From 2e253cbcc6022ed1605f135e22b49f9e6620bf7f Mon Sep 17 00:00:00 2001
From: Colin Cross <ccross@android.com>
Date: Mon, 23 Jan 2017 17:06:14 -0800
Subject: [PATCH] Allow tkill

tkill and tgkill are syscalls that do not have glibc wrappers, but
they are required in order to send a signal to a specific thread.
Non-android software may call them directly with syscall().  Bionic
provides a wrapper for tgkill, so seccomp allows it, but not for
tkill.  Add tkill to the whitelist.

This can be reproduced with:
sleep 1000 & sleep 1 ; strace -p $!
then hit ctrl-C, and the shell will print "Bad system call" because
the strace process died with SIGSYS

Bug: 34586922
Test: repro case is fixed
Change-Id: Ib6962a967f2cc757f2906de7905e75e1b6d6f39f
---
 init/seccomp.cpp | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/init/seccomp.cpp b/init/seccomp.cpp
index b7744b666..d632302ec 100644
--- a/init/seccomp.cpp
+++ b/init/seccomp.cpp
@@ -170,6 +170,9 @@ bool set_seccomp_filter() {
     // Needed for trusty
     AllowSyscall(f, __NR_syncfs);
 
+    // Needed for strace
+    AllowSyscall(f, __NR_tkill);  // __NR_tkill
+
     // Needed for kernel to restart syscalls
     AllowSyscall(f, __NR_restart_syscall);
 
@@ -204,6 +207,9 @@ bool set_seccomp_filter() {
     // Syscalls needed to run GFXBenchmark
     AllowSyscall(f, 190); // __NR_vfork
 
+    // Needed for strace
+    AllowSyscall(f, 238);  // __NR_tkill
+
     // Needed for kernel to restart syscalls
     AllowSyscall(f, 0);  // __NR_restart_syscall