From 60aed1bd818c9e4ffa7ce60600215170aaf585e8 Mon Sep 17 00:00:00 2001
From: Jinank Jain <jinankjain@microsoft.com>
Date: Fri, 6 Sep 2024 21:24:25 +0530
Subject: [PATCH] vmm: Fix seccomp violation while injecting NMI

... in case of guest running on Microsoft Hypervisor.

Signed-off-by: Jinank Jain <jinankjain@microsoft.com>
---
 vmm/src/seccomp_filters.rs | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/vmm/src/seccomp_filters.rs b/vmm/src/seccomp_filters.rs
index 3a6c75a98..32bce4cc0 100644
--- a/vmm/src/seccomp_filters.rs
+++ b/vmm/src/seccomp_filters.rs
@@ -226,6 +226,7 @@ fn create_vmm_ioctl_seccomp_rule_common_mshv() -> Result<Vec<SeccompRule>, Backe
             MSHV_ISSUE_PSP_GUEST_REQUEST()
         )?],
         and![Cond::new(1, ArgLen::Dword, Eq, MSHV_ROOT_HVCALL())?],
+        and![Cond::new(1, ArgLen::Dword, Eq, MSHV_ASSERT_INTERRUPT())?],
     ])
 }
 
@@ -719,6 +720,7 @@ fn create_vcpu_ioctl_seccomp_rule_mshv() -> Result<Vec<SeccompRule>, BackendErro
             MSHV_ISSUE_PSP_GUEST_REQUEST()
         )?],
         and![Cond::new(1, ArgLen::Dword, Eq, MSHV_ROOT_HVCALL())?],
+        and![Cond::new(1, ArgLen::Dword, Eq, MSHV_ASSERT_INTERRUPT())?],
     ])
 }