virtio-devices: seccomp: Add 'timerfd_settime' to block device

The `timerfd_settime` syscall is required when I/O throttling is enabled. Signed-off-by: Bo Chen <chen.bo@intel.com>
2025-02-01 17:35:19 +00:00 · 2021-03-15 11:58:26 -07:00 · 2021-03-15 11:58:26 -07:00 · 6307db5699
commit 6307db5699
parent 548426c128
1 changed files with 1 additions and 0 deletions
--- a/virtio-devices/src/seccomp_filters.rs
+++ b/virtio-devices/src/seccomp_filters.rs
@ -132,6 +132,7 @@ fn virtio_block_thread_rules() -> Vec<SyscallRuleSet> {
        allow_syscall(libc::SYS_sched_getaffinity),
        allow_syscall(libc::SYS_set_robust_list),
        allow_syscall(libc::SYS_sigaltstack),
+        allow_syscall(libc::SYS_timerfd_settime),
        allow_syscall(libc::SYS_write),
    ]
 }