Allow system processes to use vfork java.lang.ProcessBuilder is internally using vfork in the current configuration (see UNIXProcess_md.c in libcore). Test: On an x86 Chromebook, trigger dropbox error event (1. settings put global logcat_for_system_app_anr 50; 2. kill -19 `pidof com.android.settings'; touch Settings). Saw seccomp error in logcat but only without this fix. Test: fyi, not reproducible on walleye (arm64) Bug: 74441404 Change-Id: I1f40ae0fe0607c5834ecbe040ed31c4c0e42131d

commit: 521b412aa1281ac39edf368a6b3db204812947e9 [log] [tgz]
author: Victor Hsieh <victorhsieh@google.com> Fri Mar 09 11:38:31 2018 -0800
committer: Victor Hsieh <victorhsieh@google.com> Fri Mar 09 11:52:32 2018 -0800
tree: e73e5101f159e0023e6c85b7f2ed36133cacbd49
parent: 0a2060c090e8b33045236fa0f836903994210c2b [diff] [blame]
diff --git a/libc/SECCOMP_WHITELIST_COMMON.TXT b/libc/SECCOMP_WHITELIST_COMMON.TXT
index f4b033e..08a2c2b 100644
--- a/libc/SECCOMP_WHITELIST_COMMON.TXT
+++ b/libc/SECCOMP_WHITELIST_COMMON.TXT

@@ -39,6 +39,9 @@
 int	fstat64|fstat:fstat(int, struct stat*)	mips64
 int	_flush_cache:cacheflush(char* addr, const int nbytes, const int op)	mips64
 
+# vfork is used by java.lang.ProcessBuilder
+pid_t	vfork:vfork()	arm,x86,x86_64
+
 # Needed for performance tools
 int	perf_event_open:perf_event_open(struct perf_event_attr *attr, pid_t pid, int cpu, int group_fd, unsigned long flags)	all
commit	521b412aa1281ac39edf368a6b3db204812947e9	[log] [tgz]
author	Victor Hsieh <victorhsieh@google.com>	Fri Mar 09 11:38:31 2018 -0800
committer	Victor Hsieh <victorhsieh@google.com>	Fri Mar 09 11:52:32 2018 -0800
tree	e73e5101f159e0023e6c85b7f2ed36133cacbd49
parent	0a2060c090e8b33045236fa0f836903994210c2b [diff] [blame]