You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
96 lines
2.7 KiB
96 lines
2.7 KiB
#*******************************************************************************
|
|
# Copyright (c) 2020 The Linux Foundation. All rights reserved.
|
|
#
|
|
# Redistribution and use in source and binary forms, with or without
|
|
# modification, are permitted provided that the following conditions are
|
|
# met:
|
|
# * Redistributions of source code must retain the above copyright
|
|
# notice, this list of conditions and the following disclaimer.
|
|
# * Redistributions in binary form must reproduce the above
|
|
# copyright notice, this list of conditions and the following
|
|
# disclaimer in the documentation and/or other materials provided
|
|
# with the distribution.
|
|
# * Neither the name of The Linux Foundation, nor the names of its
|
|
# contributors may be used to endorse or promote products derived
|
|
# from this software without specific prior written permission.
|
|
#
|
|
# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY EXPRESS OR IMPLIED
|
|
# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
|
|
# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT
|
|
# ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS
|
|
# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
|
|
# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
|
|
# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
|
|
# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
|
|
# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
|
|
# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
|
|
# IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
#
|
|
#******************************************************************************
|
|
|
|
clone: 1
|
|
close: 1
|
|
connect: 1
|
|
execve: 1
|
|
exit_group: 1
|
|
exit: 1
|
|
faccessat: 1
|
|
fcntl: 1
|
|
fstat: 1
|
|
fstatfs: 1
|
|
futex: 1
|
|
getpid: 1
|
|
getuid: 1
|
|
getgid: 1
|
|
getegid: 1
|
|
getgroups: 1
|
|
geteuid: 1
|
|
umask: 1
|
|
getrandom: 1
|
|
mmap: arg2 in ~PROT_EXEC || arg2 in ~PROT_WRITE
|
|
mprotect: arg2 in ~PROT_EXEC || arg2 in ~PROT_WRITE
|
|
mremap: 1
|
|
munmap: 1
|
|
newfstatat: 1
|
|
openat: 1
|
|
#prctl: arg0 == PR_SET_VMA || arg0 == PR_SET_NO_NEW_PRIVS || arg0 == PR_GET_DUMPABLE || arg0 == PR_SET_SECCOMP || arg0 == 0x37 /* PR_??? */
|
|
prctl: 1
|
|
pread64: 1
|
|
read: 1
|
|
pwrite64: 1
|
|
write: 1
|
|
writev: 1
|
|
readlinkat: 1
|
|
restart_syscall: 1
|
|
rt_sigaction: 1
|
|
rt_sigprocmask: 1
|
|
rt_sigreturn: 1
|
|
sched_getscheduler: 1
|
|
set_tid_address: 1
|
|
sigaltstack: 1
|
|
unlinkat: 1
|
|
lseek: 1
|
|
##ioctl: arg1 == _IOC(_IOC_NONE || arg1 == _IOC(_IOC_READ || arg1 == VSOC_MAYBE_SEND_INTERRUPT_TO_HOST
|
|
ioctl: 1
|
|
clock_gettime: 1
|
|
|
|
|
|
socket: arg0 == AF_INET6 || arg0 == AF_UNIX || arg0 == AF_QIPCRTR
|
|
connect: 1
|
|
setsockopt: 1
|
|
getsockname: 1
|
|
socketpair: 1
|
|
ppoll: 1
|
|
pselect6: 1
|
|
accept4: 1
|
|
listen: 1
|
|
bind: 1
|
|
pipe2: 1
|
|
|
|
recvmsg: 1
|
|
sendmsg: 1
|
|
|
|
sendto: 1
|
|
recvfrom: 1
|
|
|