From 419870ae45389e275dd44a2b1ffbf24297f7a5a6 Mon Sep 17 00:00:00 2001 From: Rob Bradford Date: Tue, 16 Nov 2021 14:17:30 +0000 Subject: [PATCH] vmm: Add epoll_ctl() syscall to vCPU seccomp filter Fix seccomp violation when trying to add the out FD to the epoll loop when the serial buffer needs to be flushed. 0x00007ffff7dc093e in epoll_ctl () at ../sysdeps/unix/syscall-template.S:120 0x0000555555db9b6d in epoll::ctl (epfd=56, op=epoll::ControlOptions::EPOLL_CTL_MOD, fd=55, event=...) at /home/rob/.cargo/registry/src/github.com-1ecc6299db9ec823/epoll-4.3.1/src/lib.rs:155 0x00005555556f5127 in vmm::serial_buffer::SerialBuffer::add_out_poll (self=0x7fffe800b5d0) at vmm/src/serial_buffer.rs:101 0x00005555556f583d in vmm::serial_buffer::{impl#1}::write (self=0x7fffe800b5d0, buf=...) at vmm/src/serial_buffer.rs:139 0x0000555555a30b10 in std::io::Write::write_all (self=0x7fffe800b5d0, buf=...) at /rustc/59eed8a2aac0230a8b53e89d4e99d55912ba6b35/library/std/src/io/mod.rs:1527 0x0000555555ab82fb in devices::legacy::serial::Serial::handle_write (self=0x7fffe800b520, offset=0, v=13) at devices/src/legacy/serial.rs:217 0x0000555555ab897f in devices::legacy::serial::{impl#2}::write (self=0x7fffe800b520, _base=1016, offset=0, data=...) at devices/src/legacy/serial.rs:295 0x0000555555f30e95 in vm_device::bus::Bus::write (self=0x7fffe8006ce0, addr=1016, data=...) at vm-device/src/bus.rs:235 0x00005555559406d4 in vmm::vm::{impl#4}::pio_write (self=0x7fffe8009640, port=1016, data=...) at vmm/src/vm.rs:459 Signed-off-by: Rob Bradford --- vmm/src/seccomp_filters.rs | 1 + 1 file changed, 1 insertion(+) diff --git a/vmm/src/seccomp_filters.rs b/vmm/src/seccomp_filters.rs index 8738a3c30..c700e7485 100644 --- a/vmm/src/seccomp_filters.rs +++ b/vmm/src/seccomp_filters.rs @@ -588,6 +588,7 @@ fn vcpu_thread_rules() -> Result)>, BackendError> { (libc::SYS_close, vec![]), (libc::SYS_dup, vec![]), (libc::SYS_exit, vec![]), + (libc::SYS_epoll_ctl, vec![]), (libc::SYS_fstat, vec![]), (libc::SYS_futex, vec![]), (libc::SYS_getrandom, vec![]),