From 809fb493412a8e1cb27dac737f832b316e69cd45 Mon Sep 17 00:00:00 2001 From: Oliver Kunz Date: Mon, 21 Mar 2022 08:35:29 -0700 Subject: [PATCH] Create a convencience function to set the name of a thread/process PiperOrigin-RevId: 436215084 Change-Id: I17dc8930a117fe67bd1b87e2ae3d4652875780df --- sandboxed_api/sandbox2/policybuilder.cc | 9 ++++++++- sandboxed_api/sandbox2/policybuilder.h | 5 +++++ 2 files changed, 13 insertions(+), 1 deletion(-) diff --git a/sandboxed_api/sandbox2/policybuilder.cc b/sandboxed_api/sandbox2/policybuilder.cc index 622a7b1..c9c4fb6 100644 --- a/sandboxed_api/sandbox2/policybuilder.cc +++ b/sandboxed_api/sandbox2/policybuilder.cc @@ -15,12 +15,14 @@ #include "sandboxed_api/sandbox2/policybuilder.h" #include // For TCGETS -#include // For the fcntl flags +#include +#include // For the fcntl flags #include #include #include // For SYS_CONNECT #include // For GRND_NONBLOCK #include // For mmap arguments +#include #include #include #include @@ -646,6 +648,11 @@ PolicyBuilder& PolicyBuilder::AllowRename() { return *this; } +PolicyBuilder& PolicyBuilder::AllowPrctlSetName() { + AddPolicyOnSyscall(__NR_prctl, {ARG_32(0), JEQ(PR_SET_NAME, ALLOW)}); + return *this; +} + PolicyBuilder& PolicyBuilder::AllowFutexOp(int op) { return AddPolicyOnSyscall( __NR_futex, { diff --git a/sandboxed_api/sandbox2/policybuilder.h b/sandboxed_api/sandbox2/policybuilder.h index f249462..48ddcee 100644 --- a/sandboxed_api/sandbox2/policybuilder.h +++ b/sandboxed_api/sandbox2/policybuilder.h @@ -379,6 +379,11 @@ class PolicyBuilder final { // - renameat2 PolicyBuilder& AllowRename(); + // Appends code to allow setting the name of a thread + // Allows the following + // - prctl(PR_SET_NAME, ...) + PolicyBuilder& AllowPrctlSetName(); + // Enables the syscalls necessary to start a statically linked binary // // NOTE: This will call BlockSyscallWithErrno(__NR_readlink, ENOENT). If you