From a750e6ec1567f91a08f51b90bf6a96387e7b1b88 Mon Sep 17 00:00:00 2001
From: Muminul Islam <muislam@microsoft.com>
Date: Mon, 22 Apr 2024 13:22:50 -0700
Subject: [PATCH] vmm: Add filter entry for MSHV_GET_PARTITION_PROPERTY

Add seccomp rule for getting partition property on MSHV.

Signed-off-by: Muminul Islam <muislam@microsoft.com>
---
 vmm/src/seccomp_filters.rs | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/vmm/src/seccomp_filters.rs b/vmm/src/seccomp_filters.rs
index b8a213efd..7215d4d04 100644
--- a/vmm/src/seccomp_filters.rs
+++ b/vmm/src/seccomp_filters.rs
@@ -168,6 +168,7 @@ mod mshv {
     pub const MSHV_GET_VP_STATE: u64 = 0xc010_b80a;
     pub const MSHV_SET_VP_STATE: u64 = 0xc010_b80b;
     pub const MSHV_SET_PARTITION_PROPERTY: u64 = 0x4010_b80c;
+    pub const MSHV_GET_PARTITION_PROPERTY: u64 = 0xc010_b80d;
     pub const MSHV_GET_GPA_ACCESS_STATES: u64 = 0xc01c_b812;
     pub const MSHV_VP_TRANSLATE_GVA: u64 = 0xc020_b80e;
     pub const MSHV_CREATE_PARTITION: u64 = 0x4030_b801;
@@ -211,6 +212,12 @@ fn create_vmm_ioctl_seccomp_rule_common_mshv() -> Result<Vec<SeccompRule>, Backe
             Eq,
             MSHV_SET_PARTITION_PROPERTY
         )?],
+        and![Cond::new(
+            1,
+            ArgLen::Dword,
+            Eq,
+            MSHV_GET_PARTITION_PROPERTY
+        )?],
         and![Cond::new(1, ArgLen::Dword, Eq, MSHV_GET_GPA_ACCESS_STATES)?],
         and![Cond::new(1, ArgLen::Dword, Eq, MSHV_VP_TRANSLATE_GVA)?],
         and![Cond::new(1, ArgLen::Dword, Eq, MSHV_CREATE_PARTITION)?],