Gitiles
Code Review Sign In
gerrit.omnirom.org / android_bionic / 2f23ceda449661d71961b6807d1dadc4afb08505^! / . / libc / tools / genseccomp.py
commit2f23ceda449661d71961b6807d1dadc4afb08505[log] [tgz]
authorVictor Hsieh <victorhsieh@google.com>Wed Jan 17 16:59:12 2018 -0800
committerVictor Hsieh <victorhsieh@google.com>Mon Jan 22 22:30:17 2018 -0800
tree458a8d4cabc2bd455cc66c307bd04e24eec57c7c
parent0d63a3c233040af004cc470d5f76547f3adc0148 [diff] [blame]
Block bunch of privileged syscalls to apps

Test: build, run some app
Bug: 63944145
Change-Id: I13eb56f923732e110851dec02eaa11f6cb44535c

diff --git a/libc/tools/genseccomp.py b/libc/tools/genseccomp.py
index dad9113..63d9f20 100755
--- a/libc/tools/genseccomp.py
+++ b/libc/tools/genseccomp.py

@@ -192,7 +192,9 @@
     "whitelists": [
         "SECCOMP_WHITELIST_COMMON.TXT",
         "SECCOMP_WHITELIST_APP.TXT"],
-    "blacklists": ["SECCOMP_BLACKLIST_COMMON.TXT"]
+    "blacklists": [
+        "SECCOMP_BLACKLIST_COMMON.TXT",
+        "SECCOMP_BLACKLIST_APP.TXT"]
 }
 
 ANDROID_GLOBAL_SYSCALL_FILES = {