mirror of
https://chromium.googlesource.com/crosvm/crosvm
synced 2025-02-06 10:32:10 +00:00
6a7fdb4510
The panic handler uses getcwd and readlink to print out the executable name in the backtrace. Allow these for all devices so that panics actually work instead of crashing the process. BUG=None TEST=intentionally panic crosvm on kevin and check /var/log/messages Change-Id: If64a752a6f0b1f2f6bdd6663ce77078305f38171 Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/3309201 Reviewed-by: Dennis Kempin <denniskempin@google.com> Reviewed-by: Chirantan Ekbote <chirantan@chromium.org> Tested-by: kokoro <noreply+kokoro@google.com> Commit-Queue: Daniel Verkamp <dverkamp@chromium.org>
105 lines
2.3 KiB
Text
105 lines
2.3 KiB
Text
# Copyright 2018 The Chromium OS Authors. All rights reserved.
|
|
# Use of this source code is governed by a BSD-style license that can be
|
|
# found in the LICENSE file.
|
|
|
|
# Rules from common_device.policy with some rules removed because they block certain flags needed
|
|
# for gpu.
|
|
brk: 1
|
|
clock_gettime: 1
|
|
clone: arg0 & CLONE_THREAD
|
|
close: 1
|
|
dup2: 1
|
|
dup: 1
|
|
epoll_create1: 1
|
|
epoll_ctl: 1
|
|
epoll_wait: 1
|
|
eventfd2: 1
|
|
exit: 1
|
|
exit_group: 1
|
|
futex: 1
|
|
getcwd: 1
|
|
getpid: 1
|
|
gettid: 1
|
|
gettimeofday: 1
|
|
kill: 1
|
|
madvise: arg2 == MADV_DONTNEED || arg2 == MADV_DONTDUMP || arg2 == MADV_REMOVE
|
|
mremap: 1
|
|
munmap: 1
|
|
nanosleep: 1
|
|
clock_nanosleep: 1
|
|
pipe2: 1
|
|
poll: 1
|
|
ppoll: 1
|
|
prctl: arg0 == PR_SET_NAME || arg0 == PR_GET_NAME
|
|
read: 1
|
|
readlink: 1
|
|
readlinkat: 1
|
|
readv: 1
|
|
recvfrom: 1
|
|
recvmsg: 1
|
|
restart_syscall: 1
|
|
rt_sigaction: 1
|
|
rt_sigprocmask: 1
|
|
rt_sigreturn: 1
|
|
sched_getaffinity: 1
|
|
sched_yield: 1
|
|
sendmsg: 1
|
|
sendto: 1
|
|
set_robust_list: 1
|
|
sigaltstack: 1
|
|
write: 1
|
|
writev: 1
|
|
uname: 1
|
|
|
|
# Rules specific to gpu
|
|
connect: 1
|
|
fcntl: arg1 == F_DUPFD_CLOEXEC || arg1 == F_SETFD || arg1 == F_GETFL || \
|
|
arg1 == F_SETFL
|
|
fstat: 1
|
|
# Used to set of size new memfd.
|
|
ftruncate: 1
|
|
getdents: 1
|
|
getdents64: 1
|
|
geteuid: 1
|
|
getrandom: 1
|
|
getuid: 1
|
|
# 0x40086200 = DMA_BUF_IOCTL_SYNC, 0x6400 == DRM_IOCTL_BASE, 0x40087543 == UDMABUF_CREATE_LIST
|
|
ioctl: arg1 == FIONBIO || arg1 == FIOCLEX || arg1 == 0x40086200 || arg1 & 0x6400 || arg1 == 0x40087543
|
|
lseek: 1
|
|
lstat: 1
|
|
# Used for sharing memory with wayland. Also internally by Intel anv.
|
|
# arg1 == MFD_CLOEXEC|MFD_ALLOW_SEALING or simply MFD_CLOEXEC.
|
|
memfd_create: arg1 == 3 || arg1 == 1
|
|
# mmap/mprotect/open/openat differ from the common_device.policy
|
|
mmap: arg2 == PROT_READ|PROT_WRITE || arg2 == PROT_NONE || arg2 == PROT_READ|PROT_EXEC || arg2 == PROT_WRITE || arg2 == PROT_READ
|
|
mprotect: arg2 == PROT_READ|PROT_WRITE || arg2 == PROT_NONE || arg2 == PROT_READ
|
|
open: 1
|
|
openat: 1
|
|
socket: arg0 == 1 && arg1 == 0x80001 && arg2 == 0
|
|
stat: 1
|
|
statx: 1
|
|
sysinfo: 1
|
|
fstatfs: 1
|
|
|
|
# Required for perfetto tracing
|
|
# fcntl: arg1 == F_SETFD || arg1 == F_GETFL || arg1 == F_SETFL (merged above)
|
|
getsockopt: 1
|
|
shutdown: 1
|
|
|
|
# Rules for Mesa's shader binary cache.
|
|
flock: 1
|
|
mkdir: 1
|
|
newfstatat: 1
|
|
rename: 1
|
|
setpriority: 1
|
|
unlink: 1
|
|
|
|
# Rules specific to AMD gpus.
|
|
sched_setscheduler: 1
|
|
sched_setaffinity: 1
|
|
kcmp: 1
|
|
|
|
# Rules for Vulkan loader / layers
|
|
access: 1
|
|
getgid: 1
|
|
getegid: 1
|