2019-12-02 18:28:28 +00:00
|
|
|
# Copyright 2019 The Chromium OS Authors. All rights reserved.
|
|
|
|
|
# Use of this source code is governed by a BSD-style license that can be
|
|
|
|
|
# found in the LICENSE file.
|
|
|
|
|
|
2022-02-22 23:24:52 +00:00
|
|
|
@include /usr/share/policy/crosvm/common_device.policy
|
2019-12-02 18:28:28 +00:00
|
|
|
|
|
|
|
|
chdir: 1
|
|
|
|
|
fstat: 1
|
|
|
|
|
fsync: 1
|
|
|
|
|
ftruncate: 1
|
2022-02-22 23:24:52 +00:00
|
|
|
getrandom: 1
|
2019-12-02 18:28:28 +00:00
|
|
|
getuid: 1
|
|
|
|
|
lseek: 1
|
seccomp: update/cleanup aarch64 rules
The build-time seccomp compiler for aarch64 complains that it doesn't
recognize open, epoll_wait, recv, mmap2, dup2, poll, mkdir, or stat.
I tried to propose a change to upstream minijail to make it aware of
these syscalls, but the calls are in various forms of deprecation
so upstream is doubting the sanity of the policy files.
I applied the following mapping: open->openat, epoll_wait->epoll_pwait,
recv->recvfrom, mmap2->mmap, dup2->dup3, poll->ppoll, mkdir->mkdirat,
and stat->statx. In many cases the new syscall was already present so I
just deleted the old one.
BUG=None
TEST=Ran compile_seccomp_policy.py with an unmodified minijail until
it stopped complaining. I don't have an arm device for runtime testing.
Wrote an app to emulate the execution of the first 400 syscall #s though
the bpf filter and verified that the list that matches the filter is the
same as the policy file.
Change-Id: I599aa549a1712b898eb6b73492872a9676e7215d
Signed-off-by: Matt Delco <delco@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2036218
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Stephen Barber <smbarber@chromium.org>
2020-02-04 01:26:44 +00:00
|
|
|
mkdirat: 1
|
2022-02-22 23:24:52 +00:00
|
|
|
newfstatat: 1
|
2019-12-02 18:28:28 +00:00
|
|
|
openat: 1
|
2022-02-22 23:24:52 +00:00
|
|
|
prctl: arg0 == PR_SET_NAME
|
2019-12-02 18:28:28 +00:00
|
|
|
socket: return EACCES
|
seccomp: update/cleanup aarch64 rules
The build-time seccomp compiler for aarch64 complains that it doesn't
recognize open, epoll_wait, recv, mmap2, dup2, poll, mkdir, or stat.
I tried to propose a change to upstream minijail to make it aware of
these syscalls, but the calls are in various forms of deprecation
so upstream is doubting the sanity of the policy files.
I applied the following mapping: open->openat, epoll_wait->epoll_pwait,
recv->recvfrom, mmap2->mmap, dup2->dup3, poll->ppoll, mkdir->mkdirat,
and stat->statx. In many cases the new syscall was already present so I
just deleted the old one.
BUG=None
TEST=Ran compile_seccomp_policy.py with an unmodified minijail until
it stopped complaining. I don't have an arm device for runtime testing.
Wrote an app to emulate the execution of the first 400 syscall #s though
the bpf filter and verified that the list that matches the filter is the
same as the policy file.
Change-Id: I599aa549a1712b898eb6b73492872a9676e7215d
Signed-off-by: Matt Delco <delco@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2036218
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Stephen Barber <smbarber@chromium.org>
2020-02-04 01:26:44 +00:00
|
|
|
statx: 1
|
