xs-android13
/
system
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
system/core/debuggerd/seccomp_policy/crash_dump.policy.def

87 lines
1.7 KiB
Modula-2
Raw Blame History

// SECCOMP_MODE_STRICT
read: 1
write: 1
exit: 1
rt_sigreturn: 1
#if !defined(__LP64__)
sigreturn: 1
#endif
exit_group: 1
clock_gettime: 1
gettimeofday: 1
futex: 1
getrandom: 1
getpid: 1
gettid: 1
ppoll: 1
pipe2: 1
openat: 1
dup: 1
close: 1
lseek: 1
getdents64: 1
faccessat: 1
recvmsg: 1
recvfrom: 1
sysinfo: 1
process_vm_readv: 1
tgkill: 1
rt_sigprocmask: 1
rt_sigaction: 1
rt_tgsigqueueinfo: 1
// this is referenced from mainline modules running on Q devices, where not all
// of the constants used here are defined in headers, so minijail rejects them.
// we define them here to avoid those errors.
// constants introduced in R
#define PR_SET_VMA 0x53564d41
#define PR_GET_TAGGED_ADDR_CTRL 56
// constants introduced in S
#define PR_PAC_GET_ENABLED_KEYS 61
#if defined(__aarch64__)
// PR_PAC_RESET_KEYS happens on aarch64 in pthread_create path.
prctl: arg0 == PR_GET_NO_NEW_PRIVS || arg0 == PR_SET_VMA || arg0 == PR_PAC_RESET_KEYS || arg0 == PR_GET_TAGGED_ADDR_CTRL || arg0 == PR_PAC_GET_ENABLED_KEYS
#else
prctl: arg0 == PR_GET_NO_NEW_PRIVS || arg0 == PR_SET_VMA
#endif
#if 0
libminijail on vendor partitions older than P does not have constants from <sys/mman.h>.
Define the values of PROT_READ and PROT_WRITE ourselves to maintain backwards compatibility.
#else
#define PROT_READ 0x1
#define PROT_WRITE 0x2
#endif
madvise: 1
mprotect: arg2 in PROT_READ|PROT_WRITE
munmap: 1
#if defined(__LP64__)
getuid: 1
fstat: 1
mmap: arg2 in PROT_READ|PROT_WRITE
#else
getuid32: 1
fstat64: 1
mmap2: arg2 in PROT_READ|PROT_WRITE
#endif
// Needed for logging.
#if defined(__LP64__)
geteuid: 1
getgid: 1
getegid: 1
getgroups: 1
#else
geteuid32: 1
getgid32: 1
getegid32: 1
getgroups32: 1
#endif
Reference in New Issue View Git Blame Copy Permalink