trunksd-seccomp-arm64.policy revision ce32afbb304bbca521ec0333b41c82d736295ec7
1# 2# Copyright (C) 2014 The Android Open Source Project 3# 4# Licensed under the Apache License, Version 2.0 (the "License"); 5# you may not use this file except in compliance with the License. 6# You may obtain a copy of the License at 7# 8# http://www.apache.org/licenses/LICENSE-2.0 9# 10# Unless required by applicable law or agreed to in writing, software 11# distributed under the License is distributed on an "AS IS" BASIS, 12# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13# See the License for the specific language governing permissions and 14# limitations under the License. 15# 16 17gettid: 1 18getuid: 1 19geteuid: 1 20getgid: 1 21getegid: 1 22getresuid: 1 23getresgid: 1 24 25clock_getres: 1 26clock_gettime: 1 27gettimeofday: 1 28 29epoll_create1: 1 30epoll_pwait: 1 31epoll_ctl: 1 32 33openat: 1 34read: 1 35write: 1 36writev: 1 37close: 1 38fstat: 1 39lseek: 1 40fcntl: 1 41readlinkat: 1 42faccessat: 1 43pipe2: 1 44socket: 1 45connect: 1 46sendto: 1 47 48futex: 1 49 50restart_syscall: 1 51exit: 1 52exit_group: 1 53rt_sigreturn: 1 54sigaltstack: 1 55personality: 1 56 57brk: 1 58mmap: 1 59munmap: 1 60madvise: 1 61 62# Allow thread creation. 63mprotect: 1 64clone: 1 65set_robust_list: 1 66# This is attempted but apparently not necessary; return EPERM. 67prctl: return 1 68gettid: 1 69set_tid_address: 1 70 71rt_sigprocmask: 1 72signalfd4: 1 73ioctl: 1 74getpriority: 1 75setpriority: 1 76exit: 1 77exit_group: 1 78chdir: 1 79