Merge "Avoid prctl(PR_PAC_RESET_KEYS) on devices without PAC support." am: 2f62c26bcb am: c30eb0ff47 am: f412f0892a

Original change: https://android-review.googlesource.com/c/platform/bionic/+/1684248

Change-Id: I28e541b4d776f1f9e2617d98df2e133d32e54c84

1 files changed, 6 insertions, 1 deletions

diff --git a/libc/bionic/pthread_create.cpp b/libc/bionic/pthread_create.cpp
index f3fee8805..46d9e8672 100644
--- a/libc/bionic/pthread_create.cpp
+++ b/libc/bionic/pthread_create.cpp
@@ -30,6 +30,7 @@
 
 #include <errno.h>
 #include <string.h>
+#include <sys/auxv.h>
 #include <sys/mman.h>
 #include <sys/prctl.h>
 #include <sys/random.h>
@@ -346,7 +347,11 @@ static int __pthread_start(void* arg) {
   __rt_sigprocmask(SIG_SETMASK, &thread->start_mask, nullptr, sizeof(thread->start_mask));
 #ifdef __aarch64__
   // Chrome's sandbox prevents this prctl, so only reset IA if the target SDK level is high enough.
-  if (android_get_application_target_sdk_version() >= __ANDROID_API_S__) {
+  // Furthermore, processes loaded from vendor partitions may have their own sandboxes that would
+  // reject the prctl. Because no devices launched with PAC enabled before S, we can avoid issues on
+  // upgrading devices by checking for PAC support before issuing the prctl.
+  static const bool pac_supported = getauxval(AT_HWCAP) & HWCAP_PACA;
+  if (pac_supported && android_get_application_target_sdk_version() >= __ANDROID_API_S__) {
     prctl(PR_PAC_RESET_KEYS, PR_PAC_APIAKEY, 0, 0, 0);
   }
 #endif