From 5ca3af3148b0d9d2861d8aa6380bfc19fefe90ae Mon Sep 17 00:00:00 2001
From: Nick Kralevich <nnk@google.com>
Date: Mon, 28 Jan 2019 10:34:43 -0800
Subject: com_android_internal_os_AtomicDirectory.cpp: add O_CLOEXEC

Ensure that file descriptors don't leak across an execve() boundary by
adding O_CLOEXEC

Test: compiles and boots
Change-Id: I7bd4b5aa03adf0ac372575b5251226f8b5e231ff
---
 core/jni/com_android_internal_os_AtomicDirectory.cpp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/core/jni/com_android_internal_os_AtomicDirectory.cpp b/core/jni/com_android_internal_os_AtomicDirectory.cpp
index 50b2288a614a..76b0fc167264 100644
--- a/core/jni/com_android_internal_os_AtomicDirectory.cpp
+++ b/core/jni/com_android_internal_os_AtomicDirectory.cpp
@@ -29,7 +29,7 @@ static jint com_android_internal_os_AtomicDirectory_getDirectoryFd(JNIEnv* env,
         return -1;
     }
     int fd;
-    if ((fd = TEMP_FAILURE_RETRY(open(path8.c_str(), O_DIRECTORY | O_RDONLY))) == -1) {
+    if ((fd = TEMP_FAILURE_RETRY(open(path8.c_str(), O_DIRECTORY | O_RDONLY | O_CLOEXEC))) == -1) {
         ALOGE("Cannot open directory %s, error: %s\n", path8.c_str(), strerror(errno));
         return -1;
     }
-- 
cgit v1.2.3-59-g8ed1b