From 7a9c884f482fed0a105a61e61c4881dfd5657985 Mon Sep 17 00:00:00 2001 From: Luca Stefani Date: Thu, 10 Nov 2016 22:07:59 +0100 Subject: zygote: Allow device to append extra whitelisted paths Change-Id: Ic5b056d7ead520da8648db9be28e16a81ec27c73 --- core/jni/fd_utils-inl-extra.h | 29 +++++++++++++++++++++++++++++ core/jni/fd_utils-inl.h | 7 ++++++- 2 files changed, 35 insertions(+), 1 deletion(-) create mode 100644 core/jni/fd_utils-inl-extra.h diff --git a/core/jni/fd_utils-inl-extra.h b/core/jni/fd_utils-inl-extra.h new file mode 100644 index 0000000..993c320 --- /dev/null +++ b/core/jni/fd_utils-inl-extra.h @@ -0,0 +1,29 @@ +/* + * Copyright (C) 2016 The CyanogenMod Project + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +/* +#define PATH_WHITELIST_EXTRA_H \ + "/proc/apid", \ + "/proc/aprf", +*/ + +// Overload this file in your device specific config if you need +// to add extra whitelisted paths. +// WARNING: Only use this if necessary. Custom inits should be +// checked for leaked file descriptors before even considering +// this. +// In order to add your files, copy the whole file (don't forget the copyright notice!), +// uncomment the #define above and change the paths inside to match your requirements \ No newline at end of file diff --git a/core/jni/fd_utils-inl.h b/core/jni/fd_utils-inl.h index 41c005d..f245a7f 100644 --- a/core/jni/fd_utils-inl.h +++ b/core/jni/fd_utils-inl.h @@ -35,6 +35,8 @@ #include "JNIHelp.h" #include "ScopedPrimitiveArray.h" +#include + // Whitelist of open paths that the zygote is allowed to keep open. // // In addition to the paths listed here, all files ending with @@ -58,7 +60,10 @@ static const char* kPathWhitelist[] = { "/dev/ion", "@netlink@", "/system/framework/org.cyanogenmod.platform-res.apk", - "/proc/ged" + "/proc/ged", +#ifdef PATH_WHITELIST_EXTRA_H +PATH_WHITELIST_EXTRA_H +#endif }; static const char* kFdPath = "/proc/self/fd"; -- cgit v1.1