diff options
author | Alyssa Ross <hi@alyssa.is> | 2020-06-05 23:47:57 +0000 |
---|---|---|
committer | Alyssa Ross <hi@alyssa.is> | 2020-06-14 11:24:27 +0000 |
commit | 1e318da5b57c12f67bed3b528100dbe4ec287ac5 (patch) | |
tree | 2c5b2e2011796a9e71fbc5adcf1a85b33b04051c /seccomp/x86_64 | |
parent | 28d9682698d287d14cbe67a0ed7acc1427add320 (diff) | |
download | crosvm-1e318da5b57c12f67bed3b528100dbe4ec287ac5.tar crosvm-1e318da5b57c12f67bed3b528100dbe4ec287ac5.tar.gz crosvm-1e318da5b57c12f67bed3b528100dbe4ec287ac5.tar.bz2 crosvm-1e318da5b57c12f67bed3b528100dbe4ec287ac5.tar.lz crosvm-1e318da5b57c12f67bed3b528100dbe4ec287ac5.tar.xz crosvm-1e318da5b57c12f67bed3b528100dbe4ec287ac5.tar.zst crosvm-1e318da5b57c12f67bed3b528100dbe4ec287ac5.zip |
seccomp: allow getdents64 if getdents is allowed
This fixes a crash where crosvm would crash if run on x86_64 with --shared-dir when running ls in the shared directory. I suspect whether getdents or getdents64 is used depends on the host libc, so allow both of them. I suspect upstream's libc uses getdents, and that's why they haven't fixed the problem. Message-Id: <20200605234757.28848-1-hi@alyssa.is>
Diffstat (limited to 'seccomp/x86_64')
-rw-r--r-- | seccomp/x86_64/9p_device.policy | 1 | ||||
-rw-r--r-- | seccomp/x86_64/gpu_device.policy | 1 | ||||
-rw-r--r-- | seccomp/x86_64/xhci.policy | 1 |
3 files changed, 3 insertions, 0 deletions
diff --git a/seccomp/x86_64/9p_device.policy b/seccomp/x86_64/9p_device.policy index 114ea11..271d244 100644 --- a/seccomp/x86_64/9p_device.policy +++ b/seccomp/x86_64/9p_device.policy @@ -18,6 +18,7 @@ unlink: 1 rename: 1 pread64: 1 getdents: 1 +getdents64: 1 mkdir: 1 rmdir: 1 fsync: 1 diff --git a/seccomp/x86_64/gpu_device.policy b/seccomp/x86_64/gpu_device.policy index 331fc49..99d2a8d 100644 --- a/seccomp/x86_64/gpu_device.policy +++ b/seccomp/x86_64/gpu_device.policy @@ -52,6 +52,7 @@ fstat: 1 # Used to set of size new memfd. ftruncate: 1 getdents: 1 +getdents64: 1 geteuid: 1 getrandom: 1 getuid: 1 diff --git a/seccomp/x86_64/xhci.policy b/seccomp/x86_64/xhci.policy index 4b4fc3d..3448ce2 100644 --- a/seccomp/x86_64/xhci.policy +++ b/seccomp/x86_64/xhci.policy @@ -38,4 +38,5 @@ ioctl: arg1 == 0xc0185500 || arg1 == 0x41045508 || arg1 == 0x8004550f || arg1 == fstat: 1 getrandom: 1 getdents: 1 +getdents64: 1 lseek: 1 |