StarMirror/sandboxed-api
1
0
Fork 0
mirror of https://github.com/google/sandboxed-api.git synced 2024-03-22 13:11:30 +08:00
Code Issues Projects Releases Wiki Activity

Block sigaltstack with ENOSYS by default

Browse Source 
`absl::GetStackTrace` on Aarch64 since
bb7bbb12c7 will call sigaltstack.
`absl::Mutex` in debug mode uses `absl::GetStackTrace` causing many new syscall violations. An error in the sigaltstack should be tolerated, so this will fix the issue without opening up the policy too much.

PiperOrigin-RevId: 580885547
Change-Id: I1acf28bff0e2f6f236a262c0ca8fa74a6c57fada
This commit is contained in:
Wiktor Garbacz 2023-11-09 06:31:38 -08:00 committed by Copybara-Service
parent 6f90a6ef2a
commit 1bad376e42
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
sandboxed_api/sandbox2/policybuilder.cc
View File

@ -998,6 +998,8 @@ PolicyBuilder& PolicyBuilder::AllowStaticStartup() {
JEQ32(PROT_READ, ALLOW),
});
OverridableBlockSyscallWithErrno(__NR_sigaltstack, ENOSYS);
return *this;
}