Block sigaltstack with ENOSYS by default

`absl::GetStackTrace` on Aarch64 since
bb7bbb12c7 will call sigaltstack.
`absl::Mutex` in debug mode uses `absl::GetStackTrace` causing many new syscall violations. An error in the sigaltstack should be tolerated, so this will fix the issue without opening up the policy too much.

PiperOrigin-RevId: 580885547
Change-Id: I1acf28bff0e2f6f236a262c0ca8fa74a6c57fada
This commit is contained in:
Wiktor Garbacz 2023-11-09 06:31:38 -08:00 committed by Copybara-Service
parent 6f90a6ef2a
commit 1bad376e42

View File

@ -998,6 +998,8 @@ PolicyBuilder& PolicyBuilder::AllowStaticStartup() {
JEQ32(PROT_READ, ALLOW), JEQ32(PROT_READ, ALLOW),
}); });
OverridableBlockSyscallWithErrno(__NR_sigaltstack, ENOSYS);
return *this; return *this;
} }