From 821eb0d007f4a48a2cf97f365c7f21801dc14031 Mon Sep 17 00:00:00 2001
From: Jin Qian <jinqian@google.com>
Date: Fri, 10 Feb 2017 18:29:35 -0800
Subject: storaged: fix selinux dac_override denial

Bug: 35250057
Bug: 34198239
Change-Id: I18592d298765dc46ab05f25ae2ced0a5eddacc8b
---
 storaged/Android.mk  |  1 -
 storaged/main.cpp    | 26 --------------------------
 storaged/storaged.rc |  2 ++
 3 files changed, 2 insertions(+), 27 deletions(-)

(limited to 'storaged')

diff --git a/storaged/Android.mk b/storaged/Android.mk
index 5abfb7ad5..2adb14daa 100644
--- a/storaged/Android.mk
+++ b/storaged/Android.mk
@@ -9,7 +9,6 @@ LIBSTORAGED_SHARED_LIBRARIES := \
     libcutils \
     liblog \
     libsysutils \
-    libcap \
     libpackagelistparser \
     libbatteryservice \
 
diff --git a/storaged/main.cpp b/storaged/main.cpp
index 1103df22f..f5a8f3901 100644
--- a/storaged/main.cpp
+++ b/storaged/main.cpp
@@ -55,32 +55,6 @@ static int drop_privs() {
 
     if (setpriority(PRIO_PROCESS, 0, ANDROID_PRIORITY_BACKGROUND) < 0) return -1;
 
-    if (prctl(PR_SET_KEEPCAPS, 1) < 0) return -1;
-
-    std::unique_ptr<struct _cap_struct, int(*)(void *)> caps(cap_init(), cap_free);
-    if (cap_clear(caps.get()) < 0) return -1;
-    cap_value_t cap_value[] = {
-        CAP_SETGID,
-        CAP_SETUID
-    };
-    if (cap_set_flag(caps.get(), CAP_PERMITTED,
-                     arraysize(cap_value), cap_value,
-                     CAP_SET) < 0) return -1;
-    if (cap_set_flag(caps.get(), CAP_EFFECTIVE,
-                     arraysize(cap_value), cap_value,
-                     CAP_SET) < 0) return -1;
-    if (cap_set_proc(caps.get()) < 0)
-        return -1;
-
-    if (setgid(AID_SYSTEM) != 0) return -1;
-
-    if (setuid(AID_SYSTEM) != 0) return -1;
-
-    if (cap_set_flag(caps.get(), CAP_PERMITTED, 2, cap_value, CAP_CLEAR) < 0) return -1;
-    if (cap_set_flag(caps.get(), CAP_EFFECTIVE, 2, cap_value, CAP_CLEAR) < 0) return -1;
-    if (cap_set_proc(caps.get()) < 0)
-        return -1;
-
     return 0;
 }
 
diff --git a/storaged/storaged.rc b/storaged/storaged.rc
index 53fdb85f5..bb7c623fd 100644
--- a/storaged/storaged.rc
+++ b/storaged/storaged.rc
@@ -2,3 +2,5 @@ service storaged /system/bin/storaged
     class main
     file /d/mmc0/mmc0:0001/ext_csd r
     writepid /dev/cpuset/system-background/tasks
+    user root
+    group system package_info
\ No newline at end of file
-- 
cgit v1.2.3