Gitiles
Code Review Sign In
review.shift-gmbh.com / SHIFTPHONES / android_system_vold / ce6a913aeac7db94a41362c63bab74092767bb3e^! / . / Loop.cpp
commitce6a913aeac7db94a41362c63bab74092767bb3e[log] [tgz]
authorJeff Sharkey <jsharkey@android.com>Wed Apr 08 21:07:21 2015 -0700
committerJeff Sharkey <jsharkey@android.com>Sat Apr 11 08:48:13 2015 -0700
tree43d1bd0f9c02fa38370c84ce57573062f15e0671
parent389672737673f9c695ac70464a0f8656908d20fd [diff] [blame]
Exclusive exec() path, format after partition.

Sadly setexeccon() is process global, so we need to carefully ensure
that all exec() are mutually exclusive to avoid transitioning into
unwanted domains.  Also, because we have several threads floating
around, we need to guard all our FDs with O_CLOEXEC.

Format all newly created volumes immediately after partitioning,
but silence all events emitted from those volumes to prevent the
framework from getting all excited.  Unify all notify events under a
single codepath to make them easy to silence.

Sent SIGINT before escalating to SIGTERM when unmounting.

Bug: 19993667
Change-Id: Idc6c806afc7919a004a93e2240b42884f6b52d6b

diff --git a/Loop.cpp b/Loop.cpp
index b1e9f6a..8872d7a 100644
--- a/Loop.cpp
+++ b/Loop.cpp

@@ -49,7 +49,7 @@
 
         sprintf(filename, "/dev/block/loop%d", i);
 
-        if ((fd = open(filename, O_RDWR)) < 0) {
+        if ((fd = open(filename, O_RDWR | O_CLOEXEC)) < 0) {
             if (errno != ENOENT) {
                 SLOGE("Unable to open %s (%s)", filename, strerror(errno));
             } else {
@@ -93,7 +93,7 @@
 
         sprintf(filename, "/dev/block/loop%d", i);
 
-        if ((fd = open(filename, O_RDWR)) < 0) {
+        if ((fd = open(filename, O_RDWR | O_CLOEXEC)) < 0) {
             if (errno != ENOENT) {
                 SLOGE("Unable to open %s (%s)", filename, strerror(errno));
             } else {
@@ -168,7 +168,7 @@
             setfscreatecon(NULL);
         }
 
-        if ((fd = open(filename, O_RDWR)) < 0) {
+        if ((fd = open(filename, O_RDWR | O_CLOEXEC)) < 0) {
             SLOGE("Unable to open %s (%s)", filename, strerror(errno));
             return -1;
         }
@@ -196,7 +196,7 @@
 
     int file_fd;
 
-    if ((file_fd = open(loopFile, O_RDWR)) < 0) {
+    if ((file_fd = open(loopFile, O_RDWR | O_CLOEXEC)) < 0) {
         SLOGE("Unable to open %s (%s)", loopFile, strerror(errno));
         close(fd);
         return -1;
@@ -231,7 +231,7 @@
 int Loop::destroyByDevice(const char *loopDevice) {
     int device_fd;
 
-    device_fd = open(loopDevice, O_RDONLY);
+    device_fd = open(loopDevice, O_RDONLY | O_CLOEXEC);
     if (device_fd < 0) {
         SLOGE("Failed to open loop (%d)", errno);
         return -1;
@@ -272,7 +272,7 @@
 int Loop::resizeImageFile(const char *file, unsigned int numSectors) {
     int fd;
 
-    if ((fd = open(file, O_RDWR)) < 0) {
+    if ((fd = open(file, O_RDWR | O_CLOEXEC)) < 0) {
         SLOGE("Error opening imagefile (%s)", strerror(errno));
         return -1;
     }
@@ -301,7 +301,7 @@
     int fd;
     struct asec_superblock buffer;
 
-    if ((fd = open(loopDevice, O_RDONLY)) < 0) {
+    if ((fd = open(loopDevice, O_RDONLY | O_CLOEXEC)) < 0) {
         SLOGE("Failed to open loopdevice (%s)", strerror(errno));
         destroyByDevice(loopDevice);
         return -1;