Allowing prctl through sandbox in coverage build.

The LLVM coverage runtime uses this system call. Bug: 842424 Change-Id: I68160535194fe2fbfc58c712a8b19daebc22de89 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1637855 Reviewed-by: Chris Palmer <palmer@chromium.org> Commit-Queue: Sajjad Mirza <sajjadm@chromium.org> Cr-Commit-Position: refs/heads/master@{#665300}
Denger-Network · May 31, 2019 · 5896605 · 5896605
1 parent 8447891
commit 5896605
Showing 1 changed file with 7 additions and 0 deletions.
diff --git a/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc b/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc
@@ -11,6 +11,7 @@
 #include <sys/types.h>
 #include <unistd.h>
 
+#include "base/clang_coverage_buildflags.h"
 #include "base/logging.h"
 #include "build/build_config.h"
 #include "sandbox/linux/bpf_dsl/bpf_dsl.h"
@@ -127,6 +128,12 @@ ResultExpr EvaluateSyscallImpl(int fs_denied_errno,
 #endif  // defined(ADDRESS_SANITIZER) || defined(THREAD_SANITIZER) ||
         // defined(MEMORY_SANITIZER)
 
+#if BUILDFLAG(CLANG_COVERAGE)
+  if (SyscallSets::IsPrctl(sysno)) {
+    return Allow();
+  }
+#endif
+
   if (IsBaselinePolicyAllowed(sysno)) {
     return Allow();
   }