
   std::ostringstream oss;
   oss << __FILE__ << ":" << line << ": " << msg;
@@ -251,6 +256,36 @@
   return true;
 }
 
+static void EnableDebugger() {
+  // To let a non-privileged gdbserver attach to this
+  // process, we must set our dumpable flag.
+  if (prctl(PR_SET_DUMPABLE, 1, 0, 0, 0) == -1) {
+    ALOGE("prctl(PR_SET_DUMPABLE) failed");
+  }
+
+  // A non-privileged native debugger should be able to attach to the debuggable app, even if Yama
+  // is enabled (see kernel/Documentation/security/Yama.txt).
+  if (prctl(PR_SET_PTRACER, PR_SET_PTRACER_ANY, 0, 0, 0) == -1) {
+    // if Yama is off prctl(PR_SET_PTRACER) returns EINVAL - don't log in this
+    // case since it's expected behaviour.
+    if (errno != EINVAL) {
+      ALOGE("prctl(PR_SET_PTRACER, PR_SET_PTRACER_ANY) failed");
+    }
+  }
+
+  // We don't want core dumps, though, so set the soft limit on core dump size
+  // to 0 without changing the hard limit.
+  rlimit rl;
+  if (getrlimit(RLIMIT_CORE, &rl) == -1) {
+    ALOGE("getrlimit(RLIMIT_CORE) failed");
+  } else {
+    rl.rlim_cur = 0;
+    if (setrlimit(RLIMIT_CORE, &rl) == -1) {
+      ALOGE("setrlimit(RLIMIT_CORE) failed");
+    }
+  }
+}
+
 // The debug malloc library needs to know whether it's the zygote or a child.
 extern "C" int gMallocLeakZygoteChild;
 
@@ -784,6 +819,11 @@
     }
   }
 
+  // Set process properties to enable debugging if required.
+  if ((runtime_flags & RuntimeFlags::DEBUG_ENABLE_JDWP) != 0) {
+    EnableDebugger();
+  }
+
   if (NeedsNoRandomizeWorkaround()) {
       // Work around ARM kernel ASLR lossage (http://b/5817320).
       int old_personality = personality(0xffffffff);