From 426aa5b5073f578881ffa81dd73be88b1aeaa422 Mon Sep 17 00:00:00 2001
From: yangguangzhao <yangguangzhao1@huawei.com>
Date: Tue, 8 Nov 2022 19:41:22 +0800
Subject: [PATCH] web render seccomp policy add membarrier syscall

Signed-off-by: yangguangzhao <yangguangzhao1@huawei.com>
---
 .../modules/seccomp/seccomp_policy/renderer_arm.seccomp.policy   | 1 +
 .../modules/seccomp/seccomp_policy/renderer_arm64.seccomp.policy | 1 +
 2 files changed, 2 insertions(+)

diff --git a/services/modules/seccomp/seccomp_policy/renderer_arm.seccomp.policy b/services/modules/seccomp/seccomp_policy/renderer_arm.seccomp.policy
index 5f8b7d80..f39ba2e5 100644
--- a/services/modules/seccomp/seccomp_policy/renderer_arm.seccomp.policy
+++ b/services/modules/seccomp/seccomp_policy/renderer_arm.seccomp.policy
@@ -169,6 +169,7 @@ fstatfs
 setsid
 rt_tgsigqueueinfo
 ptrace
+membarrier
 
 @allowListWithArgs
 getrusage:if arg0 == RUSAGE_SELF || arg0 == RUSAGE_THREAD; return ALLOW; else return KILL_PROCESS;
diff --git a/services/modules/seccomp/seccomp_policy/renderer_arm64.seccomp.policy b/services/modules/seccomp/seccomp_policy/renderer_arm64.seccomp.policy
index 44ec3b68..d7bf5fab 100644
--- a/services/modules/seccomp/seccomp_policy/renderer_arm64.seccomp.policy
+++ b/services/modules/seccomp/seccomp_policy/renderer_arm64.seccomp.policy
@@ -138,6 +138,7 @@ fstatfs
 setsid
 rt_tgsigqueueinfo
 ptrace
+membarrier
 
 @allowListWithArgs
 getrusage:if arg0 == RUSAGE_SELF || arg0 == RUSAGE_THREAD; return ALLOW; else return KILL_PROCESS;
-- 
GitLab