From a18b08c68266dea3d8be59f87f914d331c763999 Mon Sep 17 00:00:00 2001
From: Anatol Belski <anbelski@linux.microsoft.com>
Date: Tue, 11 Oct 2022 02:09:21 +0200
Subject: [PATCH] seccomp: mshv: Allow create partition ioctl

Signed-off-by: Anatol Belski <anbelski@linux.microsoft.com>
---
 vmm/src/seccomp_filters.rs | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/vmm/src/seccomp_filters.rs b/vmm/src/seccomp_filters.rs
index ac8629f2a..1f8e65d94 100644
--- a/vmm/src/seccomp_filters.rs
+++ b/vmm/src/seccomp_filters.rs
@@ -164,6 +164,7 @@ mod mshv {
     pub const MSHV_SET_PARTITION_PROPERTY: u64 = 0x4010_b80c;
     pub const MSHV_GET_GPA_ACCESS_STATES: u64 = 0xc01c_b812;
     pub const MSHV_VP_TRANSLATE_GVA: u64 = 0xc020_b80e;
+    pub const MSHV_CREATE_PARTITION: u64 = 0x4030_b801;
 }
 #[cfg(feature = "mshv")]
 use mshv::*;
@@ -192,6 +193,7 @@ fn create_vmm_ioctl_seccomp_rule_common_mshv() -> Result<Vec<SeccompRule>, Backe
         )?],
         and![Cond::new(1, ArgLen::Dword, Eq, MSHV_GET_GPA_ACCESS_STATES)?],
         and![Cond::new(1, ArgLen::Dword, Eq, MSHV_VP_TRANSLATE_GVA)?],
+        and![Cond::new(1, ArgLen::Dword, Eq, MSHV_CREATE_PARTITION)?],
     ])
 }