Merge "configstore: Allow syscalls needed by crash_dump" into oc-mr1-dev

commit: 1f88a5dce8281ed5c5c6b51769b35a1cf4170ec3 [log] [tgz]
author: TreeHugger Robot <treehugger-gerrit@google.com> Thu Aug 24 18:12:08 2017 +0000
committer: Android (Google) Code Review <android-gerrit@google.com> Thu Aug 24 18:12:08 2017 +0000
tree: 79633384012c2d0a89d648df9f4483e17bec5b28
parent: 814b6922c5ad8a92870f8c1a59cdf3a307bee352 [diff]
parent: f378b7ffe2be2b4f8ab35e89dfac2aad4a1e9724 [diff]
diff --git a/configstore/1.1/default/seccomp_policy/configstore@1.1-arm64.policy b/configstore/1.1/default/seccomp_policy/configstore@1.1-arm64.policy
index 8c901eb..7e3dfe0c 100644
--- a/configstore/1.1/default/seccomp_policy/configstore@1.1-arm64.policy
+++ b/configstore/1.1/default/seccomp_policy/configstore@1.1-arm64.policy

@@ -15,9 +15,9 @@
 futex: 1
 # ioctl: arg1 == BINDER_WRITE_READ
 ioctl: arg1 == 0xc0306201
-ioctl: 1
 # prctl: arg0 == PR_SET_NAME || arg0 == PR_SET_VMA || arg0 == PR_SET_TIMERSLACK
-prctl: arg0 == 15 || arg0 == 0x53564d41 || arg0 == 29
+# || arg0 == PR_GET_NO_NEW_PRIVS # used by crash_dump
+prctl: arg0 == 15 || arg0 == 0x53564d41 || arg0 == 29 || arg0 == 39
 openat: 1
 mmap: 1
 mprotect: 1
@@ -38,3 +38,13 @@
 exit_group: 1
 rt_sigreturn: 1
 getrlimit: 1
+madvise: 1
+
+# used during process crash by crash_dump to dump process info
+rt_sigprocmask: 1
+rt_sigaction: 1
+# socket: arg0 == AF_LOCAL
+socket: arg0 == 1
+connect: 1
+recvmsg: 1
+rt_tgsigqueueinfo: 1
commit	1f88a5dce8281ed5c5c6b51769b35a1cf4170ec3	[log] [tgz]
author	TreeHugger Robot <treehugger-gerrit@google.com>	Thu Aug 24 18:12:08 2017 +0000
committer	Android (Google) Code Review <android-gerrit@google.com>	Thu Aug 24 18:12:08 2017 +0000
tree	79633384012c2d0a89d648df9f4483e17bec5b28
parent	814b6922c5ad8a92870f8c1a59cdf3a307bee352 [diff]
parent	f378b7ffe2be2b4f8ab35e89dfac2aad4a1e9724 [diff]