mirror of
https://chromium.googlesource.com/crosvm/crosvm
synced 2024-11-28 17:44:10 +00:00
cb3749e632
Recent builds (starting R100.14501.0.0) crash when attaching a USB device to the Linux VM due to calling the statx syscall, which was missing from the seccomp policy. stat was already allowed, so add statx as well to prevent the crash. The change is likely due to the upgrade of the Rust toolchain in the Chrome OS SDK (https://crrev.com/c/3439725), which landed in this build. This was already allowed on arm/aarch64, so no other changes are required. BUG=b:218565401 TEST=Attach USB device to crosvm on hatch Change-Id: Ia3a383429a839c68b44040f4b99c990a1f1f8e9d Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/3448188 Reviewed-by: Long Cheng <lgcheng@google.com> Reviewed-by: Dmitry Torokhov <dtor@chromium.org> Tested-by: kokoro <noreply+kokoro@google.com> Reviewed-by: Dennis Kempin <denniskempin@google.com> Commit-Queue: Daniel Verkamp <dverkamp@chromium.org>
44 lines
1.3 KiB
Text
44 lines
1.3 KiB
Text
# Copyright 2018 The Chromium OS Authors. All rights reserved.
|
|
# Use of this source code is governed by a BSD-style license that can be
|
|
# found in the LICENSE file.
|
|
|
|
@include /usr/share/policy/crosvm/common_device.policy
|
|
|
|
lstat: 1
|
|
timerfd_create: 1
|
|
name_to_handle_at: 1
|
|
access: 1
|
|
faccessat: 1
|
|
faccessat2: 1
|
|
getsockname: 1
|
|
pipe: 1
|
|
setsockopt: 1
|
|
bind: 1
|
|
open: return ENOENT
|
|
openat: 1
|
|
socket: arg0 == AF_NETLINK
|
|
stat: 1
|
|
statx: 1
|
|
# The following ioctls are:
|
|
# 0x4008550d == USBDEVFS_REAPURBNDELAY
|
|
# 0x41045508 == USBDEVFS_GETDRIVER
|
|
# 0x550b == USBDEVFS_DISCARDURB
|
|
# 0x8004550f == USBDEVFS_CLAIMINTERFACE
|
|
# 0x80045510 == USBDEVFS_RELEASEINTERFACE
|
|
# 0x80045515 == USBDEVFS_CLEAR_HALT
|
|
# 0x8004551a == USBDEVFS_GET_CAPABILITIES
|
|
# 0x8038550a == USBDEVFS_SUBMITURB
|
|
# 0xc0185500 == USBDEVFS_CONTROL
|
|
# 0x5514 == USBDEVFS_RESET
|
|
# 0x80045505 == USBDEVFS_SETCONFIGURATION
|
|
# 0x8108551b == USBDEVFS_DISCONNECT_CLAIM
|
|
# 0x40085511 == USBDEVFS_CONNECTINFO
|
|
# 0x80185520 == USBDEVFS_CONNINFO_EX
|
|
ioctl: arg1 == 0xc0185500 || arg1 == 0x41045508 || arg1 == 0x8004550f || arg1 == 0x4008550d || arg1 == 0x8004551a || arg1 == 0x550b || arg1 == 0x80045510 || arg1 == 0x80045515 || arg1 == 0x8038550a || arg1 == 0x5514 || arg1 == 0x80045505 || arg1 == 0x8108551b || arg1 == 0x40085511 || arg1 == 0x80185520
|
|
fstat: 1
|
|
newfstatat: 1
|
|
getrandom: 1
|
|
getdents: 1
|
|
getdents64: 1
|
|
lseek: 1
|
|
prctl: arg0 == PR_SET_NAME
|