summary refs log tree commit diff
path: root/seccomp
diff options
context:
space:
mode:
authorZach Reizner <zachr@google.com>2018-07-20 16:47:21 -0700
committerchrome-bot <chrome-bot@chromium.org>2018-07-23 21:04:37 -0700
commit98ca995c395905a6fe9d9d6394399d5336ef2608 (patch)
tree464501f5e0f7c3aa177006042458b1ef4afee832 /seccomp
parentcd2d4fe45e3e7ecc635eff2107f5b875bcd8504b (diff)
downloadcrosvm-98ca995c395905a6fe9d9d6394399d5336ef2608.tar
crosvm-98ca995c395905a6fe9d9d6394399d5336ef2608.tar.gz
crosvm-98ca995c395905a6fe9d9d6394399d5336ef2608.tar.bz2
crosvm-98ca995c395905a6fe9d9d6394399d5336ef2608.tar.lz
crosvm-98ca995c395905a6fe9d9d6394399d5336ef2608.tar.xz
crosvm-98ca995c395905a6fe9d9d6394399d5336ef2608.tar.zst
crosvm-98ca995c395905a6fe9d9d6394399d5336ef2608.zip
wl: add pipe2 and fcntl64 to wl_device.policy
These syscalls were added to the x86 policy when vfd pipe support was
added, but they were never added to the arm version, for whatever
reason. This is needed to keep crosvm from getting killed by SIGSYS
whenver the user copies to or from guest applications.

BUG=chromium:864218
TEST=on kevin, copy/paste to/from gedit

Change-Id: Ibe385d50e367c362e911badd640bab2c98e07030
Reviewed-on: https://chromium-review.googlesource.com/1145876
Commit-Ready: Zach Reizner <zachr@chromium.org>
Tested-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Stephen Barber <smbarber@chromium.org>
Reviewed-by: Zach Reizner <zachr@chromium.org>
Diffstat (limited to 'seccomp')
-rw-r--r--seccomp/aarch64/wl_device.policy3
1 files changed, 3 insertions, 0 deletions
diff --git a/seccomp/aarch64/wl_device.policy b/seccomp/aarch64/wl_device.policy
index 52bf028..7d0c7cb 100644
--- a/seccomp/aarch64/wl_device.policy
+++ b/seccomp/aarch64/wl_device.policy
@@ -45,6 +45,9 @@ _llseek: 1
 # Allow PR_SET_NAME only.
 prctl: arg0 == 15
 restart_syscall: 1
+# Allow F_GETFL only
+fcntl64: arg1 == 3
+pipe2: 1
 epoll_create1: 1
 epoll_ctl: 1
 epoll_wait: 1
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-05-17 16:44:16 +0000