Remove the global seccomp option.

Added in af1a9bfb8f, but it's never been used in practice because of the performance impact, and it's incompatible with our ability to add new system calls via a bionic module update because it defaults to disabling all unknown syscalls, and init will still be using the non-updated bootstrap libc from when it first shipped. Test: treehugger Change-Id: I8e396675fcfaf0218a92f464d15e613f43319305
2019-09-04 20:53:01 -07:00 · 2019-09-04 20:53:01 -07:00 · 4e6bf2510f
parent 34f2537393
commit 4e6bf2510f
3 changed files with 0 additions and 15 deletions
--- a/init/Android.bp
+++ b/init/Android.bp
@ -62,7 +62,6 @@ cc_defaults {
        },
    },
    static_libs: [
-        "libseccomp_policy",
        "libavb",
        "libc++fs",
        "libcgrouprc_format",
--- a/init/Android.mk
+++ b/init/Android.mk
@ -92,7 +92,6 @@ LOCAL_STATIC_LIBRARIES := \
    liblogwrap \
    libext4_utils \
    libfscrypt \
-    libseccomp_policy \
    libcrypto_utils \
    libsparse \
    libavb \
--- a/init/init.cpp
+++ b/init/init.cpp
@ -19,7 +19,6 @@
 #include <dirent.h>
 #include <fcntl.h>
 #include <pthread.h>
-#include <seccomp_policy.h>
 #include <signal.h>
 #include <stdlib.h>
 #include <string.h>
@ -579,15 +578,6 @@ void HandleKeychord(const std::vector<int>& keycodes) {
    }
 }

-static void GlobalSeccomp() {
-    import_kernel_cmdline(false, [](const std::string& key, const std::string& value,
-                                    bool in_qemu) {
-        if (key == "androidboot.seccomp" && value == "global" && !set_global_seccomp_filter()) {
-            LOG(FATAL) << "Failed to globally enable seccomp!";
-        }
-    });
-}
-
 static void UmountDebugRamdisk() {
    if (umount("/debug_ramdisk") != 0) {
        LOG(ERROR) << "Failed to umount /debug_ramdisk";
@ -673,9 +663,6 @@ int SecondStageMain(int argc, char** argv) {
        LOG(ERROR) << "Unable to write -1000 to /proc/1/oom_score_adj: " << result.error();
    }

-    // Enable seccomp if global boot option was passed (otherwise it is enabled in zygote).
-    GlobalSeccomp();
-
    // Set up a session keyring that all processes will have access to. It
    // will hold things like FBE encryption keys. No process should override
    // its session keyring.