From a0408258e09c406324ddae0aa5c30a7b75d04e31 Mon Sep 17 00:00:00 2001
From: Daniel Verkamp <dverkamp@chromium.org>
Date: Wed, 19 Sep 2018 15:36:22 -0700
Subject: seccomp: whitelist connect for wl_device

The path to the wayland socket changed, so the previous whitelist based
on the connect() arg2 sockaddr_un size now fails.

BUG=None
TEST=Verify that release build of crosvm starts again on chromebook

Change-Id: I3c30977e7c1487b937d69e1dbce4b7fd87136978
Signed-off-by: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1234827
Reviewed-by: David Riley <davidriley@chromium.org>
Reviewed-by: Stephen Barber <smbarber@chromium.org>
Reviewed-by: Zach Reizner <zachr@chromium.org>
---
 seccomp/arm/wl_device.policy    | 2 +-
 seccomp/x86_64/wl_device.policy | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

(limited to 'seccomp')

diff --git a/seccomp/arm/wl_device.policy b/seccomp/arm/wl_device.policy
index 7d0c7cb..5f05ad9 100644
--- a/seccomp/arm/wl_device.policy
+++ b/seccomp/arm/wl_device.policy
@@ -32,7 +32,7 @@ eventfd2: 1
 socket: arg0 == 1 && arg1 == 0x80001 && arg2 == 0
 # arg1 == FIONBIO || arg1 == DMA_BUF_IOCTL_SYNC
 ioctl: arg1 == 0x5421 || arg1 == 0x40086200
-connect: arg2 == 13
+connect: 1
 # Used to communicate with wayland
 recvmsg: 1
 sendmsg: 1
diff --git a/seccomp/x86_64/wl_device.policy b/seccomp/x86_64/wl_device.policy
index cb8d6e4..bffc5ee 100644
--- a/seccomp/x86_64/wl_device.policy
+++ b/seccomp/x86_64/wl_device.policy
@@ -31,7 +31,7 @@ eventfd2: 1
 socket: arg0 == 1 && arg1 == 0x80001 && arg2 == 0
 # arg1 == FIONBIO || arg1 == DMA_BUF_IOCTL_SYNC
 ioctl: arg1 == 0x5421 || arg1 == 0x40086200
-connect: arg2 == 13
+connect: 1
 # Used to communicate with wayland
 recvmsg: 1
 sendmsg: 1
-- 
cgit 1.4.1