Message ID | f526ac72-1864-3f35-666d-bce4d93d15e5@gameservers.com |
---|---|
State | New |
Headers | show |
Brian Rak <brak@gameservers.com> writes: > getrusage is used in a number of places throughout the qemu codebase > (notably, in crypto/pbkdf.c). > Without this syscall being whitelisted, qemu ends up getting killed by > the kernel whenever you > try to connect to a VNC console. The body of the commit message now looks good to me, but the headline is still off. It should be something like "seccomp: Add getrusage() to whitelist". Perhaps Eduardo is willing to touch it up on commit. If not, you need to resend your patch as a top-level message (not in reply to anything) with the subject fixed. Please consider using git-send-email. Thanks! http://wiki.qemu.org/Contribute/SubmitAPatch#Submitting_your_Patches
On Mon, Sep 19, 2016 at 11=45=47AM +0200, Markus Armbruster wrote: > Brian Rak <brak@gameservers.com> writes: > > > getrusage is used in a number of places throughout the qemu codebase > > (notably, in crypto/pbkdf.c). > > Without this syscall being whitelisted, qemu ends up getting killed by > > the kernel whenever you > > try to connect to a VNC console. > > The body of the commit message now looks good to me, but the headline is > still off. It should be something like "seccomp: Add getrusage() to > whitelist". > > Perhaps Eduardo is willing to touch it up on commit. If not, you need > to resend your patch as a top-level message (not in reply to anything) > with the subject fixed. Please consider using git-send-email. Thanks! > > http://wiki.qemu.org/Contribute/SubmitAPatch#Submitting_your_Patches Yep, that's not a problem now. I'll fix that. But yeah, please stick to the guidelines next time :) Regards,
diff --git a/qemu-seccomp.c b/qemu-seccomp.c index cb569dc..df75d9c 100644 --- a/qemu-seccomp.c +++ b/qemu-seccomp.c @@ -65,6 +65,7 @@ static const struct QemuSeccompSyscall seccomp_whitelist[] = { { SCMP_SYS(prctl), 245 }, { SCMP_SYS(signalfd), 245 }, { SCMP_SYS(getrlimit), 245 }, + { SCMP_SYS(getrusage), 245 }, { SCMP_SYS(set_tid_address), 245 }, { SCMP_SYS(statfs), 245 },