From patchwork Sat Apr 16 19:04:32 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eduardo Otubo X-Patchwork-Id: 8861841 Return-Path: X-Original-To: patchwork-qemu-devel@patchwork.kernel.org Delivered-To: patchwork-parsemail@patchwork1.web.kernel.org Received: from mail.kernel.org (mail.kernel.org [198.145.29.136]) by patchwork1.web.kernel.org (Postfix) with ESMTP id E6A0A9F441 for ; Sat, 16 Apr 2016 19:05:44 +0000 (UTC) Received: from mail.kernel.org (localhost [127.0.0.1]) by mail.kernel.org (Postfix) with ESMTP id 40EEA201B9 for ; Sat, 16 Apr 2016 19:05:44 +0000 (UTC) Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 9D29720173 for ; Sat, 16 Apr 2016 19:05:43 +0000 (UTC) Received: from localhost ([::1]:60208 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1arVXK-0004lL-Uj for patchwork-qemu-devel@patchwork.kernel.org; Sat, 16 Apr 2016 15:05:42 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:39360) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1arVWy-0004hE-Di for qemu-devel@nongnu.org; Sat, 16 Apr 2016 15:05:21 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1arVWx-0006g4-45 for qemu-devel@nongnu.org; Sat, 16 Apr 2016 15:05:20 -0400 Received: from mail-wm0-x22d.google.com ([2a00:1450:400c:c09::22d]:37128) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1arVWw-0006fj-Ty for qemu-devel@nongnu.org; Sat, 16 Apr 2016 15:05:19 -0400 Received: by mail-wm0-x22d.google.com with SMTP id n3so73227265wmn.0 for ; Sat, 16 Apr 2016 12:05:18 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=profitbricks-com.20150623.gappssmtp.com; s=20150623; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=FtBfozjzAAXTiVWDzFNO/mB6SdRnKrg40bhz6hdKVag=; b=qPwkAVKyfJyZb1J6ABcKRQ+iLyRKw2RsC2xdi1ZxXqvO4dCCEMIblIyqJuer/CvNYs o1cxbKH092uWXnimkZit5zZnfJfKTZ6DlcK4FzGwjGgN1O3wvTkZkI9LvRooFXZEe15P s1ivGpj8VkfQaRaro0m+XoHzabuyNhCQOUa0NZ4KFB0rmapuUK3Y5xAxMuT37KUuiaLE VTMGBewKIgdajRASc0UmLDrTIkF38slClVOqieSTAlSt6bQidso1hMFHfXFVkBaBajQ1 8HAQGLvLBox7M6rphgBYOt6PbQIknmE11xRxJpgmAADR2xQ9bmWX52aJYUBeNMjXDrlh O+Bg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=FtBfozjzAAXTiVWDzFNO/mB6SdRnKrg40bhz6hdKVag=; b=CcOXzXfgghgyj+6EcLyh6AorIC5TWJ+Gy/4nutJG4JTjr0SP7PSiEfM4Uqs0vVtIvp HeKmLCpj1/g+3l1UyO4OibtKc8oUtB8OqH8VtzgCdKEU7QOcsca9Jry4tbd6bwi866kC o74gEwNzifvGVdcvxOqquG+EmYVcB+eQmBTkJCpwyiiPQ4Cq4N0vqLnxRuRbemaiEnjp IsxrjHykfeCB/gSKTc9vyHDOf9oEm0d/APKoepPFOOSbDED+R1SJ916CBoJosss16Ioq 1nniOxKPGbOpLHPD84o0FC3PN9fVARpyV5BuADbWjcgRDmj7ALQlwumPNSMmyV6LpFtU hrGw== X-Gm-Message-State: AOPr4FXm7mLk/NeW/YH20eMPpKxtV4CfwBvJ+OHaN+68IqQxThf1kLiPmzqi9iS4g/BbsX+S X-Received: by 10.28.153.203 with SMTP id b194mr10941230wme.3.1460833518319; Sat, 16 Apr 2016 12:05:18 -0700 (PDT) Received: from vader.pb.local ([62.217.45.26]) by smtp.gmail.com with ESMTPSA id n3sm55236224wja.6.2016.04.16.12.05.17 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Sat, 16 Apr 2016 12:05:17 -0700 (PDT) From: Eduardo Otubo To: qemu-devel@nongnu.org Date: Sat, 16 Apr 2016 21:04:32 +0200 Message-Id: <1460833472-14855-4-git-send-email-eduardo.otubo@profitbricks.com> X-Mailer: git-send-email 2.1.4 In-Reply-To: <1460833472-14855-1-git-send-email-eduardo.otubo@profitbricks.com> References: <1460833472-14855-1-git-send-email-eduardo.otubo@profitbricks.com> X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-Received-From: 2a00:1450:400c:c09::22d Subject: [Qemu-devel] [PULL 03/03] seccomp: adding sysinfo system call to whitelist X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: peter.maydell@linaro.org, Miroslav Rezanina Errors-To: qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@nongnu.org Sender: "Qemu-devel" X-Spam-Status: No, score=-6.8 required=5.0 tests=BAYES_00,DKIM_SIGNED, RCVD_IN_DNSWL_HI, T_DKIM_INVALID, UNPARSEABLE_RELAY autolearn=ham version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on mail.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP From: Miroslav Rezanina Newer version of nss-softokn libraries (> 3.16.2.3) use sysinfo call so qemu using rbd image hang after start when run in sandbox mode. To allow using rbd images in sandbox mode we have to whitelist it. Signed-off-by: Miroslav Rezanina Acked-by: Eduardo Otubo --- qemu-seccomp.c | 1 + 1 file changed, 1 insertion(+) diff --git a/qemu-seccomp.c b/qemu-seccomp.c index 138ee02..cb569dc 100644 --- a/qemu-seccomp.c +++ b/qemu-seccomp.c @@ -252,6 +252,7 @@ static const struct QemuSeccompSyscall seccomp_whitelist[] = { #ifdef HAVE_CACHEFLUSH { SCMP_SYS(cacheflush), 240 }, #endif + { SCMP_SYS(sysinfo), 240 }, }; int seccomp_start(void)