summaryrefslogtreecommitdiffstats
path: root/qemu-seccomp.c
Commit message (Collapse)AuthorAgeFilesLines
* seccomp: fine tuning whitelist by adding times()Eduardo Otubo2013-09-241-0/+1
| | | | | | | | | This was causing Qemu process to hang when using -sandbox on as discribed on RHBZ: https://bugzilla.redhat.com/show_bug.cgi?id=1004175 Signed-off-by: Eduardo Otubo <otubo@linux.vnet.ibm.com> Tested-by: Paul Moore <pmoore@redhat.com> Acked-by: Paul Moore <pmoore@redhat.com>
* seccomp: add arch_prctl() to the syscall whitelistPaul Moore2013-07-291-1/+2
| | | | | | | | | | | | | | It appears that even a very simple /etc/qemu-ifup configuration can require the arch_prctl() syscall, see the example below: #!/bin/sh /sbin/ifconfig $1 0.0.0.0 up /usr/sbin/brctl addif <switch> $1 Signed-off-by: Paul Moore <pmoore@redhat.com> Reviewed-by: Eduardo Otubo <otubo@linux.vnet.ibm.com> Message-id: 20130718135703.8247.19213.stgit@localhost Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
* seccomp: add additional asynchronous I/O syscallsPaul Moore2013-07-291-0/+2
| | | | | | | | | | | | A previous commit, "seccomp: add the asynchronous I/O syscalls to the whitelist", added several asynchronous I/O syscalls but left out the io_submit() and io_cancel() syscalls. This patch corrects this by adding the two missing asynchronous I/O syscalls. Signed-off-by: Paul Moore <pmoore@redhat.com> Reviewed-by: Eduardo Otubo <otubo@linux.vnet.ibm.com> Message-id: 20130715193201.943.4913.stgit@localhost Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
* seccomp: removing unused syscalls gtom whitelistEduardo Otubo2013-07-261-4/+0
| | | | | | | | | | | | | v3 update: - reincluding getrlimit(), it is used by Xen. v2 update: - reincluding setrlimit(), it is used by Xen. Signed-off-by: Eduardo Otubo <otubo@linux.vnet.ibm.com> Reviewed-by: Paolo Bonzini <pbonzini@redhat.com> Message-id: 1374518017-10424-3-git-send-email-otubo@linux.vnet.ibm.com Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
* seccomp: no need to check arch in syscall whitelistEduardo Otubo2013-07-261-13/+0
| | | | | | | | | | | | | v2 update: - set libseccomp 2.1.0 as requirement on configure script. Since libseccomp 2.0 there's no need to check the architecture type anymore. Signed-off-by: Eduardo Otubo <otubo@linux.vnet.ibm.com> Reviewed-by: Paolo Bonzini <pbonzini@redhat.com> Message-id: 1374518017-10424-2-git-send-email-otubo@linux.vnet.ibm.com Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
* seccomp: add the asynchronous I/O syscalls to the whitelistPaul Moore2013-05-301-1/+4
| | | | | | | | | | | In order to enable the asynchronous I/O functionality when using the seccomp sandbox we need to add the associated syscalls to the whitelist. Signed-off-by: Paul Moore <pmoore@redhat.com> Reviewed-by: Corey Bryant <coreyb@linux.vnet.ibm.com> Message-id: 20130529203001.20939.83322.stgit@localhost Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
* softmmu: move include files to include/sysemu/Paolo Bonzini2012-12-191-1/+1
| | | | Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
* seccomp: adding new syscalls (bugzilla 855162)Eduardo Otubo2012-11-301-17/+139
| | | | | | | | | | | | | According to the bug 855162[0] - there's the need of adding new syscalls to the whitelist when using Qemu with Libvirt. [0] - https://bugzilla.redhat.com/show_bug.cgi?id=855162 Reported-by: Paul Moore <pmoore@redhat.com> Tested-by: Paul Moore <pmoore@redhat.com> Signed-off-by: Eduardo Otubo <otubo@linux.vnet.ibm.com> Signed-off-by: Corey Bryant <coreyb@linux.vnet.ibm.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
* Adding qemu-seccomp.[ch] (v8)Eduardo Otubo2012-08-161-0/+141
Signed-off-by: Eduardo Otubo <otubo@linux.vnet.ibm.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com> --- v1: - I added a syscall struct using priority levels as described in the libseccomp man page. The priority numbers are based to the frequency they appear in a sample strace from a regular qemu guest run under libvirt. Libseccomp generates linear BPF code to filter system calls, those rules are read one after another. The priority system places the most common rules first in order to reduce the overhead when processing them. v1 -> v2: - Fixed some style issues - Removed code from vl.c and created qemu-seccomp.[ch] - Now using ARRAY_SIZE macro - Added more syscalls without priority/frequency set yet v2 -> v3: - Adding copyright and license information - Replacing seccomp_whitelist_count just by ARRAY_SIZE - Adding header protection to qemu-seccomp.h - Moving QemuSeccompSyscall definition to qemu-seccomp.c - Negative return from seccomp_start is fatal now. - Adding open() and execve() to the whitelis v3 -> v4: - Tests revealed a bigger set of syscalls. - seccomp_start() now has an argument to set the mode according to the configure option trap or kill. v4 -> v5: - Tests on x86_64 required a new specific set of system calls. - libseccomp release 1.0.0: part of the API have changed in this last release, had to adapt to the new function signatures.
OpenPOWER on IntegriCloud