From 45a884f85f8eae602fe6e7c9718c90db65675e07 Mon Sep 17 00:00:00 2001 From: Nick Kralevich Date: Mon, 2 Feb 2015 14:37:22 -0800 Subject: [PATCH] Add O_CLOEXEC to lots of open() calls. and other related fixups. Change-Id: Ia88fb37a07ff6777d00c49800081f5a519c0c78d --- init/bootchart.c | 20 ++++++-------------- init/builtins.c | 14 +++++++------- init/devices.c | 12 ++++++------ init/init.c | 10 +++++----- init/keychords.c | 3 +-- init/signal_handler.c | 6 +----- init/util.c | 8 ++++---- init/watchdogd.c | 2 +- 8 files changed, 31 insertions(+), 44 deletions(-) diff --git a/init/bootchart.c b/init/bootchart.c index a514261f3..27c7f65c7 100644 --- a/init/bootchart.c +++ b/init/bootchart.c @@ -66,7 +66,7 @@ static int proc_read(const char* filename, char* buff, size_t buffsize) { int len = 0; - int fd = open(filename, O_RDONLY); + int fd = open(filename, O_RDONLY | O_CLOEXEC); if (fd >= 0) { len = unix_read(fd, buff, buffsize-1); close(fd); @@ -144,7 +144,7 @@ log_header(void) struct tm now = *localtime(&now_t); strftime(date, sizeof(date), "%x %X", &now); - out = fopen( LOG_HEADER, "w" ); + out = fopen( LOG_HEADER, "we" ); if (out == NULL) return; @@ -169,12 +169,6 @@ log_header(void) fclose(out); } -static void -close_on_exec(int fd) -{ - fcntl(fd, F_SETFD, FD_CLOEXEC); -} - static void open_log_file(int* plogfd, const char* logfile) { @@ -183,12 +177,11 @@ open_log_file(int* plogfd, const char* logfile) /* create log file if needed */ if (logfd < 0) { - logfd = open(logfile,O_WRONLY|O_CREAT|O_TRUNC,0755); + logfd = open(logfile,O_WRONLY|O_CREAT|O_TRUNC|O_CLOEXEC,0755); if (logfd < 0) { *plogfd = -2; return; } - close_on_exec(logfd); *plogfd = logfd; } } @@ -220,9 +213,8 @@ do_log_file(FileBuff log, const char* procfile) do_log_uptime(log); /* append file content */ - fd = open(procfile,O_RDONLY); + fd = open(procfile,O_RDONLY|O_CLOEXEC); if (fd >= 0) { - close_on_exec(fd); for (;;) { int ret; ret = unix_read(fd, buff, sizeof(buff)); @@ -264,7 +256,7 @@ do_log_procs(FileBuff log) /* read process stat line */ snprintf(filename,sizeof(filename),"/proc/%d/stat",pid); - fd = open(filename,O_RDONLY); + fd = open(filename,O_RDONLY|O_CLOEXEC); if (fd >= 0) { len = unix_read(fd, buff, sizeof(buff)-1); close(fd); @@ -340,7 +332,7 @@ int bootchart_init( void ) /* create kernel process accounting file */ { - int fd = open( LOG_ACCT, O_WRONLY|O_CREAT|O_TRUNC,0644); + int fd = open( LOG_ACCT, O_WRONLY|O_CREAT|O_TRUNC|O_CLOEXEC,0644); if (fd >= 0) { close(fd); acct( LOG_ACCT ); diff --git a/init/builtins.c b/init/builtins.c index 76c0a1887..b9b5029a8 100644 --- a/init/builtins.c +++ b/init/builtins.c @@ -59,7 +59,7 @@ static int write_file(const char *path, const char *value) { int fd, ret, len; - fd = open(path, O_WRONLY|O_CREAT|O_NOFOLLOW, 0600); + fd = open(path, O_WRONLY|O_CREAT|O_NOFOLLOW|O_CLOEXEC, 0600); if (fd < 0) return -errno; @@ -99,7 +99,7 @@ static int setkey(struct kbentry *kbe) { int fd, ret; - fd = open("/dev/tty0", O_RDWR | O_SYNC); + fd = open("/dev/tty0", O_RDWR | O_SYNC | O_CLOEXEC); if (fd < 0) return -1; @@ -370,14 +370,14 @@ int do_mount(int nargs, char **args) struct loop_info info; mode = (flags & MS_RDONLY) ? O_RDONLY : O_RDWR; - fd = open(source + 5, mode); + fd = open(source + 5, mode | O_CLOEXEC); if (fd < 0) { return -1; } for (n = 0; ; n++) { sprintf(tmp, "/dev/block/loop%d", n); - loop = open(tmp, mode); + loop = open(tmp, mode | O_CLOEXEC); if (loop < 0) { close(fd); return -1; @@ -423,7 +423,7 @@ exit_success: static int wipe_data_via_recovery() { mkdir("/cache/recovery", 0700); - int fd = open("/cache/recovery/command", O_RDWR|O_CREAT|O_TRUNC, 0600); + int fd = open("/cache/recovery/command", O_RDWR|O_CREAT|O_TRUNC|O_CLOEXEC, 0600); if (fd >= 0) { write(fd, "--wipe_data\n", strlen("--wipe_data\n") + 1); write(fd, "--reason=wipe_data_via_recovery\n", strlen("--reason=wipe_data_via_recovery\n") + 1); @@ -709,10 +709,10 @@ int do_copy(int nargs, char **args) if (stat(args[1], &info) < 0) return -1; - if ((fd1 = open(args[1], O_RDONLY)) < 0) + if ((fd1 = open(args[1], O_RDONLY|O_CLOEXEC)) < 0) goto out_err; - if ((fd2 = open(args[2], O_WRONLY|O_CREAT|O_TRUNC, 0660)) < 0) + if ((fd2 = open(args[2], O_WRONLY|O_CREAT|O_TRUNC|O_CLOEXEC, 0660)) < 0) goto out_err; if (!(buffer = malloc(info.st_size))) diff --git a/init/devices.c b/init/devices.c index dde43df35..0de92f560 100644 --- a/init/devices.c +++ b/init/devices.c @@ -865,20 +865,20 @@ static void process_firmware_event(struct uevent *uevent) if (l == -1) goto data_free_out; - loading_fd = open(loading, O_WRONLY); + loading_fd = open(loading, O_WRONLY|O_CLOEXEC); if(loading_fd < 0) goto file_free_out; - data_fd = open(data, O_WRONLY); + data_fd = open(data, O_WRONLY|O_CLOEXEC); if(data_fd < 0) goto loading_close_out; try_loading_again: - fw_fd = open(file1, O_RDONLY); + fw_fd = open(file1, O_RDONLY|O_CLOEXEC); if(fw_fd < 0) { - fw_fd = open(file2, O_RDONLY); + fw_fd = open(file2, O_RDONLY|O_CLOEXEC); if (fw_fd < 0) { - fw_fd = open(file3, O_RDONLY); + fw_fd = open(file3, O_RDONLY|O_CLOEXEC); if (fw_fd < 0) { if (booting) { /* If we're not fully booted, we may be missing @@ -1044,7 +1044,7 @@ void device_init(void) coldboot("/sys/block"); coldboot("/sys/devices"); t1 = get_usecs(); - fd = open(COLDBOOT_DONE, O_WRONLY|O_CREAT, 0000); + fd = open(COLDBOOT_DONE, O_WRONLY|O_CREAT|O_CLOEXEC, 0000); close(fd); log_event_print("coldboot %ld uS\n", ((long) (t1 - t0))); // t0 & t1 are unused if the log isn't doing anything. diff --git a/init/init.c b/init/init.c index 7ddab80ae..fef8a2e46 100644 --- a/init/init.c +++ b/init/init.c @@ -608,7 +608,7 @@ static int mix_hwrng_into_linux_rng_action(int nargs, char **args) size_t total_bytes_written = 0; hwrandom_fd = TEMP_FAILURE_RETRY( - open("/dev/hw_random", O_RDONLY | O_NOFOLLOW)); + open("/dev/hw_random", O_RDONLY | O_NOFOLLOW | O_CLOEXEC)); if (hwrandom_fd == -1) { if (errno == ENOENT) { ERROR("/dev/hw_random not found\n"); @@ -621,7 +621,7 @@ static int mix_hwrng_into_linux_rng_action(int nargs, char **args) } urandom_fd = TEMP_FAILURE_RETRY( - open("/dev/urandom", O_WRONLY | O_NOFOLLOW)); + open("/dev/urandom", O_WRONLY | O_NOFOLLOW | O_CLOEXEC)); if (urandom_fd == -1) { ERROR("Failed to open /dev/urandom: %s\n", strerror(errno)); goto ret; @@ -675,12 +675,12 @@ static int console_init_action(int nargs, char **args) snprintf(console_name, sizeof(console_name), "/dev/%s", console); } - fd = open(console_name, O_RDWR); + fd = open(console_name, O_RDWR | O_CLOEXEC); if (fd >= 0) have_console = 1; close(fd); - fd = open("/dev/tty0", O_WRONLY); + fd = open("/dev/tty0", O_WRONLY | O_CLOEXEC); if (fd >= 0) { const char *msg; msg = "\n" @@ -1011,7 +1011,7 @@ int main(int argc, char **argv) mount("sysfs", "/sys", "sysfs", 0, NULL); /* indicate that booting is in progress to background fw loaders, etc */ - close(open("/dev/.booting", O_WRONLY | O_CREAT, 0000)); + close(open("/dev/.booting", O_WRONLY | O_CREAT | O_CLOEXEC, 0000)); /* We must have some place other than / to create the * device nodes for kmsg and null, otherwise we won't diff --git a/init/keychords.c b/init/keychords.c index 4a6404261..5a9e45f44 100644 --- a/init/keychords.c +++ b/init/keychords.c @@ -72,12 +72,11 @@ void keychord_init() if (!keychords) return; - fd = open("/dev/keychord", O_RDWR); + fd = open("/dev/keychord", O_RDWR | O_CLOEXEC); if (fd < 0) { ERROR("could not open /dev/keychord\n"); return; } - fcntl(fd, F_SETFD, FD_CLOEXEC); ret = write(fd, keychords, keychords_length); if (ret != keychords_length) { diff --git a/init/signal_handler.c b/init/signal_handler.c index 7e8e1a70a..952f9703e 100644 --- a/init/signal_handler.c +++ b/init/signal_handler.c @@ -147,13 +147,9 @@ void signal_init(void) sigaction(SIGCHLD, &act, 0); /* create a signalling mechanism for the sigchld handler */ - if (socketpair(AF_UNIX, SOCK_STREAM, 0, s) == 0) { + if (socketpair(AF_UNIX, SOCK_STREAM | SOCK_NONBLOCK | SOCK_CLOEXEC, 0, s) == 0) { signal_fd = s[0]; signal_recv_fd = s[1]; - fcntl(s[0], F_SETFD, FD_CLOEXEC); - fcntl(s[0], F_SETFL, O_NONBLOCK); - fcntl(s[1], F_SETFD, FD_CLOEXEC); - fcntl(s[1], F_SETFL, O_NONBLOCK); } handle_signal(); diff --git a/init/util.c b/init/util.c index e1a3ee33a..8f27ee903 100644 --- a/init/util.c +++ b/init/util.c @@ -155,7 +155,7 @@ void *read_file(const char *fn, unsigned *_sz) struct stat sb; data = 0; - fd = open(fn, O_RDONLY); + fd = open(fn, O_RDONLY|O_CLOEXEC); if(fd < 0) return 0; // for security reasons, disallow world-writable @@ -207,7 +207,7 @@ static void find_mtd_partitions(void) ssize_t pmtdsize; int r; - fd = open("/proc/mtd", O_RDONLY); + fd = open("/proc/mtd", O_RDONLY|O_CLOEXEC); if (fd < 0) return; @@ -416,7 +416,7 @@ void get_hardware_name(char *hardware, unsigned int *revision) if (hardware[0]) return; - fd = open(cpuinfo, O_RDONLY); + fd = open(cpuinfo, O_RDONLY | O_CLOEXEC); if (fd < 0) return; for (;;) { @@ -479,7 +479,7 @@ void import_kernel_cmdline(int in_qemu, char *ptr; int fd; - fd = open("/proc/cmdline", O_RDONLY); + fd = open("/proc/cmdline", O_RDONLY | O_CLOEXEC); if (fd >= 0) { int n = read(fd, cmdline, sizeof(cmdline) - 1); if (n < 0) n = 0; diff --git a/init/watchdogd.c b/init/watchdogd.c index 7f64fc44e..079081129 100644 --- a/init/watchdogd.c +++ b/init/watchdogd.c @@ -48,7 +48,7 @@ int watchdogd_main(int argc, char **argv) timeout = interval + margin; - fd = open(DEV_NAME, O_RDWR); + fd = open(DEV_NAME, O_RDWR|O_CLOEXEC); if (fd < 0) { ERROR("watchdogd: Failed to open %s: %s\n", DEV_NAME, strerror(errno)); return 1;