Drop capabilities before spawning any vcpu thread

In case crosvm starts with elevated capabilities (for example, we need
to start with CAP_SETGID to be able to map additional gids into plugin
jail), we should drop them before spawning VCPU threads.

BUG=b:117989168
TEST=Start plugin via concierge_client and verify the process does not
     have any effective or permitted privileges.
     tast run [] 'vm.*'

Change-Id: Ia1e80bfe19b296936d77fe9ffeda361211b41eed
Reviewed-on: https://chromium-review.googlesource.com/1506296
Commit-Ready: Dmitry Torokhov <dtor@chromium.org>
Tested-by: Dmitry Torokhov <dtor@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Chirantan Ekbote <chirantan@chromium.org>

1 files changed, 2 insertions, 0 deletions

diff --git a/sys_util/src/lib.rs b/sys_util/src/lib.rs
index 29aa489..dcc7390 100644
--- a/sys_util/src/lib.rs
+++ b/sys_util/src/lib.rs
@@ -18,6 +18,7 @@ pub mod handle_eintr;
 pub mod ioctl;
 #[macro_use]
 pub mod syslog;
+mod capabilities;
 mod clock;
 mod errno;
 mod eventfd;
@@ -43,6 +44,7 @@ mod terminal;
 mod timerfd;
 mod write_zeroes;
 
+pub use capabilities::drop_capabilities;
 pub use clock::{Clock, FakeClock};
 use errno::errno_result;
 pub use errno::{Error, Result};