Google Git
Sign in
chromium / chromiumos / platform / touch_updater / 97e19f6c183413affb7dbef8b4265234b78f6365
commit97e19f6c183413affb7dbef8b4265234b78f6365[log] [tgz]
authorJordan R Abrahams <ajordanr@google.com>Tue Aug 24 20:48:08 2021
committerCommit Bot <commit-bot@chromium.org>Fri Aug 27 06:43:36 2021
treeae6d62666b0716092808f3332869a952b86f715e
parentccd2cea9eab1c3e8604235e89af42f3708f2277c [diff]
Add fstatfs(64) syscalls to seccomp policies

Due to a local security hardening patch in glibc, we're now
calling fstatfs and fstatfs64 during dlopen. This is crashing
dash and kmod at present, which we _suspect_ some of those
crashes may be due to uncaught errors in touch_updater policies,

Crashes were identified via crash.corp
dash: http://shortn/_eLdGeNd8sp
kmod: http://shortn/_IheitZgfkV

BUG=chromium:1182687
TEST=Check CQ for dash seccomp failures during HW tests

Change-Id: Ie2ac28ca6ba84b94139ec65ae52dd8e3e73a9b7f
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/touch_updater/+/3116692
Tested-by: Jordan R Abrahams <ajordanr@google.com>
Commit-Queue: Jordan R Abrahams <ajordanr@google.com>
Reviewed-by: Andrew de los Reyes <adlr@chromium.org>
Reviewed-by: Harry Cutts <hcutts@chromium.org>
49 files changed
tree: ae6d62666b0716092808f3332869a952b86f715e
  1. common/
  2. docs/
  3. etphidiap/
  4. host_scripts/
  5. policies/
  6. scripts/
  7. stupdate/
  8. LICENSE
  9. OWNERS
  10. README
  11. unblocked_terms.txt