Loading services/mediaextractor/minijail/seccomp_policy/mediaextractor-seccomp-arm.policy +16 −24 Original line number Diff line number Diff line Loading @@ -2,39 +2,31 @@ # best performance. ioctl: 1 futex: 1 openat: 1 mmap2: 1 fstatat64: 1 writev: 1 prctl: 1 fcntl64: 1 write: 1 getpriority: 1 mmap2: 1 close: 1 munmap: 1 dup: 1 mprotect: 1 getuid32: 1 setpriority: 1 sigaltstack: 1 openat: 1 clone: 1 read: 1 clock_gettime: 1 lseek: 1 writev: 1 fstatat64: 1 fstat64: 1 restart_syscall: 1 exit: 1 exit_group: 1 rt_sigreturn: 1 clock_gettime: 1 # Only allow local socket connections socket: arg0 == PF_LOCAL socket: arg0 == 1 mprotect: 1 faccessat: 1 write: 1 connect: 1 fstat64: 1 clone: 1 dup: 1 gettimeofday: 1 getpriority: 1 lseek: 1 madvise: 1 munmap: 1 pread64: 1 read: 1 readlinkat: 1 rt_sigprocmask: 1 setpriority: 1 sigaltstack: 1 brk: 1 sched_setscheduler: 1 gettid: 1 Loading
services/mediaextractor/minijail/seccomp_policy/mediaextractor-seccomp-arm.policy +16 −24 Original line number Diff line number Diff line Loading @@ -2,39 +2,31 @@ # best performance. ioctl: 1 futex: 1 openat: 1 mmap2: 1 fstatat64: 1 writev: 1 prctl: 1 fcntl64: 1 write: 1 getpriority: 1 mmap2: 1 close: 1 munmap: 1 dup: 1 mprotect: 1 getuid32: 1 setpriority: 1 sigaltstack: 1 openat: 1 clone: 1 read: 1 clock_gettime: 1 lseek: 1 writev: 1 fstatat64: 1 fstat64: 1 restart_syscall: 1 exit: 1 exit_group: 1 rt_sigreturn: 1 clock_gettime: 1 # Only allow local socket connections socket: arg0 == PF_LOCAL socket: arg0 == 1 mprotect: 1 faccessat: 1 write: 1 connect: 1 fstat64: 1 clone: 1 dup: 1 gettimeofday: 1 getpriority: 1 lseek: 1 madvise: 1 munmap: 1 pread64: 1 read: 1 readlinkat: 1 rt_sigprocmask: 1 setpriority: 1 sigaltstack: 1 brk: 1 sched_setscheduler: 1 gettid: 1
