Chromium Code Reviews Chromium Code Reviews
Issue 1669043003:
[Android] Fix Microdump generation when Seccomp-BPF is enabled. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master| Index: content/common/sandbox_linux/android/sandbox_bpf_base_policy_android.cc |
| diff --git a/content/common/sandbox_linux/android/sandbox_bpf_base_policy_android.cc b/content/common/sandbox_linux/android/sandbox_bpf_base_policy_android.cc |
| index c3b1605fc7dc6f091ae5456aad0371bcf2ee7c1a..0c760606f51a66e89d8f438efa9eb8c987957a3a 100644 |
| --- a/content/common/sandbox_linux/android/sandbox_bpf_base_policy_android.cc |
| +++ b/content/common/sandbox_linux/android/sandbox_bpf_base_policy_android.cc |
| @@ -30,8 +30,10 @@ ResultExpr SandboxBPFBasePolicyAndroid::EvaluateSyscall(int sysno) const { |
| case __NR_flock: |
| #if defined(__x86_64__) || defined(__aarch64__) |
| case __NR_newfstatat: |
| + case __NR_getdents64: |
| #elif defined(__i386__) || defined(__arm__) || defined(__mips__) |
| case __NR_fstatat64: |
| + case __NR_getdents: |
| #endif |
| case __NR_getpriority: |
| case __NR_ioctl: |
| @@ -56,6 +58,15 @@ ResultExpr SandboxBPFBasePolicyAndroid::EvaluateSyscall(int sysno) const { |
| case __NR_getrlimit: |
| #endif |
| case __NR_uname: |
| + |
| + // Permit socket operations so that renderers can connect to logd and |
| + // debuggerd. |
| + case __NR_socket: |
|
mdempsky
2016/02/05 18:31:46
These seem scary. Is there anything in place to p
Robert Sesek
2016/02/05 19:57:12
Yeah, I wasn't wild about having to add these, but
|
| + case __NR_connect: |
| + |
| + // Ptrace is allowed so the Breakpad Microdumper can fork in a renderer |
| + // and then ptrace the parent. |
| + case __NR_ptrace: |
| override_and_allow = true; |
| break; |
| } |
