From 47afc6b64e150ad0e7ea004fc7049c84c21a0c34 Mon Sep 17 00:00:00 2001
From: Colin Cross <ccross@android.com>
Date: Mon, 23 Jan 2017 16:09:04 -0800
Subject: [PATCH] Allow restart_syscall

restart_syscall is used by the kernel whenever a syscall with a
timeout is interrupted.  Whitelist it in seccomp to prevent
processes being killed with SIGSYS when being ptraced.

Bug: 34586922
Test: hwui_unit_tests
Change-Id: Ic47dcad33f3082eb5673c3c67fe17200d4daaf74
---
 init/seccomp.cpp | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/init/seccomp.cpp b/init/seccomp.cpp
index d9f2f7929..b7744b666 100644
--- a/init/seccomp.cpp
+++ b/init/seccomp.cpp
@@ -170,6 +170,9 @@ bool set_seccomp_filter() {
     // Needed for trusty
     AllowSyscall(f, __NR_syncfs);
 
+    // Needed for kernel to restart syscalls
+    AllowSyscall(f, __NR_restart_syscall);
+
      // arm64-only filter - autogenerated from bionic syscall usage
     for (size_t i = 0; i < arm64_filter_size; ++i)
         f.push_back(arm64_filter[i]);
@@ -201,6 +204,9 @@ bool set_seccomp_filter() {
     // Syscalls needed to run GFXBenchmark
     AllowSyscall(f, 190); // __NR_vfork
 
+    // Needed for kernel to restart syscalls
+    AllowSyscall(f, 0);  // __NR_restart_syscall
+
     // arm32-on-arm64 only filter - autogenerated from bionic syscall usage
     for (size_t i = 0; i < arm_filter_size; ++i)
         f.push_back(arm_filter[i]);