From e62aafdf58984f2354bf31a7d93f8da2bbc100b0 Mon Sep 17 00:00:00 2001
From: Sebastien Boeuf <sebastien.boeuf@intel.com>
Date: Wed, 2 Jun 2021 16:51:24 +0200
Subject: [PATCH] virtio-devices: Update seccomp filters for vhost-user-net
 control queue

The control queue was missing rt_sigprocmask syscall, which was causing
a crash when the VM was shutdown.

Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
---
 virtio-devices/src/seccomp_filters.rs | 1 +
 1 file changed, 1 insertion(+)

diff --git a/virtio-devices/src/seccomp_filters.rs b/virtio-devices/src/seccomp_filters.rs
index 5f1b1152b..a3cf18fbb 100644
--- a/virtio-devices/src/seccomp_filters.rs
+++ b/virtio-devices/src/seccomp_filters.rs
@@ -348,6 +348,7 @@ fn virtio_vhost_net_ctl_thread_rules() -> Vec<SyscallRuleSet> {
         allow_syscall(libc::SYS_munmap),
         allow_syscall(libc::SYS_madvise),
         allow_syscall(libc::SYS_read),
+        allow_syscall(libc::SYS_rt_sigprocmask),
         allow_syscall(libc::SYS_sigaltstack),
         allow_syscall(libc::SYS_write),
     ]