[socket] Set CLOEXEC flag for fd in android_get_control_socket() am: 1569a26f0a am: 88523caf40 am: 3399231b61
Original change: https://android-review.googlesource.com/c/platform/system/librustutils/+/2615173
Change-Id: I65b37f24885d69c1d48b1a0e6fe8dab3a9c53186
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
diff --git a/Android.bp b/Android.bp
index a28b71c..a980045 100644
--- a/Android.bp
+++ b/Android.bp
@@ -9,6 +9,7 @@
"libanyhow",
"libcutils_bindgen",
"liblibc",
+ "libnix",
"libsystem_properties_bindgen_sys",
"libthiserror",
],
diff --git a/sockets.rs b/sockets.rs
index 1453665..0ea65fc 100644
--- a/sockets.rs
+++ b/sockets.rs
@@ -14,6 +14,8 @@
//! Provides utilities for sockets.
+use nix::errno::Errno;
+use nix::fcntl::{fcntl, FdFlag, F_SETFD};
use std::ffi::CString;
use std::os::unix::io::RawFd;
use thiserror::Error;
@@ -28,11 +30,16 @@
/// android_get_control_socket failed to get a fd
#[error("android_get_control_socket({0}) failed")]
GetControlSocketFailed(String),
+
+ /// Failed to execute fcntl
+ #[error("Failed to execute fcntl {0}")]
+ FcntlFailed(Errno),
}
/// android_get_control_socket - simple helper function to get the file
/// descriptor of our init-managed Unix domain socket. `name' is the name of the
/// socket, as given in init.rc. Returns -1 on error.
+/// The returned file descriptor has the flag CLOEXEC set.
pub fn android_get_control_socket(name: &str) -> Result<RawFd, SocketError> {
let cstr = CString::new(name).map_err(|_| SocketError::NulError(name.to_owned()))?;
// SAFETY: android_get_control_socket doesn't take ownership of name
@@ -40,5 +47,7 @@
if fd < 0 {
return Err(SocketError::GetControlSocketFailed(name.to_owned()));
}
+ // The file descriptor had CLOEXEC disabled to be inherited from the parent.
+ fcntl(fd, F_SETFD(FdFlag::FD_CLOEXEC)).map_err(SocketError::FcntlFailed)?;
Ok(fd)
}