[Toybox] Android O: XARGS - bad system call

darken darken at darken.eu
Sun Apr 16 02:36:15 PDT 2017


FYI (but I think you CCed yourself on the issue ticket right?)

Copying the system toybox into my app makes it work.
So it seems to be related to how the system toybox is build (NDK
toolchain?) and my toybox is build (musl libc).

~Matthias

2017-04-15 13:52 GMT+02:00 darken <darken at darken.eu>:

> Created an issue ticket for this on the Android O tracker:
> https://issuetracker.google.com/issues/37369410
>
> You could try disabling seccomp in Zygote:
>>
> https://android.googlesource.com/platform/frameworks/base/+/
>> o-preview/core/java/com/android/internal/os/ZygoteInit.java#696
>
>
> I would have to compile my own Pixel Android O ROM for that though right?
>
> ~Matthias
>
> 2017-04-15 0:02 GMT+02:00 Steve Muckle <smuckle at google.com>:
>
>> Hi Matthias,
>>
>> On Thu, Apr 13, 2017 at 2:13 PM, darken <darken at darken.eu> wrote:
>>
>>> I'm not sure how to use strace, how do I get a strace binary into the
>>> Android O image?
>>>
>>> Can't reproduce it on the X86 Android O emulator image.
>>> But can reproduce it on my Pixel running Android O.
>>> Tried the latest toybox build too but it's not the build, and when
>>> running it as shell user (adb) it works:
>>>
>>> > sailfish:/data/local/tmp $ ./toybox_new find '/data/local/tmp'
>>> -maxdepth 0  -print0 | ./toybox_new xargs -0 echo
>>> > /data/local/tmp
>>> > sailfish:/data/local/tmp $ ./toybox_old find '/data/local/tmp'
>>> -maxdepth 0  -print0 | ./toybox_old xargs -0 echo
>>> > /data/local/tmp
>>> > sailfish:/data/local/tmp $ ./toybox_new --version
>>> > toybox 0.7.3-37-g04940678c81a
>>> > sailfish:/data/local/tmp $ ./toybox_old --version
>>> > toybox 0.7.2-37-g109a28b8a749
>>>
>>> So it works as shell user, but not as app user.
>>> But it also works if the app runs the native toybox from /system.
>>> Is this some kind of SELinux issue?
>>> Preventing xargs from forking processes or something like that?
>>>
>>> Why would it work on the emulator though...
>>>
>>
>> This sounds like it may be seccomp, a Linux kernel facility for
>> restricting the set of system calls a process may make. It is enforced at
>> the zygote level so would affect attempts from apps but presumably not the
>> shell. It is configured with the list of system calls in bionic
>> (SYSCALLS.TXT) as well as a whitelist (SECCOMP_WHITELIST.TXT):
>>
>> https://android.googlesource.com/platform/bionic/+/o-preview/libc/
>>
>> These lists are architecture specific. This is where seccomp was enforced
>> at the zygote level:
>>
>> https://android.googlesource.com/platform/system/core/+/c4af
>> 05f8a3d67b9a4288a2b37c7fc16755497f6b
>>
>> You could try disabling seccomp in Zygote:
>> https://android.googlesource.com/platform/frameworks/base/+/
>> o-preview/core/java/com/android/internal/os/ZygoteInit.java#696
>>
>> cheers,
>> Steve
>>
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.landley.net/pipermail/toybox-landley.net/attachments/20170416/ecb4aa91/attachment-0001.htm>


More information about the Toybox mailing list