diff --git a/virtio-devices/src/seccomp_filters.rs b/virtio-devices/src/seccomp_filters.rs index 10dc34d35..43d723b8b 100644 --- a/virtio-devices/src/seccomp_filters.rs +++ b/virtio-devices/src/seccomp_filters.rs @@ -259,6 +259,7 @@ fn virtio_thread_common() -> Vec<(i64, Vec)> { (libc::SYS_madvise, vec![]), (libc::SYS_mmap, vec![]), (libc::SYS_mprotect, vec![]), + (libc::SYS_mremap, vec![]), (libc::SYS_munmap, vec![]), (libc::SYS_openat, vec![]), (libc::SYS_read, vec![]), diff --git a/vmm/src/seccomp_filters.rs b/vmm/src/seccomp_filters.rs index a7a2796fb..e108996d1 100644 --- a/vmm/src/seccomp_filters.rs +++ b/vmm/src/seccomp_filters.rs @@ -708,6 +708,7 @@ fn vcpu_thread_rules( (libc::SYS_madvise, vec![]), (libc::SYS_mmap, vec![]), (libc::SYS_mprotect, vec![]), + (libc::SYS_mremap, vec![]), (libc::SYS_munmap, vec![]), (libc::SYS_nanosleep, vec![]), (libc::SYS_newfstatat, vec![]),