mirrors/crosvm
1
0
Fork 0
mirror of https://chromium.googlesource.com/crosvm/crosvm synced 2025-02-05 18:20:34 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
crosvm/seccomp/x86_64
History
Daniel Verkamp 17c782f1c1 seccomp: add rseq to all policy files 
Allow the restartable sequences system call used by glibc 2.35+.

This is an extension of commit 637402a827 ("Add rseq to the seccomp
policy file on aarch64."), which was originally reverted because the
ChromeOS kernel headers did not have the necessary declarations yet.

This depends on the rseq declarations patch to linux-headers:
https://chromium-review.googlesource.com/c/chromiumos/overlays/chromiumos-overlay/+/3749266/

BUG=b:235172163
BUG=b:235960683
TEST=Start crosvm on x86-64 Arch Linux with glibc 2.35
TEST=emerge-hatch crosvm # ensure seccomp policies compile

Reported-By: Peter Collingbourne <pcc@google.com>
Change-Id: I14e3dfd150a7c06bdafc68a88ef3f755eb7bf90c
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/3763776
Reviewed-by: Dennis Kempin <denniskempin@google.com>
Commit-Queue: Daniel Verkamp <dverkamp@chromium.org>
Tested-by: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-by: Peter Collingbourne <pcc@chromium.org>
Reviewed-by: Junichi Uekawa <uekawa@chromium.org>
2022-07-14 22:45:21 +00:00
..
9p_device.policy
balloon_device.policy
battery.policy seccomp: add getcwd and readlink to common policy for panic 2021-12-02 23:18:03 +00:00
block_device.policy
coiommu_device.policy seccomp: define naming rules for policy files 2022-06-17 04:35:09 +00:00
common_device.frequency
common_device.policy seccomp: allow clock_gettime in all devices 2022-02-22 23:15:48 +00:00
cras_audio_device.policy Remove madvise from *_audio_device.policy. 2022-06-22 23:08:02 +00:00
fs_device.policy seccomp: add getcwd and readlink to common policy for panic 2021-12-02 23:18:03 +00:00
gpu_common.policy seccomp: add rseq to all policy files 2022-07-14 22:45:21 +00:00
gpu_device.policy gpu: allow syslog from the render server 2021-12-14 16:54:22 +00:00
gpu_render_server.policy gpu_render_server: allow syslog and signalfd again 2021-12-22 06:01:25 +00:00
input_device.policy
iommu_device.policy
net_device.policy
null_audio_device.policy Remove madvise from *_audio_device.policy. 2022-06-22 23:08:02 +00:00
pmem_device.policy
rng_device.policy devices: Update rng devices to be platform agnostic 2022-05-25 01:35:13 +00:00
serial.policy seccomp: define naming rules for policy files 2022-06-17 04:35:09 +00:00
serial_device.policy seccomp: define naming rules for policy files 2022-06-17 04:35:09 +00:00
snd_cras_device.policy audio: Support null backend for VirtioSnd 2022-07-14 13:44:57 +00:00
snd_null_device.policy audio: Support null backend for VirtioSnd 2022-07-14 13:44:57 +00:00
tpm_device.policy seccomp: use common_device.policy in tpm_device.policy 2022-02-23 19:23:31 +00:00
vfio_device.policy seccomp: add getcwd and readlink to common policy for panic 2021-12-02 23:18:03 +00:00
vhost_net_device.policy
vhost_vsock_device.policy
video_device.policy seccomp: add rseq to all policy files 2022-07-14 22:45:21 +00:00
vios_audio_device.policy seccomp: allow clock_gettime in all devices 2022-02-22 23:15:48 +00:00
vtpm_proxy_device.policy Add vtpm_proxy into crosvm 2022-06-20 03:41:33 +00:00
vvu_proxy_device.policy crosvm: vvu: proxy: Implement instantiating a VVU proxy device 2022-01-14 04:21:21 +00:00
wl_device.policy wl: add support for host fences 2021-11-04 01:24:37 +00:00
xhci_device.policy seccomp: define naming rules for policy files 2022-06-17 04:35:09 +00:00