Commit Graph

15 Commits

Author SHA1 Message Date
George Burgess IV 09175a0264 Add mode bits to a call to open with O_CREAT
Open with O_CREAT needs mode bits: https://linux.die.net/man/3/open

Found by running clang FORTIFY over AOSP.

Bug: 32073964
Test: Now builds with clang FORTIFY.
Change-Id: Iee4c93c5482f510e0adf8104c27e394b5d87ec88
2017-01-25 17:31:43 -08:00
Mark Salyzyn 30f991f251 liblog: use log/log.h when utilizing ALOG macros
Test: compile
Bug: 30465923
Change-Id: Id6d76510819ebd88c3f5003d00d73a0dbe85e943
2017-01-11 09:31:15 -08:00
Mark Salyzyn cfd5b080af system/core: preparation to pull back interfaces from android/log.h
Point to log/log.h where necessary, define LOG_TAG where necessary.
Accept that private/android_logger.h is suitable replacement for
log/logger.h and android/log.h.

Correct liblog/README

Effectively a cleanup and controlled select revert of
'system/core: drop or replace log/logger.h' and
'system/core: Replace log/log.h with android/log.h'.

Test: compile
Bug: 30465923
Change-Id: Ic2ad157bad6f5efe2c6af293a73bb753300b17a2
2016-10-20 08:11:39 -07:00
Mark Salyzyn 23ed4c242a libcutils: Replace cutils/log.h with android/log.h
Replace references to cutils/log.h and log/log.h with android/log.h.
Point cutils/log.h to android/log.h. Adjust header order to comply
with Android Coding standards.

Test: Compile
Bug: 26552300
Bug: 31289077
Change-Id: I4b00c0dff3a0a50cbb54301fdc5a6c29c21dab65
2016-09-30 12:47:05 -07:00
Calin Juravle 9812105b20 Add utility to prepare files in a similar way to directories
Bug: 28785119
Bug: 28625993
Change-Id: I505eb4deca0a89f64fe4505dd6729fe6a48bc1aa
2016-05-24 18:19:12 +01:00
Jeff Sharkey 814640315a Be strict, but not that strict.
Certain apps decide that they want to chmod() their private data
directories to gain more security.  We still want to carefully
enforce owner UID/GID, but relax the mode check for now.

Bug: 26549892
Change-Id: I362d530ba0b20fb23f427ac082ee003864adc57d
2016-01-14 12:02:53 -07:00
Jeff Sharkey cf94fe152e Offer a stricter way to prepare directories.
Some callers, such as installd, have stricter requirements around
directory preparation, where they want to assert ownership and mode
without quietly fixing the values.

Bug: 26466827
Change-Id: Id44db5f29a3326cfe178b443fb450ad2edeaefd8
2016-01-12 13:07:52 -07:00
Nick Kralevich 30a86ebc7a fs_mkdirs: use O_NOFOLLOW and O_CLOEXEC
Don't follow symlinks. Suggestion from Jann Horn.

Also, add O_CLOEXEC. This prevents file descriptor leakage should
this code ever run in a multithreaded environment.

I'm not sure if either of these changes actually address any
security concerns, but it's harmless, so go ahead and add it.

Bug: 15675141
Change-Id: I7ba4e9d10439b7150f59759b54e3ad8ccba411e3
2014-06-16 15:40:40 -07:00
Jeff Sharkey 0ee7d8c68b Fix Mac builds, for realz.
Change-Id: I63e21b90e5b8a8f016dd04ceca4354793faa5e37
2013-09-20 18:00:15 -07:00
Jeff Sharkey 44d6342caa Remove mkdir() side effect, add .nomedia, utils.
Before this change, FUSE lookup() would have the side effect of
creating the directory on behalf of apps.  This resulted in most
directories being created just by Settings trying to measure disk
space.  Instead, we're switching to have vold do directory creation
when an app doesn't have enough permissions.

Create fs_mkdirs() utility to create all parent directories in a
path as needed.  Allow traversal (+x) into /storage directories.

Fix FUSE derived permissions to be case insensitive.  Mark well-known
directories as .nomedia when created.

Bug: 10577808, 10330221
Change-Id: I53114f2e63ffbe6de4ba6a72d94a232523231cad
2013-09-20 14:21:09 -07:00
Nick Kralevich 69ce489fc3 fs.c: Fix implicit declaration of function 'mkstemp'
system/core/libcutils/fs.c: In function 'fs_write_atomic_int':
system/core/libcutils/fs.c:109:5: warning: implicit declaration of function 'mkstemp' [-Wimplicit-function-declaration]

Change-Id: I337ecb818f85e20b058f782df45987acf2e9d6c1
2012-10-15 15:51:33 -07:00
Jeff Sharkey 489609bb44 Allow mkdir() race to succeed.
When two zygotes are starting, they both may try creating a mount
point after checking lstat().  The second mkdir() will result in
EEXIST, which is okay to ignore.

Bug: 7165469
Change-Id: If4411e2621f773c74cd05247899982fa5ebdd020
2012-09-25 13:13:08 -07:00
Jeff Sharkey 6de7026790 Wrap more system calls in TEMP_FAILURE_RETRY.
Bug: 7151474
Change-Id: I9fe19746104cf392f88ea5cf8061e2e21e334671
2012-09-13 15:11:42 -07:00
Jeff Sharkey ddb1733944 Wrap system calls in TEMP_FAILURE_RETRY.
fs_prepare_dir() is used heavily during Zygote init, and can easily
run into EINTR.

Bug: 7151474
Change-Id: I7aac43a43483d55db47ca20456fff68ce51bbc46
2012-09-13 15:02:53 -07:00
Jeff Sharkey 9685194fc9 File-system utilities for installd and zygote.
Bug: 7008879
Change-Id: Ia54b8d4ad434e8973f235e2a4728651814bef8a9
2012-08-30 10:29:41 -07:00