Use SECCOMP_RET_TRAP when setting thread sync.
SECCOMP_RET_KILL will only kill the offending thread -- it's equivalent
to having the thread call syscall(SYS_exit, SIGSYS). This is explicitly
*not* the same as exit_group(2), so other threads in the thread group
will not be killed.
When setting thread sync, we normally would expect all threads in the
thread group to be killed. To do this, use SECCOMP_RET_TRAP and reset
the signal disposition for SIGSYS to its default value, which is to
abort and dump core (see signal(7)).
There was also a small bug related to seccomp_can_softfail(), where we
were never using seccomp even when it was available.
Bug: 31862018
Test: Manual with multi-threaded program.
Change-Id: I4a10d256b0ba1b15041d46c22bd45b445f8ef3f7
6 files changed