Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit ae3f9060 authored by Paul Lawrence's avatar Paul Lawrence
Browse files

Expand seccomp whitelist 

Bug: 34813887
Bug: 34809883
Bug: 34767389
Bug: 34719286
Test: Device boots, the app in b/34719286 runs when it didn't before
Change-Id: Iad198e3ca620e7a07464b0d182f969bb807bd948
parent 1cb8d9df

init/seccomp.cpp

+8 −0
Original line number Diff line number Diff line
@@ -213,6 +213,14 @@ bool set_seccomp_filter() { 
    // Needed for kernel to restart syscalls

    AllowSyscall(f, 0);  // __NR_restart_syscall



    // b/34813887

    AllowSyscall(f, 5);   // __NR_open

    AllowSyscall(f, 141); // __NR_getdents

    AllowSyscall(f, 217); // __NR_getdents64



    // b/34719286

    AllowSyscall(f, 351); // __NR_eventfd



    // arm32-on-arm64 only filter - autogenerated from bionic syscall usage

    for (size_t i = 0; i < arm_filter_size; ++i)

        f.push_back(arm_filter[i]);