From 4a0848e65f1b43b226bece08058ff7dac0dea26a Mon Sep 17 00:00:00 2001
From: xiacong <xiacong4@huawei.com>
Date: Thu, 15 Jun 2023 17:28:25 +0800
Subject: [PATCH] =?UTF-8?q?bugfix:=20=E5=87=8F=E5=B0=8Fapp=E7=9A=84seccomp?=
 =?UTF-8?q?=E5=90=8D=E5=8D=95?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: xiacong <xiacong4@huawei.com>
---
 .../seccomp/seccomp_policy/app_arm.seccomp.policy     | 11 +----------
 .../seccomp/seccomp_policy/app_arm64.seccomp.policy   |  3 ---
 2 files changed, 1 insertion(+), 13 deletions(-)

diff --git a/services/modules/seccomp/seccomp_policy/app_arm.seccomp.policy b/services/modules/seccomp/seccomp_policy/app_arm.seccomp.policy
index cc9133312..2fa4622ce 100644
--- a/services/modules/seccomp/seccomp_policy/app_arm.seccomp.policy
+++ b/services/modules/seccomp/seccomp_policy/app_arm.seccomp.policy
@@ -35,7 +35,6 @@ unlink
 execve
 chdir
 chmod
-lchown
 lseek
 getpid
 getuid
@@ -62,7 +61,6 @@ setrlimit
 getrusage
 gettimeofday
 symlink
-ftruncate
 readlink
 munmap
 truncate
@@ -71,9 +69,6 @@ getpriority
 setpriority
 setitimer
 getitimer
-stat
-lstat
-fstat
 wait4
 sysinfo
 fsync
@@ -119,7 +114,6 @@ rt_sigqueueinfo
 rt_sigsuspend
 pread64
 pwrite64
-chown
 getcwd
 capget
 capset
@@ -256,14 +250,12 @@ sendmmsg
 setns
 process_vm_readv
 process_vm_writev
-finit_module
 sched_setattr
 sched_getattr
 renameat2
 seccomp
 getrandom
 memfd_create
-bpf
 execveat
 userfaultfd
 membarrier
@@ -291,7 +283,6 @@ futex_time64
 sched_rr_get_interval_time64
 pidfd_send_signal
 pidfd_open
-close_range
 pidfd_getfd
 process_madvise
 cacheflush
@@ -320,4 +311,4 @@ setregid32
 setuid32
 setgid32
 clock_settime
-clock_adjtime
\ No newline at end of file
+clock_adjtime
diff --git a/services/modules/seccomp/seccomp_policy/app_arm64.seccomp.policy b/services/modules/seccomp/seccomp_policy/app_arm64.seccomp.policy
index b52ec8f5d..c6b199990 100644
--- a/services/modules/seccomp/seccomp_policy/app_arm64.seccomp.policy
+++ b/services/modules/seccomp/seccomp_policy/app_arm64.seccomp.policy
@@ -219,14 +219,12 @@ setns
 sendmmsg
 process_vm_readv
 process_vm_writev
-finit_module
 sched_setattr
 sched_getattr
 renameat2
 seccomp
 getrandom
 memfd_create
-bpf
 execveat
 userfaultfd
 membarrier
@@ -237,7 +235,6 @@ pwritev2
 statx
 pidfd_send_signal
 pidfd_open
-close_range
 pidfd_getfd
 process_madvise
 set_robust_list
-- 
Gitee