It was reported that some checks during our launching could be more verbose
and informative about what is going on. Added few more sentences to clearly
state if application process is improperly setup and why.
Change-Id: I47d6578dceff957cf76aa8ee690420d5a5cc9d7f
bool CheckProperDrop::checkThreads()
{
#define REPORT_THREAD_ERROR(TID, NAME, VAL1, VAL2) { \
- LogError("Invalid value of " << (NAME) << " for thread " << (TID) << "." \
- << ". Process has " << (VAL1) << ", thread has " << (VAL2) << "."); \
+ LogError("Invalid value of " << (NAME) << " for thread " << (TID) << ". " \
+ << "Process has " << (VAL1) << ", thread has " << (VAL2) << ". " \
+ << "Application candidate process not prepared properly for launch. " \
+ << (NAME) << " values should be same for all threads."); \
return false; \
}
FS::FileNameVector files = FS::getSubDirectoriesFromDirectory("/proc/self/task");
if (files.size() > 3) { // 3 because we have ., we have .. and we should have only one thread here
- LogError("Too many threads in current process, can't switch to new namespace safely in multithreaded program");
+ LogError("Too many threads in current process, can't switch to new namespace safely in multithreaded program. "\
+ "Abort launching the application, as it may have too high privileges and pose risk to the system.");
return SECURITY_MANAGER_ERROR_INPUT_PARAM;
}
return MountNS::createMountNamespace();
projects / platform / core / security / security-manager.git / commitdiff