From b1554642e402831d7fdd558d493f2ba202e245ea Mon Sep 17 00:00:00 2001
From: Sebastien Boeuf <sebastien.boeuf@intel.com>
Date: Fri, 10 Apr 2020 09:05:48 +0200
Subject: [PATCH] vmm: seccomp: Add missing mremap() syscall

While testing self spawned vhost-user backends, it appeared that the
backend was aborting due to a missing system call in the seccomp
filters. mremap() was the culprit and this patch simply adds it to the
whitelist.

Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
---
 vmm/src/seccomp_filters.rs | 1 +
 1 file changed, 1 insertion(+)

diff --git a/vmm/src/seccomp_filters.rs b/vmm/src/seccomp_filters.rs
index a4118398d..6c40796b1 100644
--- a/vmm/src/seccomp_filters.rs
+++ b/vmm/src/seccomp_filters.rs
@@ -224,6 +224,7 @@ pub fn vmm_thread_filter() -> Result<SeccompFilter, Error> {
             allow_syscall(libc::SYS_madvise),
             allow_syscall(libc::SYS_mmap),
             allow_syscall(libc::SYS_mprotect),
+            allow_syscall(libc::SYS_mremap),
             allow_syscall(libc::SYS_munmap),
             allow_syscall(libc::SYS_nanosleep),
             allow_syscall(libc::SYS_open),