Expand seccomp whitelist Add syscalls required by sanitizers. Bug: 34606909 Test: Make sure Android boots when built with SANITIZE_TARGET='address' Change-Id: Ifa223fb663a4ff43c8b8df9b7bf9452e41079e2e

commit: 47f450c18e4a1ce5a1a80eadb57853f1b8284511 [log] [tgz]
author: Alex Shlyapnikov <alekseys@google.com> Wed Feb 01 18:03:08 2017 -0800
committer: Alex Shlyapnikov <alekseys@google.com> Wed Feb 01 18:03:08 2017 -0800
tree: 45e43fa0b18bc8bf5f460ed2fe8477043d6f374b
parent: 43f4d43ebe912688276719996a046f7d168a21a7 [diff]
diff --git a/init/seccomp.cpp b/init/seccomp.cpp
index b0688f3..608c4e7 100644
--- a/init/seccomp.cpp
+++ b/init/seccomp.cpp

@@ -234,6 +234,11 @@
     // b/34817266
     AllowSyscall(f, 252); // __NR_epoll_wait
 
+    // Needed by sanitizers (b/34606909)
+    // 5 (__NR_open) and 195 (__NR_stat64) are also required, but they are
+    // already allowed.
+    AllowSyscall(f, 85);  // __NR_readlink
+
     // arm32-on-arm64 only filter - autogenerated from bionic syscall usage
     for (size_t i = 0; i < arm_filter_size; ++i)
         f.push_back(arm_filter[i]);
commit	47f450c18e4a1ce5a1a80eadb57853f1b8284511	[log] [tgz]
author	Alex Shlyapnikov <alekseys@google.com>	Wed Feb 01 18:03:08 2017 -0800
committer	Alex Shlyapnikov <alekseys@google.com>	Wed Feb 01 18:03:08 2017 -0800
tree	45e43fa0b18bc8bf5f460ed2fe8477043d6f374b
parent	43f4d43ebe912688276719996a046f7d168a21a7 [diff]