Use _exit for profile copy dexopt command
Previously we used exit(0), but this called global destructors and
could cause problems depending on the state when the forking
happened.
Using _exit avoids calling hte global destructors in the child
process.
Test: Delete packages.xml and flash to simulate first boot
Bug: 62597429
Change-Id: I3a6dcd5f05ca85e1488df154ec283c2ec842e59f
diff --git a/cmds/installd/dexopt.cpp b/cmds/installd/dexopt.cpp
index 4ecbf92..baa05d0 100644
--- a/cmds/installd/dexopt.cpp
+++ b/cmds/installd/dexopt.cpp
@@ -863,6 +863,8 @@
return false;
}
+ // As a security measure we want to write the profile information with the reduced capabilities
+ // of the package user id. So we fork and drop capabilities in the child.
pid_t pid = fork();
if (pid == 0) {
/* child -- drop privileges before continuing */
@@ -900,7 +902,9 @@
if (flock(out_fd.get(), LOCK_UN) != 0) {
PLOG(WARNING) << "Error unlocking profile " << data_profile_location;
}
- exit(0);
+ // Use _exit since we don't want to run the global destructors in the child.
+ // b/62597429
+ _exit(0);
}
/* parent */
int return_code = wait_child(pid);