3 files changed, 8 insertions, 0 deletions

diff --git a/seccomp/aarch64/fs_device.policy b/seccomp/aarch64/fs_device.policy
index 7bf794a..adeb9b6 100644
--- a/seccomp/aarch64/fs_device.policy
+++ b/seccomp/aarch64/fs_device.policy
@@ -6,7 +6,9 @@
 
 copy_file_range: 1
 fallocate: 1
+fchmod: 1
 fchmodat: 1
+fchown: 1
 fchownat: 1
 fdatasync: 1
 lgetxattr: 1
diff --git a/seccomp/arm/fs_device.policy b/seccomp/arm/fs_device.policy
index 661883a..5290afa 100644
--- a/seccomp/arm/fs_device.policy
+++ b/seccomp/arm/fs_device.policy
@@ -6,7 +6,9 @@
 
 copy_file_range: 1
 fallocate: 1
+fchmod: 1
 fchmodat: 1
+fchown32: 1
 fchownat: 1
 fdatasync: 1
 lgetxattr: 1
@@ -23,6 +25,7 @@ geteuid32: 1
 ioctl: arg1 == FS_IOC_GET_ENCRYPTION_POLICY || arg1 == FS_IOC_SET_ENCRYPTION_POLICY
 linkat: 1
 _llseek: 1
+mkdir: 1
 mkdirat: 1
 mknodat: 1
 open: return ENOENT
diff --git a/seccomp/x86_64/fs_device.policy b/seccomp/x86_64/fs_device.policy
index 1c10601..1454770 100644
--- a/seccomp/x86_64/fs_device.policy
+++ b/seccomp/x86_64/fs_device.policy
@@ -6,7 +6,9 @@
 
 copy_file_range: 1
 fallocate: 1
+fchmod: 1
 fchmodat: 1
+fchown: 1
 fchownat: 1
 fdatasync: 1
 lgetxattr: 1
@@ -22,6 +24,7 @@ geteuid: 1
 ioctl: arg1 == FS_IOC_GET_ENCRYPTION_POLICY || arg1 == FS_IOC_SET_ENCRYPTION_POLICY
 linkat: 1
 lseek: 1
+mkdir: 1
 mkdirat: 1
 mknodat: 1
 newfstatat: 1