A common source of security bugs has been code that opens file descriptors without using the O_CLOEXEC flag. (Without that flag, an opened sensitive file would remain open across a fork+exec to a lower-privileged SELinux domain, leaking that sensitive data.).
Add a new Android module and three checks in clang-tidy.
-- open(), openat(), and open64() should include O_CLOEXEC in their flags argument. [android-file-open-flag]
-- creat() should be replaced by open(). [android-creat-usage]
-- fopen() should include "e" in their mode string. [android-fopen-mode]