From bc42132c0657ece8bb55c38f9c1a687835632103 Mon Sep 17 00:00:00 2001
From: Nick Kralevich <nnk@google.com>
Date: Tue, 7 May 2013 10:38:21 -0700
Subject: [PATCH] Don't emit a warning message on missing PR_SET_NO_NEW_PRIVS

If the kernel doesn't support PR_SET_NO_NEW_PRIVS, then
don't print a warning message. The warning message only serves
to confuse other people.

This change assumes that, if EINVAL is returned, the kernel is an
old kernel. Newer kernels have no option to disable PR_SET_NO_NEW_PRIVS,
so IMHO, this is a fair assumption.

Change-Id: I77b4769e1d93a9b2412ba5365227283761940fdc
---
 vm/Init.cpp | 11 ++++-------
 1 file changed, 4 insertions(+), 7 deletions(-)

diff --git a/vm/Init.cpp b/vm/Init.cpp
index 9169a5da6..3d6697470 100644
--- a/vm/Init.cpp
+++ b/vm/Init.cpp
@@ -1716,13 +1716,10 @@ static bool initZygote()
 
 #ifdef HAVE_ANDROID_OS
     if (prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0) < 0) {
-        if (errno == EINVAL) {
-            SLOGW("PR_SET_NO_NEW_PRIVS failed. "
-                  "Is your kernel compiled correctly?: %s", strerror(errno));
-            // Don't return -1 here, since it's expected that not all
-            // kernels will support this option.
-        } else {
-            SLOGW("PR_SET_NO_NEW_PRIVS failed: %s", strerror(errno));
+        // Older kernels don't understand PR_SET_NO_NEW_PRIVS and return
+        // EINVAL. Don't die on such kernels.
+        if (errno != EINVAL) {
+            SLOGE("PR_SET_NO_NEW_PRIVS failed: %s", strerror(errno));
             return -1;
         }
     }
-- 
2.11.0