From ab9c4afb15ef3c5bd51c1f495a40c91ea0485e8b Mon Sep 17 00:00:00 2001 From: Oliver Kunz Date: Tue, 22 Mar 2022 23:38:29 -0700 Subject: [PATCH] Create a convencience function to set the name of a thread/process PiperOrigin-RevId: 436661002 Change-Id: Ia66cef2f3eda829c65bc07e2ac43a0b2c878eb7b --- sandboxed_api/sandbox2/policybuilder.cc | 6 ++++++ sandboxed_api/sandbox2/policybuilder.h | 5 +++++ 2 files changed, 11 insertions(+) diff --git a/sandboxed_api/sandbox2/policybuilder.cc b/sandboxed_api/sandbox2/policybuilder.cc index 622a7b1..d9180ef 100644 --- a/sandboxed_api/sandbox2/policybuilder.cc +++ b/sandboxed_api/sandbox2/policybuilder.cc @@ -21,6 +21,7 @@ #include // For SYS_CONNECT #include // For GRND_NONBLOCK #include // For mmap arguments +#include #include #include #include @@ -646,6 +647,11 @@ PolicyBuilder& PolicyBuilder::AllowRename() { return *this; } +PolicyBuilder& PolicyBuilder::AllowPrctlSetName() { + AddPolicyOnSyscall(__NR_prctl, {ARG_32(0), JEQ32(PR_SET_NAME, ALLOW)}); + return *this; +} + PolicyBuilder& PolicyBuilder::AllowFutexOp(int op) { return AddPolicyOnSyscall( __NR_futex, { diff --git a/sandboxed_api/sandbox2/policybuilder.h b/sandboxed_api/sandbox2/policybuilder.h index f249462..48ddcee 100644 --- a/sandboxed_api/sandbox2/policybuilder.h +++ b/sandboxed_api/sandbox2/policybuilder.h @@ -379,6 +379,11 @@ class PolicyBuilder final { // - renameat2 PolicyBuilder& AllowRename(); + // Appends code to allow setting the name of a thread + // Allows the following + // - prctl(PR_SET_NAME, ...) + PolicyBuilder& AllowPrctlSetName(); + // Enables the syscalls necessary to start a statically linked binary // // NOTE: This will call BlockSyscallWithErrno(__NR_readlink, ENOENT). If you