aa3f96c9c4
Enabling seccomp across all processes, rather than just zygote, is
useful for auditing the syscall usage of AOSP. Create a global seccomp
policy that can optionally be enabled by init.
Bug: 37960259
Test: confirm global seccomp by removing finit_module from policy and
observing modprobe fail, confirm regular seccomp unchanged by
comparing length of installed bpf
Change-Id: Iac53a42fa26a80b05126f262dd9525f4f66df558
18 lines
715 B
Text
18 lines
715 B
Text
# This file is used to populate seccomp's global whitelist policy in
|
|
# combination with SYSCALLS.TXT, SECCOMP_BLACKLIST.TXT and
|
|
# SECCOMP_WHITELIST.TXT. Unlike the policy used in normal operation this
|
|
# policy is applied globally during the early stage of init, if global seccomp
|
|
# is enabled.
|
|
#
|
|
# See the description at the top of SYSCALLS.TXT for an explanation of the
|
|
# format of the entries in this file.
|
|
#
|
|
# This file is processed by a python script named genseccomp.py.
|
|
|
|
# syscalls needed to boot android
|
|
int swapon(const char*, int) all
|
|
long keyctl(int, ...) all
|
|
key_serial_t add_key(const char*, const char*, const void*, size_t, key_serial_t) all
|
|
|
|
# b/62715671
|
|
int finit_module(int, const char*, int) all
|