Revision e9eecb5b
ID | e9eecb5bf82a71564bf018fcbbfc6cda19cab6c2 |
seccomp: add kill() to the syscall whitelist
The kill() syscall is triggered with the following command:
- qemu -sandbox on -monitor stdio \
-device intel-hda -device hda-duplex -vnc :0
The resulting syslog/audit message:
- ausearch
m SECCOMP
---
time->Wed Nov 20 09:52:08 2013
type=SECCOMP msg=audit(1384912328.482:6656): auid=0 uid=0 gid=0 ses=854
subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 pid=12087
comm="qemu-kvm" sig=31 syscall=62 compat=0 ip=0x7f7a1d2abc67 code=0x0 - scmp_sys_resolver 62
kill
Reported-by: CongLi <coli@redhat.com>
Tested-by: CongLi <coli@redhat.com>
Signed-off-by: Paul Moore <pmoore@redhat.com>
Acked-by: Eduardo Otubo <otubo@linux.vnet.ibm.com>
Files
- added
- modified
- copied
- renamed
- deleted