Home Explore Help
Register Sign In
FangSoftSoft
/
qemu
mirror of https://github.com/utmapp/qemu.git
2
0
Fork 0
Files Issues 0 Wiki
Browse Source

Merge remote-tracking branch 'otubo/seccomp' into staging

* otubo/seccomp:
  seccomp: add some basic shared memory syscalls to the whitelist
  seccomp: add mkdir() and fchmod() to the whitelist

Message-id: 1390231004-18392-1-git-send-email-otubo@linux.vnet.ibm.com
Signed-off-by: Anthony Liguori <aliguori@amazon.com>
Anthony Liguori 11 years ago
parent
7d64b2c2e2 918b94e287
commit
1c51e68b18
1 changed files with 6 additions and 1 deletions
Unified View Show Diff Stats
  1. 6 1
      qemu-seccomp.c

+ 6 - 1
qemu-seccomp.c
View File 

@@ -220,7 +220,12 @@ static const struct QemuSeccompSyscall seccomp_whitelist[] = {
 
     { SCMP_SYS(io_cancel), 241 },
 
     { SCMP_SYS(io_cancel), 241 },
 
     { SCMP_SYS(io_setup), 241 },
 
     { SCMP_SYS(io_setup), 241 },
 
     { SCMP_SYS(io_destroy), 241 },
 
     { SCMP_SYS(io_destroy), 241 },
 
-    { SCMP_SYS(arch_prctl), 240 }
 
+    { SCMP_SYS(arch_prctl), 240 },
 
+    { SCMP_SYS(mkdir), 240 },
 
+    { SCMP_SYS(fchmod), 240 },
 
+    { SCMP_SYS(shmget), 240 },
 
+    { SCMP_SYS(shmat), 240 },
 
+    { SCMP_SYS(shmdt), 240 }
 
 };
 
 };
 
 
 
 int seccomp_start(void)
 
 int seccomp_start(void)