aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorEduardo Otubo <eduardo.otubo@profitbricks.com>2015-10-09 17:17:41 +0200
committerMichael S. Tsirkin <mst@redhat.com>2015-10-22 14:34:50 +0300
commitf8d82b8eb81d3ea29325b4046fafa8ed41e32449 (patch)
tree1c290b44f2065b515145528779d7b9a41db15ba1
parent1d9edff78fa0b294d6084df76da89e20ee93fdab (diff)
seccomp: add memfd_create to whitelist
This is used by memfd code. Signed-off-by: Eduardo Otubo <eduardo.otubo@profitbricks.com> Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com> Tested-by: Thibaut Collet <thibaut.collet@6wind.com>
-rw-r--r--qemu-seccomp.c3
1 files changed, 2 insertions, 1 deletions
diff --git a/qemu-seccomp.c b/qemu-seccomp.c
index f9de0d3390..80d034a8d5 100644
--- a/qemu-seccomp.c
+++ b/qemu-seccomp.c
@@ -237,7 +237,8 @@ static const struct QemuSeccompSyscall seccomp_whitelist[] = {
{ SCMP_SYS(fadvise64), 240 },
{ SCMP_SYS(inotify_init1), 240 },
{ SCMP_SYS(inotify_add_watch), 240 },
- { SCMP_SYS(mbind), 240 }
+ { SCMP_SYS(mbind), 240 },
+ { SCMP_SYS(memfd_create), 240 }
};
int seccomp_start(void)