mirror of
https://chromium.googlesource.com/crosvm/crosvm
synced 2025-02-09 03:57:24 +00:00
tests: plugin: add clone3 and rseq to seccomp policy
These syscalls are used by the plugin test child process on newer glibc and kernel versions. Without them, the plugin tests fail because the child processes die with SIGSYS. BUG=None TEST=tools/dev_container tools/presubmit --all Change-Id: Id56831cf146e1e0f24f700744d6db902133ecc62 Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/4034381 Reviewed-by: Zihan Chen <zihanchen@google.com> Commit-Queue: Daniel Verkamp <dverkamp@chromium.org>
This commit is contained in:
Daniel Verkamp
crosvm LUCI
parent
fcbe42bb31
commit
8d70c18b16
1 changed files with 2 additions and 0 deletions
|
|
@ -19,6 +19,7 @@ set_robust_list: 1
|
||||||
sigaltstack: 1
|
sigaltstack: 1
|
||||||
# Disallow clone's other than new threads.
|
# Disallow clone's other than new threads.
|
||||||
clone: arg0 & 0x00010000
|
clone: arg0 & 0x00010000
|
||||||
|
clone3: 1
|
||||||
write: 1
|
write: 1
|
||||||
eventfd2: 1
|
eventfd2: 1
|
||||||
poll: 1
|
poll: 1
|
||||||
|
|
@ -26,6 +27,7 @@ getpid: 1
|
||||||
getppid: 1
|
getppid: 1
|
||||||
# Allow PR_SET_NAME only.
|
# Allow PR_SET_NAME only.
|
||||||
prctl: arg0 == 15
|
prctl: arg0 == 15
|
||||||
|
rseq: 1
|
||||||
access: 1
|
access: 1
|
||||||
arch_prctl: 1
|
arch_prctl: 1
|
||||||
brk: 1
|
brk: 1
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue