From a8adff0ff14f66570a3aa86f6106b55081526be1 Mon Sep 17 00:00:00 2001
From: Zach Reizner <zachr@google.com>
Date: Tue, 13 Aug 2019 11:20:14 -0700
Subject: devices: jail serial device

This change plumbs the jail throughout the arch specific device creation
process. It also adds a custom callback support for the ProxyDevice so
that the main process can interrupt the child serial process when it has
incoming bytes.

TEST=crosvm run
BUG=None

Change-Id: I6af7d2cb0acbba9bf42eaeeb294cee2bce4a1f36
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/1752589
Reviewed-by: Dylan Reid <dgreid@chromium.org>
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Tested-by: Zach Reizner <zachr@chromium.org>
Commit-Queue: Zach Reizner <zachr@chromium.org>
---
 seccomp/x86_64/serial.policy | 5 +++++
 1 file changed, 5 insertions(+)
 create mode 100644 seccomp/x86_64/serial.policy

(limited to 'seccomp/x86_64')

diff --git a/seccomp/x86_64/serial.policy b/seccomp/x86_64/serial.policy
new file mode 100644
index 0000000..f9e98f0
--- /dev/null
+++ b/seccomp/x86_64/serial.policy
@@ -0,0 +1,5 @@
+# Copyright 2019 The Chromium OS Authors. All rights reserved.
+# Use of this source code is governed by a BSD-style license that can be
+# found in the LICENSE file.
+
+@include /usr/share/policy/crosvm/common_device.policy
-- 
cgit 1.4.1