dumpstate: fix retention of CAP_SYSLOG after dropping root

Summary: Prior to dumping, dumpstate drops its root privileges.It sets its "keep capabilities" flag via PR_SET_KEEPCAPS in an attempt to maintain CAP_SYSLOG if the capability was present before dropping root. However, the "keep capabilities" flag applies to the permitted set, not the effective set. The effective set is cleared after a UID change regardless of the flag.
See: https://linux.die.net/man/2/prctl
Thus, the presence check should be done against the permitted set instead. This change is needed so that dumpstate has the capability required to directly read the kernel buffer,in order to add the ability to perform a dmesg dump.

Test: adb shell mkdir /data/nativetest64
mmm -j frameworks/native/cmds/dumpstate/ && adb push ${OUT}/data/nativetest64/dumpstate_* /data/nativetest64 && adb shell /data/nativetest64/dumpstate_test/dumpstate_test
&& stack

Change-Id: I521ee146a46fe1495e46343de0c9c45ffcf9ea5e
Signed-off-by: Abhishek Gadewar <abhishekgadewar@meta.com>

Author: abhishekgadewar

cmds/dumpstate/DumpstateInternal.cpp

@@ -108,7 +108,7 @@ bool DropRootUser() {
 
     const uint32_t cap_syslog_mask = CAP_TO_MASK(CAP_SYSLOG);
     const uint32_t cap_syslog_index = CAP_TO_INDEX(CAP_SYSLOG);
-    bool has_cap_syslog = (capdata[cap_syslog_index].effective & cap_syslog_mask) != 0;
+    bool has_cap_syslog = (capdata[cap_syslog_index].permitted & cap_syslog_mask) != 0;
 
     memset(&capdata, 0, sizeof(capdata));
     if (has_cap_syslog) {