• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1# This file is used to populate seccomp's whitelist policy in combination with SYSCALLS.TXT.
2# Note that the resultant policy is applied only to zygote spawned processes.
3#
4# Each non-blank, non-comment line has the following format:
5#
6# return_type func_name[|alias_list][:syscall_name[:socketcall_id]]([parameter_list]) arch_list
7#
8# where:
9#       arch_list ::= "all" | arch+
10#       arch      ::= "arm" | "arm64" | "mips" | "mips64" | "x86" | "x86_64"
11#
12# Note:
13#      - syscall_name corresponds to the name of the syscall, which may differ from
14#        the exported function name (example: the exit syscall is implemented by the _exit()
15#        function, which is not the same as the standard C exit() function which calls it)
16
17#      - alias_list is optional comma separated list of function aliases
18#
19#      - The call_id parameter, given that func_name and syscall_name have
20#        been provided, allows the user to specify dispatch style syscalls.
21#        For example, socket() syscall on i386 actually becomes:
22#          socketcall(__NR_socket, 1, *(rest of args on stack)).
23#
24#      - Each parameter type is assumed to be stored in 32 bits.
25#
26# This file is processed by a python script named genseccomp.py.
27
28# b/34651972
29int	access:access(const char *pathname, int mode)	arm,x86,mips
30int	stat64:stat64(const char*, struct stat64*)	arm,x86,mips
31
32# b/34719286
33int	eventfd:eventfd(unsigned int initval, int flags)	arm,x86,mips
34
35# b/34817266
36int	epoll_wait:epoll_wait(int epfd, struct epoll_event *events, int maxevents, int timeout)	arm,x86,mips
37
38# b/34908783
39int	epoll_create:epoll_create(int size)	arm,x86,mips
40
41# b/34979910
42int	creat:creat(const char *pathname, mode_t mode)	arm,x86,mips
43int	unlink:unlink(const char *pathname)	arm,x86,mips
44
45# b/35059702
46int	lstat64:lstat64(const char*, struct stat64*)	arm,x86,mips
47
48# b/35217603
49int	fcntl:fcntl(int fd, int cmd, ... /* arg */ )	arm,x86,mips
50pid_t	fork:fork()	arm,x86,mips
51int	poll:poll(struct pollfd *fds, nfds_t nfds, int timeout)	arm,x86,mips
52
53# b/35906875. Note mips already has getuid from SYSCALLS.TXT
54int	inotify_init()	arm,x86,mips
55uid_t	getuid()	arm,x86
56
57# b/36435222
58int	remap_file_pages(void *addr, size_t size, int prot, size_t pgoff, int flags)	arm,x86,mips
59
60# b/36449658
61int	rename(const char *oldpath, const char *newpath)	arm,x86,mips
62
63# b/36726183. Note arm does not support mmap
64void*	mmap(void *addr, size_t length, int prot, int flags, int fd, off_t offset)	x86,mips
65
66# b/37769298
67int dup2(int oldfd, int newfd)	arm,x86,mips
68
69# b/62779795
70int compat_select:_newselect(int n, unsigned long* inp, unsigned long* outp, unsigned long* exp, struct timeval* timeout) arm,x86,mips
71
72# b/62090571
73int mkdir(const char *pathname, mode_t mode)	arm,x86,mips
74