Merge "Add O_CLOEXEC to lots of open() calls."
This commit is contained in:
Nick Kralevich
Gerrit Code Review
commit
a73774e62e
8 changed files with 31 additions and 44 deletions
|
|
@ -66,7 +66,7 @@ static int
|
||||||
proc_read(const char* filename, char* buff, size_t buffsize)
|
proc_read(const char* filename, char* buff, size_t buffsize)
|
||||||
{
|
{
|
||||||
int len = 0;
|
int len = 0;
|
||||||
int fd = open(filename, O_RDONLY);
|
int fd = open(filename, O_RDONLY | O_CLOEXEC);
|
||||||
if (fd >= 0) {
|
if (fd >= 0) {
|
||||||
len = unix_read(fd, buff, buffsize-1);
|
len = unix_read(fd, buff, buffsize-1);
|
||||||
close(fd);
|
close(fd);
|
||||||
|
|
@ -144,7 +144,7 @@ log_header(void)
|
||||||
struct tm now = *localtime(&now_t);
|
struct tm now = *localtime(&now_t);
|
||||||
strftime(date, sizeof(date), "%x %X", &now);
|
strftime(date, sizeof(date), "%x %X", &now);
|
||||||
|
|
||||||
out = fopen( LOG_HEADER, "w" );
|
out = fopen( LOG_HEADER, "we" );
|
||||||
if (out == NULL)
|
if (out == NULL)
|
||||||
return;
|
return;
|
||||||
|
|
||||||
|
|
@ -169,12 +169,6 @@ log_header(void)
|
||||||
fclose(out);
|
fclose(out);
|
||||||
}
|
}
|
||||||
|
|
||||||
static void
|
|
||||||
close_on_exec(int fd)
|
|
||||||
{
|
|
||||||
fcntl(fd, F_SETFD, FD_CLOEXEC);
|
|
||||||
}
|
|
||||||
|
|
||||||
static void
|
static void
|
||||||
open_log_file(int* plogfd, const char* logfile)
|
open_log_file(int* plogfd, const char* logfile)
|
||||||
{
|
{
|
||||||
|
|
@ -183,12 +177,11 @@ open_log_file(int* plogfd, const char* logfile)
|
||||||
/* create log file if needed */
|
/* create log file if needed */
|
||||||
if (logfd < 0)
|
if (logfd < 0)
|
||||||
{
|
{
|
||||||
logfd = open(logfile,O_WRONLY|O_CREAT|O_TRUNC,0755);
|
logfd = open(logfile,O_WRONLY|O_CREAT|O_TRUNC|O_CLOEXEC,0755);
|
||||||
if (logfd < 0) {
|
if (logfd < 0) {
|
||||||
*plogfd = -2;
|
*plogfd = -2;
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
close_on_exec(logfd);
|
|
||||||
*plogfd = logfd;
|
*plogfd = logfd;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
@ -220,9 +213,8 @@ do_log_file(FileBuff log, const char* procfile)
|
||||||
do_log_uptime(log);
|
do_log_uptime(log);
|
||||||
|
|
||||||
/* append file content */
|
/* append file content */
|
||||||
fd = open(procfile,O_RDONLY);
|
fd = open(procfile,O_RDONLY|O_CLOEXEC);
|
||||||
if (fd >= 0) {
|
if (fd >= 0) {
|
||||||
close_on_exec(fd);
|
|
||||||
for (;;) {
|
for (;;) {
|
||||||
int ret;
|
int ret;
|
||||||
ret = unix_read(fd, buff, sizeof(buff));
|
ret = unix_read(fd, buff, sizeof(buff));
|
||||||
|
|
@ -264,7 +256,7 @@ do_log_procs(FileBuff log)
|
||||||
|
|
||||||
/* read process stat line */
|
/* read process stat line */
|
||||||
snprintf(filename,sizeof(filename),"/proc/%d/stat",pid);
|
snprintf(filename,sizeof(filename),"/proc/%d/stat",pid);
|
||||||
fd = open(filename,O_RDONLY);
|
fd = open(filename,O_RDONLY|O_CLOEXEC);
|
||||||
if (fd >= 0) {
|
if (fd >= 0) {
|
||||||
len = unix_read(fd, buff, sizeof(buff)-1);
|
len = unix_read(fd, buff, sizeof(buff)-1);
|
||||||
close(fd);
|
close(fd);
|
||||||
|
|
@ -340,7 +332,7 @@ int bootchart_init( void )
|
||||||
|
|
||||||
/* create kernel process accounting file */
|
/* create kernel process accounting file */
|
||||||
{
|
{
|
||||||
int fd = open( LOG_ACCT, O_WRONLY|O_CREAT|O_TRUNC,0644);
|
int fd = open( LOG_ACCT, O_WRONLY|O_CREAT|O_TRUNC|O_CLOEXEC,0644);
|
||||||
if (fd >= 0) {
|
if (fd >= 0) {
|
||||||
close(fd);
|
close(fd);
|
||||||
acct( LOG_ACCT );
|
acct( LOG_ACCT );
|
||||||
|
|
|
||||||
|
|
@ -59,7 +59,7 @@ static int write_file(const char *path, const char *value)
|
||||||
{
|
{
|
||||||
int fd, ret, len;
|
int fd, ret, len;
|
||||||
|
|
||||||
fd = open(path, O_WRONLY|O_CREAT|O_NOFOLLOW, 0600);
|
fd = open(path, O_WRONLY|O_CREAT|O_NOFOLLOW|O_CLOEXEC, 0600);
|
||||||
|
|
||||||
if (fd < 0)
|
if (fd < 0)
|
||||||
return -errno;
|
return -errno;
|
||||||
|
|
@ -99,7 +99,7 @@ static int setkey(struct kbentry *kbe)
|
||||||
{
|
{
|
||||||
int fd, ret;
|
int fd, ret;
|
||||||
|
|
||||||
fd = open("/dev/tty0", O_RDWR | O_SYNC);
|
fd = open("/dev/tty0", O_RDWR | O_SYNC | O_CLOEXEC);
|
||||||
if (fd < 0)
|
if (fd < 0)
|
||||||
return -1;
|
return -1;
|
||||||
|
|
||||||
|
|
@ -370,14 +370,14 @@ int do_mount(int nargs, char **args)
|
||||||
struct loop_info info;
|
struct loop_info info;
|
||||||
|
|
||||||
mode = (flags & MS_RDONLY) ? O_RDONLY : O_RDWR;
|
mode = (flags & MS_RDONLY) ? O_RDONLY : O_RDWR;
|
||||||
fd = open(source + 5, mode);
|
fd = open(source + 5, mode | O_CLOEXEC);
|
||||||
if (fd < 0) {
|
if (fd < 0) {
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
for (n = 0; ; n++) {
|
for (n = 0; ; n++) {
|
||||||
sprintf(tmp, "/dev/block/loop%d", n);
|
sprintf(tmp, "/dev/block/loop%d", n);
|
||||||
loop = open(tmp, mode);
|
loop = open(tmp, mode | O_CLOEXEC);
|
||||||
if (loop < 0) {
|
if (loop < 0) {
|
||||||
close(fd);
|
close(fd);
|
||||||
return -1;
|
return -1;
|
||||||
|
|
@ -423,7 +423,7 @@ exit_success:
|
||||||
static int wipe_data_via_recovery()
|
static int wipe_data_via_recovery()
|
||||||
{
|
{
|
||||||
mkdir("/cache/recovery", 0700);
|
mkdir("/cache/recovery", 0700);
|
||||||
int fd = open("/cache/recovery/command", O_RDWR|O_CREAT|O_TRUNC, 0600);
|
int fd = open("/cache/recovery/command", O_RDWR|O_CREAT|O_TRUNC|O_CLOEXEC, 0600);
|
||||||
if (fd >= 0) {
|
if (fd >= 0) {
|
||||||
write(fd, "--wipe_data\n", strlen("--wipe_data\n") + 1);
|
write(fd, "--wipe_data\n", strlen("--wipe_data\n") + 1);
|
||||||
write(fd, "--reason=wipe_data_via_recovery\n", strlen("--reason=wipe_data_via_recovery\n") + 1);
|
write(fd, "--reason=wipe_data_via_recovery\n", strlen("--reason=wipe_data_via_recovery\n") + 1);
|
||||||
|
|
@ -709,10 +709,10 @@ int do_copy(int nargs, char **args)
|
||||||
if (stat(args[1], &info) < 0)
|
if (stat(args[1], &info) < 0)
|
||||||
return -1;
|
return -1;
|
||||||
|
|
||||||
if ((fd1 = open(args[1], O_RDONLY)) < 0)
|
if ((fd1 = open(args[1], O_RDONLY|O_CLOEXEC)) < 0)
|
||||||
goto out_err;
|
goto out_err;
|
||||||
|
|
||||||
if ((fd2 = open(args[2], O_WRONLY|O_CREAT|O_TRUNC, 0660)) < 0)
|
if ((fd2 = open(args[2], O_WRONLY|O_CREAT|O_TRUNC|O_CLOEXEC, 0660)) < 0)
|
||||||
goto out_err;
|
goto out_err;
|
||||||
|
|
||||||
if (!(buffer = malloc(info.st_size)))
|
if (!(buffer = malloc(info.st_size)))
|
||||||
|
|
|
||||||
|
|
@ -865,20 +865,20 @@ static void process_firmware_event(struct uevent *uevent)
|
||||||
if (l == -1)
|
if (l == -1)
|
||||||
goto data_free_out;
|
goto data_free_out;
|
||||||
|
|
||||||
loading_fd = open(loading, O_WRONLY);
|
loading_fd = open(loading, O_WRONLY|O_CLOEXEC);
|
||||||
if(loading_fd < 0)
|
if(loading_fd < 0)
|
||||||
goto file_free_out;
|
goto file_free_out;
|
||||||
|
|
||||||
data_fd = open(data, O_WRONLY);
|
data_fd = open(data, O_WRONLY|O_CLOEXEC);
|
||||||
if(data_fd < 0)
|
if(data_fd < 0)
|
||||||
goto loading_close_out;
|
goto loading_close_out;
|
||||||
|
|
||||||
try_loading_again:
|
try_loading_again:
|
||||||
fw_fd = open(file1, O_RDONLY);
|
fw_fd = open(file1, O_RDONLY|O_CLOEXEC);
|
||||||
if(fw_fd < 0) {
|
if(fw_fd < 0) {
|
||||||
fw_fd = open(file2, O_RDONLY);
|
fw_fd = open(file2, O_RDONLY|O_CLOEXEC);
|
||||||
if (fw_fd < 0) {
|
if (fw_fd < 0) {
|
||||||
fw_fd = open(file3, O_RDONLY);
|
fw_fd = open(file3, O_RDONLY|O_CLOEXEC);
|
||||||
if (fw_fd < 0) {
|
if (fw_fd < 0) {
|
||||||
if (booting) {
|
if (booting) {
|
||||||
/* If we're not fully booted, we may be missing
|
/* If we're not fully booted, we may be missing
|
||||||
|
|
@ -1044,7 +1044,7 @@ void device_init(void)
|
||||||
coldboot("/sys/block");
|
coldboot("/sys/block");
|
||||||
coldboot("/sys/devices");
|
coldboot("/sys/devices");
|
||||||
t1 = get_usecs();
|
t1 = get_usecs();
|
||||||
fd = open(COLDBOOT_DONE, O_WRONLY|O_CREAT, 0000);
|
fd = open(COLDBOOT_DONE, O_WRONLY|O_CREAT|O_CLOEXEC, 0000);
|
||||||
close(fd);
|
close(fd);
|
||||||
log_event_print("coldboot %ld uS\n", ((long) (t1 - t0)));
|
log_event_print("coldboot %ld uS\n", ((long) (t1 - t0)));
|
||||||
// t0 & t1 are unused if the log isn't doing anything.
|
// t0 & t1 are unused if the log isn't doing anything.
|
||||||
|
|
|
||||||
10
init/init.c
10
init/init.c
|
|
@ -608,7 +608,7 @@ static int mix_hwrng_into_linux_rng_action(int nargs, char **args)
|
||||||
size_t total_bytes_written = 0;
|
size_t total_bytes_written = 0;
|
||||||
|
|
||||||
hwrandom_fd = TEMP_FAILURE_RETRY(
|
hwrandom_fd = TEMP_FAILURE_RETRY(
|
||||||
open("/dev/hw_random", O_RDONLY | O_NOFOLLOW));
|
open("/dev/hw_random", O_RDONLY | O_NOFOLLOW | O_CLOEXEC));
|
||||||
if (hwrandom_fd == -1) {
|
if (hwrandom_fd == -1) {
|
||||||
if (errno == ENOENT) {
|
if (errno == ENOENT) {
|
||||||
ERROR("/dev/hw_random not found\n");
|
ERROR("/dev/hw_random not found\n");
|
||||||
|
|
@ -621,7 +621,7 @@ static int mix_hwrng_into_linux_rng_action(int nargs, char **args)
|
||||||
}
|
}
|
||||||
|
|
||||||
urandom_fd = TEMP_FAILURE_RETRY(
|
urandom_fd = TEMP_FAILURE_RETRY(
|
||||||
open("/dev/urandom", O_WRONLY | O_NOFOLLOW));
|
open("/dev/urandom", O_WRONLY | O_NOFOLLOW | O_CLOEXEC));
|
||||||
if (urandom_fd == -1) {
|
if (urandom_fd == -1) {
|
||||||
ERROR("Failed to open /dev/urandom: %s\n", strerror(errno));
|
ERROR("Failed to open /dev/urandom: %s\n", strerror(errno));
|
||||||
goto ret;
|
goto ret;
|
||||||
|
|
@ -675,12 +675,12 @@ static int console_init_action(int nargs, char **args)
|
||||||
snprintf(console_name, sizeof(console_name), "/dev/%s", console);
|
snprintf(console_name, sizeof(console_name), "/dev/%s", console);
|
||||||
}
|
}
|
||||||
|
|
||||||
fd = open(console_name, O_RDWR);
|
fd = open(console_name, O_RDWR | O_CLOEXEC);
|
||||||
if (fd >= 0)
|
if (fd >= 0)
|
||||||
have_console = 1;
|
have_console = 1;
|
||||||
close(fd);
|
close(fd);
|
||||||
|
|
||||||
fd = open("/dev/tty0", O_WRONLY);
|
fd = open("/dev/tty0", O_WRONLY | O_CLOEXEC);
|
||||||
if (fd >= 0) {
|
if (fd >= 0) {
|
||||||
const char *msg;
|
const char *msg;
|
||||||
msg = "\n"
|
msg = "\n"
|
||||||
|
|
@ -1011,7 +1011,7 @@ int main(int argc, char **argv)
|
||||||
mount("sysfs", "/sys", "sysfs", 0, NULL);
|
mount("sysfs", "/sys", "sysfs", 0, NULL);
|
||||||
|
|
||||||
/* indicate that booting is in progress to background fw loaders, etc */
|
/* indicate that booting is in progress to background fw loaders, etc */
|
||||||
close(open("/dev/.booting", O_WRONLY | O_CREAT, 0000));
|
close(open("/dev/.booting", O_WRONLY | O_CREAT | O_CLOEXEC, 0000));
|
||||||
|
|
||||||
/* We must have some place other than / to create the
|
/* We must have some place other than / to create the
|
||||||
* device nodes for kmsg and null, otherwise we won't
|
* device nodes for kmsg and null, otherwise we won't
|
||||||
|
|
|
||||||
|
|
@ -72,12 +72,11 @@ void keychord_init()
|
||||||
if (!keychords)
|
if (!keychords)
|
||||||
return;
|
return;
|
||||||
|
|
||||||
fd = open("/dev/keychord", O_RDWR);
|
fd = open("/dev/keychord", O_RDWR | O_CLOEXEC);
|
||||||
if (fd < 0) {
|
if (fd < 0) {
|
||||||
ERROR("could not open /dev/keychord\n");
|
ERROR("could not open /dev/keychord\n");
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
fcntl(fd, F_SETFD, FD_CLOEXEC);
|
|
||||||
|
|
||||||
ret = write(fd, keychords, keychords_length);
|
ret = write(fd, keychords, keychords_length);
|
||||||
if (ret != keychords_length) {
|
if (ret != keychords_length) {
|
||||||
|
|
|
||||||
|
|
@ -147,13 +147,9 @@ void signal_init(void)
|
||||||
sigaction(SIGCHLD, &act, 0);
|
sigaction(SIGCHLD, &act, 0);
|
||||||
|
|
||||||
/* create a signalling mechanism for the sigchld handler */
|
/* create a signalling mechanism for the sigchld handler */
|
||||||
if (socketpair(AF_UNIX, SOCK_STREAM, 0, s) == 0) {
|
if (socketpair(AF_UNIX, SOCK_STREAM | SOCK_NONBLOCK | SOCK_CLOEXEC, 0, s) == 0) {
|
||||||
signal_fd = s[0];
|
signal_fd = s[0];
|
||||||
signal_recv_fd = s[1];
|
signal_recv_fd = s[1];
|
||||||
fcntl(s[0], F_SETFD, FD_CLOEXEC);
|
|
||||||
fcntl(s[0], F_SETFL, O_NONBLOCK);
|
|
||||||
fcntl(s[1], F_SETFD, FD_CLOEXEC);
|
|
||||||
fcntl(s[1], F_SETFL, O_NONBLOCK);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
handle_signal();
|
handle_signal();
|
||||||
|
|
|
||||||
|
|
@ -155,7 +155,7 @@ void *read_file(const char *fn, unsigned *_sz)
|
||||||
struct stat sb;
|
struct stat sb;
|
||||||
|
|
||||||
data = 0;
|
data = 0;
|
||||||
fd = open(fn, O_RDONLY);
|
fd = open(fn, O_RDONLY|O_CLOEXEC);
|
||||||
if(fd < 0) return 0;
|
if(fd < 0) return 0;
|
||||||
|
|
||||||
// for security reasons, disallow world-writable
|
// for security reasons, disallow world-writable
|
||||||
|
|
@ -207,7 +207,7 @@ static void find_mtd_partitions(void)
|
||||||
ssize_t pmtdsize;
|
ssize_t pmtdsize;
|
||||||
int r;
|
int r;
|
||||||
|
|
||||||
fd = open("/proc/mtd", O_RDONLY);
|
fd = open("/proc/mtd", O_RDONLY|O_CLOEXEC);
|
||||||
if (fd < 0)
|
if (fd < 0)
|
||||||
return;
|
return;
|
||||||
|
|
||||||
|
|
@ -416,7 +416,7 @@ void get_hardware_name(char *hardware, unsigned int *revision)
|
||||||
if (hardware[0])
|
if (hardware[0])
|
||||||
return;
|
return;
|
||||||
|
|
||||||
fd = open(cpuinfo, O_RDONLY);
|
fd = open(cpuinfo, O_RDONLY | O_CLOEXEC);
|
||||||
if (fd < 0) return;
|
if (fd < 0) return;
|
||||||
|
|
||||||
for (;;) {
|
for (;;) {
|
||||||
|
|
@ -479,7 +479,7 @@ void import_kernel_cmdline(int in_qemu,
|
||||||
char *ptr;
|
char *ptr;
|
||||||
int fd;
|
int fd;
|
||||||
|
|
||||||
fd = open("/proc/cmdline", O_RDONLY);
|
fd = open("/proc/cmdline", O_RDONLY | O_CLOEXEC);
|
||||||
if (fd >= 0) {
|
if (fd >= 0) {
|
||||||
int n = read(fd, cmdline, sizeof(cmdline) - 1);
|
int n = read(fd, cmdline, sizeof(cmdline) - 1);
|
||||||
if (n < 0) n = 0;
|
if (n < 0) n = 0;
|
||||||
|
|
|
||||||
|
|
@ -48,7 +48,7 @@ int watchdogd_main(int argc, char **argv)
|
||||||
|
|
||||||
timeout = interval + margin;
|
timeout = interval + margin;
|
||||||
|
|
||||||
fd = open(DEV_NAME, O_RDWR);
|
fd = open(DEV_NAME, O_RDWR|O_CLOEXEC);
|
||||||
if (fd < 0) {
|
if (fd < 0) {
|
||||||
ERROR("watchdogd: Failed to open %s: %s\n", DEV_NAME, strerror(errno));
|
ERROR("watchdogd: Failed to open %s: %s\n", DEV_NAME, strerror(errno));
|
||||||
return 1;
|
return 1;
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue