git.osdn.net Git - android-x86/frameworks-base.git/commit

author	Narayan Kamath <narayan@google.com>
	Fri, 19 Aug 2016 12:45:24 +0000 (13:45 +0100)
committer	Narayan Kamath <narayan@google.com>
	Mon, 29 Aug 2016 08:40:00 +0000 (08:40 +0000)
commit	c5f27a7cb2ec816f483a65255034a1b57a8aa221
tree	c7d5ec9d2249adb82171a5d2b02dab31a547d94b	tree \| snapshot
parent	a4defc17c7a62c581a975bf057a12a2ae0fe3a09	commit \| diff

Reopen whitelisted zygote file descriptors after a fork.

We don't want these descriptors to be shared post-fork, so we'll
have to close and reopen them when the zygote forks. The set of
open descriptors is checked against a whitelist and it is a fatal
error if a non whitelisted FD is opened. It is also a fatal error
if anything other than a regular file / character device or socket
is opened at the time of forking.

This work is done in two stages :
- An initial list of FDs is constructed and cached prior to the
  first zygote fork.

- On each subsequent fork, we check whether the list of open FDs
  has changed. We are currently tolerant of changes, but in the
  longer term, it should be a fatal error if the set of open file
  descriptors in the zygote changes.

- Post fork, we traverse the list of open descriptors and reopen
  them if necessary.

bug: 30963384
Change-Id: Icfd45c96c660491b554d146a9d70d97dbcc712bc

core/jni/com_android_internal_os_Zygote.cpp		diff \| blob \| history
core/jni/fd_utils-inl.h	[new file with mode: 0644]	blob