diff options
author | Paolo Bonzini <pbonzini@redhat.com> | 2015-01-20 14:32:33 +0100 |
---|---|---|
committer | Eduardo Otubo <eduardo.otubo@profitbricks.com> | 2015-01-23 14:07:08 +0100 |
commit | 4b45b055491a319292beefb8080a81d96cf55cf6 (patch) | |
tree | 98c3a702056bde7832df39acd6c7a38dc3e71dd4 | |
parent | 8f970eff6e318524f189f105c236e47633759890 (diff) |
seccomp: add mlockall to whitelist
This is used by "-realtime mlock=on".
Signed-off-by: Eduardo Otubo <eduardo.otubo@profitbricks.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Amit Shah <amit.shah@redhat.com>
Reviewed-by: Eduardo Habkost <ehabkost@redhat.com>
Tested-by: Eduardo Habkost <ehabkost@redhat.com>
Acked-by: Eduardo Otubo <eduardo.otubo@profitbricks.com>
-rw-r--r-- | qemu-seccomp.c | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/qemu-seccomp.c b/qemu-seccomp.c index b0c626984f..f9de0d3390 100644 --- a/qemu-seccomp.c +++ b/qemu-seccomp.c @@ -229,6 +229,7 @@ static const struct QemuSeccompSyscall seccomp_whitelist[] = { { SCMP_SYS(shmdt), 240 }, { SCMP_SYS(timerfd_create), 240 }, { SCMP_SYS(shmctl), 240 }, + { SCMP_SYS(mlockall), 240 }, { SCMP_SYS(mlock), 240 }, { SCMP_SYS(munlock), 240 }, { SCMP_SYS(semctl), 240 }, |