This is the backport of the following commits :
Reopen whitelisted zygote file descriptors after a fork.
We don't want these descriptors to be shared post-fork, so we'll
have to close and reopen them when the zygote forks. The set of
open descriptors is checked against a whitelist and it is a fatal
error if a non whitelisted FD is opened. It is also a fatal error
if anything other than a regular file / character device or socket
is opened at the time of forking.
This work is done in two stages :
- An initial list of FDs is constructed and cached prior to the
first zygote fork.
- On each subsequent fork, we check whether the list of open FDs
has changed. We are currently tolerant of changes, but in the
longer term, it should be a fatal error if the set of open file
descriptors in the zygote changes.
- Post fork, we traverse the list of open descriptors and reopen
them if necessary.
bug: 30963384
(cherry picked from commit c5f27a7cb2)
Fix clang build breakage (-Werror -Wformat).
Use %zd for size_t. Note that this will break only on (-plus-)aosp because
clang is disabled on the N development branches.
bug: 30963384
(cherry picked from commit b334c33d65)
Add a whitelist of sockets on fork.
Maintain a whitelist of AF_UNIX sockets that are permitted
to exist at the time of forking. If an open socket does not belong
to the whitelist (or is not AF_UNIX), the process will abort. If an
open socket is whitelisted, it will be redirected to /dev/null after
a sucessful fork. This allows us to unify our handling of the special
zygote sockets (/dev/socket/zygote[_secondary]) with the existing
whitelist of non socket file descriptors.
This change also removes non-fatal ALOGW messages since they have the
side effect of reopening the logging socket.
bug: 30963384
(cherry picked from commit 3764a260f0)
fd_utils: Remove whitelist for "/dev/pmsg0".
We're now calling __android_log_close prior to a fork, so this file
shouldn't need to be open.
bug: 31243313
bug: 30963384
(cherry picked from commit 8dee054190)
fd_utils: Fix broken usage of iterators.
There were two separate issues here :
- RestatInternal was using an iterator after a call to erase(). This
will not work because it will be invalidated.
- The "standard" for loop idiom for iterating over a map while making
structural changes to it is broken. Switch to a while loop and treat
cases where elements are erased differently from cases where they
aren't.
bug: 31092930
bug: 30963384
(cherry picked from commit 0b76d6a28e)
add dri device to zygote whitelisted FDs
The driver can be used just like /dev/ion for graphic buffers.
(cherry picked from commit 8977e424ee)
Devsite handles "redirect this directory tree" differently than DAC
did; as a result, a bunch of redirects were broken. (On Devsite, a
redirect ending in a slash redirects *only* paths that match it;
to redirect that directory and all its contents, end with /...)
Also deleted one redirect that wouldn't work (trying to redirect
foo.html#bar , which wouldn't work--the anchors are ignored on
devsite and there was a separate redirect for just foo.html).
When a redirect pointed *to* a path ending in slash -- but was clearly
meant to point to the directory itself (i.e. the /index.html file) --
I removed the trailing slash.
Redirects staged to https://android-dot-devsite.googleplex.com , so
they should all work there.
bug: 30748799
Change-Id: I6d090de5e6efa6ddb2bbe3e99fdbfb0ae02b88d5
* changes:
Move Status to libhidl
Adds framework support for hidl-gen Java backend. (to support structs)
Add Bool* APIs to HwParcel
Link against libhidl for HidlSupport/svcmgr
Support one-way methods in java support for hardware binder
Initial commit of Java support for hardware binder
This is the backport of the following commits :
Commit c5f27a7cb2:
-----------------------------------------------
Reopen whitelisted zygote file descriptors after a fork.
We don't want these descriptors to be shared post-fork, so we'll
have to close and reopen them when the zygote forks. The set of
open descriptors is checked against a whitelist and it is a fatal
error if a non whitelisted FD is opened. It is also a fatal error
if anything other than a regular file / character device or socket
is opened at the time of forking.
This work is done in two stages :
- An initial list of FDs is constructed and cached prior to the
first zygote fork.
- On each subsequent fork, we check whether the list of open FDs
has changed. We are currently tolerant of changes, but in the
longer term, it should be a fatal error if the set of open file
descriptors in the zygote changes.
- Post fork, we traverse the list of open descriptors and reopen
them if necessary.
bug: 30963384
Commit 3764a260f0:
-----------------------------------------------
Add a whitelist of sockets on fork.
Maintain a whitelist of AF_UNIX sockets that are permitted
to exist at the time of forking. If an open socket does not belong
to the whitelist (or is not AF_UNIX), the process will abort. If an
open socket is whitelisted, it will be redirected to /dev/null after
a sucessful fork. This allows us to unify our handling of the special
zygote sockets (/dev/socket/zygote[_secondary]) with the existing
whitelist of non socket file descriptors.
This change also removes non-fatal ALOGW messages since they have the
side effect of reopening the logging socket.
bug: 30963384
Commit 0b76d6a28e:
-----------------------------------------------
fd_utils: Fix broken usage of iterators.
There were two separate issues here :
- RestatInternal was using an iterator after a call to erase(). This
will not work because it will be invalidated.
- The "standard" for loop idiom for iterating over a map while making
structural changes to it is broken. Switch to a while loop and treat
cases where elements are erased differently from cases where they
aren't.
bug: 31092930
bug: 30963384
Plus additional changes:
-----------------------------------------------
- change std::unordered_map to std::tr1::unordered_map.
- add /dev/alarm and /dev/__properties__ to the whitelist.
- map.erase(iterator) returns void prior to C++11, so need the kludge
of calling erase(it++).
Change-Id: I694ff66d5f227239b0190ffc2287882b16e336fa
