From 5889083d719432f466ebf0f271b21d8141b67a14 Mon Sep 17 00:00:00 2001
From: Jeff Vander Stoep <jeffv@google.com>
Date: Mon, 23 Oct 2017 17:12:31 -0700
Subject: [PATCH] Check that dir name is a pid before attempting to read

Prevents selinux denials for folders in /proc that do not have the
default /proc label.

Bug: 68146208
Test: no selinux denials for vold attempting to read proc_asound dir.
Change-Id: I7cdd3bbe8e687e078372012773e9a34a5c76e0f8
---
 VolumeManager.cpp | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/VolumeManager.cpp b/VolumeManager.cpp
index c1d51d9..f367c2a 100644
--- a/VolumeManager.cpp
+++ b/VolumeManager.cpp
@@ -34,9 +34,11 @@
 #include <linux/kdev_t.h>
 
 #include <android-base/logging.h>
+#include <android-base/parseint.h>
 #include <android-base/properties.h>
-#include <android-base/strings.h>
 #include <android-base/stringprintf.h>
+#include <android-base/strings.h>
+
 #include <cutils/fs.h>
 #include <utils/Trace.h>
 
@@ -420,6 +422,10 @@ int VolumeManager::remountUid(uid_t uid, const std::string& mode) {
 
     // Poke through all running PIDs look for apps running as UID
     while ((de = readdir(dir))) {
+        pid_t pid;
+        if (de->d_type != DT_DIR) continue;
+        if (!android::base::ParseInt(de->d_name, &pid)) continue;
+
         pidFd = -1;
         nsFd = -1;