Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 2dde5ece authored Sep 01, 2017 by Daniel Micay

whitelist getrandom for arc4random usage

arc4random is called by the linker for dlopen to randomize the library
load order, among other uses. It's becoming more widely used over time.
It calls getentropy at regular intervals to reseed itself, which uses
the getrandom system call. This wasn't noticed because it reseeds only
very rarely with typical usage in Android.

This was quickly noticed on CopperheadOS where the hardened allocator
based on OpenBSD malloc uses at least one (often more) byte of entropy
from arc4random for each call to malloc, free, realloc, etc. It's still
needed *eventually* without the hardened allocator but it would take a
lot of plugin loading / unloading, etc. with dlopen / dlclose to hit it
at the moment.

Change-Id: I0a448e833916373871edfc68274ac31e314d54f7

parent 7fa5bce9

services/mediacodec/seccomp_policy/mediacodec-arm.policy

+1 −0

Original line number	Diff line number	Diff line
		@@ -52,6 +52,7 @@ sched_setscheduler: 1
		fstatat64: 1
		ugetrlimit: 1
		getdents64: 1
		getrandom: 1

		# for attaching to debuggerd on process crash
		sigaction: 1

services/mediaextractor/seccomp_policy/mediaextractor-arm.policy

+1 −0

Original line number	Diff line number	Diff line
		@@ -39,6 +39,7 @@ getgid32: 1
		getegid32: 1
		getgroups32: 1
		nanosleep: 1
		getrandom: 1

		# for FileSource
		readlinkat: 1

services/mediaextractor/seccomp_policy/mediaextractor-arm64.policy

+1 −0

Original line number	Diff line number	Diff line
		@@ -28,6 +28,7 @@ exit_group: 1
		rt_sigreturn: 1
		getrlimit: 1
		nanosleep: 1
		getrandom: 1

		# for FileSource
		readlinkat: 1

services/mediaextractor/seccomp_policy/mediaextractor-x86.policy

+1 −0

Original line number	Diff line number	Diff line
		@@ -37,6 +37,7 @@ getgid32: 1
		getegid32: 1
		getgroups32: 1
		nanosleep: 1
		getrandom: 1

		# for FileSource
		readlinkat: 1