From 100e6e48ad292406fb6f0a7eeb85465850bc28c7 Mon Sep 17 00:00:00 2001
From: Jingkui Wang <jkwang@google.com>
Date: Fri, 8 Mar 2019 20:41:57 -0800
Subject: implement xhci and add it to pci bus

Implement xhci controller, setup seccomp filters and add xhci to pci
bus.

CQ-DEPEND=CL:1512761
BUG=chromium:831850
TEST=local build
Change-Id: I5c05452ece66e99d3a670e259e095fca616e835d
Reviewed-on: https://chromium-review.googlesource.com/1512762
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Tested-by: Jingkui Wang <jkwang@google.com>
Reviewed-by: Jingkui Wang <jkwang@google.com>
---
 seccomp/arm/xhci.policy    | 40 ++++++++++++++++++++++++++++++++++++++++
 seccomp/x86_64/xhci.policy | 38 ++++++++++++++++++++++++++++++++++++++
 2 files changed, 78 insertions(+)
 create mode 100644 seccomp/arm/xhci.policy
 create mode 100644 seccomp/x86_64/xhci.policy

(limited to 'seccomp')

diff --git a/seccomp/arm/xhci.policy b/seccomp/arm/xhci.policy
new file mode 100644
index 0000000..0c69bc0
--- /dev/null
+++ b/seccomp/arm/xhci.policy
@@ -0,0 +1,40 @@
+# Copyright 2018 The Chromium OS Authors. All rights reserved.
+# Use of this source code is governed by a BSD-style license that can be
+# found in the LICENSE file.
+
+openat: 1
+@include /usr/share/policy/crosvm/common_device.policy
+
+stat64: 1
+fcntl64: 1
+lstat64: 1
+readlinkat: 1
+getdents64: 1
+getrandom: 1
+name_to_handle_at: 1
+access: 1
+gettid: 1
+clock_gettime: 1
+timerfd_create: 1
+getsockname: 1
+pipe: 1
+setsockopt: 1
+bind: 1
+fcntl: 1
+socket: arg0 == AF_NETLINK
+stat: 1
+uname: 1
+# The following ioctls are:
+# 0x4004550d == USBDEVFS_REAPURBNDELAY32
+# 0x550b     == USBDEVFS_DISCARDURB
+# 0x8004550f == USBDEVFS_CLAIMINTERFACE
+# 0x80045510 == USBDEVFS_RELEASEINTERFACE
+# 0x8004551a == USBDEVFS_GET_CAPABILITIES
+# 0x802c550a == USBDEVFS_SUBMITURB
+# 0xc0105500 == USBDEVFS_CONTROL
+ioctl: arg1 == 0xc0105500 || arg1 == 0x802c550a || arg1 == 0x8004551a || arg1 == 0x4004550d || arg1 == 0x8004550f || arg1 == 0x80045510 || arg1 == 0x550b
+fstat: 1
+sigaltstack: 1
+recvmsg: 1
+getrandom: 1
+getdents: 1
diff --git a/seccomp/x86_64/xhci.policy b/seccomp/x86_64/xhci.policy
new file mode 100644
index 0000000..0f133d9
--- /dev/null
+++ b/seccomp/x86_64/xhci.policy
@@ -0,0 +1,38 @@
+# Copyright 2018 The Chromium OS Authors. All rights reserved.
+# Use of this source code is governed by a BSD-style license that can be
+# found in the LICENSE file.
+
+# xhci need "openat" to enumerate device. "openat" is disabled in comman_device policy.
+openat: 1
+@include /usr/share/policy/crosvm/common_device.policy
+
+lstat: 1
+gettid: 1
+readlinkat: 1
+timerfd_create: 1
+name_to_handle_at: 1
+access: 1
+timerfd_create: 1
+getsockname: 1
+pipe: 1
+setsockopt: 1
+bind: 1
+fcntl: 1
+socket: arg0 == AF_NETLINK
+stat: 1
+uname: 1
+# The following ioctls are:
+# 0x4008550d == USBDEVFS_REAPURBNDELAY
+# 0x41045508 == USBDEVFS_GETDRIVER
+# 0x550b     == USBDEVFS_DISCARDURB
+# 0x8004550f == USBDEVFS_CLAIMINTERFACE
+# 0x80045510 == USBDEVFS_RELEASEINTERFACE
+# 0x8004551a == USBDEVFS_GET_CAPABILITIES
+# 0x8038550a == USBDEVFS_SUBMITURB
+# 0xc0185500 == USBDEVFS_CONTROL
+ioctl: arg1 == 0xc0185500 || arg1 == 0x41045508 || arg1 == 0x8004550f || arg1 == 0x4008550d || arg1 == 0x8004551a || arg1 == 0x550b || arg1 == 0x80045510 || arg1 == 0x8038550a
+fstat: 1
+sigaltstack: 1
+recvmsg: 1
+getrandom: 1
+getdents: 1
-- 
cgit 1.4.1