mirror of
https://github.com/cloud-hypervisor/cloud-hypervisor.git
synced 2024-08-20 23:11:16 +00:00
virtio-devices: net: Add dup syscall to seccomp filters
The seccomp filters specific to the virtio-net threads must contain dup() syscall now that we ported the epoll code to the EpollHelper. Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
This commit is contained in:
parent
a502cb282e
commit
fca46fd00e
@ -84,6 +84,7 @@ fn virtio_console_thread_rules() -> Result<Vec<SyscallRuleSet>, Error> {
|
|||||||
fn virtio_net_thread_rules() -> Result<Vec<SyscallRuleSet>, Error> {
|
fn virtio_net_thread_rules() -> Result<Vec<SyscallRuleSet>, Error> {
|
||||||
Ok(vec![
|
Ok(vec![
|
||||||
allow_syscall(libc::SYS_close),
|
allow_syscall(libc::SYS_close),
|
||||||
|
allow_syscall(libc::SYS_dup),
|
||||||
allow_syscall(libc::SYS_epoll_create1),
|
allow_syscall(libc::SYS_epoll_create1),
|
||||||
allow_syscall(libc::SYS_epoll_ctl),
|
allow_syscall(libc::SYS_epoll_ctl),
|
||||||
allow_syscall(libc::SYS_epoll_pwait),
|
allow_syscall(libc::SYS_epoll_pwait),
|
||||||
|
Loading…
Reference in New Issue
Block a user