From e3a8d6c13c23d393e64973a0b68e6b4025603fb6 Mon Sep 17 00:00:00 2001
From: Sebastien Boeuf <sebastien.boeuf@intel.com>
Date: Mon, 8 Mar 2021 17:01:27 +0100
Subject: [PATCH] virtio-devices: vhost-user: net: Fix seccomp filters

On x86_64 architecture, multiple syscalls were missing when shutting
down the vhost-user-net device along with the VM. This was causing the
usual crash related to seccomp filters.

This commit adds these missing syscalls to fix the issue.

Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
---
 virtio-devices/src/seccomp_filters.rs | 6 ------
 1 file changed, 6 deletions(-)

diff --git a/virtio-devices/src/seccomp_filters.rs b/virtio-devices/src/seccomp_filters.rs
index 93c1ded54..5fb8b2335 100644
--- a/virtio-devices/src/seccomp_filters.rs
+++ b/virtio-devices/src/seccomp_filters.rs
@@ -361,9 +361,7 @@ fn virtio_vhost_net_thread_rules() -> Vec<SyscallRuleSet> {
         allow_syscall(libc::SYS_write),
         allow_syscall(libc::SYS_sigaltstack),
         allow_syscall(libc::SYS_munmap),
-        #[cfg(target_arch = "aarch64")]
         allow_syscall(libc::SYS_madvise),
-        #[cfg(target_arch = "aarch64")]
         allow_syscall(libc::SYS_exit),
     ]
 }
@@ -380,13 +378,9 @@ fn virtio_vhost_net_ctl_thread_rules() -> Vec<SyscallRuleSet> {
         allow_syscall(libc::SYS_epoll_wait),
         allow_syscall(libc::SYS_futex),
         allow_syscall(libc::SYS_read),
-        #[cfg(target_arch = "aarch64")]
         allow_syscall(libc::SYS_sigaltstack),
-        #[cfg(target_arch = "aarch64")]
         allow_syscall(libc::SYS_munmap),
-        #[cfg(target_arch = "aarch64")]
         allow_syscall(libc::SYS_madvise),
-        #[cfg(target_arch = "aarch64")]
         allow_syscall(libc::SYS_exit),
     ]
 }