stop abusing netd's DAC override on prog accesses by using R/O fetch and also use mapRetrieveRW(x) instead of bpfFdGet(x, 0) or mapRetrieve(x, 0) Test: builds, treehugger, see above Bug: 150040815 Signed-off-by: Maciej Żenczykowski <maze@google.com> Original-Change: https://android-review.googlesource.com/1339962 Merged-In: I09206bd07eb3ecea5256422ed9b52b791079f75a Change-Id: I09206bd07eb3ecea5256422ed9b52b791079f75a

commit: 251b3ee12de52afc82d90eca99255e2a726a15d1 [log] [tgz]
author: Maciej Żenczykowski <maze@google.com> Thu Jun 18 12:30:41 2020 +0000
committer: Maciej Zenczykowski <maze@google.com> Thu Jun 18 20:02:28 2020 +0000
tree: b38b94f4ad793eaefd4ab1a338a030e32e18b5ed
parent: 3eb8f9bc0fdb52c7441a79b20934b4142a605d3f [diff] [blame]
diff --git a/server/TrafficController.cpp b/server/TrafficController.cpp
index 9d7d6a1..3839962 100644
--- a/server/TrafficController.cpp
+++ b/server/TrafficController.cpp

@@ -202,7 +202,7 @@
 
 static Status attachProgramToCgroup(const char* programPath, const unique_fd& cgroupFd,
                                     bpf_attach_type type) {
-    unique_fd cgroupProg(bpfFdGet(programPath, 0));
+    unique_fd cgroupProg(retrieveProgram(programPath));
     if (cgroupProg == -1) {
         int ret = errno;
         ALOGE("Failed to get program from %s: %s", programPath, strerror(ret));
commit	251b3ee12de52afc82d90eca99255e2a726a15d1	[log] [tgz]
author	Maciej Żenczykowski <maze@google.com>	Thu Jun 18 12:30:41 2020 +0000
committer	Maciej Zenczykowski <maze@google.com>	Thu Jun 18 20:02:28 2020 +0000
tree	b38b94f4ad793eaefd4ab1a338a030e32e18b5ed
parent	3eb8f9bc0fdb52c7441a79b20934b4142a605d3f [diff] [blame]