init: add support for global seccomp boot option
Setting androidboot.seccomp=global on the kernel command line shall
enable seccomp for all processes rather than just in zygote. Doing
this has a performance impact, for now it shall just be used to audit
syscall usage during testing.
Bug: 37960259
Change-Id: I6b9fc95e9bec5e2bcfe6ef0b4343a5b422e30152
diff --git a/init/init.cpp b/init/init.cpp
index b0b2e49..b566cb3 100644
--- a/init/init.cpp
+++ b/init/init.cpp
@@ -23,6 +23,7 @@
#include <inttypes.h>
#include <libgen.h>
#include <paths.h>
+#include <seccomp_policy.h>
#include <signal.h>
#include <stdarg.h>
#include <stdio.h>
@@ -554,6 +555,15 @@
return 0;
}
+static void global_seccomp() {
+ import_kernel_cmdline(false, [](const std::string& key, const std::string& value, bool in_qemu) {
+ if (key == "androidboot.seccomp" && value == "global" && !set_global_seccomp_filter()) {
+ LOG(ERROR) << "Failed to globally enable seccomp!";
+ panic();
+ }
+ });
+}
+
static void selinux_init_all_handles(void)
{
sehandle = selinux_android_file_context_handle();
@@ -1004,6 +1014,9 @@
SetInitAvbVersionInRecovery();
+ // Enable seccomp if global boot option was passed (otherwise it is enabled in zygote).
+ global_seccomp();
+
// Set up SELinux, loading the SELinux policy.
selinux_initialize(true);