diff mbox

[PULL,01/01] seccomp: add mlockall to whitelist

Message ID 1422019306-18885-2-git-send-email-eduardo.otubo@profitbricks.com
State New
Headers show

Commit Message

Eduardo Otubo Jan. 23, 2015, 1:21 p.m. UTC 
From: Paolo Bonzini <pbonzini@redhat.com>

This is used by "-realtime mlock=on".

Signed-off-by: Eduardo Otubo <eduardo.otubo@profitbricks.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Amit Shah <amit.shah@redhat.com>
Reviewed-by: Eduardo Habkost <ehabkost@redhat.com>
Tested-by: Eduardo Habkost <ehabkost@redhat.com>
Acked-by: Eduardo Otubo <eduardo.otubo@profitbricks.com>
---
 qemu-seccomp.c | 1 +
 1 file changed, 1 insertion(+)

Comments

Amit Shah Jan. 23, 2015, 1:39 p.m. UTC | #1 
On (Fri) 23 Jan 2015 [14:21:46], Eduardo Otubo wrote:
> From: Paolo Bonzini <pbonzini@redhat.com>
> 
> This is used by "-realtime mlock=on".
> 
> Signed-off-by: Eduardo Otubo <eduardo.otubo@profitbricks.com>

Hm, that's not where a signed-off-by of the maintainer goes...

> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
> Reviewed-by: Amit Shah <amit.shah@redhat.com>
> Reviewed-by: Eduardo Habkost <ehabkost@redhat.com>
> Tested-by: Eduardo Habkost <ehabkost@redhat.com>
> Acked-by: Eduardo Otubo <eduardo.otubo@profitbricks.com>


		Amit
Peter Maydell Jan. 23, 2015, 5:08 p.m. UTC | #2 
On 23 January 2015 at 13:39, Amit Shah <amit.shah@redhat.com> wrote:
> On (Fri) 23 Jan 2015 [14:21:46], Eduardo Otubo wrote:
>> From: Paolo Bonzini <pbonzini@redhat.com>
>>
>> This is used by "-realtime mlock=on".
>>
>> Signed-off-by: Eduardo Otubo <eduardo.otubo@profitbricks.com>
>
> Hm, that's not where a signed-off-by of the maintainer goes...
>
>> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
>> Reviewed-by: Amit Shah <amit.shah@redhat.com>
>> Reviewed-by: Eduardo Habkost <ehabkost@redhat.com>
>> Tested-by: Eduardo Habkost <ehabkost@redhat.com>
>> Acked-by: Eduardo Otubo <eduardo.otubo@profitbricks.com>

True, but I shan't ask Eduardo to reroll just for that...

-- PMM
diff mbox

Patch

diff --git a/qemu-seccomp.c b/qemu-seccomp.c
index b0c6269..f9de0d3 100644
--- a/qemu-seccomp.c
+++ b/qemu-seccomp.c
@@ -229,6 +229,7 @@  static const struct QemuSeccompSyscall seccomp_whitelist[] = {
     { SCMP_SYS(shmdt), 240 },
     { SCMP_SYS(timerfd_create), 240 },
     { SCMP_SYS(shmctl), 240 },
+    { SCMP_SYS(mlockall), 240 },
     { SCMP_SYS(mlock), 240 },
     { SCMP_SYS(munlock), 240 },
     { SCMP_SYS(semctl), 240 },