diff --git a/vmm/src/seccomp_filters.rs b/vmm/src/seccomp_filters.rs
index 1dfae78ec..dcb3f3faf 100644
--- a/vmm/src/seccomp_filters.rs
+++ b/vmm/src/seccomp_filters.rs
@@ -211,12 +211,14 @@ pub fn vmm_thread_filter() -> Result<SeccompFilter, Error> {
             allow_syscall(libc::SYS_fallocate),
             allow_syscall(libc::SYS_fcntl),
             allow_syscall(libc::SYS_fdatasync),
+            allow_syscall(libc::SYS_fork),
             allow_syscall(libc::SYS_fstat),
             allow_syscall(libc::SYS_fsync),
             allow_syscall(libc::SYS_ftruncate),
             allow_syscall(libc::SYS_futex),
             allow_syscall(libc::SYS_getpid),
             allow_syscall(libc::SYS_getrandom),
+            allow_syscall(libc::SYS_gettid),
             allow_syscall(libc::SYS_gettimeofday),
             allow_syscall(libc::SYS_getuid),
             allow_syscall_if(libc::SYS_ioctl, create_vmm_ioctl_seccomp_rule()?),
@@ -231,6 +233,7 @@ pub fn vmm_thread_filter() -> Result<SeccompFilter, Error> {
             allow_syscall(libc::SYS_nanosleep),
             allow_syscall(libc::SYS_open),
             allow_syscall(libc::SYS_openat),
+            allow_syscall(libc::SYS_pipe2),
             allow_syscall(libc::SYS_prctl),
             allow_syscall(libc::SYS_pread64),
             allow_syscall(libc::SYS_prlimit64),