mirrors/crosvm
1
0
Fork 0
mirror of https://chromium.googlesource.com/crosvm/crosvm synced 2024-10-24 13:12:57 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
crosvm/seccomp/x86_64/xhci.policy
Daniel Verkamp 6a7fdb4510 seccomp: add getcwd and readlink to common policy for panic 
The panic handler uses getcwd and readlink to print out the executable
name in the backtrace. Allow these for all devices so that panics
actually work instead of crashing the process.

BUG=None
TEST=intentionally panic crosvm on kevin and check /var/log/messages

Change-Id: If64a752a6f0b1f2f6bdd6663ce77078305f38171
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/3309201
Reviewed-by: Dennis Kempin <denniskempin@google.com>
Reviewed-by: Chirantan Ekbote <chirantan@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Commit-Queue: Daniel Verkamp <dverkamp@chromium.org>
2021-12-02 23:18:03 +00:00

44 lines
1.3 KiB
Text
Raw Blame History

# Copyright 2018 The Chromium OS Authors. All rights reserved.
# Use of this source code is governed by a BSD-style license that can be
# found in the LICENSE file.
@include /usr/share/policy/crosvm/common_device.policy
lstat: 1
timerfd_create: 1
name_to_handle_at: 1
access: 1
faccessat: 1
faccessat2: 1
getsockname: 1
pipe: 1
setsockopt: 1
bind: 1
open: return ENOENT
openat: 1
socket: arg0 == AF_NETLINK
stat: 1
# The following ioctls are:
# 0x4008550d == USBDEVFS_REAPURBNDELAY
# 0x41045508 == USBDEVFS_GETDRIVER
# 0x550b == USBDEVFS_DISCARDURB
# 0x8004550f == USBDEVFS_CLAIMINTERFACE
# 0x80045510 == USBDEVFS_RELEASEINTERFACE
# 0x80045515 == USBDEVFS_CLEAR_HALT
# 0x8004551a == USBDEVFS_GET_CAPABILITIES
# 0x8038550a == USBDEVFS_SUBMITURB
# 0xc0185500 == USBDEVFS_CONTROL
# 0x5514 == USBDEVFS_RESET
# 0x80045505 == USBDEVFS_SETCONFIGURATION
# 0x8108551b == USBDEVFS_DISCONNECT_CLAIM
# 0x40085511 == USBDEVFS_CONNECTINFO
# 0x80185520 == USBDEVFS_CONNINFO_EX
ioctl: arg1 == 0xc0185500 || arg1 == 0x41045508 || arg1 == 0x8004550f || arg1 == 0x4008550d || arg1 == 0x8004551a || arg1 == 0x550b || arg1 == 0x80045510 || arg1 == 0x80045515 || arg1 == 0x8038550a || arg1 == 0x5514 || arg1 == 0x80045505 || arg1 == 0x8108551b || arg1 == 0x40085511 || arg1 == 0x80185520
fstat: 1
newfstatat: 1
getrandom: 1
getdents: 1
getdents64: 1
lseek: 1
prctl: arg0 == PR_SET_NAME
Reference in a new issue View git blame Copy permalink