Merge "Allow failing app through seccomp policy" am: d0ff90afef am: 50e88dc5b3 am: ac1e8d916e Change-Id: Iadb5f9f7cd34d298c6208e9a9233b6abe78b84ea

commit: 04e410b7422b5ffd7d00b9159df0e11fffc8dcb2 [log] [tgz]
author: Paul Lawrence <paullawrence@google.com> Fri Jan 27 20:09:34 2017 +0000
committer: android-build-merger <android-build-merger@google.com> Fri Jan 27 20:09:34 2017 +0000
tree: 4c9c832eba7a11a8048b9f17a66626ca3e122596
parent: 41a068dc4be9d323fe3b13ea1ede5e54ab40acd1 [diff]
parent: 6c9036ad4ad3cfe59680cbacdf4b193ff64d014f [diff]
diff --git a/init/seccomp.cpp b/init/seccomp.cpp
index 92f30e8..6c85217 100644
--- a/init/seccomp.cpp
+++ b/init/seccomp.cpp

@@ -208,17 +208,21 @@
     AllowSyscall(f, 190); // __NR_vfork
 
     // Needed for strace
-    AllowSyscall(f, 238);  // __NR_tkill
+    AllowSyscall(f, 238); // __NR_tkill
 
     // Needed for kernel to restart syscalls
-    AllowSyscall(f, 0);  // __NR_restart_syscall
+    AllowSyscall(f, 0);   // __NR_restart_syscall
 
     // Needed for debugging 32-bit Chrome
-    AllowSyscall(f, 42); // __NR_pipe
+    AllowSyscall(f, 42);  // __NR_pipe
 
     // b/34732712
     AllowSyscall(f, 364); // __NR_perf_event_open
 
+    // b/34651972
+    AllowSyscall(f, 33);  // __NR_access
+    AllowSyscall(f, 195); // __NR_stat64
+
     // arm32-on-arm64 only filter - autogenerated from bionic syscall usage
     for (size_t i = 0; i < arm_filter_size; ++i)
         f.push_back(arm_filter[i]);
commit	04e410b7422b5ffd7d00b9159df0e11fffc8dcb2	[log] [tgz]
author	Paul Lawrence <paullawrence@google.com>	Fri Jan 27 20:09:34 2017 +0000
committer	android-build-merger <android-build-merger@google.com>	Fri Jan 27 20:09:34 2017 +0000
tree	4c9c832eba7a11a8048b9f17a66626ca3e122596
parent	41a068dc4be9d323fe3b13ea1ede5e54ab40acd1 [diff]
parent	6c9036ad4ad3cfe59680cbacdf4b193ff64d014f [diff]