From 39c26d63cda25247f9c0422a71b0c297c2da2052 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Maciej=20=C5=BBenczykowski?= <maze@google.com>
Date: Wed, 6 May 2020 14:17:07 -0700
Subject: [PATCH] libnetutils/packet.c - create socket with close-on-exec
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

This prevents fork/exec leaking sockets to child processes.

Test: builds, atest
Bug: 155297277
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: I57cb2003dd75b0bc5528978fd131730273e37a43
---
 libnetutils/packet.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/libnetutils/packet.c b/libnetutils/packet.c
index b3fa90902..64de00e4b 100644
--- a/libnetutils/packet.c
+++ b/libnetutils/packet.c
@@ -40,7 +40,7 @@
 int fatal(const char*);
 
 int open_raw_socket(const char* ifname __unused, uint8_t hwaddr[ETH_ALEN], int if_index) {
-    int s = socket(PF_PACKET, SOCK_DGRAM, 0);
+    int s = socket(PF_PACKET, SOCK_DGRAM | SOCK_CLOEXEC, 0);
     if (s < 0) return fatal("socket(PF_PACKET)");
 
     struct sockaddr_ll bindaddr = {