Android Seccomp Crash: SYS_clock_getres |
|||||
Issue descriptionObserved using this query: SELECT ProductData.Value AS BuildFP, cpu.Architecture, (crash.Address & 0x3FF) AS sysno, COUNT(ReportID), ANY(ReportID) AS ReportID FROM (FLATTEN(crash.prod.latest, ProductData)) WHERE Product.Name = 'Chrome_Android' AND CrashedStackTrace.StackFrame.FunctionName CONTAINS 'sandbox::CrashSIGSYS_Handler' AND CAST(SUBSTR(Product.Version, 6) AS FLOAT) > 2822 AND ProductData.Key = 'android_build_fp' GROUP BY BuildFP, cpu.Architecture, sysno ORDER BY cpu.Architecture, sysno Seeing this on arm32 and arm64. sysno for arm32 = 264. sysno for arm64 = 114. The baseline_policy.cc, from which the Android policy inherits, only permits clock_gettime. But bpf_renderer_policy_linux.cc permits clock_getres by restricting the clk_id to the same as allowed by clock_gettime via sandbox::RestrictClockID(). The Android policy should do the same.
,
Oct 13 2016
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/b24153c24947d53fb5158a4888285c9f48850ff7 commit b24153c24947d53fb5158a4888285c9f48850ff7 Author: Robert Sesek <rsesek@chromium.org> Date: Thu Oct 13 14:37:01 2016 [Android] Allow __NR_sysinfo and __NR_clock_getres under seccomp. sysinfo() is allowed unconditionally, while clock_getres() is restricted to the set of clk_ids that clock_gettime() is. BUG= 655277 , 655299 R=rickyz@chromium.org Review-Url: https://codereview.chromium.org/2417673002 Cr-Commit-Position: refs/heads/master@{#424911} (cherry picked from commit 6cc408a029eb5fc6d9c10f556df6c717fcaabb9a) Review URL: https://codereview.chromium.org/2410303007 . Cr-Commit-Position: refs/branch-heads/2883@{#86} Cr-Branched-From: 614d31daee2f61b0180df403a8ad43f20b9f6dd7-refs/heads/master@{#423768} [modify] https://crrev.com/b24153c24947d53fb5158a4888285c9f48850ff7/content/common/sandbox_linux/android/sandbox_bpf_base_policy_android.cc
,
Oct 13 2016
,
Oct 27 2016
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/b24153c24947d53fb5158a4888285c9f48850ff7 commit b24153c24947d53fb5158a4888285c9f48850ff7 Author: Robert Sesek <rsesek@chromium.org> Date: Thu Oct 13 14:37:01 2016 [Android] Allow __NR_sysinfo and __NR_clock_getres under seccomp. sysinfo() is allowed unconditionally, while clock_getres() is restricted to the set of clk_ids that clock_gettime() is. BUG= 655277 , 655299 R=rickyz@chromium.org Review-Url: https://codereview.chromium.org/2417673002 Cr-Commit-Position: refs/heads/master@{#424911} (cherry picked from commit 6cc408a029eb5fc6d9c10f556df6c717fcaabb9a) Review URL: https://codereview.chromium.org/2410303007 . Cr-Commit-Position: refs/branch-heads/2883@{#86} Cr-Branched-From: 614d31daee2f61b0180df403a8ad43f20b9f6dd7-refs/heads/master@{#423768} [modify] https://crrev.com/b24153c24947d53fb5158a4888285c9f48850ff7/content/common/sandbox_linux/android/sandbox_bpf_base_policy_android.cc
,
Nov 4 2016
[Automated comment] removing mislabelled merge-merged-2840
,
Nov 4 2016
[Automated comment] removing mislabelled merge-merged-2840 |
|||||
►
Sign in to add a comment |
|||||
Comment 1 by bugdroid1@chromium.org
, Oct 12 2016