Avoid leaking file descriptors
Add O_CLOEXEC on open() calls, and SOCK_CLOEXEC on socket calls.
This avoids leaking file descriptors across execs.
Addresses the following SELinux denial:
audit(1422740213.283:8): avc: denied { read write } for pid=2597 comm="clatd" path="socket:[6709]" dev="sockfs" ino=6709 scontext=u:r:clatd:s0 tcontext=u:r:netd:s0 tclass=netlink_socket
and allows the removal of some other SELinux rules which were
inappropriately added because of leaking file descriptors.
Change-Id: I9c180488ea1969d610e488f967a7276a672bb477
diff --git a/server/BandwidthController.cpp b/server/BandwidthController.cpp
index 2fe249d..e5cf36c 100644
--- a/server/BandwidthController.cpp
+++ b/server/BandwidthController.cpp
@@ -786,7 +786,7 @@
return -1;
asprintf(&fname, "/proc/net/xt_quota/%s", costName);
- fp = fopen(fname, "r");
+ fp = fopen(fname, "re");
free(fname);
if (!fp) {
ALOGE("Reading quota %s failed (%s)", costName, strerror(errno));
@@ -843,7 +843,7 @@
}
asprintf(&fname, "/proc/net/xt_quota/%s", quotaName);
- fp = fopen(fname, "w");
+ fp = fopen(fname, "we");
free(fname);
if (!fp) {
ALOGE("Updating quota %s failed (%s)", quotaName, strerror(errno));
diff --git a/server/NetdConstants.cpp b/server/NetdConstants.cpp
index 8423fd6..a6e38ca 100644
--- a/server/NetdConstants.cpp
+++ b/server/NetdConstants.cpp
@@ -114,7 +114,7 @@
}
int writeFile(const char *path, const char *value, int size) {
- int fd = open(path, O_WRONLY);
+ int fd = open(path, O_WRONLY | O_CLOEXEC);
if (fd < 0) {
ALOGE("Failed to open %s: %s", path, strerror(errno));
return -1;
@@ -131,7 +131,7 @@
int readFile(const char *path, char *buf, int *sizep)
{
- int fd = open(path, O_RDONLY);
+ int fd = open(path, O_RDONLY | O_CLOEXEC);
int size;
if (fd < 0) {
diff --git a/server/NetlinkManager.cpp b/server/NetlinkManager.cpp
index 118a5bd..76af46f 100644
--- a/server/NetlinkManager.cpp
+++ b/server/NetlinkManager.cpp
@@ -76,7 +76,7 @@
nladdr.nl_pid = getpid();
nladdr.nl_groups = groups;
- if ((*sock = socket(PF_NETLINK, SOCK_DGRAM, netlinkFamily)) < 0) {
+ if ((*sock = socket(PF_NETLINK, SOCK_DGRAM | SOCK_CLOEXEC, netlinkFamily)) < 0) {
ALOGE("Unable to create netlink socket: %s", strerror(errno));
return NULL;
}
diff --git a/server/RouteController.cpp b/server/RouteController.cpp
index 56e3c28..cd5300d 100644
--- a/server/RouteController.cpp
+++ b/server/RouteController.cpp
@@ -200,7 +200,7 @@
nlmsgerr err;
} response;
- int sock = socket(AF_NETLINK, SOCK_DGRAM, NETLINK_ROUTE);
+ int sock = socket(AF_NETLINK, SOCK_DGRAM | SOCK_CLOEXEC, NETLINK_ROUTE);
if (sock != -1 &&
connect(sock, reinterpret_cast<const sockaddr*>(&NETLINK_ADDRESS),
sizeof(NETLINK_ADDRESS)) != -1 &&
diff --git a/server/SoftapController.cpp b/server/SoftapController.cpp
index 07c77b0..17982d5 100644
--- a/server/SoftapController.cpp
+++ b/server/SoftapController.cpp
@@ -158,7 +158,7 @@
asprintf(&fbuf, "%s", wbuf);
}
- fd = open(HOSTAPD_CONF_FILE, O_CREAT | O_TRUNC | O_WRONLY | O_NOFOLLOW, 0660);
+ fd = open(HOSTAPD_CONF_FILE, O_CREAT | O_TRUNC | O_WRONLY | O_NOFOLLOW | O_CLOEXEC, 0660);
if (fd < 0) {
ALOGE("Cannot update \"%s\": %s", HOSTAPD_CONF_FILE, strerror(errno));
free(wbuf);
diff --git a/server/TetherController.cpp b/server/TetherController.cpp
index 4e1c52f..a91c744 100644
--- a/server/TetherController.cpp
+++ b/server/TetherController.cpp
@@ -66,7 +66,7 @@
return 0;
}
- int fd = open("/proc/sys/net/ipv4/ip_forward", O_WRONLY);
+ int fd = open("/proc/sys/net/ipv4/ip_forward", O_WRONLY | O_CLOEXEC);
if (fd < 0) {
ALOGE("Failed to open ip_forward (%s)", strerror(errno));
return -1;
@@ -82,7 +82,7 @@
}
bool TetherController::getIpFwdEnabled() {
- int fd = open("/proc/sys/net/ipv4/ip_forward", O_RDONLY);
+ int fd = open("/proc/sys/net/ipv4/ip_forward", O_RDONLY | O_CLOEXEC);
if (fd < 0) {
ALOGE("Failed to open ip_forward (%s)", strerror(errno));