Allow to drop existing fd cache of cgroup path
A process can give up the permission to set cgroup. If we still
keep the fd that was cached before losing the permission, when
the process sets scheduling group, it will write to the cached
fd without checking if is accessible and lead to sepolicy denied.
Bug: 123043091
Test: Build and boot.
Test: A new process from zygote set cgroup and drop fd cache, and
then specializes to app domain. There is no sepolicy denied
when the process creates new thread.
(android::thread_data_t::trampoline)
Change-Id: I285ee91424ea965ea9c670fc0f6662948e3e2ce5
diff --git a/libprocessgroup/task_profiles.h b/libprocessgroup/task_profiles.h
index 77bac2d..891d5b5 100644
--- a/libprocessgroup/task_profiles.h
+++ b/libprocessgroup/task_profiles.h
@@ -51,6 +51,7 @@
virtual bool ExecuteForTask(int) const { return false; };
virtual void EnableResourceCaching() {}
+ virtual void DropResourceCaching() {}
};
// Profile actions
@@ -114,6 +115,7 @@
virtual bool ExecuteForProcess(uid_t uid, pid_t pid) const;
virtual bool ExecuteForTask(int tid) const;
virtual void EnableResourceCaching();
+ virtual void DropResourceCaching();
const CgroupController* controller() const { return &controller_; }
std::string path() const { return path_; }
@@ -145,6 +147,7 @@
bool ExecuteForProcess(uid_t uid, pid_t pid) const;
bool ExecuteForTask(int tid) const;
void EnableResourceCaching();
+ void DropResourceCaching();
private:
bool res_cached_;
@@ -158,6 +161,7 @@
TaskProfile* GetProfile(const std::string& name) const;
const ProfileAttribute* GetAttribute(const std::string& name) const;
+ void DropResourceCaching() const;
private:
std::map<std::string, std::unique_ptr<TaskProfile>> profiles_;