mirror of
https://chromium.googlesource.com/crosvm/crosvm
synced 2024-12-23 19:50:24 +00:00
crosvm: add openat to seccomp
This adds openat to a seccomp policy file if open is already there. We need this because glibc 2.25 changed it system call for open(). BUG=chromium:894614 TEST=None Change-Id: Ie5b45d858e8d9ea081fd7bfda81709bda048d965 Reviewed-on: https://chromium-review.googlesource.com/1292129 Commit-Ready: Yunlian Jiang <yunlian@chromium.org> Tested-by: Yunlian Jiang <yunlian@chromium.org> Reviewed-by: Manoj Gupta <manojgupta@chromium.org>
This commit is contained in:
parent
8eceba31c0
commit
a70445aa3b
6 changed files with 6 additions and 0 deletions
|
@ -13,6 +13,7 @@ stat64: 1
|
|||
close: 1
|
||||
prctl: arg0 == PR_SET_NAME
|
||||
open: 1
|
||||
openat: 1
|
||||
fstat64: 1
|
||||
# ioctl(fd, FIOCLEX, 0) is equivalent to fcntl(fd, F_SETFD, FD_CLOEXEC).
|
||||
ioctl: arg1 == FIOCLEX
|
||||
|
|
|
@ -6,6 +6,7 @@ read: 1
|
|||
write: 1
|
||||
stat64: 1
|
||||
open: 1
|
||||
openat: 1
|
||||
close: 1
|
||||
fstat64: 1
|
||||
lstat64: 1
|
||||
|
|
|
@ -12,6 +12,7 @@ stat: 1
|
|||
lstat: 1
|
||||
close: 1
|
||||
open: 1
|
||||
openat: 1
|
||||
fstat: 1
|
||||
# ioctl(fd, FIOCLEX, 0) is equivalent to fcntl(fd, F_SETFD, FD_CLOEXEC).
|
||||
ioctl: arg1 == FIOCLEX
|
||||
|
|
|
@ -7,6 +7,7 @@ write: 1
|
|||
lstat: 1
|
||||
stat: 1
|
||||
open: 1
|
||||
openat: 1
|
||||
close: 1
|
||||
fstat: 1
|
||||
getdents: 1
|
||||
|
|
|
@ -3,6 +3,7 @@
|
|||
# found in the LICENSE file.
|
||||
|
||||
open: 1
|
||||
openat: 1
|
||||
close: 1
|
||||
sigaltstack: 1
|
||||
munmap: 1
|
||||
|
|
|
@ -39,6 +39,7 @@ madvise: 1
|
|||
memfd_create: 1
|
||||
mmap: 1
|
||||
open: 1
|
||||
openat: 1
|
||||
recvmsg: 1
|
||||
restart_syscall: 1
|
||||
rt_sigaction: 1
|
||||
|
|
Loading…
Reference in a new issue