Avoid leaking file descriptors
Add O_CLOEXEC on open() calls, and SOCK_CLOEXEC on socket calls.
This avoids leaking file descriptors across execs.
Addresses the following SELinux denial:
audit(1422740213.283:8): avc: denied { read write } for pid=2597 comm="clatd" path="socket:[6709]" dev="sockfs" ino=6709 scontext=u:r:clatd:s0 tcontext=u:r:netd:s0 tclass=netlink_socket
and allows the removal of some other SELinux rules which were
inappropriately added because of leaking file descriptors.
Change-Id: I9c180488ea1969d610e488f967a7276a672bb477
diff --git a/client/FwmarkClient.cpp b/client/FwmarkClient.cpp
index 4e02d58..0ac1fbb 100644
--- a/client/FwmarkClient.cpp
+++ b/client/FwmarkClient.cpp
@@ -43,7 +43,7 @@
}
int FwmarkClient::send(void* data, size_t len, int fd) {
- mChannel = socket(AF_UNIX, SOCK_STREAM, 0);
+ mChannel = socket(AF_UNIX, SOCK_STREAM | SOCK_CLOEXEC, 0);
if (mChannel == -1) {
return -errno;
}
diff --git a/client/NetdClient.cpp b/client/NetdClient.cpp
index 0c9d185..3157d3a 100644
--- a/client/NetdClient.cpp
+++ b/client/NetdClient.cpp
@@ -118,9 +118,9 @@
// might itself cause another check with the fwmark server, which would be wasteful.
int socketFd;
if (libcSocket) {
- socketFd = libcSocket(AF_INET6, SOCK_DGRAM, 0);
+ socketFd = libcSocket(AF_INET6, SOCK_DGRAM | SOCK_CLOEXEC, 0);
} else {
- socketFd = socket(AF_INET6, SOCK_DGRAM, 0);
+ socketFd = socket(AF_INET6, SOCK_DGRAM | SOCK_CLOEXEC, 0);
}
if (socketFd < 0) {
return -errno;