From 14a1cd9e357312b8b0c48a9c7fdb33a10bed8930 Mon Sep 17 00:00:00 2001 From: Andreas Gampe Date: Thu, 7 Jun 2018 09:42:02 -0700 Subject: [PATCH] Framework: Disable native-bridge for non-zygote Non-zygotes may not have the permissions/capabilities to run a bridge and may abort attempts to load a bridge because of seccomp rules. So don't tell the runtime to load a bridge when starting a non-zygote. Bug: 77878177 Bug: 80118963 Test: m Test: cts-tradefed run commandAndExit cts-dev -m CtsWrapWrapDebugTestCases Change-Id: I7894b89feec79e4bd478f649c004ad29fc46597e --- core/jni/AndroidRuntime.cpp | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/core/jni/AndroidRuntime.cpp b/core/jni/AndroidRuntime.cpp index b1e1dd3395ae..a7e0fecf3077 100644 --- a/core/jni/AndroidRuntime.cpp +++ b/core/jni/AndroidRuntime.cpp @@ -907,10 +907,13 @@ int AndroidRuntime::startVm(JavaVM** pJavaVM, JNIEnv** pEnv, bool zygote) } // Native bridge library. "0" means that native bridge is disabled. + // + // Note: bridging is only enabled for the zygote. Other runs of + // app_process may not have the permissions to mount etc. property_get("ro.dalvik.vm.native.bridge", propBuf, ""); if (propBuf[0] == '\0') { ALOGW("ro.dalvik.vm.native.bridge is not expected to be empty"); - } else if (strcmp(propBuf, "0") != 0) { + } else if (zygote && strcmp(propBuf, "0") != 0) { snprintf(nativeBridgeLibrary, sizeof("-XX:NativeBridge=") + PROPERTY_VALUE_MAX, "-XX:NativeBridge=%s", propBuf); addOption(nativeBridgeLibrary); -- 2.11.0