Expand seccomp whitelist Bug: 34813887 Bug: 34809883 Bug: 34767389 Bug: 34719286 Test: Device boots, the app in b/34719286 runs when it didn't before Change-Id: Iad198e3ca620e7a07464b0d182f969bb807bd948

commit: 0a9c50d72b1447fc07bd96fa0aa437326e76856f [log] [tgz]
author: Paul Lawrence <paullawrence@google.com> Mon Jan 30 15:43:53 2017 -0800
committer: Paul Lawrence <paullawrence@google.com> Tue Jan 31 08:35:00 2017 -0800
tree: 965c55d0044a884ef25587583b495625bc384ab6
parent: 937c73c6dabdafe3fe4ea8a243da0628cba0962a [diff]
diff --git a/init/seccomp.cpp b/init/seccomp.cpp
index d632302..2ba6384 100644
--- a/init/seccomp.cpp
+++ b/init/seccomp.cpp

@@ -213,6 +213,14 @@
     // Needed for kernel to restart syscalls
     AllowSyscall(f, 0);  // __NR_restart_syscall
 
+    // b/34813887
+    AllowSyscall(f, 5);   // __NR_open
+    AllowSyscall(f, 141); // __NR_getdents
+    AllowSyscall(f, 217); // __NR_getdents64
+
+    // b/34719286
+    AllowSyscall(f, 351); // __NR_eventfd
+
     // arm32-on-arm64 only filter - autogenerated from bionic syscall usage
     for (size_t i = 0; i < arm_filter_size; ++i)
         f.push_back(arm_filter[i]);
commit	0a9c50d72b1447fc07bd96fa0aa437326e76856f	[log] [tgz]
author	Paul Lawrence <paullawrence@google.com>	Mon Jan 30 15:43:53 2017 -0800
committer	Paul Lawrence <paullawrence@google.com>	Tue Jan 31 08:35:00 2017 -0800
tree	965c55d0044a884ef25587583b495625bc384ab6
parent	937c73c6dabdafe3fe4ea8a243da0628cba0962a [diff]