Many libc functions have an option to not follow symbolic
links. This is useful to avoid security sensitive code
from inadvertantly following attacker supplied symlinks
and taking inappropriate action on files it shouldn't.
For example, open() has O_NOFOLLOW, chown() has
lchown(), stat() has lstat(), etc.
There is no such equivalent function for chmod(), such as lchmod().
To address this, POSIX introduced fchmodat(AT_SYMLINK_NOFOLLOW),
which is intended to provide a way to perform a chmod operation
which doesn't follow symlinks.
Currently, the Linux kernel doesn't implement AT_SYMLINK_NOFOLLOW.
In GLIBC, attempting to use the AT_SYMLINK_NOFOLLOW flag causes
fchmodat to return ENOTSUP. Details are in "man fchmodat".
Bionic currently differs from GLIBC in that AT_SYMLINK_NOFOLLOW
is silently ignored and treated as if the flag wasn't present.
This patch provides a userspace implementation of
AT_SYMLINK_NOFOLLOW for bionic. Using open(O_PATH | O_NOFOLLOW),
we can provide a way to atomically change the permissions on
files without worrying about race conditions.
As part of this change, we add support for fchmod on O_PATH
file descriptors, because it's relatively straight forward
and could be useful in the future.
The basic idea behind this implementation comes from
https://sourceware.org/bugzilla/show_bug.cgi?id=14578 , specifically
comment #10.
Change-Id: I1eba0cdb2c509d9193ceecf28f13118188a3cfa7
Don't send the trailing NUL bytes to the logger, call strlen if we already
know the length, or cast more specifically than we need to.
Change-Id: I68c9388a22bddea49120a1022dda8db8991360c1
We build one too many times. Creating a missing directory
is sufficient.
The tz2icu needs some files in the CWD. Added symlinks.
Bug: 19230091
Change-Id: I58f9817af68b229f48139e56503f50a2b6dbb4fe
All these inlines were turned in to out of line definitions in L.
This brings us a step closer to being able to just use the current
bionic headers for the NDK, rather than having many old versions of
them.
Change-Id: Ie010bc727d78d3742abc577c70f6578db2e68625
If two or more threads crash at the same time, only let one talk to
debuggerd. It's possible for a race to occur that two threads send
data to debuggerd, the second one will cause errors in debuggerd since
the process will die once debuggerd lets the crashing pid start again.
Bug: 19183955
Change-Id: I17dfce46102117ab4a870f7381bd526488d37fb5
The kernel version of the stat structure is used during the syscalls. After the syscall,
the kernel stat structure is converted to match the generic one. Eventually we would like
the generic stat structure and related syscalls be added to MIPS64 kernel, removing the
thunks added to AOSP.
Change-Id: I7764e80278c1cc8254754c3531ec2dda7544a8ec
Move various mips-only things into the arch-mips directory. As soon as mips
writes assembler replacements, we can remove these.
Change-Id: Ia7308559bc361f5c8df3e1d456b381865e060b93
