ashmem: ensure ashmem fds are CLOEXEC.
Fix the memfd_create(2) path and add the missing unit test.
Bug: https://issuetracker.google.com/165667331
Test: treehugger
Change-Id: Ibb5c1d0f9d7caba1df04d1f03e82e55026d9f86a
diff --git a/libcutils/ashmem-dev.cpp b/libcutils/ashmem-dev.cpp
index 233d400..6a27f9a 100644
--- a/libcutils/ashmem-dev.cpp
+++ b/libcutils/ashmem-dev.cpp
@@ -159,9 +159,11 @@
return false;
}
- /* Check if kernel support exists, otherwise fall back to ashmem */
+ // Check if kernel support exists, otherwise fall back to ashmem.
+ // This code needs to build on old API levels, so we can't use the libc
+ // wrapper.
android::base::unique_fd fd(
- syscall(__NR_memfd_create, "test_android_memfd", MFD_ALLOW_SEALING));
+ syscall(__NR_memfd_create, "test_android_memfd", MFD_CLOEXEC | MFD_ALLOW_SEALING));
if (fd == -1) {
ALOGE("memfd_create failed: %s, no memfd support.\n", strerror(errno));
return false;
@@ -333,7 +335,9 @@
}
static int memfd_create_region(const char* name, size_t size) {
- android::base::unique_fd fd(syscall(__NR_memfd_create, name, MFD_ALLOW_SEALING));
+ // This code needs to build on old API levels, so we can't use the libc
+ // wrapper.
+ android::base::unique_fd fd(syscall(__NR_memfd_create, name, MFD_CLOEXEC | MFD_ALLOW_SEALING));
if (fd == -1) {
ALOGE("memfd_create(%s, %zd) failed: %s\n", name, size, strerror(errno));