From 621533f895b30ca281e79a7a7c03eefd352359b5 Mon Sep 17 00:00:00 2001 From: Todd Frederick Date: Sat, 26 Mar 2022 02:54:17 +0000 Subject: dumpstate: Close API FDs on exec Set the external bugreport and screenshot FDs used in service API invocations as CLOEXEC to prevent them from being inherited by incident, which does not have SELinux permissions to access them. SELinux checks FDs inherited by a new process and reports audit events for unauthorized files. Bug: 218515584 Test: adb shell am broadcast -a com.android.internal.intent.action.BUGREPORT_REQUESTED -f 285212672 --ei android.intent.extra.BUGREPORT_TYPE 0 and check for SELinux denials Change-Id: I0b162f32fdff758953cf9262f85c55dc53525305 Merged-In: I69f420abf0c736149c2b03fb3ba47743dceff2d7 --- cmds/dumpstate/dumpstate.cpp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'cmds/dumpstate/dumpstate.cpp') diff --git a/cmds/dumpstate/dumpstate.cpp b/cmds/dumpstate/dumpstate.cpp index 24b201f8ab..890c15f895 100644 --- a/cmds/dumpstate/dumpstate.cpp +++ b/cmds/dumpstate/dumpstate.cpp @@ -2733,8 +2733,8 @@ void Dumpstate::DumpOptions::Initialize(BugreportMode bugreport_mode, const android::base::unique_fd& screenshot_fd_in, bool is_screenshot_requested) { // Duplicate the fds because the passed in fds don't outlive the binder transaction. - bugreport_fd.reset(dup(bugreport_fd_in.get())); - screenshot_fd.reset(dup(screenshot_fd_in.get())); + bugreport_fd.reset(fcntl(bugreport_fd_in.get(), F_DUPFD_CLOEXEC, 0)); + screenshot_fd.reset(fcntl(screenshot_fd_in.get(), F_DUPFD_CLOEXEC, 0)); SetOptionsFromMode(bugreport_mode, this, is_screenshot_requested); } -- cgit v1.2.3-59-g8ed1b