OpenE2K/qemu-e2k
13
4
Fork 0
Code Issues 4 Pull Requests Projects 2 Releases Activity

pull-seccomp-20180926

Browse Source 
-----BEGIN PGP SIGNATURE-----
 
 iQEcBAABAgAGBQJbq4eGAAoJEN8y58Dw//mi+UEH/3wAU1gfDsizaTpo+eMHIBrA
 K9KZadaU2aMAUk8NEaouU+cKOpoctGLVHF979GaKJzTMPlWEupwyDhc4N0waV15L
 Zxnlu3UPFPOILnnzomEhmpSYJAHIfGAizjUtTh2nyotTz5MjTmuk4AFTnNKtNUvJ
 lp+72vhwrbIErPbKoG2poLLPe8D+A51j7/StmVdpnj2jIxdTwcTiKDe6WwjxqUXR
 gCalB/iTkpPB6bdXbBeWlw3Uu9Gmm6meORMYQza0SpTrOd3/vUyw0AXPYhMZufKT
 lFps3dI7wYNKDvT9R5ZIaQcZnngWVHQzTj4fUUs0Qz7E7B/imooxjGaxtxR6LOY=
 =Tfvq
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/otubo/tags/pull-seccomp-20180926' into staging

pull-seccomp-20180926

# gpg: Signature made Wed 26 Sep 2018 14:20:06 BST
# gpg:                using RSA key DF32E7C0F0FFF9A2
# gpg: Good signature from "Eduardo Otubo (Senior Software Engineer) <otubo@redhat.com>"
# Primary key fingerprint: D67E 1B50 9374 86B4 0723  DBAB DF32 E7C0 F0FF F9A2

* remotes/otubo/tags/pull-seccomp-20180926:
  seccomp: check TSYNC host capability

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
This commit is contained in:
Peter Maydell 2018-09-28 14:17:12 +01:00
commit 567ea80834
2 changed files with 20 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
qemu-seccomp.c
View File

@ -282,7 +282,24 @@ static QemuOptsList qemu_sandbox_opts = {
static void seccomp_register(void)
{
qemu_add_opts(&qemu_sandbox_opts);
bool add = false;
/* FIXME: use seccomp_api_get() >= 2 check when released */
#if defined(SECCOMP_FILTER_FLAG_TSYNC)
int check;
/* check host TSYNC capability, it returns errno == ENOSYS if unavailable */
check = qemu_seccomp(SECCOMP_SET_MODE_FILTER,
SECCOMP_FILTER_FLAG_TSYNC, NULL);
if (check < 0 && errno == EFAULT) {
add = true;
}
#endif
if (add) {
qemu_add_opts(&qemu_sandbox_opts);
}
}
opts_init(seccomp_register);
#endif

4
vl.c
View File

@ -3917,8 +3917,8 @@ int main(int argc, char **argv, char **envp)
}
#ifdef CONFIG_SECCOMP
if (qemu_opts_foreach(qemu_find_opts("sandbox"),
parse_sandbox, NULL, NULL)) {
olist = qemu_find_opts_err("sandbox", NULL);
if (olist && qemu_opts_foreach(olist, parse_sandbox, NULL, NULL)) {
exit(1);
}
#endif