fixed 6f29f8fc from https://gitee.com/xia-bubai/startup_init_lite/pulls/1688

<fix> HDF进程与守护进程关闭使能seccomp 只有系统服务相关进程使能seccomp Signed-off-by: N xiacong <xiacong4@huawei.com> Change-Id: Id5c085bb37160e5098740235eac0fa8af64e19e0

fixed 6f29f8fc from https://gitee.com/xia-bubai/startup_init_lite/pulls/1688
<fix> HDF进程与守护进程关闭使能seccomp 只有系统服务相关进程使能seccomp Signed-off-by: N xiacong <xiacong4@huawei.com> Change-Id: Id5c085bb37160e5098740235eac0fa8af64e19e0
209f6961 · xiacong · 夏不白 · 25a0f32f · 209f6961
隐藏空白更改
内联并排

Showing with 3 addition and 1 deletion

services/init/init_common_service.c services/init/init_common_service.c +3 -1

未找到文件。
--- a/services/init/init_common_service.c
+++ b/services/init/init_common_service.c
@@ -53,6 +53,7 @@
 #ifdef WITH_SECCOMP
 #define APPSPAWN_NAME ("appspawn")
 #define NWEBSPAWN_NAME ("nwebspawn")
+#define SA_MAIN_PATH ("/system/bin/sa_main")
 #endif

 #ifndef TIOCSCTTY
@@ -73,7 +74,8 @@ static void SetSystemSeccompPolicy(const Service *service)
 {
 #ifdef WITH_SECCOMP
    if (strncmp(APPSPAWN_NAME, service->name, strlen(APPSPAWN_NAME)) \
-        && strncmp(NWEBSPAWN_NAME, service->name, strlen(NWEBSPAWN_NAME))) {
+        && strncmp(NWEBSPAWN_NAME, service->name, strlen(NWEBSPAWN_NAME))
+        && !strncmp(SA_MAIN_PATH, service->pathArgs.argv[0], strlen(SA_MAIN_PATH))) {
        PluginExecCmdByName("SetSeccompPolicy", "start");
    }
 #endif