Loading services/mediacodec/Android.mk +24 −2 Original line number Diff line number Diff line Loading @@ -69,8 +69,8 @@ include $(BUILD_EXECUTABLE) include $(CLEAR_VARS) # seccomp is not required for coverage build. ifneq ($(NATIVE_COVERAGE),true) LOCAL_REQUIRED_MODULES_arm := crash_dump.policy mediacodec.policy LOCAL_REQUIRED_MODULES_x86 := crash_dump.policy mediacodec.policy LOCAL_REQUIRED_MODULES_arm := crash_dump.policy mediaswcodec.policy LOCAL_REQUIRED_MODULES_x86 := crash_dump.policy mediaswcodec.policy endif LOCAL_SRC_FILES := \ main_swcodecservice.cpp \ Loading Loading @@ -137,4 +137,26 @@ endif include $(BUILD_PREBUILT) endif #################################################################### # sw service seccomp policy ifeq ($(TARGET_ARCH), $(filter $(TARGET_ARCH), x86 x86_64 arm arm64)) include $(CLEAR_VARS) LOCAL_MODULE := mediaswcodec.policy LOCAL_MODULE_CLASS := ETC LOCAL_MODULE_PATH := $(TARGET_OUT)/etc/seccomp_policy # mediaswcodec runs in 32-bit combatibility mode. For 64 bit architectures, # use the 32 bit policy ifdef TARGET_2ND_ARCH ifneq ($(TARGET_TRANSLATE_2ND_ARCH),true) LOCAL_SRC_FILES := seccomp_policy/mediaswcodec-$(TARGET_2ND_ARCH).policy else LOCAL_SRC_FILES := seccomp_policy/mediaswcodec-$(TARGET_ARCH).policy endif else LOCAL_SRC_FILES := seccomp_policy/mediaswcodec-$(TARGET_ARCH).policy endif include $(BUILD_PREBUILT) endif include $(call all-makefiles-under, $(LOCAL_PATH)) services/mediacodec/main_swcodecservice.cpp +2 −4 Original line number Diff line number Diff line Loading @@ -26,12 +26,10 @@ using namespace android; // TODO: replace policy with software codec-only policies // Must match location in Android.mk. static const char kSystemSeccompPolicyPath[] = "/system/etc/seccomp_policy/mediacodec.policy"; "/system/etc/seccomp_policy/mediaswcodec.policy"; static const char kVendorSeccompPolicyPath[] = "/vendor/etc/seccomp_policy/mediacodec.policy"; "/vendor/etc/seccomp_policy/mediaswcodec.policy"; // Disable Scudo's mismatch allocation check, as it is being triggered // by some third party code. Loading services/mediacodec/seccomp_policy/mediaswcodec-arm.policy 0 → 100644 +60 −0 Original line number Diff line number Diff line # Copyright (C) 2019 The Android Open Source Project # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. futex: 1 # ioctl calls are filtered via the selinux policy. ioctl: 1 sched_yield: 1 close: 1 dup: 1 ppoll: 1 mprotect: arg2 in ~PROT_EXEC || arg2 in ~PROT_WRITE mmap2: arg2 in ~PROT_EXEC || arg2 in ~PROT_WRITE # mremap: Ensure |flags| are (MREMAP_MAYMOVE | MREMAP_FIXED) TODO: Once minijail # parser support for '<' is in this needs to be modified to also prevent # |old_address| and |new_address| from touching the exception vector page, which # on ARM is statically loaded at 0xffff 0000. See # http://infocenter.arm.com/help/index.jsp?topic=/com.arm.doc.ddi0211h/Babfeega.html # for more details. mremap: arg3 == 3 munmap: 1 prctl: 1 getuid32: 1 writev: 1 sigaltstack: 1 clone: 1 exit: 1 lseek: 1 rt_sigprocmask: 1 openat: 1 fstat64: 1 write: 1 nanosleep: 1 setpriority: 1 set_tid_address: 1 getdents64: 1 readlinkat: 1 read: 1 pread64: 1 fstatfs64: 1 gettimeofday: 1 faccessat: 1 _llseek: 1 fstatat64: 1 ugetrlimit: 1 exit_group: 1 restart_syscall: 1 rt_sigreturn: 1 getrandom: 1 services/mediacodec/seccomp_policy/mediaswcodec-x86.policy 0 → 120000 +1 −0 Original line number Diff line number Diff line mediacodec-x86.policy No newline at end of file Loading
services/mediacodec/Android.mk +24 −2 Original line number Diff line number Diff line Loading @@ -69,8 +69,8 @@ include $(BUILD_EXECUTABLE) include $(CLEAR_VARS) # seccomp is not required for coverage build. ifneq ($(NATIVE_COVERAGE),true) LOCAL_REQUIRED_MODULES_arm := crash_dump.policy mediacodec.policy LOCAL_REQUIRED_MODULES_x86 := crash_dump.policy mediacodec.policy LOCAL_REQUIRED_MODULES_arm := crash_dump.policy mediaswcodec.policy LOCAL_REQUIRED_MODULES_x86 := crash_dump.policy mediaswcodec.policy endif LOCAL_SRC_FILES := \ main_swcodecservice.cpp \ Loading Loading @@ -137,4 +137,26 @@ endif include $(BUILD_PREBUILT) endif #################################################################### # sw service seccomp policy ifeq ($(TARGET_ARCH), $(filter $(TARGET_ARCH), x86 x86_64 arm arm64)) include $(CLEAR_VARS) LOCAL_MODULE := mediaswcodec.policy LOCAL_MODULE_CLASS := ETC LOCAL_MODULE_PATH := $(TARGET_OUT)/etc/seccomp_policy # mediaswcodec runs in 32-bit combatibility mode. For 64 bit architectures, # use the 32 bit policy ifdef TARGET_2ND_ARCH ifneq ($(TARGET_TRANSLATE_2ND_ARCH),true) LOCAL_SRC_FILES := seccomp_policy/mediaswcodec-$(TARGET_2ND_ARCH).policy else LOCAL_SRC_FILES := seccomp_policy/mediaswcodec-$(TARGET_ARCH).policy endif else LOCAL_SRC_FILES := seccomp_policy/mediaswcodec-$(TARGET_ARCH).policy endif include $(BUILD_PREBUILT) endif include $(call all-makefiles-under, $(LOCAL_PATH))
services/mediacodec/main_swcodecservice.cpp +2 −4 Original line number Diff line number Diff line Loading @@ -26,12 +26,10 @@ using namespace android; // TODO: replace policy with software codec-only policies // Must match location in Android.mk. static const char kSystemSeccompPolicyPath[] = "/system/etc/seccomp_policy/mediacodec.policy"; "/system/etc/seccomp_policy/mediaswcodec.policy"; static const char kVendorSeccompPolicyPath[] = "/vendor/etc/seccomp_policy/mediacodec.policy"; "/vendor/etc/seccomp_policy/mediaswcodec.policy"; // Disable Scudo's mismatch allocation check, as it is being triggered // by some third party code. Loading
services/mediacodec/seccomp_policy/mediaswcodec-arm.policy 0 → 100644 +60 −0 Original line number Diff line number Diff line # Copyright (C) 2019 The Android Open Source Project # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. futex: 1 # ioctl calls are filtered via the selinux policy. ioctl: 1 sched_yield: 1 close: 1 dup: 1 ppoll: 1 mprotect: arg2 in ~PROT_EXEC || arg2 in ~PROT_WRITE mmap2: arg2 in ~PROT_EXEC || arg2 in ~PROT_WRITE # mremap: Ensure |flags| are (MREMAP_MAYMOVE | MREMAP_FIXED) TODO: Once minijail # parser support for '<' is in this needs to be modified to also prevent # |old_address| and |new_address| from touching the exception vector page, which # on ARM is statically loaded at 0xffff 0000. See # http://infocenter.arm.com/help/index.jsp?topic=/com.arm.doc.ddi0211h/Babfeega.html # for more details. mremap: arg3 == 3 munmap: 1 prctl: 1 getuid32: 1 writev: 1 sigaltstack: 1 clone: 1 exit: 1 lseek: 1 rt_sigprocmask: 1 openat: 1 fstat64: 1 write: 1 nanosleep: 1 setpriority: 1 set_tid_address: 1 getdents64: 1 readlinkat: 1 read: 1 pread64: 1 fstatfs64: 1 gettimeofday: 1 faccessat: 1 _llseek: 1 fstatat64: 1 ugetrlimit: 1 exit_group: 1 restart_syscall: 1 rt_sigreturn: 1 getrandom: 1
services/mediacodec/seccomp_policy/mediaswcodec-x86.policy 0 → 120000 +1 −0 Original line number Diff line number Diff line mediacodec-x86.policy No newline at end of file
