tequilaOS/platform_bionic
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
platform_bionic/libc/SECCOMP_WHITELIST_COMMON.TXT
Robert Sesek 74cdb253ba Move pipe, open, and getdents from the APP to COMMON seccomp whitelist. 
These system calls are required by Breakpad for crash reporting.
WebViews are spawned from the webview_zygote, which itself is spawned
from the app_process zygote. The webview_zygote gets the SYSTEM seccomp
policy applied because it is not an app, and so the WebView sandboxed
processes inherit that policy.

In Ifd8a85b0de2eb6f2a76a6458570fc03b020a90ab, these system calls were
moved from COMMON to APP, which breaks Breakpad/crash reporting for
WebView sandboxed processes.

Bug: 112572914
Test: `am start com.android.settings/.SettingsLicenseActivity`
Test: Get the pid of the sandboxed_process0 for the license viewer.
Test: Send the process SIGABRT and check logcat for "google-breakpad"
      error messages.

Change-Id: I1cf56ae85b1a67ec91e979bc7e0f941726a9cc0e
2018-09-11 19:20:34 -04:00

86 lines
4.3 KiB
Text
Raw Blame History

# This file is used to populate seccomp's whitelist policy in combination with SYSCALLS.TXT.
# Note that the resultant policy is applied only to zygote spawned processes.
#
# Each non-blank, non-comment line has the following format:
#
# return_type func_name[|alias_list][:syscall_name[:socketcall_id]]([parameter_list]) arch_list
#
# where:
# arch_list ::= "all" | arch+
# arch ::= "arm" | "arm64" | "mips" | "mips64" | "x86" | "x86_64"
#
# Note:
# - syscall_name corresponds to the name of the syscall, which may differ from
# the exported function name (example: the exit syscall is implemented by the _exit()
# function, which is not the same as the standard C exit() function which calls it)
# - alias_list is optional comma separated list of function aliases
#
# - The call_id parameter, given that func_name and syscall_name have
# been provided, allows the user to specify dispatch style syscalls.
# For example, socket() syscall on i386 actually becomes:
# socketcall(__NR_socket, 1, *(rest of args on stack)).
#
# - Each parameter type is assumed to be stored in 32 bits.
#
# This file is processed by a python script named genseccomp.py.
# syscalls needed to boot android
int pivot_root:pivot_root(const char *new_root, const char *put_old) arm64,x86_64,mips64
int ioprio_get:ioprio_get(int which, int who) arm64,x86_64,mips64
int ioprio_set:ioprio_set(int which, int who, int ioprio) arm64,x86_64,mips64
pid_t gettid:gettid() all
int futex:futex(int *uaddr, int futex_op, int val, const struct timespec *timeout, int *uaddr2, int val3) all
int clone:clone(int (*fn)(void *), void *child_stack, int flags, void *arg, ..) all
int rt_sigreturn:rt_sigreturn(unsigned long __unused) all
int rt_tgsigqueueinfo:int rt_tgsigqueueinfo(pid_t tgid, pid_t tid, int sig, siginfo_t *uinfo) all
int restart_syscall:int restart_syscall() all
int fstatat64|fstatat:newfstatat(int, const char*, struct stat*, int) mips64
int fstat64|fstat:fstat(int, struct stat*) mips64
int _flush_cache:cacheflush(char* addr, const int nbytes, const int op) mips64
# vfork is used by java.lang.ProcessBuilder
pid_t vfork:vfork() arm,x86,x86_64
# Needed for performance tools
int perf_event_open:perf_event_open(struct perf_event_attr *attr, pid_t pid, int cpu, int group_fd, unsigned long flags) all
# Needed for strace
int tkill:tkill(int tid, int sig) all
# b/34763393
int seccomp:seccomp(unsigned int operation, unsigned int flags, void *args) all
# Needed for debugging 32-bit Chrome
int pipe:pipe(int pipefd[2]) arm,x86,mips
# b/34813887
int open:open(const char *path, int oflag, ... ) arm,x86,x86_64,mips
int getdents:getdents(unsigned int fd, struct linux_dirent *dirp, unsigned int count) arm,x86,x86_64,mips
# syscalls needed to boot android
int sigreturn:sigreturn(unsigned long __unused) arm,x86,mips
# Needed by sanitizers (b/34606909)
# 5 (__NR_open) and 195 (__NR_stat64) are also required, but they are
# already allowed.
ssize_t readlink:readlink(const char *path, char *buf, size_t bufsiz) arm,x86,x86_64,mips
# Probed for and conditionally used by ART.
int membarrier(int cmd, int flags) all
# Useful new syscalls which we don't yet use in bionic.
int sched_getattr(pid_t pid, struct sched_attr* attr, unsigned int flags) all
int sched_setattr(pid_t pid, struct sched_attr* attr, unsigned int size, unsigned int flags) all
int memfd_create(const char* name, unsigned int flags) all
int renameat2(int olddirfd, const char* oldpath, int newdirfd, const char* newpath, unsigned int flags) all
int execveat(int dirfd, const char* pathname, char* const* argv, char* const* envp, int flags) all
ssize_t copy_file_range(int fd_in, loff_t* off_in, int fd_out, loff_t* off_out, size_t len, unsigned int flags) all
int mlock2(const void* addr, size_t len, int flags) all
ssize_t preadv2(int fd, const struct iovec* iov, int iovcnt, off_t offset, int flags) all
ssize_t pwritev2(int fd, const struct iovec* iov, int iovcnt, off_t offset, int flags) all
int io_setup(unsigned nr, aio_context_t *ctxp) all
int io_destroy(aio_context_t ctx) all
int io_submit(aio_context_t ctx, long nr, struct iocb **iocbpp) all
int io_getevents(aio_context_t ctx, long min_nr, long max_nr, struct io_event *events, struct timespec *timeout) all
int io_cancel(aio_context_t ctx, struct iocb *, struct io_event *result) all
Reference in a new issue View git blame Copy permalink