From patchwork Wed Sep 21 09:38:19 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eduardo Otubo X-Patchwork-Id: 9343123 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id 77F79601C2 for ; Wed, 21 Sep 2016 09:40:19 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 682062A488 for ; Wed, 21 Sep 2016 09:40:19 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 5CD3A2A4CC; Wed, 21 Sep 2016 09:40:19 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.3 required=2.0 tests=BAYES_00,DKIM_SIGNED, RCVD_IN_DNSWL_HI, RCVD_IN_SORBS_SPAM, T_DKIM_INVALID autolearn=ham version=3.3.1 Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id 5E4542A488 for ; Wed, 21 Sep 2016 09:40:17 +0000 (UTC) Received: from localhost ([::1]:41103 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1bme0m-0001sj-E8 for patchwork-qemu-devel@patchwork.kernel.org; Wed, 21 Sep 2016 05:40:16 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:42750) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1bme0K-0001rR-Mj for qemu-devel@nongnu.org; Wed, 21 Sep 2016 05:39:49 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1bme0G-0000uL-MS for qemu-devel@nongnu.org; Wed, 21 Sep 2016 05:39:48 -0400 Received: from mail-wm0-f47.google.com ([74.125.82.47]:38004) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1bme0G-0000ti-Fs for qemu-devel@nongnu.org; Wed, 21 Sep 2016 05:39:44 -0400 Received: by mail-wm0-f47.google.com with SMTP id l132so80895861wmf.1 for ; Wed, 21 Sep 2016 02:39:44 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=profitbricks-com.20150623.gappssmtp.com; s=20150623; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=SXhkABISs5/2aLATgZCeUILqTE+VM0cIRA0Tcn1xC+k=; b=HLgNJoC5mTVVY15rB7NH+MaISi4SHnkuazu2eDzUxFR/SjzHQMVyz0XhcoHkeo7i4u tIPLeFFqv9MR0gt3w9UC/cSir0rjJc5cvzNZZfCasH38wku2I0iVmjQ0c29VeJBaoWPA HHZujBZXlYgUH6IN+AyZcvXaZU5VLIETt21uIdUViD2xTP9DmPFsLBxCjFlIZfUZS566 2usEqVdNY8+pF+I2NE88Jayi3AKlCECSATxoM74aCTURGslKcVFLo3L0GiiHfDz60f0y qD9HBkMNIVThdhrlV0ABBHWpniNYB+8JJcXUXjtTfvIWaHMG+kojzl1wii1IX5u3Oov5 2J8Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=SXhkABISs5/2aLATgZCeUILqTE+VM0cIRA0Tcn1xC+k=; b=FkmKkg/cloua0Ut7R83rMYrs3P5PoBhNuEkUq/E8QNw1wPLGOyvmHrbBjXj6p32tuW 3FUKXjIFtx0cTOZL7GAfEyK6aNE2ZNZGwEUac3e3OIWYUHqsmS5HHH0CfGiPZWkBiF+8 m5wxcileGshhL1Jb7P7q7O05kWWV6yOJ5Pz8uDvjo9FAUNzFkyw9KdJTaD6mgOOQ6H3G 1G4afmaDMGgNedUX3bwBAYgaI1Q8wFwotrgCVLKQfTHlYHckgrcsWf63iIFaMrnzu14g XXANL+xu9njVnlIXcZWtqujrzAbW6BbUSEDc8cv6RBHG+uSzMvZugK71d1Us2jhnM729 uIhA== X-Gm-Message-State: AE9vXwO+j1fAfasly8yCTreC9rNZTtkaYVXIkYEvxxamGJHOY+6NjL2gV0r7KjsM/Phy8I/I X-Received: by 10.194.173.168 with SMTP id bl8mr31954625wjc.136.1474450723744; Wed, 21 Sep 2016 02:38:43 -0700 (PDT) Received: from vader.pb.local ([62.217.45.26]) by smtp.gmail.com with ESMTPSA id w203sm31478006wmw.7.2016.09.21.02.38.42 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Wed, 21 Sep 2016 02:38:42 -0700 (PDT) From: Eduardo Otubo To: qemu-devel@nongnu.org Date: Wed, 21 Sep 2016 11:38:19 +0200 Message-Id: <1474450699-17017-2-git-send-email-eduardo.otubo@profitbricks.com> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1474450699-17017-1-git-send-email-eduardo.otubo@profitbricks.com> References: <1474450699-17017-1-git-send-email-eduardo.otubo@profitbricks.com> X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 74.125.82.47 Subject: [Qemu-devel] [PULL 01/01] seccomp: adding getrusage to the whitelist X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: peter.maydell@linaro.org, Brian Rak , Eduardo Otubo Errors-To: qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@nongnu.org Sender: "Qemu-devel" X-Virus-Scanned: ClamAV using ClamSMTP getrusage is used in a number of places throughout the qemu codebase (notably, in crypto/pbkdf.c). Without this syscall being whitelisted, qemu ends up getting killed by the kernel whenever you try to connect to a VNC console. Signed-off-by: Brian Rak Acked-by: Eduardo Otubo --- qemu-seccomp.c | 1 + 1 file changed, 1 insertion(+) diff --git a/qemu-seccomp.c b/qemu-seccomp.c index cb569dc..df75d9c 100644 --- a/qemu-seccomp.c +++ b/qemu-seccomp.c @@ -65,6 +65,7 @@ static const struct QemuSeccompSyscall seccomp_whitelist[] = { { SCMP_SYS(prctl), 245 }, { SCMP_SYS(signalfd), 245 }, { SCMP_SYS(getrlimit), 245 }, + { SCMP_SYS(getrusage), 245 }, { SCMP_SYS(set_tid_address), 245 }, { SCMP_SYS(statfs), 245 }, { SCMP_SYS(unlink), 245 },