diff --git a/vmm/src/seccomp_filters.rs b/vmm/src/seccomp_filters.rs
index acb6f1a60..5239c1e28 100644
--- a/vmm/src/seccomp_filters.rs
+++ b/vmm/src/seccomp_filters.rs
@@ -420,7 +420,11 @@ fn vcpu_thread_rules() -> Result<Vec<SyscallRuleSet>, Error> {
         allow_syscall(libc::SYS_newfstatat),
         allow_syscall(libc::SYS_futex),
         allow_syscall(libc::SYS_getpid),
+        allow_syscall(libc::SYS_getrandom),
         allow_syscall_if(libc::SYS_ioctl, create_vcpu_ioctl_seccomp_rule()?),
+        allow_syscall(SYS_IO_URING_ENTER),
+        allow_syscall(SYS_IO_URING_SETUP),
+        allow_syscall(SYS_IO_URING_REGISTER),
         allow_syscall(libc::SYS_lseek),
         allow_syscall(libc::SYS_madvise),
         allow_syscall(libc::SYS_mmap),