1 # Organized by frequency of systemcall - in descending order for 2 # best performance. 3 futex: 1 4 ioctl: 1 5 write: 1 6 prctl: 1 7 clock_gettime: 1 8 getpriority: 1 9 read: 1 10 close: 1 11 writev: 1 12 dup: 1 13 ppoll: 1 14 mmap2: 1 15 getrandom: 1 16 memfd_create: 1 17 ftruncate: 1 18 ftruncate64: 1 19 20 # mremap: Ensure |flags| are (MREMAP_MAYMOVE | MREMAP_FIXED) TODO: Once minijail 21 # parser support for '<' is in this needs to be modified to also prevent 22 # |old_address| and |new_address| from touching the exception vector page, which 23 # on ARM is statically loaded at 0xffff 0000. See 24 # http://infocenter.arm.com/help/index.jsp?topic=/com.arm.doc.ddi0211h/Babfeega.html 25 # for more details. 26 mremap: arg3 == 3 27 munmap: 1 28 mprotect: 1 29 madvise: 1 30 openat: 1 31 sigaltstack: 1 32 clone: 1 33 setpriority: 1 34 getuid32: 1 35 fstat64: 1 36 fstatfs64: 1 37 pread64: 1 38 faccessat: 1 39 readlinkat: 1 40 exit: 1 41 rt_sigprocmask: 1 42 set_tid_address: 1 43 restart_syscall: 1 44 exit_group: 1 45 rt_sigreturn: 1 46 pipe2: 1 47 gettimeofday: 1 48 sched_yield: 1 49 nanosleep: 1 50 lseek: 1 51 _llseek: 1 52 sched_get_priority_max: 1 53 sched_get_priority_min: 1 54 statfs64: 1 55 sched_setscheduler: 1 56 fstatat64: 1 57 ugetrlimit: 1 58 getdents64: 1 59 getrandom: 1 60 61 @include /system/etc/seccomp_policy/crash_dump.arm.policy 62
