subject:"\[Qemu\-devel\] \[RFC\] \[PATCH 2\/2\] Adding basic calls to libseccomp in vl.c"

Re: [Qemu-devel] [RFC] [PATCH 2/2] Adding basic calls to libseccomp in vl.c

2012-05-07 Thread Paolo Bonzini

> > At least the following are also used: recvmsg, sendmsg, accept, connect, > > bind, listen, ioctl, fallocate, eventfd. I don't know if all of them > > have to be included in the list. Other syscalls are not used but > > probably should be allowed for simplicity, for example poll. > > You stra

Re: [Qemu-devel] [RFC] [PATCH 2/2] Adding basic calls to libseccomp in vl.c

2012-05-07 Thread Eduardo Otubo

On Mon, May 07, 2012 at 01:01:01PM +0200, Paolo Bonzini wrote: > Il 04/05/2012 23:59, Andreas Färber ha scritto: > >> > +static struct qemu_seccomp_syscall seccomp_whitelist[] = { > >> > +{SCMP_SYS(timer_settime), 255}, > > Spaces inside braces please. > > > >> > +{SCMP_SYS(timer_gettime),

Re: [Qemu-devel] [RFC] [PATCH 2/2] Adding basic calls to libseccomp in vl.c

2012-05-07 Thread Eduardo Otubo

On Fri, May 04, 2012 at 11:59:00PM +0200, Andreas Färber wrote: > Am 04.05.2012 21:08, schrieb Eduardo Otubo: > > I added a syscall struct using priority levels as described in the > > libseccomp > > man page. The priority numbers are based to the frequency they appear in a > > sample strace from

Re: [Qemu-devel] [RFC] [PATCH 2/2] Adding basic calls to libseccomp in vl.c

2012-05-07 Thread Paolo Bonzini

Il 04/05/2012 23:59, Andreas Färber ha scritto: >> > +static struct qemu_seccomp_syscall seccomp_whitelist[] = { >> > +{SCMP_SYS(timer_settime), 255}, > Spaces inside braces please. > >> > +{SCMP_SYS(timer_gettime), 254}, >> > +{SCMP_SYS(futex), 253}, >> > +{SCMP_SYS(select), 252},

Re: [Qemu-devel] [RFC] [PATCH 2/2] Adding basic calls to libseccomp in vl.c

2012-05-04 Thread Andreas Färber

Am 04.05.2012 21:08, schrieb Eduardo Otubo: > I added a syscall struct using priority levels as described in the libseccomp > man page. The priority numbers are based to the frequency they appear in a > sample strace from a regular qemu guest run under libvirt. > > Libseccomp generates linear BPF

[Qemu-devel] [RFC] [PATCH 2/2] Adding basic calls to libseccomp in vl.c

2012-05-04 Thread Eduardo Otubo

I added a syscall struct using priority levels as described in the libseccomp man page. The priority numbers are based to the frequency they appear in a sample strace from a regular qemu guest run under libvirt. Libseccomp generates linear BPF code to filter system calls, those rules are read one

Re: [Qemu-devel] [RFC] [PATCH 2/2] Adding basic calls to libseccomp in vl.c

Re: [Qemu-devel] [RFC] [PATCH 2/2] Adding basic calls to libseccomp in vl.c

Re: [Qemu-devel] [RFC] [PATCH 2/2] Adding basic calls to libseccomp in vl.c

Re: [Qemu-devel] [RFC] [PATCH 2/2] Adding basic calls to libseccomp in vl.c

Re: [Qemu-devel] [RFC] [PATCH 2/2] Adding basic calls to libseccomp in vl.c

[Qemu-devel] [RFC] [PATCH 2/2] Adding basic calls to libseccomp in vl.c

6 matches

Site Navigation

Mail list logo

Footer information