[Virtio-fs] [PATCH 13/13] virtiofsd, seccomp: Add clock_nanosleep() to allow list
Stefan Hajnoczi
stefanha at redhat.com
Tue Oct 5 12:22:58 UTC 2021
On Thu, Sep 30, 2021 at 11:30:37AM -0400, Vivek Goyal wrote:
> g_usleep() calls nanosleep() and that now seems to call clock_nanosleep()
> syscall. Now these patches are making use of g_usleep(). So add
> clock_nanosleep() to list of allowed syscalls.
>
> Signed-off-by: Vivek Goyal <vgoyal at redhat.com>
> ---
> tools/virtiofsd/passthrough_seccomp.c | 1 +
> 1 file changed, 1 insertion(+)
>
> diff --git a/tools/virtiofsd/passthrough_seccomp.c b/tools/virtiofsd/passthrough_seccomp.c
> index cd24b40b78..03080806c0 100644
> --- a/tools/virtiofsd/passthrough_seccomp.c
> +++ b/tools/virtiofsd/passthrough_seccomp.c
> @@ -117,6 +117,7 @@ static const int syscall_allowlist[] = {
> SCMP_SYS(writev),
> SCMP_SYS(umask),
> SCMP_SYS(nanosleep),
> + SCMP_SYS(clock_nanosleep),
This patch can be dropped once sleep has been replaced by a condvar.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/virtio-fs/attachments/20211005/17afb9f4/attachment.sig>
More information about the Virtio-fs
mailing list