Add seccomp policy for riscv64

Signed-off-by: Chen Guoyin <chenguoyin.cgy@linux.alibaba.com>
Signed-off-by: Mao Han <han_mao@linux.alibaba.com>
Change-Id: Ib458b8722aed524e487d139bd9fb9c556da6a206

2 files changed, 50 insertions, 0 deletions

diff --git a/hal/Android.bp b/hal/Android.bp
index baae6fd..c21e34a 100644
--- a/hal/Android.bp
+++ b/hal/Android.bp
@@ -97,6 +97,9 @@ prebuilt_usr_share {
         arm64: {
             src: "fake-nvram-seccomp-arm64.policy",
         },
+        riscv64: {
+            src: "fake-nvram-seccomp-riscv64.policy",
+        },
         x86: {
             src: "fake-nvram-seccomp-x86.policy",
         },
diff --git a/hal/fake-nvram-seccomp-riscv64.policy b/hal/fake-nvram-seccomp-riscv64.policy
new file mode 100644
index 0000000..3de4bb4
--- /dev/null
+++ b/hal/fake-nvram-seccomp-riscv64.policy
@@ -0,0 +1,47 @@
+#
+# Copyright (C) 2016 The Android Open Source Project
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+# Control socket operation.
+accept4: 1
+getsockopt: 1
+ppoll: 1
+
+# File operations.
+fdatasync: 1
+fstat: 1
+fsync: 1
+openat: 1
+renameat: 1
+unlinkat: 1
+
+# File and socket I/O.
+close: 1
+read: 1
+write: 1
+
+# Logging.
+clock_gettime: 1
+connect: 1
+fcntl: 1
+getuid: 1
+socket: 1
+writev: 1
+
+# Memory allocation.
+brk: 1
+mmap: 1
+munmap: 1
+madvise: 1