aboutsummaryrefslogblamecommitdiff
path: root/gps/etc/seccomp_policy/gnss@2.0-base.policy
blob: 7b930374519a9c4a2d68a4e6921ec8eed5afba02 (plain) (tree)






























































































                                                                                                                                           
#*******************************************************************************
#  Copyright (c) 2020 The Linux Foundation. All rights reserved.
#
#  Redistribution and use in source and binary forms, with or without
#  modification, are permitted provided that the following conditions are
#  met:
#      * Redistributions of source code must retain the above copyright
#        notice, this list of conditions and the following disclaimer.
#      * Redistributions in binary form must reproduce the above
#        copyright notice, this list of conditions and the following
#        disclaimer in the documentation and/or other materials provided
#        with the distribution.
#      * Neither the name of The Linux Foundation, nor the names of its
#        contributors may be used to endorse or promote products derived
#        from this software without specific prior written permission.
#
#  THIS SOFTWARE IS PROVIDED "AS IS" AND ANY EXPRESS OR IMPLIED
#  WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
#  MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT
#  ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS
#  BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
#  CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
#  SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
#  BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
#  WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
#  OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
#  IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
#
#******************************************************************************

clone: 1
close: 1
connect: 1
execve: 1
exit_group: 1
exit: 1
faccessat: 1
fcntl: 1
fstat: 1
fstatfs: 1
futex: 1
getpid: 1
getuid: 1
getgid: 1
getegid: 1
getgroups: 1
geteuid: 1
umask: 1
getrandom: 1
mmap: arg2 in ~PROT_EXEC || arg2 in ~PROT_WRITE
mprotect: arg2 in ~PROT_EXEC || arg2 in ~PROT_WRITE
mremap: 1
munmap: 1
newfstatat: 1
openat: 1
#prctl: arg0 == PR_SET_VMA || arg0 == PR_SET_NO_NEW_PRIVS || arg0 == PR_GET_DUMPABLE || arg0 == PR_SET_SECCOMP || arg0 == 0x37 /* PR_??? */
prctl: 1
pread64: 1
read: 1
pwrite64: 1
write: 1
writev: 1
readlinkat: 1
restart_syscall: 1
rt_sigaction: 1
rt_sigprocmask: 1
rt_sigreturn: 1
sched_getscheduler: 1
set_tid_address: 1
sigaltstack: 1
unlinkat: 1
lseek: 1
##ioctl: arg1 == _IOC(_IOC_NONE || arg1 == _IOC(_IOC_READ || arg1 == VSOC_MAYBE_SEND_INTERRUPT_TO_HOST
ioctl: 1
clock_gettime: 1


socket: arg0 == AF_INET6 || arg0 == AF_UNIX || arg0 == AF_QIPCRTR
connect: 1
setsockopt: 1
getsockname: 1
socketpair: 1
ppoll: 1
pselect6: 1
accept4: 1
listen: 1
bind: 1
pipe2: 1

recvmsg: 1
sendmsg: 1

sendto: 1
recvfrom: 1