diff options
author | Maciej Żenczykowski <maze@google.com> | 2022-04-30 00:00:41 +0000 |
---|---|---|
committer | Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com> | 2022-04-30 00:00:41 +0000 |
commit | 24d11c5ad8f19b74723b36a04226628d9c5bc606 (patch) | |
tree | 95dfe3ef3c0613b9e6974a160f71512938cb9435 | |
parent | 1b09a2e50cdf1d3575f9918f1a308696ee34f193 (diff) | |
parent | b4adcec4aa0d3d5287ceb3ef8ff60da8e7018eca (diff) | |
download | bionic-24d11c5ad8f19b74723b36a04226628d9c5bc606.tar.gz |
allowlist new Linux close_range() system call, use it in posix_spawn() am: 436980d31c am: b4adcec4aa
Original change: https://googleplex-android-review.googlesource.com/c/platform/bionic/+/18092494
Change-Id: I38b649c1a42fac53c2a94148e03b41b60c44b680
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
-rw-r--r-- | libc/SECCOMP_ALLOWLIST_COMMON.TXT | 2 | ||||
-rw-r--r-- | libc/bionic/spawn.cpp | 5 |
2 files changed, 7 insertions, 0 deletions
diff --git a/libc/SECCOMP_ALLOWLIST_COMMON.TXT b/libc/SECCOMP_ALLOWLIST_COMMON.TXT index 6650d7e32..c440f9b74 100644 --- a/libc/SECCOMP_ALLOWLIST_COMMON.TXT +++ b/libc/SECCOMP_ALLOWLIST_COMMON.TXT @@ -74,3 +74,5 @@ int futex_time64(int*, int, int, const timespec64*, int*, int) lp32 int sched_rr_get_interval_time64(pid_t, timespec64*) lp32 # Since Linux 5.4, not in glibc. Probed for and conditionally used by ART. int userfaultfd(int) all +# Since Linux 5.9, used by POSIX_SPAWN_CLOEXEC_DEFAULT +int close_range(unsigned int, unsigned int, int) all diff --git a/libc/bionic/spawn.cpp b/libc/bionic/spawn.cpp index 314a05669..59f763138 100644 --- a/libc/bionic/spawn.cpp +++ b/libc/bionic/spawn.cpp @@ -30,10 +30,12 @@ #include <errno.h> #include <fcntl.h> +#include <linux/close_range.h> #include <signal.h> #include <stdlib.h> #include <string.h> #include <sys/resource.h> +#include <sys/syscall.h> #include <unistd.h> #include <android/fdsan.h> @@ -49,6 +51,9 @@ static int set_cloexec(int i) { // mark all open fds except stdin/out/err as close-on-exec static int cloexec_except_stdioe() { + // requires 5.11+ or ACK 5.10-T kernel, otherwise returns ENOSYS or EINVAL + if (!syscall(SYS_close_range, 3, ~0U, CLOSE_RANGE_CLOEXEC)) return 0; + // unfortunately getrlimit can lie: // - both soft and hard limits can be lowered to 0, with fds still open, so it can underestimate // - in practice it usually is some really large value (like 32K or more) |