From 0508572d3cb8f652deaa50b2be908bcea139935d Mon Sep 17 00:00:00 2001
From: Douglas Anderson <dianders@chromium.org>
Date: Fri, 6 May 2022 13:32:25 -0700
Subject: [PATCH] seccomp: Move prctl in gpu_common to gpu-specific section

The top part of gpu_common.policy is supposed to match
common_device.policy, but "prctl" is in this top part and isn't in
common_device.policy. A bit of history:
* prctl used to be in the common_device.policy but was removed in
  <https://crrev.com/c/2837307>.
* Even when prctl was in common_device.policy, it had different
  arguments than what we allow in gpu_common.policy.

This is a no-op cleanup change.

BUG=None
TEST=None

Change-Id: Ic71c9da3ef9eb24665711d2000416ff9c87d49a1
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/3631410
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Commit-Queue: Douglas Anderson <dianders@chromium.org>
---
 seccomp/aarch64/gpu_common.policy | 2 +-
 seccomp/arm/gpu_common.policy     | 2 +-
 seccomp/x86_64/gpu_common.policy  | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/seccomp/aarch64/gpu_common.policy b/seccomp/aarch64/gpu_common.policy
index f98225ebe4..c20045dac5 100644
--- a/seccomp/aarch64/gpu_common.policy
+++ b/seccomp/aarch64/gpu_common.policy
@@ -28,7 +28,6 @@ nanosleep: 1
 clock_nanosleep: 1
 pipe2: 1
 ppoll: 1
-prctl: arg0 == PR_SET_NAME || arg0 == PR_GET_NAME
 read: 1
 readlinkat: 1
 readv: 1
@@ -63,6 +62,7 @@ newfstatat: 1
 getdents64: 1
 sysinfo: 1
 fstatfs: 1
+prctl: arg0 == PR_SET_NAME || arg0 == PR_GET_NAME
 
 # 0x6400 == DRM_IOCTL_BASE, 0x8000 = KBASE_IOCTL_TYPE (mali), 0x40086200 = DMA_BUF_IOCTL_SYNC, 0x40087543 == UDMABUF_CREATE_LIST
 ioctl: arg1 & 0x6400 || arg1 & 0x8000 || arg1 == 0x40086200 || arg1 == 0x40087543
diff --git a/seccomp/arm/gpu_common.policy b/seccomp/arm/gpu_common.policy
index dcc69e4de7..ed9a6c5b55 100644
--- a/seccomp/arm/gpu_common.policy
+++ b/seccomp/arm/gpu_common.policy
@@ -31,7 +31,6 @@ pipe2: 1
 poll: 1
 ppoll: 1
 ppoll_time64: 1
-prctl: arg0 == PR_SET_NAME || arg0 == PR_GET_NAME
 read: 1
 readlink: 1
 readlinkat: 1
@@ -72,6 +71,7 @@ getdents64: 1
 sysinfo: 1
 fstatfs: 1
 fstatfs64: 1
+prctl: arg0 == PR_SET_NAME || arg0 == PR_GET_NAME
 
 # 0x6400 == DRM_IOCTL_BASE, 0x8000 = KBASE_IOCTL_TYPE (mali), 0x40086200 = DMA_BUF_IOCTL_SYNC, 0x40087543 == UDMABUF_CREATE_LIST
 ioctl: arg1 & 0x6400 || arg1 & 0x8000 || arg1 == 0x40086200 || arg1 == 0x40087543
diff --git a/seccomp/x86_64/gpu_common.policy b/seccomp/x86_64/gpu_common.policy
index 411874f862..f02ed9547b 100644
--- a/seccomp/x86_64/gpu_common.policy
+++ b/seccomp/x86_64/gpu_common.policy
@@ -29,7 +29,6 @@ clock_nanosleep: 1
 pipe2: 1
 poll: 1
 ppoll: 1
-prctl: arg0 == PR_SET_NAME || arg0 == PR_GET_NAME
 read: 1
 readlink: 1
 readlinkat: 1
@@ -79,6 +78,7 @@ stat: 1
 statx: 1
 sysinfo: 1
 fstatfs: 1
+prctl: arg0 == PR_SET_NAME || arg0 == PR_GET_NAME
 
 # Required for perfetto tracing
 # fcntl: arg1 == F_SETFD || arg1 == F_GETFL || arg1 == F_SETFL (merged above)