Add permission bits to open calls with O_CREAT

Open needs a third argument if you pass it O_CREAT:
https://linux.die.net/man/3/open

This turns into a compile-time error with FORITFY, so we need this fixed
before our unbroken FORTIFY can go in.

(The TEMP_FAILURE_RETRY open isn't detected by clang FORTIFY, but I
noticed that open_reference_profile potentially passes in O_CREAT as an
open_flag.)

Bug: 32073964
Test: Now builds with clang FORTIFY; CtsCompilationTestCases passes;
manually verified that /data/misc/profiles/ref/*/primary.prof has rw
permissions after a successful `cmd package compile -m speed-profile`.
Change-Id: Ie707d5ad403d2f86c769277b3e0f147c45000a6b

diff --git a/cmds/installd/dexopt.cpp b/cmds/installd/dexopt.cpp
index 4c0f884..5d84157 100644 (file)
--- a/cmds/installd/dexopt.cpp
+++ b/cmds/installd/dexopt.cpp
@@ -497,7 +497,7 @@ static fd_t open_primary_profile_file_from_dir(const std::string& profile_dir, m
     fd_t profile_fd = -1;
     std::string profile_file = create_primary_profile(profile_dir);
 
-    profile_fd = TEMP_FAILURE_RETRY(open(profile_file.c_str(), open_mode | O_NOFOLLOW));
+    profile_fd = TEMP_FAILURE_RETRY(open(profile_file.c_str(), open_mode | O_NOFOLLOW, 0600));
     if (profile_fd == -1) {
         // It's not an error if the profile file does not exist.
         if (errno != ENOENT) {
@@ -756,7 +756,7 @@ bool dump_profiles(int32_t uid, const char* pkgname, const char* code_paths) {
         return false;
     }
 
-    fd_t output_fd = open(out_file_name.c_str(), O_WRONLY | O_CREAT | O_TRUNC | O_NOFOLLOW);
+    fd_t output_fd = open(out_file_name.c_str(), O_WRONLY | O_CREAT | O_TRUNC | O_NOFOLLOW, 0644);
     if (fchmod(output_fd, S_IRUSR|S_IWUSR|S_IRGRP|S_IROTH) < 0) {
         ALOGE("installd cannot chmod '%s' dump_profile\n", out_file_name.c_str());
         return false;