mirror of
https://chromium.googlesource.com/crosvm/crosvm
synced 2024-10-25 05:35:41 +00:00
2494ddefb1
Signal to the OS that we want these writes committed all the way to disk. Replace an existing call to flush as that's not sufficient. Change-Id: I9df9e55d2182e283e15eebc02a54c1ce08434f42 Signed-off-by: Dylan Reid <dgreid@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/1060696 Reviewed-by: Zach Reizner <zachr@chromium.org>
40 lines
808 B
Text
40 lines
808 B
Text
# Copyright 2017 The Chromium OS Authors. All rights reserved.
|
|
# Use of this source code is governed by a BSD-style license that can be
|
|
# found in the LICENSE file.
|
|
|
|
close: 1
|
|
dup: 1
|
|
dup2: 1
|
|
exit_group: 1
|
|
fdatasync: 1
|
|
fstat: 1
|
|
fsync: 1
|
|
ftruncate: 1
|
|
futex: 1
|
|
lseek: 1
|
|
# Disallow mmap with PROT_EXEC set. The syntax here doesn't allow bit
|
|
# negation, thus the manually negated mask constant.
|
|
mmap: arg2 in 0xfffffffb
|
|
mprotect: arg2 in 0xfffffffb
|
|
# Allow MADV_DONTDUMP only.
|
|
madvise: arg2 == 0x00000010
|
|
munmap: 1
|
|
read: 1
|
|
recvfrom: 1
|
|
sched_getaffinity: 1
|
|
set_robust_list: 1
|
|
sigaltstack: 1
|
|
# Disallow clone's other than new threads.
|
|
clone: arg0 & 0x00010000
|
|
write: 1
|
|
eventfd2: 1
|
|
poll: 1
|
|
ppoll: 1
|
|
getpid: 1
|
|
# Allow PR_SET_NAME only.
|
|
prctl: arg0 == 15
|
|
restart_syscall: 1
|
|
epoll_create1: 1
|
|
epoll_ctl: 1
|
|
epoll_wait: 1
|