git.osdn.net Git - android-x86/frameworks-base.git/commit

author	Narayan Kamath <narayan@google.com>
	Tue, 30 Aug 2016 14:36:19 +0000 (15:36 +0100)
committer	Narayan Kamath <narayan@google.com>
	Tue, 30 Aug 2016 18:20:45 +0000 (19:20 +0100)
commit	3764a260f0c90dcb323caeda14baf903cc108759
tree	4d1d93e3cff14dcafcef88f65b7b05de2eb6c996	tree \| snapshot
parent	0a272fcba732e560ac4b50ca0d017a82e92f1ea4	commit \| diff

Add a whitelist of sockets on fork.

Maintain a whitelist of AF_UNIX sockets that are permitted
to exist at the time of forking. If an open socket does not belong
to the whitelist (or is not AF_UNIX), the process will abort. If an
open socket is whitelisted, it will be redirected to /dev/null after
a sucessful fork. This allows us to unify our handling of the special
zygote sockets (/dev/socket/zygote[_secondary]) with the existing
whitelist of non socket file descriptors.

This change also removes non-fatal ALOGW messages since they have the
side effect of reopening the logging socket.

bug: 30963384
Change-Id: Ie04dac62d0e0f29354df9ac15af217ad652ffbbe

core/jni/com_android_internal_os_Zygote.cpp		diff \| blob \| history
core/jni/fd_utils-inl.h		diff \| blob \| history