Expand Seccomp whitelist

This seccomp failure is in the fault handler: 05-25 12:03:25.042 10201 27425 27425 F DEBUG : backtrace: 05-25 12:03:25.042 10201 27425 27425 F DEBUG : #00 pc 00015380 /data/data/redacted/files/storage/lib/libcrashsdk.so So whenever an app using this crash sdk crashes it looks like a seccomp problem. Fixing this won't stop the apps crashing, but will make the crash reports accurate and useful. So yes, the bug below is already fixed, but this issue has come back 2 or 3 times with different apps (b/62090571, b/62874867). This change doesn't fix that crash either, but again it improves the reporting. Bug: 62947697 Test: Device boots, app still fails but no longer with SECCOMP error Change-Id: Ie0f8dc965001c8bc43f6a545b35bdcd38f006213
2017-06-23 08:10:18 -07:00 · 2017-06-23 08:10:18 -07:00 · c0c56ec7ce
commit c0c56ec7ce
parent d87e5aa769
4 changed files with 6 additions and 3 deletions
--- a/libc/SECCOMP_WHITELIST.TXT
+++ b/libc/SECCOMP_WHITELIST.TXT
@ -121,3 +121,6 @@ int dup2(int oldfd, int newfd)	arm,x86,mips

 # b/62779795
 int compat_select:_newselect(int n, unsigned long* inp, unsigned long* outp, unsigned long* exp, struct timeval* timeout) arm,x86,mips
+
+# b/62090571
+int mkdir(const char *pathname, mode_t mode)	arm,x86,mips
--- a/libc/seccomp/arm_policy.cpp
+++ b/libc/seccomp/arm_policy.cpp
@ -23,7 +23,7 @@ BPF_JUMP(BPF_JMP|BPF_JGE|BPF_K, 25, 114, 113), //getuid
 BPF_JUMP(BPF_JMP|BPF_JGE|BPF_K, 27, 113, 112), //ptrace
 BPF_JUMP(BPF_JMP|BPF_JGE|BPF_K, 36, 1, 0),
 BPF_JUMP(BPF_JMP|BPF_JGE|BPF_K, 34, 111, 110), //access
-BPF_JUMP(BPF_JMP|BPF_JGE|BPF_K, 39, 110, 109), //sync|kill|rename
+BPF_JUMP(BPF_JMP|BPF_JGE|BPF_K, 40, 110, 109), //sync|kill|rename|mkdir
 BPF_JUMP(BPF_JMP|BPF_JGE|BPF_K, 57, 7, 0),
 BPF_JUMP(BPF_JMP|BPF_JGE|BPF_K, 51, 3, 0),
 BPF_JUMP(BPF_JMP|BPF_JGE|BPF_K, 45, 1, 0),
--- a/libc/seccomp/mips_policy.cpp
+++ b/libc/seccomp/mips_policy.cpp
@ -25,7 +25,7 @@ BPF_JUMP(BPF_JMP|BPF_JGE|BPF_K, 4034, 96, 95), //access
 BPF_JUMP(BPF_JMP|BPF_JGE|BPF_K, 4054, 7, 0),
 BPF_JUMP(BPF_JMP|BPF_JGE|BPF_K, 4045, 3, 0),
 BPF_JUMP(BPF_JMP|BPF_JGE|BPF_K, 4041, 1, 0),
-BPF_JUMP(BPF_JMP|BPF_JGE|BPF_K, 4039, 92, 91), //sync|kill|rename
+BPF_JUMP(BPF_JMP|BPF_JGE|BPF_K, 4040, 92, 91), //sync|kill|rename|mkdir
 BPF_JUMP(BPF_JMP|BPF_JGE|BPF_K, 4044, 91, 90), //dup|pipe|times
 BPF_JUMP(BPF_JMP|BPF_JGE|BPF_K, 4049, 1, 0),
 BPF_JUMP(BPF_JMP|BPF_JGE|BPF_K, 4048, 89, 88), //brk|setgid|getgid
--- a/libc/seccomp/x86_policy.cpp
+++ b/libc/seccomp/x86_policy.cpp
@ -23,7 +23,7 @@ BPF_JUMP(BPF_JMP|BPF_JGE|BPF_K, 25, 100, 99), //getuid
 BPF_JUMP(BPF_JMP|BPF_JGE|BPF_K, 27, 99, 98), //ptrace
 BPF_JUMP(BPF_JMP|BPF_JGE|BPF_K, 36, 1, 0),
 BPF_JUMP(BPF_JMP|BPF_JGE|BPF_K, 34, 97, 96), //access
-BPF_JUMP(BPF_JMP|BPF_JGE|BPF_K, 39, 96, 95), //sync|kill|rename
+BPF_JUMP(BPF_JMP|BPF_JGE|BPF_K, 40, 96, 95), //sync|kill|rename|mkdir
 BPF_JUMP(BPF_JMP|BPF_JGE|BPF_K, 57, 7, 0),
 BPF_JUMP(BPF_JMP|BPF_JGE|BPF_K, 51, 3, 0),
 BPF_JUMP(BPF_JMP|BPF_JGE|BPF_K, 45, 1, 0),