From f0de3e5b556f797ac2f6e536ae1e8d3425a70a52 Mon Sep 17 00:00:00 2001 From: Alyssa Ross Date: Tue, 13 Jun 2023 08:39:56 +0000 Subject: [PATCH] vmm, virtio-devices: allow mremap for consoles SerialBuffer uses VecDeque::extend, which calls realloc, which a maximum buffer size of 1 MiB. Starting at allocation sizes of 128 KiB, musl's mallocng allocator will use mremap for the allocation. Since this was not permitted by the seccomp rules, heavy write load could crash cloud-hypervisor with a seccomp failure. (Encountered using virtio-console, but I don't see any reason it wouldn't happen for the legacy serial device too.) Signed-off-by: Alyssa Ross --- virtio-devices/src/seccomp_filters.rs | 1 + vmm/src/seccomp_filters.rs | 1 + 2 files changed, 2 insertions(+) diff --git a/virtio-devices/src/seccomp_filters.rs b/virtio-devices/src/seccomp_filters.rs index 10dc34d35..43d723b8b 100644 --- a/virtio-devices/src/seccomp_filters.rs +++ b/virtio-devices/src/seccomp_filters.rs @@ -259,6 +259,7 @@ fn virtio_thread_common() -> Vec<(i64, Vec)> { (libc::SYS_madvise, vec![]), (libc::SYS_mmap, vec![]), (libc::SYS_mprotect, vec![]), + (libc::SYS_mremap, vec![]), (libc::SYS_munmap, vec![]), (libc::SYS_openat, vec![]), (libc::SYS_read, vec![]), diff --git a/vmm/src/seccomp_filters.rs b/vmm/src/seccomp_filters.rs index 9c11b8754..8bf3d3720 100644 --- a/vmm/src/seccomp_filters.rs +++ b/vmm/src/seccomp_filters.rs @@ -715,6 +715,7 @@ fn vcpu_thread_rules( (libc::SYS_madvise, vec![]), (libc::SYS_mmap, vec![]), (libc::SYS_mprotect, vec![]), + (libc::SYS_mremap, vec![]), (libc::SYS_munmap, vec![]), (libc::SYS_nanosleep, vec![]), (libc::SYS_newfstatat, vec![]),