summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: fdcdeb2)
raw | patch | inline | side by side (parent: fdcdeb2)
| author | Jeff Vander Stoep <jeffv@google.com> | |
| Tue, 24 Oct 2017 17:34:46 +0000 (10:34 -0700) | ||
| committer | Steven Moreland <smoreland@google.com> | |
| Fri, 20 Jul 2018 21:28:34 +0000 (21:28 +0000) |
Prevent configstore from crash-looping due to:
/vendor/bin/hw/android.hardware.configstore@1.0-service:
libminijail[22988]: blocked syscall: prctl
Bug: 68162846
Bug: 78363521
Test: Launch photos.
Merged-In: I1593ea1e03ec5f688ec7311e586178f2f952fed9
Change-Id: I1593ea1e03ec5f688ec7311e586178f2f952fed9
(cherry picked from commit 41534729e593c6db5805edef4aefea281092954c)
/vendor/bin/hw/android.hardware.configstore@1.0-service:
libminijail[22988]: blocked syscall: prctl
Bug: 68162846
Bug: 78363521
Test: Launch photos.
Merged-In: I1593ea1e03ec5f688ec7311e586178f2f952fed9
Change-Id: I1593ea1e03ec5f688ec7311e586178f2f952fed9
(cherry picked from commit 41534729e593c6db5805edef4aefea281092954c)
| configstore/1.0/default/seccomp_policy/configstore@1.0-arm64.policy | patch | blob | history |
diff --git a/configstore/1.0/default/seccomp_policy/configstore@1.0-arm64.policy b/configstore/1.0/default/seccomp_policy/configstore@1.0-arm64.policy
index 62d7e1daf7f5c5bd12a2783a36bd4722172870e8..e027aa17cdd23e25421b7bb677be11074e598e2c 100644 (file)
ioctl: arg1 == 0xc0306201
# prctl: arg0 == PR_SET_NAME || arg0 == PR_SET_VMA || arg0 == PR_SET_TIMERSLACK
# || arg0 == PR_GET_NO_NEW_PRIVS # used by crash_dump
-prctl: arg0 == 15 || arg0 == 0x53564d41 || arg0 == 29 || arg0 == 39
+# prctl: arg0 == 15 || arg0 == 0x53564d41 || arg0 == 29 || arg0 == 39
+# TODO(b/68162846) reduce scope of prctl() based on arguments
+prctl: 1
openat: 1
mmap: 1
mprotect: 1