yeahuh / rpms / qemu-kvm

Forked from rpms/qemu-kvm 2 years ago
Clone
9ae3a8
From e95603940674bdb0d59c58f9a7fac3ea97c56d88 Mon Sep 17 00:00:00 2001
9ae3a8
From: Paul Moore <pmoore@redhat.com>
9ae3a8
Date: Wed, 2 Oct 2013 20:09:33 +0200
9ae3a8
Subject: [PATCH 10/25] seccomp: fine tuning whitelist by adding times()
9ae3a8
9ae3a8
RH-Author: Paul Moore <pmoore@redhat.com>
9ae3a8
Message-id: <20131002200933.4639.16090.stgit@localhost>
9ae3a8
Patchwork-id: 54645
9ae3a8
O-Subject: [RHEL7 qemu-kvm PATCH] seccomp: fine tuning whitelist by adding times()
9ae3a8
Bugzilla: 1004175
9ae3a8
RH-Acked-by: Paolo Bonzini <pbonzini@redhat.com>
9ae3a8
RH-Acked-by: Bandan Das <bsd@redhat.com>
9ae3a8
RH-Acked-by: Luiz Capitulino <lcapitulino@redhat.com>
9ae3a8
9ae3a8
Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1004175
9ae3a8
Brew: https://brewweb.devel.redhat.com/taskinfo?taskID=6362319
9ae3a8
Upstream: In QEMU/seccomp maintainer's tree
9ae3a8
          git://github.com/otubo/qemu.git#seccomp
9ae3a8
Tested: Tested by myself, IBM, and original BZ reporter; see BZ.
9ae3a8
9ae3a8
	commit: c236f4519c9838801798f3705c17dce9ab9e3b9d
9ae3a8
	From: Eduardo Otubo <otubo@linux.vnet.ibm.com>
9ae3a8
	Date: 2013-09-04 09:21:12 -0300
9ae3a8
9ae3a8
	seccomp: fine tuning whitelist by adding times()
9ae3a8
9ae3a8
	This was causing Qemu process to hang when using -sandbox on as
9ae3a8
	discribed on RHBZ: https://bugzilla.redhat.com/show_bug.cgi?id=1004175
9ae3a8
9ae3a8
	Signed-off-by: Eduardo Otubo <otubo@linux.vnet.ibm.com>
9ae3a8
	Tested-by: Paul Moore <pmoore@redhat.com>
9ae3a8
	Acked-by: Paul Moore <pmoore@redhat.com>
9ae3a8
---
9ae3a8
 qemu-seccomp.c |    1 +
9ae3a8
 1 file changed, 1 insertion(+)
9ae3a8
9ae3a8
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
9ae3a8
---
9ae3a8
 qemu-seccomp.c |    1 +
9ae3a8
 1 files changed, 1 insertions(+), 0 deletions(-)
9ae3a8
9ae3a8
diff --git a/qemu-seccomp.c b/qemu-seccomp.c
9ae3a8
index 9e91c73..ca15f21 100644
9ae3a8
--- a/qemu-seccomp.c
9ae3a8
+++ b/qemu-seccomp.c
9ae3a8
@@ -98,6 +98,7 @@ static const struct QemuSeccompSyscall seccomp_whitelist[] = {
9ae3a8
     { SCMP_SYS(getuid), 245 },
9ae3a8
     { SCMP_SYS(geteuid), 245 },
9ae3a8
     { SCMP_SYS(timer_create), 245 },
9ae3a8
+    { SCMP_SYS(times), 245 },
9ae3a8
     { SCMP_SYS(exit), 245 },
9ae3a8
     { SCMP_SYS(clock_gettime), 245 },
9ae3a8
     { SCMP_SYS(time), 245 },
9ae3a8
-- 
9ae3a8
1.7.1
9ae3a8