Gurchetan Singh b66d6f62dc crosvm: sandbox changes for udmabuf ... Allow: - UDMABUF_CREATE_LIST -- needed to create udmabuf - DMA_BUF_IOCTL_SYNC -- to flush the udmabuf. virtio-wl already allows this everywhere so this should be fine. Also add the path to minijail. BUG=chromium:892806, b:173630595 TEST=no sandbox violations Change-Id: I70ace6ef0349c4b133615eb41f9f56ccd7121e4b Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2786287 Tested-by: kokoro <noreply+kokoro@google.com> Tested-by: Gurchetan Singh <gurchetansingh@chromium.org> Commit-Queue: Gurchetan Singh <gurchetansingh@chromium.org> Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>		2021-03-30 16:42:00 +00:00
..
9p_device.policy	seccomp: 9p: Allow fchown and fchmod	2021-03-24 18:59:02 +00:00
balloon_device.policy	devices: Use async from balloon	2021-02-12 18:27:45 +00:00
battery.policy
block_device.policy	block_device.policy: Add arm time64 variants	2021-03-19 01:40:03 +00:00
common_device.policy	crosvm: add more time syscalls to policies	2021-03-20 13:40:00 +00:00
cras_audio_device.policy	crosvm: add more time syscalls to policies	2021-03-20 13:40:00 +00:00
fs_device.policy	fs: Don't drop caps when changing UID	2021-03-12 04:11:58 +00:00
gpu_device.policy	crosvm: sandbox changes for udmabuf	2021-03-30 16:42:00 +00:00
input_device.policy
net_device.policy
null_audio_device.policy	crosvm: add more time syscalls to policies	2021-03-20 13:40:00 +00:00
pmem_device.policy
rng_device.policy
serial.policy
tpm_device.policy	crosvm: add more time syscalls to policies	2021-03-20 13:40:00 +00:00
vhost_net_device.policy
vhost_vsock_device.policy
video_device.policy	crosvm: add more time syscalls to policies	2021-03-20 13:40:00 +00:00
vios_audio_device.policy	crosvm: add more time syscalls to policies	2021-03-20 13:40:00 +00:00
wl_device.policy
xhci.policy	crosvm: add more time syscalls to policies	2021-03-20 13:40:00 +00:00