Merge remote-tracking branch 'remotes/otubo/seccomp' into staging

* remotes/otubo/seccomp: seccomp: add shmctl(), mlock(), and munlock() to the syscall whitelist seccomp: add timerfd_create and timerfd_settime to the whitelist Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
author: Peter Maydell <peter.maydell@linaro.org> 2014-04-28 14:14:35 +0100
committer: Peter Maydell <peter.maydell@linaro.org> 2014-04-28 14:14:35 +0100
commit: e2da502c003b9a91b4aea7684959192bd07c1f1d (patch)
tree: dd40855c9ddbc53d4c537c0a1705fab4e8984875
parent: 93156cef1c9008a549de5fa430b9c6b3d2f5e43b (diff)
parent: e3f9bb011ae24a594310fa4917754945dc832f8f (diff)
1 files changed, 6 insertions, 1 deletions
diff --git a/qemu-seccomp.c b/qemu-seccomp.c
index caa926ebf2..ea8094d043 100644
--- a/qemu-seccomp.c
+++ b/qemu-seccomp.c
@@ -143,6 +143,7 @@ static const struct QemuSeccompSyscall seccomp_whitelist[] = {
     { SCMP_SYS(getsockname), 242 },
     { SCMP_SYS(getpeername), 242 },
     { SCMP_SYS(accept4), 242 },
+    { SCMP_SYS(timerfd_settime), 242 },
     { SCMP_SYS(newfstatat), 241 },
     { SCMP_SYS(shutdown), 241 },
     { SCMP_SYS(getsockopt), 241 },
@@ -225,7 +226,11 @@ static const struct QemuSeccompSyscall seccomp_whitelist[] = {
     { SCMP_SYS(fchmod), 240 },
     { SCMP_SYS(shmget), 240 },
     { SCMP_SYS(shmat), 240 },
-    { SCMP_SYS(shmdt), 240 }
+    { SCMP_SYS(shmdt), 240 },
+    { SCMP_SYS(timerfd_create), 240 },
+    { SCMP_SYS(shmctl), 240 },
+    { SCMP_SYS(mlock), 240 },
+    { SCMP_SYS(munlock), 240 }
 };
 
 int seccomp_start(void)
author	Peter Maydell <peter.maydell@linaro.org>	2014-04-28 14:14:35 +0100
committer	Peter Maydell <peter.maydell@linaro.org>	2014-04-28 14:14:35 +0100
commit	e2da502c003b9a91b4aea7684959192bd07c1f1d (patch)
tree	dd40855c9ddbc53d4c537c0a1705fab4e8984875
parent	93156cef1c9008a549de5fa430b9c6b3d2f5e43b (diff)
parent	e3f9bb011ae24a594310fa4917754945dc832f8f (diff)