diff options
| author | Eduardo Otubo <eduardo.otubo@profitbricks.com> | 2016-09-21 11:09:22 +0200 |
|---|---|---|
| committer | Eduardo Otubo <eduardo.otubo@profitbricks.com> | 2016-09-21 11:26:02 +0200 |
| commit | cf9dc9e4807464a9d0b3d7368b818323e14921eb (patch) | |
| tree | 61741f0163d0908a2ecdbf987c09773ae4bf1aba /qemu-seccomp.c | |
| parent | a008535b9fa396226ff9cf78b8ac5f3584bda58e (diff) | |
seccomp: adding getrusage to the whitelist
getrusage is used in a number of places throughout the qemu codebase
(notably, in crypto/pbkdf.c). Without this syscall being whitelisted,
qemu ends up getting killed by the kernel whenever you try to connect to
a VNC console.
Signed-off-by: Brian Rak <brak@gameservers.com>
Acked-by: Eduardo Otubo <eduardo.otubo@profitbricks.com>
Diffstat (limited to 'qemu-seccomp.c')
| -rw-r--r-- | qemu-seccomp.c | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/qemu-seccomp.c b/qemu-seccomp.c index cb569dc058..df75d9c471 100644 --- a/qemu-seccomp.c +++ b/qemu-seccomp.c @@ -65,6 +65,7 @@ static const struct QemuSeccompSyscall seccomp_whitelist[] = { { SCMP_SYS(prctl), 245 }, { SCMP_SYS(signalfd), 245 }, { SCMP_SYS(getrlimit), 245 }, + { SCMP_SYS(getrusage), 245 }, { SCMP_SYS(set_tid_address), 245 }, { SCMP_SYS(statfs), 245 }, { SCMP_SYS(unlink), 245 }, |