Merge "Use _exit for profile copy dexopt command" into oc-dr1-dev am: de65cb8e1f Change-Id: I1d53221347533d9d7b393141b4262b66cee53134

commit: d4f8de92ee0628bcf4f496bbd72e85d9b637ea5e [log] [tgz]
author: Mathieu Chartier <mathieuc@google.com> Thu Jun 15 18:54:54 2017 +0000
committer: android-build-merger <android-build-merger@google.com> Thu Jun 15 18:54:54 2017 +0000
tree: 2540f70300af2d7ffad76a009ad4be9da7136d77
parent: 289fd0d07959b8c5644f289f8bcefa704b5568b6 [diff]
parent: de65cb8e1fa8b15815ff7af9602797b6bc54a8b4 [diff]
diff --git a/cmds/installd/dexopt.cpp b/cmds/installd/dexopt.cpp
index 4ecbf92..baa05d0 100644
--- a/cmds/installd/dexopt.cpp
+++ b/cmds/installd/dexopt.cpp

@@ -863,6 +863,8 @@
         return false;
     }
 
+    // As a security measure we want to write the profile information with the reduced capabilities
+    // of the package user id. So we fork and drop capabilities in the child.
     pid_t pid = fork();
     if (pid == 0) {
         /* child -- drop privileges before continuing */
@@ -900,7 +902,9 @@
         if (flock(out_fd.get(), LOCK_UN) != 0) {
             PLOG(WARNING) << "Error unlocking profile " << data_profile_location;
         }
-        exit(0);
+        // Use _exit since we don't want to run the global destructors in the child.
+        // b/62597429
+        _exit(0);
     }
     /* parent */
     int return_code = wait_child(pid);
commit	d4f8de92ee0628bcf4f496bbd72e85d9b637ea5e	[log] [tgz]
author	Mathieu Chartier <mathieuc@google.com>	Thu Jun 15 18:54:54 2017 +0000
committer	android-build-merger <android-build-merger@google.com>	Thu Jun 15 18:54:54 2017 +0000
tree	2540f70300af2d7ffad76a009ad4be9da7136d77
parent	289fd0d07959b8c5644f289f8bcefa704b5568b6 [diff]
parent	de65cb8e1fa8b15815ff7af9602797b6bc54a8b4 [diff]