Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit ad910636 authored Sep 01, 2021 by TreeHugger Robot Committed by Android (Google) Code Review Sep 01, 2021

Merge "framework media seccomp: allow syscalls made by dynamic profilers...

Merge "framework media seccomp: allow syscalls made by dynamic profilers within the process context"

parents fd10baf2 dd2314b3

services/mediacodec/seccomp_policy/mediaswcodec-arm64.policy

+10 −0

Original line number	Diff line number	Diff line
		@@ -79,4 +79,14 @@ getgid: 1
		getegid: 1
		getgroups: 1

		# Android profiler (heapprofd, traced_perf) additions, where not already
		# covered by the rest of the file, or by builtin minijail allow-listing of
		# logging-related syscalls.
		# TODO(b/197184220): this is a targeted addition for a specific investigation,
		# and addresses just the arm64 framework av service policies. In the future, we
		# should make this more general (e.g. a central file that can be @included in
		# other policy files).
		setsockopt: 1
		sendmsg: 1

		@include /apex/com.android.media.swcodec/etc/seccomp_policy/code_coverage.arm64.policy

services/mediaextractor/seccomp_policy/mediaextractor-arm64.policy

+11 −0

Original line number	Diff line number	Diff line
		@@ -46,5 +46,16 @@ mremap: 1
		# Required by Sanitizers
		sched_yield: 1

		# Android profiler (heapprofd, traced_perf) additions, where not already
		# covered by the rest of the file, or by builtin minijail allow-listing of
		# logging-related syscalls.
		# TODO(b/197184220): this is a targeted addition for a specific investigation,
		# and addresses just the arm64 framework av service policies. In the future, we
		# should make this more general (e.g. a central file that can be @included in
		# other policy files).
		setsockopt: 1
		sendmsg: 1
		set_tid_address: 1

		@include /apex/com.android.media/etc/seccomp_policy/crash_dump.arm64.policy
		@include /apex/com.android.media/etc/seccomp_policy/code_coverage.arm64.policy