From 7b4e7c4d55a50b5b3fb23c0b79122b1147b6248b Mon Sep 17 00:00:00 2001 From: Paul Lawrence Date: Thu, 2 Mar 2017 08:50:59 -0800 Subject: [PATCH] Expand whitelist Bug: 35906875 Test: Device boots, app runs further and fails with different error Change-Id: I8df40ff85f8248504bca9a048510153970b31716 --- libc/SECCOMP_WHITELIST.TXT | 3 +++ libc/seccomp/arm_policy.cpp | 4 ++-- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/libc/SECCOMP_WHITELIST.TXT b/libc/SECCOMP_WHITELIST.TXT index 22e898769..51f7faddb 100644 --- a/libc/SECCOMP_WHITELIST.TXT +++ b/libc/SECCOMP_WHITELIST.TXT @@ -91,3 +91,6 @@ int lstat64:lstat64(const char *restrict path, struct stat64 *restrict buf) arm int fcntl:fcntl(int fd, int cmd, ... /* arg */ ) arm pid_t fork:fork() arm int poll:poll(struct pollfd *fds, nfds_t nfds, int timeout) arm + +# b/35906875 +int inotify_init() arm diff --git a/libc/seccomp/arm_policy.cpp b/libc/seccomp/arm_policy.cpp index a4de612cf..c9cd629f3 100644 --- a/libc/seccomp/arm_policy.cpp +++ b/libc/seccomp/arm_policy.cpp @@ -104,12 +104,12 @@ BPF_JUMP(BPF_JMP|BPF_JGE|BPF_K, 285, 31, 30), //waitid|socket|bind|connect|liste BPF_JUMP(BPF_JMP|BPF_JGE|BPF_K, 289, 30, 29), //getsockname|getpeername|socketpair BPF_JUMP(BPF_JMP|BPF_JGE|BPF_K, 350, 15, 0), BPF_JUMP(BPF_JMP|BPF_JGE|BPF_K, 327, 7, 0), -BPF_JUMP(BPF_JMP|BPF_JGE|BPF_K, 317, 3, 0), +BPF_JUMP(BPF_JMP|BPF_JGE|BPF_K, 316, 3, 0), BPF_JUMP(BPF_JMP|BPF_JGE|BPF_K, 292, 1, 0), BPF_JUMP(BPF_JMP|BPF_JGE|BPF_K, 291, 25, 24), //sendto BPF_JUMP(BPF_JMP|BPF_JGE|BPF_K, 298, 24, 23), //recvfrom|shutdown|setsockopt|getsockopt|sendmsg|recvmsg BPF_JUMP(BPF_JMP|BPF_JGE|BPF_K, 322, 1, 0), -BPF_JUMP(BPF_JMP|BPF_JGE|BPF_K, 319, 22, 21), //inotify_add_watch|inotify_rm_watch +BPF_JUMP(BPF_JMP|BPF_JGE|BPF_K, 319, 22, 21), //inotify_init|inotify_add_watch|inotify_rm_watch BPF_JUMP(BPF_JMP|BPF_JGE|BPF_K, 326, 21, 20), //openat|mkdirat|mknodat|fchownat BPF_JUMP(BPF_JMP|BPF_JGE|BPF_K, 345, 3, 0), BPF_JUMP(BPF_JMP|BPF_JGE|BPF_K, 340, 1, 0),