From f4440a00e825230fdb608ccf9314d067f0be817a Mon Sep 17 00:00:00 2001 From: Paras Nagda Date: Fri, 7 Oct 2016 19:00:39 +0530 Subject: [PATCH] msm8976-common: mediacodec: Allow select and eventfd syscalls for 8976 Add pselect6 and eventfd2 syscalls Includes following: mediacodec: allow sendto and recvfrom syscalls mediacodec: allow lseek syscall mediaextractor: allow pread64 and readlinkat syscalls Change-Id: Iff6e2f7fc0562a520f56cbf4bbce72f1af545f9c --- msm8976.mk | 5 +++++ seccomp/mediacodec-seccomp.policy | 7 +++++++ seccomp/mediaextractor-seccomp.policy | 4 ++++ 3 files changed, 16 insertions(+) create mode 100644 seccomp/mediacodec-seccomp.policy create mode 100644 seccomp/mediaextractor-seccomp.policy diff --git a/msm8976.mk b/msm8976.mk index c02df9a..fefc518 100644 --- a/msm8976.mk +++ b/msm8976.mk @@ -244,6 +244,11 @@ PRODUCT_PACKAGES += \ PRODUCT_PACKAGES += \ android.hardware.renderscript@1.0-impl +# Seccomp +PRODUCT_COPY_FILES += \ + $(LOCAL_PATH)/seccomp/mediacodec-seccomp.policy:system/vendor/etc/seccomp_policy/mediacodec.policy \ + $(LOCAL_PATH)/seccomp/mediaextractor-seccomp.policy:system/vendor/etc/seccomp_policy/mediaextractor.policy + # Sensors PRODUCT_PACKAGES += \ android.hardware.sensors@1.0-impl diff --git a/seccomp/mediacodec-seccomp.policy b/seccomp/mediacodec-seccomp.policy new file mode 100644 index 0000000..f04ecba --- /dev/null +++ b/seccomp/mediacodec-seccomp.policy @@ -0,0 +1,7 @@ +# device specific syscalls +# extension of services/mediacodec/minijail/seccomp_policy/mediacodec-seccomp-arm.policy +pselect6: 1 +eventfd2: 1 +sendto: 1 +recvfrom: 1 +_llseek: 1 diff --git a/seccomp/mediaextractor-seccomp.policy b/seccomp/mediaextractor-seccomp.policy new file mode 100644 index 0000000..77c1e2a --- /dev/null +++ b/seccomp/mediaextractor-seccomp.policy @@ -0,0 +1,4 @@ +# device specific syscalls. +# extension of services/mediaextractor/minijail/seccomp_policy/mediaextractor-seccomp-arm.policy +readlinkat: 1 +pread64: 1