mirror of
https://chromium.googlesource.com/crosvm/crosvm
synced 2024-10-25 21:39:48 +00:00
90c50419d4
It looks like on ARM we use the real gettimeofday system call when we're outputting error messages, so we need to whitelist this to avoid crashing instead of seeing the error messages. BUG=chromium:843807 TEST=run vm_CrosVmStart and make sure there are no crashes for crosvm Change-Id: I9f47da8dabe31f0677bcaa1d431e56545e20c9c9 Reviewed-on: https://chromium-review.googlesource.com/1081390 Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com> Tested-by: Sonny Rao <sonnyrao@chromium.org> Reviewed-by: Stephen Barber <smbarber@chromium.org>
39 lines
771 B
Text
39 lines
771 B
Text
# Copyright 2018 The Chromium OS Authors. All rights reserved.
|
|
# Use of this source code is governed by a BSD-style license that can be
|
|
# found in the LICENSE file.
|
|
|
|
close: 1
|
|
dup: 1
|
|
dup2: 1
|
|
exit_group: 1
|
|
fdatasync: 1
|
|
fstat64: 1
|
|
fsync: 1
|
|
ftruncate64: 1
|
|
futex: 1
|
|
gettimeofday: 1
|
|
_llseek: 1
|
|
# Disallow mmap with PROT_EXEC set. The syntax here doesn't allow bit
|
|
# negation, thus the manually negated mask constant.
|
|
mmap2: arg2 in 0xfffffffb
|
|
mprotect: arg2 in 0xfffffffb
|
|
munmap: 1
|
|
read: 1
|
|
recv: 1
|
|
sched_getaffinity: 1
|
|
set_robust_list: 1
|
|
sigaltstack: 1
|
|
# Disallow clone's other than new threads.
|
|
clone: arg0 & 0x00010000
|
|
write: 1
|
|
eventfd2: 1
|
|
poll: 1
|
|
ppoll: 1
|
|
getpid: 1
|
|
# Allow PR_SET_NAME only.
|
|
prctl: arg0 == 15
|
|
restart_syscall: 1
|
|
epoll_create1: 1
|
|
epoll_ctl: 1
|
|
epoll_wait: 1
|