All of lore.kernel.org
 help / color / mirror / Atom feed
* [Qemu-devel] [PULL 00/01] seccomp branch queue
@ 2016-09-21  9:38 Eduardo Otubo
  2016-09-21  9:38 ` [Qemu-devel] [PULL 01/01] seccomp: adding getrusage to the whitelist Eduardo Otubo
  2016-09-22 13:23 ` [Qemu-devel] [PULL 00/01] seccomp branch queue Peter Maydell
  0 siblings, 2 replies; 3+ messages in thread
From: Eduardo Otubo @ 2016-09-21  9:38 UTC (permalink / raw)
  To: qemu-devel; +Cc: peter.maydell, Eduardo Otubo

The following changes since commit a008535b9fa396226ff9cf78b8ac5f3584bda58e:

  build-sys: fix make install regression (2016-09-20 11:32:43 +0100)

are available in the git repository at:

  git://github.com/otubo/qemu.git tags/pull-seccomp-20160921

for you to fetch changes up to cf9dc9e4807464a9d0b3d7368b818323e14921eb:

  seccomp: adding getrusage to the whitelist (2016-09-21 11:26:02 +0200)

----------------------------------------------------------------
seccomp branch queue

----------------------------------------------------------------
Eduardo Otubo (1):
      seccomp: adding getrusage to the whitelist

 qemu-seccomp.c | 1 +
 1 file changed, 1 insertion(+)

-- 
2.7.4

^ permalink raw reply	[flat|nested] 3+ messages in thread
* [Qemu-devel] [PULL 01/01] seccomp: adding getrusage to the whitelist
  2016-09-21  9:38 [Qemu-devel] [PULL 00/01] seccomp branch queue Eduardo Otubo
@ 2016-09-21  9:38 ` Eduardo Otubo
  2016-09-22 13:23 ` [Qemu-devel] [PULL 00/01] seccomp branch queue Peter Maydell
  1 sibling, 0 replies; 3+ messages in thread
From: Eduardo Otubo @ 2016-09-21  9:38 UTC (permalink / raw)
  To: qemu-devel; +Cc: peter.maydell, Eduardo Otubo, Brian Rak

getrusage is used in a number of places throughout the qemu codebase
(notably, in crypto/pbkdf.c).  Without this syscall being whitelisted,
qemu ends up getting killed by the kernel whenever you try to connect to
a VNC console.

Signed-off-by: Brian Rak <brak@gameservers.com>
Acked-by: Eduardo Otubo <eduardo.otubo@profitbricks.com>
---
 qemu-seccomp.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/qemu-seccomp.c b/qemu-seccomp.c
index cb569dc..df75d9c 100644
--- a/qemu-seccomp.c
+++ b/qemu-seccomp.c
@@ -65,6 +65,7 @@ static const struct QemuSeccompSyscall seccomp_whitelist[] = {
     { SCMP_SYS(prctl), 245 },
     { SCMP_SYS(signalfd), 245 },
     { SCMP_SYS(getrlimit), 245 },
+    { SCMP_SYS(getrusage), 245 },
     { SCMP_SYS(set_tid_address), 245 },
     { SCMP_SYS(statfs), 245 },
     { SCMP_SYS(unlink), 245 },
-- 
2.7.4

^ permalink raw reply related	[flat|nested] 3+ messages in thread
* Re: [Qemu-devel] [PULL 00/01] seccomp branch queue
  2016-09-21  9:38 [Qemu-devel] [PULL 00/01] seccomp branch queue Eduardo Otubo
  2016-09-21  9:38 ` [Qemu-devel] [PULL 01/01] seccomp: adding getrusage to the whitelist Eduardo Otubo
@ 2016-09-22 13:23 ` Peter Maydell
  1 sibling, 0 replies; 3+ messages in thread
From: Peter Maydell @ 2016-09-22 13:23 UTC (permalink / raw)
  To: Eduardo Otubo; +Cc: QEMU Developers

On 21 September 2016 at 10:38, Eduardo Otubo
<eduardo.otubo@profitbricks.com> wrote:
> The following changes since commit a008535b9fa396226ff9cf78b8ac5f3584bda58e:
>
>   build-sys: fix make install regression (2016-09-20 11:32:43 +0100)
>
> are available in the git repository at:
>
>   git://github.com/otubo/qemu.git tags/pull-seccomp-20160921
>
> for you to fetch changes up to cf9dc9e4807464a9d0b3d7368b818323e14921eb:
>
>   seccomp: adding getrusage to the whitelist (2016-09-21 11:26:02 +0200)
>
> ----------------------------------------------------------------
> seccomp branch queue
>
> ----------------------------------------------------------------

Applied, thanks.

-- PMM

^ permalink raw reply	[flat|nested] 3+ messages in thread
end of thread, other threads:[~2016-09-22 13:24 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2016-09-21  9:38 [Qemu-devel] [PULL 00/01] seccomp branch queue Eduardo Otubo
2016-09-21  9:38 ` [Qemu-devel] [PULL 01/01] seccomp: adding getrusage to the whitelist Eduardo Otubo
2016-09-22 13:23 ` [Qemu-devel] [PULL 00/01] seccomp branch queue Peter Maydell

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.