Allow failing app through seccomp policy

Bug: 34651972 Test: Made sure failing app went to login screen Change-Id: I111a379f3e8283aa829d9ceb97f95b34bbee4055
2017-01-27 10:23:21 -08:00 · 2017-01-27 10:23:21 -08:00 · e4ddaa4f2f
commit e4ddaa4f2f
parent 73f6e44c8b
1 changed files with 7 additions and 3 deletions
--- a/init/seccomp.cpp
+++ b/init/seccomp.cpp
@ -208,17 +208,21 @@ bool set_seccomp_filter() {
    AllowSyscall(f, 190); // __NR_vfork

    // Needed for strace
-    AllowSyscall(f, 238);  // __NR_tkill
+    AllowSyscall(f, 238); // __NR_tkill

    // Needed for kernel to restart syscalls
-    AllowSyscall(f, 0);  // __NR_restart_syscall
+    AllowSyscall(f, 0);   // __NR_restart_syscall

    // Needed for debugging 32-bit Chrome
-    AllowSyscall(f, 42); // __NR_pipe
+    AllowSyscall(f, 42);  // __NR_pipe

    // b/34732712
    AllowSyscall(f, 364); // __NR_perf_event_open

+    // b/34651972
+    AllowSyscall(f, 33);  // __NR_access
+    AllowSyscall(f, 195); // __NR_stat64
+
    // arm32-on-arm64 only filter - autogenerated from bionic syscall usage
    for (size_t i = 0; i < arm_filter_size; ++i)
        f.push_back(arm_filter[i]);