Merge "Whitelist file descriptors created through memfd_create."

1 files changed, 14 insertions, 0 deletions

diff --git a/core/jni/fd_utils.cpp b/core/jni/fd_utils.cpp
index bb5780558bdf..c0e4e1fe5e7a 100644
--- a/core/jni/fd_utils.cpp
+++ b/core/jni/fd_utils.cpp
@@ -59,6 +59,10 @@ FileDescriptorWhitelist* FileDescriptorWhitelist::Get() {
   return instance_;
 }
 
+static bool IsMemfd(const std::string& path) {
+  return android::base::StartsWith(path, "/memfd:");
+}
+
 bool FileDescriptorWhitelist::IsAllowed(const std::string& path) const {
   // Check the static whitelist path.
   for (const auto& whitelist_path : kPathWhitelist) {
@@ -87,6 +91,11 @@ bool FileDescriptorWhitelist::IsAllowed(const std::string& path) const {
     return true;
   }
 
+  // In-memory files created through memfd_create are allowed.
+  if (IsMemfd(path)) {
+    return true;
+  }
+
   // Whitelist files needed for Runtime Resource Overlay, like these:
   // /system/vendor/overlay/framework-res.apk
   // /system/vendor/overlay-subdir/pg/framework-res.apk
@@ -312,6 +321,11 @@ void FileDescriptorInfo::ReopenOrDetach(fail_fn_t fail_fn) const {
     return DetachSocket(fail_fn);
   }
 
+  // Children can directly use in-memory files created through memfd_create.
+  if (IsMemfd(file_path)) {
+    return;
+  }
+
   // NOTE: This might happen if the file was unlinked after being opened.
   // It's a common pattern in the case of temporary files and the like but
   // we should not allow such usage from the zygote.