seccomp: Add filter entry for MSHV_VP_REGISTER_INTERCEPT_RESULT

Signed-off-by: Anatol Belski <anbelski@linux.microsoft.com>
This commit is contained in:
Anatol Belski 2023-03-27 17:44:01 +02:00 committed by Bo Chen
parent 034b48faf7
commit 5a3af30e6a

View File

@ -168,6 +168,7 @@ mod mshv {
pub const MSHV_GET_GPA_ACCESS_STATES: u64 = 0xc01c_b812; pub const MSHV_GET_GPA_ACCESS_STATES: u64 = 0xc01c_b812;
pub const MSHV_VP_TRANSLATE_GVA: u64 = 0xc020_b80e; pub const MSHV_VP_TRANSLATE_GVA: u64 = 0xc020_b80e;
pub const MSHV_CREATE_PARTITION: u64 = 0x4030_b801; pub const MSHV_CREATE_PARTITION: u64 = 0x4030_b801;
pub const MSHV_VP_REGISTER_INTERCEPT_RESULT: u64 = 0x4030_b817;
} }
#[cfg(feature = "mshv")] #[cfg(feature = "mshv")]
use mshv::*; use mshv::*;
@ -197,6 +198,12 @@ fn create_vmm_ioctl_seccomp_rule_common_mshv() -> Result<Vec<SeccompRule>, Backe
and![Cond::new(1, ArgLen::Dword, Eq, MSHV_GET_GPA_ACCESS_STATES)?], and![Cond::new(1, ArgLen::Dword, Eq, MSHV_GET_GPA_ACCESS_STATES)?],
and![Cond::new(1, ArgLen::Dword, Eq, MSHV_VP_TRANSLATE_GVA)?], and![Cond::new(1, ArgLen::Dword, Eq, MSHV_VP_TRANSLATE_GVA)?],
and![Cond::new(1, ArgLen::Dword, Eq, MSHV_CREATE_PARTITION)?], and![Cond::new(1, ArgLen::Dword, Eq, MSHV_CREATE_PARTITION)?],
and![Cond::new(
1,
ArgLen::Dword,
Eq,
MSHV_VP_REGISTER_INTERCEPT_RESULT
)?],
]) ])
} }