Statistics
| Branch: | Revision:

root / qemu-seccomp.c @ 6a1751b7

History | View | Annotate | Download (7.7 kB)

# Date Author Comment
94113bd8 07/30/2013 03:56 am Paul Moore

seccomp: add additional asynchronous I/O syscalls

A previous commit, "seccomp: add the asynchronous I/O syscalls to the
whitelist", added several asynchronous I/O syscalls but left out the
io_submit() and io_cancel() syscalls. This patch corrects this by...
d2509b66 07/30/2013 03:56 am Paul Moore

seccomp: add arch_prctl() to the syscall whitelist

It appears that even a very simple /etc/qemu-ifup configuration can
require the arch_prctl() syscall, see the example below:

#!/bin/sh
    /sbin/ifconfig $1 0.0.0.0 up
    /usr/sbin/brctl addif <switch> $1

Signed-off-by: Paul Moore <>...
7d7b2ad4 07/27/2013 12:54 am Eduardo Otubo

seccomp: no need to check arch in syscall whitelist

v2 update:
- set libseccomp 2.1.0 as requirement on configure script.

Since libseccomp 2.0 there's no need to check the architecture type
anymore.

Signed-off-by: Eduardo Otubo <>...
2fb861eb 07/27/2013 12:54 am Eduardo Otubo

seccomp: removing unused syscalls gtom whitelist

v3 update:
- reincluding getrlimit(), it is used by Xen.

v2 update:
- reincluding setrlimit(), it is used by Xen.

Signed-off-by: Eduardo Otubo <>
Reviewed-by: Paolo Bonzini <>...
fd21faad 05/30/2013 07:46 pm Paul Moore

seccomp: add the asynchronous I/O syscalls to the whitelist

In order to enable the asynchronous I/O functionality when using the
seccomp sandbox we need to add the associated syscalls to the
whitelist.

Signed-off-by: Paul Moore <>
Reviewed-by: Corey Bryant <>...
9c17d615 12/19/2012 09:32 am Paolo Bonzini

softmmu: move include files to include/sysemu/

Signed-off-by: Paolo Bonzini <>
fe512d65 11/30/2012 04:27 pm Eduardo Otubo

seccomp: adding new syscalls (bugzilla 855162)

According to the bug 8551620 - there's the need of adding new syscalls
to the whitelist when using Qemu with Libvirt.

[0] - https://bugzilla.redhat.com/show_bug.cgi?id=855162

Reported-by: Paul Moore <>...
2f668be7 08/16/2012 09:41 pm Eduardo Otubo

Adding qemu-seccomp.[ch] (v8)

Signed-off-by: Eduardo Otubo <>
Signed-off-by: Anthony Liguori <>
---
v1:
- I added a syscall struct using priority levels as described in the
libseccomp man page. The priority numbers are based to the frequency...