openkylin
/
platform_system_core
mirror of https://gitee.com/openkylin/platform_system_core.git
9
0
Fork 0
Code Issues Projects Releases Wiki Activity

Allow restart_syscall 

restart_syscall is used by the kernel whenever a syscall with a
timeout is interrupted.  Whitelist it in seccomp to prevent
processes being killed with SIGSYS when being ptraced.

Bug: 34586922
Test: hwui_unit_tests
Change-Id: Ic47dcad33f3082eb5673c3c67fe17200d4daaf74
This commit is contained in:
Colin Cross 2017-01-23 16:09:04 -08:00
parent 13c15e05d0
commit 47afc6b64e
1 changed files with 6 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
init/seccomp.cpp
View File

@ -170,6 +170,9 @@ bool set_seccomp_filter() {
// Needed for trusty
AllowSyscall(f, __NR_syncfs);
// Needed for kernel to restart syscalls
AllowSyscall(f, __NR_restart_syscall);
// arm64-only filter - autogenerated from bionic syscall usage
for (size_t i = 0; i < arm64_filter_size; ++i)
f.push_back(arm64_filter[i]);
@ -201,6 +204,9 @@ bool set_seccomp_filter() {
// Syscalls needed to run GFXBenchmark
AllowSyscall(f, 190); // __NR_vfork
// Needed for kernel to restart syscalls
AllowSyscall(f, 0); // __NR_restart_syscall
// arm32-on-arm64 only filter - autogenerated from bionic syscall usage
for (size_t i = 0; i < arm_filter_size; ++i)
f.push_back(arm_filter[i]);