Sebastien Boeuf
e8f0bdb6f2
virtio-devices: console: Add dup syscall to seccomp filters
...
The seccomp filters specific to the virtio-console thread must contain
dup syscall now that we ported the epoll code to the EpollHelper.
Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
2020-08-11 19:17:50 +02:00
Rob Bradford
55c16fecbf
virtio-devices: seccomp: Add missing dup() syscalls
...
The refactoring to use EpollHelper added a requirement on this system
call.
Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2020-08-05 11:32:31 +02:00
Bo Chen
dc71d2765a
virtio-devices: seccomp: Add seccomp filters for pmem thread
...
This patch enables the seccomp filters for the pmem worker thread.
Partially fixes : #925
Signed-off-by: Bo Chen <chen.bo@intel.com>
2020-08-05 08:13:31 +01:00
Bo Chen
d77977536d
virtio-devices: seccomp: Add seccomp filters for net thread
...
This patch enables the seccomp filters for the net worker thread.
Partially fixes : #925
Signed-off-by: Bo Chen <chen.bo@intel.com>
2020-08-05 08:13:31 +01:00
Bo Chen
276df6b71c
virtio-devices: seccomp: Add seccomp filters for console thread
...
This patch enables the seccomp filters for the console worker thread.
Partially fixes : #925
Signed-off-by: Bo Chen <chen.bo@intel.com>
2020-08-05 08:13:31 +01:00
Bo Chen
a426221167
virtio-devices: seccomp: Add seccomp filters for rng thread
...
This patch enables the seccomp filters for the rng worker thread.
Partially fixes : #925
Signed-off-by: Bo Chen <chen.bo@intel.com>
2020-08-05 08:13:31 +01:00
Bo Chen
704edd544c
virtio-devices: seccomp: Add seccomp_filter module
...
This patch added the seccomp_filter module to the virtio-devices crate
by taking reference code from the vmm crate. This patch also adds
allowed-list for the virtio-block worker thread.
Partially fixes : #925
Signed-off-by: Bo Chen <chen.bo@intel.com>
2020-08-04 11:40:49 +02:00
