mirrors/crosvm
1
0
Fork 0
mirror of https://chromium.googlesource.com/crosvm/crosvm synced 2025-02-10 20:19:07 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
crosvm/seccomp/x86_64
History
David Stevens 01e2724335 devices: wl: initialize gralloc after sandboxing 
Initializing gralloc may spawn threads, so it needs to be done after
sandboxing the wl device. Initializing gralloc requires expanding the
wl device's sandbox. Rather than trying to maintain a new dedicated
minijail configuration for wl, reuse the gpu's configuration. This
should be sufficient, since virglrenderer has to open minigbm within the
sandboxed gpu process.

BUG=None
TEST=ARCVM and crostini GUI on volteer, zorc-arc-r, grunt-arc-r

Change-Id: I291fb59c665a8ba65058a6f55dee959c839bb43c
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/3787936
Commit-Queue: David Stevens <stevensd@chromium.org>
Reviewed-by: Ryan Neph <ryanneph@google.com>
Tested-by: David Stevens <stevensd@chromium.org>
2022-07-27 01:54:48 +00:00
..
9p_device.policy Specify prctl's policy only once per device 2021-04-20 22:50:20 +00:00
balloon_device.policy Specify prctl's policy only once per device 2021-04-20 22:50:20 +00:00
battery.policy seccomp: add getcwd and readlink to common policy for panic 2021-12-02 23:18:03 +00:00
block_device.policy seccomp: allow newfstatat in more amd64/arm64 policies 2021-10-01 17:09:16 +00:00
coiommu_device.policy seccomp: define naming rules for policy files 2022-06-17 04:35:09 +00:00
common_device.frequency seccomp: add frequency file to x86_64 2020-03-19 07:24:56 +00:00
common_device.policy seccomp: add rseq to x86_64 common_device.policy 2022-07-15 20:55:46 +00:00
cras_audio_device.policy Remove madvise from *_audio_device.policy. 2022-06-22 23:08:02 +00:00
fs_device.policy seccomp: add getcwd and readlink to common policy for panic 2021-12-02 23:18:03 +00:00
gpu_common.policy Revert "seccomp: allow rseq syscall" 2022-07-15 20:45:46 +00:00
gpu_device.policy gpu: allow syslog from the render server 2021-12-14 16:54:22 +00:00
gpu_render_server.policy gpu_render_server: allow syslog and signalfd again 2021-12-22 06:01:25 +00:00
input_device.policy Specify prctl's policy only once per device 2021-04-20 22:50:20 +00:00
iommu_device.policy devices: virtio: iommu: enable virtio IOMMU driver 2021-07-09 05:49:26 +00:00
net_device.policy Specify prctl's policy only once per device 2021-04-20 22:50:20 +00:00
null_audio_device.policy Remove madvise from *_audio_device.policy. 2022-06-22 23:08:02 +00:00
pmem_device.policy Specify prctl's policy only once per device 2021-04-20 22:50:20 +00:00
rng_device.policy devices: Update rng devices to be platform agnostic 2022-05-25 01:35:13 +00:00
serial.policy seccomp: define naming rules for policy files 2022-06-17 04:35:09 +00:00
serial_device.policy seccomp: define naming rules for policy files 2022-06-17 04:35:09 +00:00
snd_cras_device.policy audio: Support null backend for VirtioSnd 2022-07-14 13:44:57 +00:00
snd_null_device.policy audio: Support null backend for VirtioSnd 2022-07-14 13:44:57 +00:00
tpm_device.policy seccomp: use common_device.policy in tpm_device.policy 2022-02-23 19:23:31 +00:00
vfio_device.policy seccomp: add getcwd and readlink to common policy for panic 2021-12-02 23:18:03 +00:00
vhost_net_device.policy Specify prctl's policy only once per device 2021-04-20 22:50:20 +00:00
vhost_vsock_device.policy Specify prctl's policy only once per device 2021-04-20 22:50:20 +00:00
video_device.policy seccomp: add rseq to all policy files 2022-07-14 22:45:21 +00:00
vios_audio_device.policy seccomp: allow clock_gettime in all devices 2022-02-22 23:15:48 +00:00
vtpm_proxy_device.policy Add vtpm_proxy into crosvm 2022-06-20 03:41:33 +00:00
vvu_proxy_device.policy crosvm: vvu: proxy: Implement instantiating a VVU proxy device 2022-01-14 04:21:21 +00:00
wl_device.policy devices: wl: initialize gralloc after sandboxing 2022-07-27 01:54:48 +00:00
xhci_device.policy seccomp: define naming rules for policy files 2022-06-17 04:35:09 +00:00