1# Organized by frequency of systemcall - in descending order for 2# best performance. 3futex: 1 4ioctl: 1 5write: 1 6prctl: 1 7clock_gettime: 1 8getpriority: 1 9read: 1 10close: 1 11writev: 1 12dup: 1 13ppoll: 1 14mmap2: 1 15getrandom: 1 16 17# mremap: Ensure |flags| are (MREMAP_MAYMOVE | MREMAP_FIXED) TODO: Once minijail 18# parser support for '<' is in this needs to be modified to also prevent 19# |old_address| and |new_address| from touching the exception vector page, which 20# on ARM is statically loaded at 0xffff 0000. See 21# http://infocenter.arm.com/help/index.jsp?topic=/com.arm.doc.ddi0211h/Babfeega.html 22# for more details. 23mremap: arg3 == 3 24munmap: 1 25mprotect: 1 26madvise: 1 27openat: 1 28sigaltstack: 1 29clone: 1 30setpriority: 1 31getuid32: 1 32fstat64: 1 33fstatfs64: 1 34pread64: 1 35faccessat: 1 36readlinkat: 1 37exit: 1 38rt_sigprocmask: 1 39set_tid_address: 1 40restart_syscall: 1 41exit_group: 1 42rt_sigreturn: 1 43pipe2: 1 44gettimeofday: 1 45sched_yield: 1 46nanosleep: 1 47lseek: 1 48_llseek: 1 49sched_get_priority_max: 1 50sched_get_priority_min: 1 51statfs64: 1 52sched_setscheduler: 1 53fstatat64: 1 54ugetrlimit: 1 55getdents64: 1 56getrandom: 1 57 58@include /system/etc/seccomp_policy/crash_dump.arm.policy 59