yeahuh / rpms / qemu-kvm

Forked from rpms/qemu-kvm 2 years ago
Clone
218e99
From e95603940674bdb0d59c58f9a7fac3ea97c56d88 Mon Sep 17 00:00:00 2001
218e99
From: Paul Moore <pmoore@redhat.com>
218e99
Date: Wed, 2 Oct 2013 20:09:33 +0200
218e99
Subject: [PATCH 10/25] seccomp: fine tuning whitelist by adding times()
218e99
218e99
RH-Author: Paul Moore <pmoore@redhat.com>
218e99
Message-id: <20131002200933.4639.16090.stgit@localhost>
218e99
Patchwork-id: 54645
218e99
O-Subject: [RHEL7 qemu-kvm PATCH] seccomp: fine tuning whitelist by adding times()
218e99
Bugzilla: 1004175
218e99
RH-Acked-by: Paolo Bonzini <pbonzini@redhat.com>
218e99
RH-Acked-by: Bandan Das <bsd@redhat.com>
218e99
RH-Acked-by: Luiz Capitulino <lcapitulino@redhat.com>
218e99
218e99
Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1004175
218e99
Brew: https://brewweb.devel.redhat.com/taskinfo?taskID=6362319
218e99
Upstream: In QEMU/seccomp maintainer's tree
218e99
          git://github.com/otubo/qemu.git#seccomp
218e99
Tested: Tested by myself, IBM, and original BZ reporter; see BZ.
218e99
218e99
	commit: c236f4519c9838801798f3705c17dce9ab9e3b9d
218e99
	From: Eduardo Otubo <otubo@linux.vnet.ibm.com>
218e99
	Date: 2013-09-04 09:21:12 -0300
218e99
218e99
	seccomp: fine tuning whitelist by adding times()
218e99
218e99
	This was causing Qemu process to hang when using -sandbox on as
218e99
	discribed on RHBZ: https://bugzilla.redhat.com/show_bug.cgi?id=1004175
218e99
218e99
	Signed-off-by: Eduardo Otubo <otubo@linux.vnet.ibm.com>
218e99
	Tested-by: Paul Moore <pmoore@redhat.com>
218e99
	Acked-by: Paul Moore <pmoore@redhat.com>
218e99
---
218e99
 qemu-seccomp.c |    1 +
218e99
 1 file changed, 1 insertion(+)
218e99
218e99
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
218e99
---
218e99
 qemu-seccomp.c |    1 +
218e99
 1 files changed, 1 insertions(+), 0 deletions(-)
218e99
218e99
diff --git a/qemu-seccomp.c b/qemu-seccomp.c
218e99
index 9e91c73..ca15f21 100644
218e99
--- a/qemu-seccomp.c
218e99
+++ b/qemu-seccomp.c
218e99
@@ -98,6 +98,7 @@ static const struct QemuSeccompSyscall seccomp_whitelist[] = {
218e99
     { SCMP_SYS(getuid), 245 },
218e99
     { SCMP_SYS(geteuid), 245 },
218e99
     { SCMP_SYS(timer_create), 245 },
218e99
+    { SCMP_SYS(times), 245 },
218e99
     { SCMP_SYS(exit), 245 },
218e99
     { SCMP_SYS(clock_gettime), 245 },
218e99
     { SCMP_SYS(time), 245 },
218e99
-- 
218e99
1.7.1
218e99