policies/arm/rmi4update.query.policy - chromiumos/platform/touch_updater - Git at Google

 # Copyright 2016 The Chromium OS Authors. All rights reserved.
 # Use of this source code is governed by a BSD-style license that can be
 # found in the LICENSE file.

 # These seccomp rules specify the syscalls used by the Synaptics touch FW
 # updater tool rmi4update when querying a device to see what its current
 # FW version is.  To actually perform an update, more syscalls are needed
 # and are supplied in a different policy file.

 write: 1
 read: 1
 _newselect: 1
 ARM_set_tls: 1
 ioctl: 1
 brk: 1
 restart_syscall: 1
 exit: 1
 exit_group: 1
 mmap2: 1
 munmap: 1
 uname: 1
 readlink: 1
 close: 1
 open: 1
 openat: 1
 mprotect: arg2 in ~PROT_EXEC || arg2 in ~PROT_WRITE
 fstat64: 1
 fstatat64: 1
 statx: 1
 execve: 1
 getdents: 1
 getdents64: 1
 getpid: 1
 fstatfs: 1
 fstatfs64: 1
	# Copyright 2016 The Chromium OS Authors. All rights reserved.
	# Use of this source code is governed by a BSD-style license that can be
	# found in the LICENSE file.

	# These seccomp rules specify the syscalls used by the Synaptics touch FW
	# updater tool rmi4update when querying a device to see what its current
	# FW version is. To actually perform an update, more syscalls are needed
	# and are supplied in a different policy file.

	write: 1
	read: 1
	_newselect: 1
	ARM_set_tls: 1
	ioctl: 1
	brk: 1
	restart_syscall: 1
	exit: 1
	exit_group: 1
	mmap2: 1
	munmap: 1
	uname: 1
	readlink: 1
	close: 1
	open: 1
	openat: 1
	mprotect: arg2 in ~PROT_EXEC \|\| arg2 in ~PROT_WRITE
	fstat64: 1
	fstatat64: 1
	statx: 1
	execve: 1
	getdents: 1
	getdents64: 1
	getpid: 1
	fstatfs: 1
	fstatfs64: 1