Move pipe, open, and getdents from the APP to COMMON seccomp whitelist.
These system calls are required by Breakpad for crash reporting.
WebViews are spawned from the webview_zygote, which itself is spawned
from the app_process zygote. The webview_zygote gets the SYSTEM seccomp
policy applied because it is not an app, and so the WebView sandboxed
processes inherit that policy.
In Ifd8a85b0de2eb6f2a76a6458570fc03b020a90ab, these system calls were
moved from COMMON to APP, which breaks Breakpad/crash reporting for
WebView sandboxed processes.
Bug: 112572914
Test: `am start com.android.settings/.SettingsLicenseActivity`
Test: Get the pid of the sandboxed_process0 for the license viewer.
Test: Send the process SIGABRT and check logcat for "google-breakpad"
error messages.
Change-Id: I1cf56ae85b1a67ec91e979bc7e0f941726a9cc0e
diff --git a/libc/SECCOMP_WHITELIST_COMMON.TXT b/libc/SECCOMP_WHITELIST_COMMON.TXT
index f6e9539..2faa559 100644
--- a/libc/SECCOMP_WHITELIST_COMMON.TXT
+++ b/libc/SECCOMP_WHITELIST_COMMON.TXT
@@ -51,6 +51,13 @@
# b/34763393
int seccomp:seccomp(unsigned int operation, unsigned int flags, void *args) all
+# Needed for debugging 32-bit Chrome
+int pipe:pipe(int pipefd[2]) arm,x86,mips
+
+# b/34813887
+int open:open(const char *path, int oflag, ... ) arm,x86,x86_64,mips
+int getdents:getdents(unsigned int fd, struct linux_dirent *dirp, unsigned int count) arm,x86,x86_64,mips
+
# syscalls needed to boot android
int sigreturn:sigreturn(unsigned long __unused) arm,x86,mips