Gitiles
Code Review Sign In
review.shift-gmbh.com / SHIFTPHONES / android_system_vold / 9bda3fe810bea92852b6fb018e9bfab28918ed13^1..9bda3fe810bea92852b6fb018e9bfab28918ed13 / .
commit9bda3fe810bea92852b6fb018e9bfab28918ed13[log] [tgz]
authorNick Kralevich <nnk@google.com>Fri Mar 29 18:46:07 2019 -0700
committerandroid-build-merger <android-build-merger@google.com>Fri Mar 29 18:46:07 2019 -0700
tree7a6e830f35fd65b11b89bc946a5d90e0e094ed4b
parent25fe2727643fbb5f46e94bdfd5796ce70155e17d [diff]
parent4197c098dfb467a3d74b02d60ef6fec40c8de05d [diff]
Merge "vold: cleanups for O_CLOEXEC tidy checks." am: a59868d6de am: 5af0c75525
am: 4197c098df

Change-Id: Ibe3636abcfafab7854c7b0434095b6e91fadcacf

diff --git a/AppFuseUtil.cpp b/AppFuseUtil.cpp
index ba82ba5..c491ecd 100644
--- a/AppFuseUtil.cpp
+++ b/AppFuseUtil.cpp

@@ -123,7 +123,8 @@
     }
 
     // Open device FD.
-    device_fd->reset(open("/dev/fuse", O_RDWR));  // not O_CLOEXEC
+    // NOLINTNEXTLINE(android-cloexec-open): Deliberately not O_CLOEXEC
+    device_fd->reset(open("/dev/fuse", O_RDWR));
     if (device_fd->get() == -1) {
         PLOG(ERROR) << "Failed to open /dev/fuse";
         return -1;

diff --git a/Checkpoint.cpp b/Checkpoint.cpp
index 2b353f1..e784c91 100644
--- a/Checkpoint.cpp
+++ b/Checkpoint.cpp

@@ -575,7 +575,7 @@
         Status status = Status::ok();
 
         LOG(INFO) << action << " checkpoint on " << blockDevice;
-        base::unique_fd device_fd(open(blockDevice.c_str(), O_RDWR));
+        base::unique_fd device_fd(open(blockDevice.c_str(), O_RDWR | O_CLOEXEC));
         if (device_fd < 0) {
             PLOG(ERROR) << "Cannot open " << blockDevice;
             return Status::fromExceptionCode(errno, ("Cannot open " + blockDevice).c_str());

diff --git a/VolumeManager.cpp b/VolumeManager.cpp
index bfa2065..2b0465e 100644
--- a/VolumeManager.cpp
+++ b/VolumeManager.cpp

@@ -1181,7 +1181,8 @@
         }
 
         // We purposefully leave the namespace open across the fork
-        nsFd = openat(pidFd, "ns/mnt", O_RDONLY);  // not O_CLOEXEC
+        // NOLINTNEXTLINE(android-cloexec-open): Deliberately not O_CLOEXEC
+        nsFd = openat(pidFd, "ns/mnt", O_RDONLY);
         if (nsFd < 0) {
             PLOG(WARNING) << "Failed to open namespace for " << de->d_name;
             goto next;

diff --git a/secdiscard.cpp b/secdiscard.cpp
index cb2eca9..0ff05d6 100644
--- a/secdiscard.cpp
+++ b/secdiscard.cpp

@@ -75,7 +75,8 @@
 #define F2FS_IOC_SET_PIN_FILE _IOW(F2FS_IOCTL_MAGIC, 13, __u32)
 #define F2FS_IOC_GET_PIN_FILE _IOR(F2FS_IOCTL_MAGIC, 14, __u32)
 #endif
-        android::base::unique_fd fd(TEMP_FAILURE_RETRY(open(target.c_str(), O_WRONLY, 0)));
+        android::base::unique_fd fd(
+            TEMP_FAILURE_RETRY(open(target.c_str(), O_WRONLY | O_CLOEXEC, 0)));
         if (fd == -1) {
             LOG(ERROR) << "Secure discard open failed for: " << target;
             return 0;