crosvm/seccomp/x86_64/fs_device.policy

# Copyright 2019 The Chromium OS Authors. All rights reserved.
# Use of this source code is governed by a BSD-style license that can be
# found in the LICENSE file.

@include /usr/share/policy/crosvm/common_device.policy

copy_file_range: 1
fallocate: 1
fchdir: 1
fchmod: 1
fchmodat: 1
fchown: 1
fchownat: 1
fdatasync: 1
fgetxattr: 1
getxattr: 1
fsetxattr: 1
setxattr: 1
flistxattr: 1
listxattr: 1
fremovexattr: 1
removexattr: 1
fstatfs: 1
fsync: 1
ftruncate: 1
getdents64: 1
getegid: 1
geteuid: 1
getrandom: 1
ioctl: arg1 == FS_IOC_GET_ENCRYPTION_POLICY || arg1 == FS_IOC_SET_ENCRYPTION_POLICY || arg1 == FS_IOC_FSGETXATTR || arg1 == FS_IOC_FSSETXATTR || arg1 == FS_IOC_GETFLAGS || arg1 == FS_IOC_SETFLAGS
linkat: 1
lseek: 1
mkdir: 1
mkdirat: 1
mknodat: 1
newfstatat: 1
open: return ENOENT
openat: 1
preadv: 1
pwritev: 1
readlinkat: 1
renameat2: 1
setresgid: 1
setresuid: 1
symlinkat: 1
statx: 1
umask: 1
unlinkat: 1
utimensat: 1