Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 04696f70 authored by TreeHugger Robot's avatar TreeHugger Robot Committed by Android (Google) Code Review
Browse files

Merge "Use @include for crash_dump seccomp policies."

parents 98c15702 ebb2179a

services/mediacodec/Android.mk

+2 −1
Original line number Diff line number Diff line
@@ -27,6 +27,7 @@ _software_codecs := \ 
include $(CLEAR_VARS)

# seccomp is not required for coverage build.

ifneq ($(NATIVE_COVERAGE),true)

LOCAL_REQUIRED_MODULES := crash_dump.policy

LOCAL_REQUIRED_MODULES_arm := mediacodec.policy

LOCAL_REQUIRED_MODULES_x86 := mediacodec.policy

endif
@@ -53,7 +54,7 @@ LOCAL_32_BIT_ONLY := true 
# Since this is 32-bit-only module, only 32-bit version of the codecs are installed.

# TODO(b/72343507): eliminate the need for manually adding .vendor suffix. This should be done

# by the build system.

LOCAL_REQUIRED_MODULES := \

LOCAL_REQUIRED_MODULES += \

$(foreach codec,$(_software_codecs),\

  $(eval _vendor_suffix := $(if $(BOARD_VNDK_VERSION),.vendor))\

  $(codec)$(_vendor_suffix)\

services/mediacodec/seccomp_policy/mediacodec-arm.policy

+1 −15
Original line number Diff line number Diff line
@@ -55,18 +55,4 @@ ugetrlimit: 1 
getdents64: 1

getrandom: 1



# for attaching to debuggerd on process crash

sigaction: 1

tgkill: 1

socket: 1

connect: 1

fcntl64: 1

rt_tgsigqueueinfo: 1

geteuid32: 1

getgid32: 1

getegid32: 1

getgroups32: 1

recvmsg: 1

getpid: 1

gettid: 1

process_vm_readv: 1
 
@include /system/etc/seccomp_policy/crash_dump.arm.policy

services/mediacodec/seccomp_policy/mediacodec-x86.policy

+2 −15
Original line number Diff line number Diff line
@@ -47,23 +47,10 @@ set_tid_address: 1 
write: 1

nanosleep: 1



# for attaching to debuggerd on process crash

socketcall: 1

sigaction: 1

tgkill: 1

rt_sigprocmask: 1

fcntl64: 1

rt_tgsigqueueinfo: 1

geteuid32: 1

getgid32: 1

getegid32: 1

getgroups32: 1

getdents64: 1

pipe2: 1

ppoll: 1



# Required by AddressSanitizer

gettid: 1

sched_yield: 1

getpid: 1

gettid: 1



@include /system/etc/seccomp_policy/crash_dump.x86.policy

services/mediaextractor/Android.mk

+2 −1
Original line number Diff line number Diff line
@@ -15,12 +15,13 @@ include $(BUILD_SHARED_LIBRARY) 
# service executable

include $(CLEAR_VARS)

# seccomp filters are defined for the following architectures:

LOCAL_REQUIRED_MODULES := crash_dump.policy

LOCAL_REQUIRED_MODULES_arm := mediaextractor.policy

LOCAL_REQUIRED_MODULES_arm64 := mediaextractor.policy

LOCAL_REQUIRED_MODULES_x86 := mediaextractor.policy



# extractor libraries

LOCAL_REQUIRED_MODULES := \

LOCAL_REQUIRED_MODULES += \

    libaacextractor \

    libamrextractor \

    libflacextractor \

services/mediaextractor/seccomp_policy/mediaextractor-arm.policy

+1 −18
Original line number Diff line number Diff line
@@ -48,21 +48,4 @@ pread64: 1 
readlinkat: 1

_llseek: 1



# for attaching to debuggerd on process crash

sigaction: 1

tgkill: 1

socket: 1

connect: 1

recvmsg: 1

fcntl64: 1

rt_tgsigqueueinfo: 1

geteuid32: 1

getgid32: 1

getegid32: 1

getgroups32: 1

getdents64: 1

pipe2: 1

ppoll: 1

getpid: 1

gettid: 1

process_vm_readv: 1
 
@include /system/etc/seccomp_policy/crash_dump.arm.policy