Commit 74cdb253 authored by Robert Sesek's avatar Robert Sesek
Browse files

Move pipe, open, and getdents from the APP to COMMON seccomp whitelist.

These system calls are required by Breakpad for crash reporting.
WebViews are spawned from the webview_zygote, which itself is spawned
from the app_process zygote. The webview_zygote gets the SYSTEM seccomp
policy applied because it is not an app, and so the WebView sandboxed
processes inherit that policy.

In Ifd8a85b0de2eb6f2a76a6458570fc03b020a90ab, these system calls were
moved from COMMON to APP, which breaks Breakpad/crash reporting for
WebView sandboxed processes.

Bug: 112572914
Test: `am start com.android.settings/.SettingsLicenseActivity`
Test: Get the pid of the sandboxed_process0 for the license viewer.
Test: Send the process SIGABRT and check logcat for "google-breakpad"
      error messages.

Change-Id: I1cf56ae85b1a67ec91e979bc7e0f941726a9cc0e
parent 56deeb73
Loading
Loading
Loading
Loading
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please to comment