seccomp: add memfd_create to arm gpu_device.policy

BUG=chromium:1031360 TEST=graphics.CrostiniTraceGlxgears Change-Id: I9b416a4a50b7747a0914b33d719f2459c499f71d Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/1954219 Tested-by: kokoro <noreply+kokoro@google.com> Tested-by: Stephen Barber <smbarber@chromium.org> Reviewed-by: David Riley <davidriley@chromium.org> Reviewed-by: Gurchetan Singh <gurchetansingh@chromium.org> Commit-Queue: Stephen Barber <smbarber@chromium.org>
author: Stephen Barber <smbarber@chromium.org> 2019-12-05 17:31:30 -0800
committer: Commit Bot <commit-bot@chromium.org> 2019-12-06 09:35:33 +0000
commit: bbc866e7deea7193c3ed1becbe9c5e617ca79df4 (patch)
tree: 7950d12408c21c1ef58dc37c9882c790a5d29dff /seccomp
parent: 85abeff27f6256725621c4db749d4401078236d8 (diff)
download: crosvm-bbc866e7deea7193c3ed1becbe9c5e617ca79df4.tar
crosvm-bbc866e7deea7193c3ed1becbe9c5e617ca79df4.tar.gz
crosvm-bbc866e7deea7193c3ed1becbe9c5e617ca79df4.tar.bz2
crosvm-bbc866e7deea7193c3ed1becbe9c5e617ca79df4.tar.lz
crosvm-bbc866e7deea7193c3ed1becbe9c5e617ca79df4.tar.xz
crosvm-bbc866e7deea7193c3ed1becbe9c5e617ca79df4.tar.zst
crosvm-bbc866e7deea7193c3ed1becbe9c5e617ca79df4.zip
1 files changed, 3 insertions, 0 deletions
diff --git a/seccomp/arm/gpu_device.policy b/seccomp/arm/gpu_device.policy
index fd1e4d7..f177775 100644
--- a/seccomp/arm/gpu_device.policy
+++ b/seccomp/arm/gpu_device.policy
@@ -59,6 +59,9 @@ getdents64: 1
 # 0x6400 == DRM_IOCTL_BASE, 0x8000 = KBASE_IOCTL_TYPE (mali)
 ioctl: arg1 & 0x6400 || arg1 & 0x8000
 
+# Used for sharing memory with wayland. arg1 == MFD_CLOEXEC|MFD_ALLOW_SEALING
+memfd_create: arg1 == 3
+
 ## mmap/mprotect/openat differ from the common_device.policy
 mmap2: arg2 == PROT_READ|PROT_WRITE || arg2 == PROT_NONE || arg2 == PROT_READ|PROT_EXEC || arg2 == PROT_WRITE || arg2 == PROT_READ
 mprotect: arg2 == PROT_READ|PROT_WRITE || arg2 == PROT_NONE || arg2 == PROT_READ
author	Stephen Barber <smbarber@chromium.org>	2019-12-05 17:31:30 -0800
committer	Commit Bot <commit-bot@chromium.org>	2019-12-06 09:35:33 +0000
commit	bbc866e7deea7193c3ed1becbe9c5e617ca79df4 (patch)
tree	7950d12408c21c1ef58dc37c9882c790a5d29dff /seccomp
parent	85abeff27f6256725621c4db749d4401078236d8 (diff)
download	crosvm-bbc866e7deea7193c3ed1becbe9c5e617ca79df4.tar crosvm-bbc866e7deea7193c3ed1becbe9c5e617ca79df4.tar.gz crosvm-bbc866e7deea7193c3ed1becbe9c5e617ca79df4.tar.bz2 crosvm-bbc866e7deea7193c3ed1becbe9c5e617ca79df4.tar.lz crosvm-bbc866e7deea7193c3ed1becbe9c5e617ca79df4.tar.xz crosvm-bbc866e7deea7193c3ed1becbe9c5e617ca79df4.tar.zst crosvm-bbc866e7deea7193c3ed1becbe9c5e617ca79df4.zip