mirror of
https://chromium.googlesource.com/crosvm/crosvm
synced 2024-10-25 21:39:48 +00:00
b0ac00745a
Add x86_64 and arm seccomp policy files for the virtio-fs device. BUG=b:136128319 TEST=Run a vm with a sandboxed virtio-fs device Change-Id: I8ea7c5d3e90696077f0c2b1f942cb286a0b36cf4 Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/1916559 Reviewed-by: Dylan Reid <dgreid@chromium.org> Reviewed-by: Stephen Barber <smbarber@chromium.org> Tested-by: kokoro <noreply+kokoro@google.com> Commit-Queue: Chirantan Ekbote <chirantan@chromium.org>
32 lines
523 B
Text
32 lines
523 B
Text
# Copyright 2019 The Chromium OS Authors. All rights reserved.
|
|
# Use of this source code is governed by a BSD-style license that can be
|
|
# found in the LICENSE file.
|
|
|
|
openat: 1
|
|
|
|
@include /usr/share/policy/crosvm/common_device.policy
|
|
|
|
fchmodat: 1
|
|
fchownat: 1
|
|
fgetxattr: 1
|
|
fsetxattr: 1
|
|
fstatat64: 1
|
|
fstatfs64: 1
|
|
ftruncate64: 1
|
|
getdents64: 1
|
|
getegid: 1
|
|
geteuid: 1
|
|
linkat: 1
|
|
_llseek: 1
|
|
mkdirat: 1
|
|
mknodat: 1
|
|
preadv: 1
|
|
pwritev: 1
|
|
readlinkat: 1
|
|
renameat2: 1
|
|
setresgid: 1
|
|
setresuid: 1
|
|
symlinkat: 1
|
|
umask: 1
|
|
unlinkat: 1
|
|
utimensat: 1 |