Merge "allowlist new Linux close_range() system call, use it in posix_spawn()" am: 668c061986

Original change: https://android-review.googlesource.com/c/platform/bionic/+/2072627

Change-Id: Ib2eacfc5e3bd1a455a83777cebf99e1ecf3ed2fc
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
This commit is contained in:
Maciej Żenczykowski 2022-05-02 21:31:06 +00:00 committed by Automerger Merge Worker
commit e65715094f
2 changed files with 7 additions and 0 deletions

View file

@ -74,3 +74,5 @@ int futex_time64(int*, int, int, const timespec64*, int*, int) lp32
int sched_rr_get_interval_time64(pid_t, timespec64*) lp32 int sched_rr_get_interval_time64(pid_t, timespec64*) lp32
# Since Linux 5.4, not in glibc. Probed for and conditionally used by ART. # Since Linux 5.4, not in glibc. Probed for and conditionally used by ART.
int userfaultfd(int) all int userfaultfd(int) all
# Since Linux 5.9, used by POSIX_SPAWN_CLOEXEC_DEFAULT
int close_range(unsigned int, unsigned int, int) all

View file

@ -30,10 +30,12 @@
#include <errno.h> #include <errno.h>
#include <fcntl.h> #include <fcntl.h>
#include <linux/close_range.h>
#include <signal.h> #include <signal.h>
#include <stdlib.h> #include <stdlib.h>
#include <string.h> #include <string.h>
#include <sys/resource.h> #include <sys/resource.h>
#include <sys/syscall.h>
#include <unistd.h> #include <unistd.h>
#include <android/fdsan.h> #include <android/fdsan.h>
@ -49,6 +51,9 @@ static int set_cloexec(int i) {
// mark all open fds except stdin/out/err as close-on-exec // mark all open fds except stdin/out/err as close-on-exec
static int cloexec_except_stdioe() { static int cloexec_except_stdioe() {
// requires 5.11+ or ACK 5.10-T kernel, otherwise returns ENOSYS or EINVAL
if (!syscall(SYS_close_range, 3, ~0U, CLOSE_RANGE_CLOEXEC)) return 0;
// unfortunately getrlimit can lie: // unfortunately getrlimit can lie:
// - both soft and hard limits can be lowered to 0, with fds still open, so it can underestimate // - both soft and hard limits can be lowered to 0, with fds still open, so it can underestimate
// - in practice it usually is some really large value (like 32K or more) // - in practice it usually is some really large value (like 32K or more)