adb: avoid leaking file descriptors
If an adb shell connection comes in while taking a screenshot,
an open pipe file descriptor will be leaked to the shell process.
This causes SELinux denials of the form:
avc: denied { read } for path="pipe:[21838]" dev="pipefs" ino=21838 scontext=u:r:shell:s0 tcontext=u:r:adbd:s0 tclass=fifo_file permissive=0
avc: denied { write } for path="pipe:[21838]" dev="pipefs" ino=21838 scontext=u:r:shell:s0 tcontext=u:r:adbd:s0 tclass=fifo_file permissive=0
Set O_CLOEXEC on the pipe connections, to avoid leaking them
across an exec boundary.
Bug: 15437785
Change-Id: Id2304b316bd7082d8baac246dce1f0e0e26e9197
1 file changed