External/cloud-hypervisor
1
0
Fork 0
mirror of https://github.com/cloud-hypervisor/cloud-hypervisor.git synced 2024-10-02 11:35:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

vmm: seccomp: Allow clock_gettime() on the vCPU thread

Browse Source 
If the vCPU thread calls log!() the time difference between the call
time and the boot up time is reported. On most environments and
architectures this covered by a vDSO call rather than a syscall. However
on some platforms this turns into a syscall.

Fixes: #2080

Signed-off-by: Rob Bradford <robert.bradford@intel.com>
This commit is contained in:
Rob Bradford 2021-01-04 13:04:32 +00:00 committed by Bo Chen
parent 73612401a5
commit 14af74cb5b
1 changed files with 1 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
vmm/src/seccomp_filters.rs
View File

@ -409,6 +409,7 @@ fn vcpu_thread_rules() -> Result<Vec<SyscallRuleSet>, Error> {
Ok(vec![ Ok(vec![
allow_syscall(libc::SYS_accept4), allow_syscall(libc::SYS_accept4),
allow_syscall(libc::SYS_brk), allow_syscall(libc::SYS_brk),
allow_syscall(libc::SYS_clock_gettime),
allow_syscall(libc::SYS_clock_nanosleep), allow_syscall(libc::SYS_clock_nanosleep),
allow_syscall(libc::SYS_clone), allow_syscall(libc::SYS_clone),
allow_syscall(libc::SYS_close), allow_syscall(libc::SYS_close),