summaryrefslogtreecommitdiff
path: root/docs/html/sdk/api_diff/11/changes
diff options
context:
space:
mode:
authorNarayan Kamath <narayan@google.com>2016-08-19 13:45:24 +0100
committerNarayan Kamath <narayan@google.com>2016-09-07 18:48:48 +0100
commit7ec85f9d549971af59f047d5eafd7a829e1541c7 (patch)
tree897bb5ed4ef0a6bc8027ced6b8c7d34f6e37cd4d /docs/html/sdk/api_diff/11/changes
parentb31a6955a41218b50521ca024d2ee9a2ac05a092 (diff)
Backport changes to whitelist sockets opened by the zygote.
This is the backport of the following commits : Commit c5f27a7cb2ec816f483a65255034a1b57a8aa22: ----------------------------------------------- Reopen whitelisted zygote file descriptors after a fork. We don't want these descriptors to be shared post-fork, so we'll have to close and reopen them when the zygote forks. The set of open descriptors is checked against a whitelist and it is a fatal error if a non whitelisted FD is opened. It is also a fatal error if anything other than a regular file / character device or socket is opened at the time of forking. This work is done in two stages : - An initial list of FDs is constructed and cached prior to the first zygote fork. - On each subsequent fork, we check whether the list of open FDs has changed. We are currently tolerant of changes, but in the longer term, it should be a fatal error if the set of open file descriptors in the zygote changes. - Post fork, we traverse the list of open descriptors and reopen them if necessary. bug: 30963384 Commit 3764a260f0c90dcb323caeda14baf903cc108759: ----------------------------------------------- Add a whitelist of sockets on fork. Maintain a whitelist of AF_UNIX sockets that are permitted to exist at the time of forking. If an open socket does not belong to the whitelist (or is not AF_UNIX), the process will abort. If an open socket is whitelisted, it will be redirected to /dev/null after a sucessful fork. This allows us to unify our handling of the special zygote sockets (/dev/socket/zygote[_secondary]) with the existing whitelist of non socket file descriptors. This change also removes non-fatal ALOGW messages since they have the side effect of reopening the logging socket. bug: 30963384 Commit 0b76d6a28e6978151bf245a775329cdae5e574d5: ----------------------------------------------- fd_utils: Fix broken usage of iterators. There were two separate issues here : - RestatInternal was using an iterator after a call to erase(). This will not work because it will be invalidated. - The "standard" for loop idiom for iterating over a map while making structural changes to it is broken. Switch to a while loop and treat cases where elements are erased differently from cases where they aren't. bug: 31092930 bug: 30963384 Plus additional changes: ----------------------------------------------- - change std::unordered_map to std::tr1::unordered_map. - add /dev/alarm and /dev/__properties__ to the whitelist. - map.erase(iterator) returns void prior to C++11, so need the kludge of calling erase(it++). Change-Id: I694ff66d5f227239b0190ffc2287882b16e336fa
Diffstat (limited to 'docs/html/sdk/api_diff/11/changes')
0 files changed, 0 insertions, 0 deletions