| commit | 84edb0ee6bdaec8c452b2b6075210cdc095425cd | [log] [tgz] |
|---|---|---|
| author | Juston Li <justonli@google.com> | Tue Jan 17 21:40:03 2023 +0000 |
| committer | crosvm LUCI <crosvm-scoped@luci-project-accounts.iam.gserviceaccount.com> | Wed Jan 18 18:03:31 2023 +0000 |
| tree | 596ea5ecc981ffe3457aeef29b4e229f6ae43dec | |
| parent | 665001463658263b44e587a9a96ec63d7cab7980 [diff] |
seccomp: allow inotify for shader caching on x86_64 new mesa runtime shader cache loading feature utilizes inotify_init1(), inotify_add_watch() and inotify_rm_watch See: https://gitlab.freedesktop.org/mesa/mesa/-/commit/3b69b67545b678da2970654b9490cc3902cdf738 BUG=b:235392416 TEST=vmc launch borealis Change-Id: I96a9cc11f8ab80e4da8dd0f0b23c7af9f50abf96 Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/4165870 Reviewed-by: Dennis Kempin <denniskempin@google.com> Commit-Queue: Juston Li <justonli@google.com> Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
diff --git a/seccomp/x86_64/gpu_common.policy b/seccomp/x86_64/gpu_common.policy index a702f05..b749e33 100644 --- a/seccomp/x86_64/gpu_common.policy +++ b/seccomp/x86_64/gpu_common.policy
@@ -94,6 +94,9 @@ # Rules for Mesa's shader binary cache. flock: 1 +inotify_add_watch: 1 +inotify_init1: 1 +inotify_rm_watch: 1 mkdir: 1 newfstatat: 1 rename: 1