crosvm/seccomp/x86_64/gpu_render_server.policy

# Copyright 2021 The Chromium OS Authors. All rights reserved.
# Use of this source code is governed by a BSD-style license that can be
# found in the LICENSE file.

@include /usr/share/policy/crosvm/gpu_common.policy

# allow fork() and waitid()
clone: 1
waitid: 1

# allow SOCK_STREAM and SOCK_DGRAM (syslog)
socket: arg0 == AF_UNIX && arg2 == 0

# allow socketpair(AF_UNIX, SOCK_SEQPACKET | SOCK_CLOEXEC)
socketpair: arg0 == AF_UNIX && arg1 == SOCK_SEQPACKET|SOCK_CLOEXEC && arg2 == 0

# allow signalfd()
signalfd4: 1