| commit | 46ffda36f5268cae7aaa33fd0d4e8be875a680a2 | [log] [tgz] |
|---|---|---|
| author | Paul Moy <pmoy@chromium.org> | Fri Mar 20 12:31:48 2020 -0600 |
| committer | Commit Bot <commit-bot@chromium.org> | Mon Mar 23 16:36:17 2020 +0000 |
| tree | 2525e863ff5aed1e8cf2989517a6f52cb4c5360c | |
| parent | dd2f47882ebdc62b788a610df5900a43fc758838 [diff] |
diagnostics: give cros_healthd access to kill cros_healthd is crashing when it attempts to cancel the urandom routine. The cancellation needs access to the kill syscall, which isn't in cros_healthd's seccomp filter. Add it :) BUG=chromium:1060627 TEST=diag --action=run_routine --routine=urandom --force_cancel Note that this test requires crrev.com/c/2105879, although the change is not dependent on that change. Change-Id: I414267eee0f150e728a1165949b5da578734bbbf Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform2/+/2106683 Reviewed-by: Trent Begin <tbegin@chromium.org> Commit-Queue: Paul Moy <pmoy@chromium.org> Tested-by: Paul Moy <pmoy@chromium.org>
diff --git a/diagnostics/init/cros_healthd-seccomp-amd64.policy b/diagnostics/init/cros_healthd-seccomp-amd64.policy index 7053dd9..d392d55 100644 --- a/diagnostics/init/cros_healthd-seccomp-amd64.policy +++ b/diagnostics/init/cros_healthd-seccomp-amd64.policy
@@ -74,3 +74,4 @@ sched_yield: 1 sysinfo: 1 nanosleep: 1 +kill: arg1 == SIGKILL || arg1 == SIGTERM