From 61061027b71cdd47a3dc49515dd1b99ccf25bb4e Mon Sep 17 00:00:00 2001 From: "Jorge E. Moreira" Date: Thu, 27 Oct 2022 13:26:08 -0700 Subject: [PATCH] Add clone3 to virtio-gpu device policy too BUG=b:255994640 TEST=built and run on android Change-Id: I9109d227b4869096b0177c2ee7939ddc4c4e6c42 Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/3988330 Reviewed-by: Alexandre Courbot Commit-Queue: Jorge Moreira Broche Reviewed-by: Steven Moreland --- seccomp/aarch64/gpu_common.policy | 1 + seccomp/arm/gpu_common.policy | 1 + seccomp/x86_64/gpu_common.policy | 1 + 3 files changed, 3 insertions(+) diff --git a/seccomp/aarch64/gpu_common.policy b/seccomp/aarch64/gpu_common.policy index 000f7ace58..6526aa2b9d 100644 --- a/seccomp/aarch64/gpu_common.policy +++ b/seccomp/aarch64/gpu_common.policy @@ -6,6 +6,7 @@ # for gpu. brk: 1 clock_gettime: 1 +clone3: 1 close: 1 dup3: 1 dup: 1 diff --git a/seccomp/arm/gpu_common.policy b/seccomp/arm/gpu_common.policy index bc228af4b1..10745cd481 100644 --- a/seccomp/arm/gpu_common.policy +++ b/seccomp/arm/gpu_common.policy @@ -5,6 +5,7 @@ # Rules from common_device.policy with some rules removed because they block certain flags needed # for gpu. brk: 1 +clone3: 1 close: 1 dup2: 1 dup: 1 diff --git a/seccomp/x86_64/gpu_common.policy b/seccomp/x86_64/gpu_common.policy index 081db85a5b..28d4040363 100644 --- a/seccomp/x86_64/gpu_common.policy +++ b/seccomp/x86_64/gpu_common.policy @@ -6,6 +6,7 @@ # for gpu. brk: 1 clock_gettime: 1 +clone3: 1 close: 1 dup2: 1 dup: 1