External/cloud-hypervisor
1
0
Fork 0
mirror of https://github.com/cloud-hypervisor/cloud-hypervisor.git synced 2024-07-07 10:15:45 +00:00
Code Issues Packages Projects Releases Wiki Activity

virtio-devices: vhost-user: net: Fix seccomp filters

Browse Source 
On x86_64 architecture, multiple syscalls were missing when shutting
down the vhost-user-net device along with the VM. This was causing the
usual crash related to seccomp filters.

This commit adds these missing syscalls to fix the issue.

Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
This commit is contained in:
Sebastien Boeuf 2021-03-08 17:01:27 +01:00
parent 581bf4aad5
commit e3a8d6c13c
1 changed files with 0 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
virtio-devices/src/seccomp_filters.rs
View File

@ -361,9 +361,7 @@ fn virtio_vhost_net_thread_rules() -> Vec<SyscallRuleSet> {
allow_syscall(libc::SYS_write),
allow_syscall(libc::SYS_sigaltstack),
allow_syscall(libc::SYS_munmap),
#[cfg(target_arch = "aarch64")]
allow_syscall(libc::SYS_madvise),
#[cfg(target_arch = "aarch64")]
allow_syscall(libc::SYS_exit),
]
}
@ -380,13 +378,9 @@ fn virtio_vhost_net_ctl_thread_rules() -> Vec<SyscallRuleSet> {
allow_syscall(libc::SYS_epoll_wait),
allow_syscall(libc::SYS_futex),
allow_syscall(libc::SYS_read),
#[cfg(target_arch = "aarch64")]
allow_syscall(libc::SYS_sigaltstack),
#[cfg(target_arch = "aarch64")]
allow_syscall(libc::SYS_munmap),
#[cfg(target_arch = "aarch64")]
allow_syscall(libc::SYS_madvise),
#[cfg(target_arch = "aarch64")]
allow_syscall(libc::SYS_exit),
]
}