diff options
author | Treehugger Robot <android-test-infra-autosubmit@system.gserviceaccount.com> | 2023-07-28 10:20:42 +0000 |
---|---|---|
committer | Gerrit Code Review <noreply-gerritcodereview@google.com> | 2023-07-28 10:20:42 +0000 |
commit | 9c38948bc5c06e53b51ff7fd6289b3cdd0b04a78 (patch) | |
tree | d908dfa6943c451e110aed16d63a01d08387faca /keystore2/test_utils | |
parent | 88e1231c3a9553957cb245703eefcef509f4844b (diff) | |
parent | a47698a88fc422c208628f443d156e64343c51ca (diff) | |
download | security-9c38948bc5c06e53b51ff7fd6289b3cdd0b04a78.tar.gz |
Merge "Add, standardise or temporarily opt out of safety comments for keystore2." into main
Diffstat (limited to 'keystore2/test_utils')
-rw-r--r-- | keystore2/test_utils/run_as.rs | 8 |
1 files changed, 6 insertions, 2 deletions
diff --git a/keystore2/test_utils/run_as.rs b/keystore2/test_utils/run_as.rs index 2485ab57..be643b6b 100644 --- a/keystore2/test_utils/run_as.rs +++ b/keystore2/test_utils/run_as.rs @@ -255,7 +255,9 @@ where let (response_reader, mut response_writer) = pipe_channel().expect("Failed to create cmd pipe."); - match fork() { + // SAFETY: Our caller guarantees that the process only has a single thread, so calling + // non-async-signal-safe functions in the child is in fact safe. + match unsafe { fork() } { Ok(ForkResult::Parent { child, .. }) => { drop(response_writer); drop(cmd_reader); @@ -314,7 +316,9 @@ where selinux::Context::new(se_context).expect("Unable to construct selinux::Context."); let (mut reader, mut writer) = pipe_channel::<R>().expect("Failed to create pipe."); - match fork() { + // SAFETY: Our caller guarantees that the process only has a single thread, so calling + // non-async-signal-safe functions in the child is in fact safe. + match unsafe { fork() } { Ok(ForkResult::Parent { child, .. }) => { drop(writer); let status = waitpid(child, None).expect("Failed while waiting for child."); |