-
Jeff Vander Stoep authoredConfigstore HAL uses a seccomp filter which blocks the standard path of execing crash_dump to collect crash data. Add permission to use crash_dump's fallback mechanism. Allowing configstore to write to the socket provided by tombstoned required either exempting configstore from a neverallow rule, or removing the neverallow rule entirely. Since the neverallow rule could potentially prevent partners for doing security hardening, it has been removed. Bug: 64768925 Bug: 36453956 Test: killall -ABRT android.hardware.configstore@1.1-service Results in a call stack in logcat, and tombstone in /data/tombstones Test: configstore runs without crashing Test: SANITIZE_TARGET="address coverage" make vts -j64 vts-tradefedrun commandAndExit vts --skip-all-system-status-check \ -primary-abi-only --skip-preconditions -l VERBOSE --module \ VtsHalConfigstoreV1_0IfaceFuzzer Change-Id: I1ed5265f173c760288d856adb9292c4026da43d6 (cherry picked from commit 9924d782)Jeff Vander Stoep authoredConfigstore HAL uses a seccomp filter which blocks the standard path of execing crash_dump to collect crash data. Add permission to use crash_dump's fallback mechanism. Allowing configstore to write to the socket provided by tombstoned required either exempting configstore from a neverallow rule, or removing the neverallow rule entirely. Since the neverallow rule could potentially prevent partners for doing security hardening, it has been removed. Bug: 64768925 Bug: 36453956 Test: killall -ABRT android.hardware.configstore@1.1-service Results in a call stack in logcat, and tombstone in /data/tombstones Test: configstore runs without crashing Test: SANITIZE_TARGET="address coverage" make vts -j64 vts-tradefedrun commandAndExit vts --skip-all-system-status-check \ -primary-abi-only --skip-preconditions -l VERBOSE --module \ VtsHalConfigstoreV1_0IfaceFuzzer Change-Id: I1ed5265f173c760288d856adb9292c4026da43d6 (cherry picked from commit 9924d782)