1 # 2 # Copyright (C) 2015 The Android Open Source Project 3 # 4 # Licensed under the Apache License, Version 2.0 (the "License"); 5 # you may not use this file except in compliance with the License. 6 # You may obtain a copy of the License at 7 # 8 # http://www.apache.org/licenses/LICENSE-2.0 9 # 10 # Unless required by applicable law or agreed to in writing, software 11 # distributed under the License is distributed on an "AS IS" BASIS, 12 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 # See the License for the specific language governing permissions and 14 # limitations under the License. 15 # 16 17 # Tested on link 18 gettid: 1 19 getuid: 1 20 geteuid: 1 21 getgid: 1 22 getegid: 1 23 getresuid: 1 24 getresgid: 1 25 26 clock_getres: 1 27 clock_gettime: 1 28 gettimeofday: 1 29 time: 1 30 31 # Allow socket(domain==PF_LOCAL) or socket(domain==PF_NETLINK) 32 socket: arg0 == 0x1 || arg0 == 0x10 33 socketpair: 1 34 connect: 1 35 getsockname: 1 36 pipe: 1 37 sendmsg: 1 38 sendto: 1 39 recvmsg: 1 40 recvfrom: 1 41 42 epoll_create: 1 43 epoll_wait: 1 44 epoll_ctl: 1 45 poll: 1 46 47 open: 1 48 read: 1 49 write: 1 50 close: 1 51 access: 1 52 rename: 1 53 pwrite64: 1 54 55 chmod: 1 56 fsync: 1 57 fdatasync: 1 58 fstat: 1 59 stat: 1 60 lseek: 1 61 fcntl: 1 62 63 futex: 1 64 set_robust_list: 1 65 restart_syscall: 1 66 exit: 1 67 exit_group: 1 68 rt_sigaction: 1 69 rt_sigreturn: 1 70 rt_sigprocmask: 1 71 signalfd4: 1 72 73 brk: 1 74 mmap: 1 75 madvise: 1 76 mprotect: 1 77 munmap: 1 78 79 clone: 1 80 # These calls are attempted but apparently not necessary; return EPERM. 81 prctl: return 1 82 ioctl: return 1 83 tgkill: return 1 84
