From a761362d715a525068cf72bd66d34e40a369d60f Mon Sep 17 00:00:00 2001 From: Oliver Kunz Date: Thu, 19 May 2022 04:54:57 -0700 Subject: [PATCH] Internal Changes PiperOrigin-RevId: 449714418 Change-Id: I12241fff9fdf97f22258d4a18ff4d54b2587d6dc --- sandboxed_api/sandbox.cc | 9 ++++----- sandboxed_api/sandbox.h | 1 + 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/sandboxed_api/sandbox.cc b/sandboxed_api/sandbox.cc index d114087..bfb649c 100644 --- a/sandboxed_api/sandbox.cc +++ b/sandboxed_api/sandbox.cc @@ -91,14 +91,14 @@ void InitDefaultPolicyBuilder(sandbox2::PolicyBuilder* builder) { #ifdef __NR_arch_prctl // x86-64 only __NR_arch_prctl, #endif - }) - .AddFile("/etc/localtime") - .AddTmpfs("/tmp", 1ULL << 30 /* 1GiB tmpfs (max size) */); + }); if constexpr (sanitizers::IsAny()) { LOG(WARNING) << "Allowing additional calls to support the LLVM " << "(ASAN/MSAN/TSAN) sanitizer"; builder->AllowLlvmSanitizers(); } + builder->AddFile("/etc/localtime") + .AddTmpfs("/tmp", 1ULL << 30 /* 1GiB tmpfs (max size */); } void Sandbox::Terminate(bool attempt_graceful_exit) { @@ -140,7 +140,7 @@ absl::Status Sandbox::Init() { // library. std::string lib_path; int embed_lib_fd = -1; - if (embed_lib_toc_) { + if (embed_lib_toc_ && !sapi::host_os::IsAndroid()) { embed_lib_fd = EmbedFile::instance()->GetDupFdForFileToc(embed_lib_toc_); if (embed_lib_fd == -1) { PLOG(ERROR) << "Cannot create executable FD for TOC:'" @@ -155,7 +155,6 @@ absl::Status Sandbox::Init() { return absl::FailedPreconditionError("No SAPI library path given"); } } - std::vector args = {lib_path}; // Additional arguments, if needed. GetArgs(&args); diff --git a/sandboxed_api/sandbox.h b/sandboxed_api/sandbox.h index 61b5a4b..9f7af61 100644 --- a/sandboxed_api/sandbox.h +++ b/sandboxed_api/sandbox.h @@ -22,6 +22,7 @@ #include "sandboxed_api/file_toc.h" #include "absl/base/macros.h" #include "absl/status/statusor.h" +#include "sandboxed_api/config.h" #include "sandboxed_api/rpcchannel.h" #include "sandboxed_api/sandbox2/client.h" #include "sandboxed_api/sandbox2/comms.h"