From 85f39117886ea3a7d5539f435eb5a2a13822b70b Mon Sep 17 00:00:00 2001
From: INSUN PYO <insun.pyo@samsung.com>
Date: Wed, 14 Jun 2017 16:59:43 +0900
Subject: [PATCH] Remove unnecessary privilege change codes (Bypass seteuid(0)
 when the calling process is root)

While MIC-building a Tizen image, /usr/bin/tpk-backend with libgum calls gum_utils_gain_privileges() and is crashed.

void gum_utils_gain_privileges ()
{
    if (seteuid(0)) WARN ("seteuid() failed");
}

It is found that seteuid(0) system calls with created threads
result in Segmentation Fault (SIGSEGV) in qemu-arm 2.7 and even in up-to-date qemu-arm 2.9

void *thread_main(void *);

int main(void) {
        int status;
        pthread_t thread;

        pthread_create(&thread, NULL, &thread_main, NULL);  <-- After creating a thread

        sleep(1);
        seteuid(0);  <-- Call seteuid(0)

        pthread_join(thread, (void **)&status);

        return 0;
}

void *thread_main(void *arg) {
        printf ("Thread.\n");
        pause();
}

$) armv7l-tizen-linux-gnueabi-c++ -static -o test test.cc -lpthread
$) qemu-arm test
Segmentation fault (core dumped)

It seems a kind of QEMU bug.
When this patch (https://bugs.launchpad.net/qemu/+bug/1594394) is applied to QEMU 2.9, the problem is resolved.
To avoid the crash during MIC build without the qemu patch, this workaround patch needs to be submitted.

Signed-off-by: INSUN PYO <insun.pyo@samsung.com>
Change-Id: I59a3d37a43864e0f4147c8088fe21db3ad692df5
Signed-off-by: Hyotaek Shim <hyotaek.shim@samsung.com>
---
 src/common/gum-utils.c | 15 +++++++--------
 1 file changed, 7 insertions(+), 8 deletions(-)

diff --git a/src/common/gum-utils.c b/src/common/gum-utils.c
index 255754d..ff6298e 100644
--- a/src/common/gum-utils.c
+++ b/src/common/gum-utils.c
@@ -134,9 +134,10 @@ nonce_exit:
  * Drops the privileges for the calling process. Effective uid is to real uid.
  *
  */
-void
-gum_utils_drop_privileges ()
+void gum_utils_drop_privileges ()
 {
+    if (getuid() == (uid_t)0) return;
+
     DBG ("Before set: r-uid %d e-uid %d", getuid (), geteuid ());
     if (seteuid (getuid()))
         WARN ("seteuid() failed");
@@ -149,13 +150,11 @@ gum_utils_drop_privileges ()
  * Gains the privileges for the calling process. Effective uid is to 0.
  *
  */
-void
-gum_utils_gain_privileges ()
+void gum_utils_gain_privileges ()
 {
-    DBG ("Before set: r-uid %d e-uid %d", getuid (), geteuid ());
-    if (seteuid (0))
-        WARN ("seteuid() failed");
-    DBG ("After set: r-uid %d e-uid %d", getuid (), geteuid ());
+    if (getuid() == (uid_t)0) return;
+
+    if (seteuid (0)) WARN ("seteuid() failed");
 }
 
 static gint
-- 
2.7.4