| Steve Muckle | aa3f96c | 2017-07-20 13:11:54 -0700 | [diff] [blame] | 1 | # This file is used to populate seccomp's global whitelist policy in |
| 2 | # combination with SYSCALLS.TXT, SECCOMP_BLACKLIST.TXT and |
| 3 | # SECCOMP_WHITELIST.TXT. Unlike the policy used in normal operation this |
| 4 | # policy is applied globally during the early stage of init, if global seccomp |
| 5 | # is enabled. |
| 6 | # |
| 7 | # See the description at the top of SYSCALLS.TXT for an explanation of the |
| 8 | # format of the entries in this file. |
| 9 | # |
| 10 | # This file is processed by a python script named genseccomp.py. |
| 11 | |
| 12 | # syscalls needed to boot android |
| 13 | int swapon(const char*, int) all |
| 14 | long keyctl(int, ...) all |
| 15 | key_serial_t add_key(const char*, const char*, const void*, size_t, key_serial_t) all |
| 16 | |
| 17 | # b/62715671 |
| 18 | int finit_module(int, const char*, int) all |