From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:53200) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1apx2M-0003ad-VM for qemu-devel@nongnu.org; Tue, 12 Apr 2016 08:03:19 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1apx2J-0001yn-Nj for qemu-devel@nongnu.org; Tue, 12 Apr 2016 08:03:18 -0400 Received: from mx4-phx2.redhat.com ([209.132.183.25]:33118) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1apx2J-0001xv-G6 for qemu-devel@nongnu.org; Tue, 12 Apr 2016 08:03:15 -0400 Date: Tue, 12 Apr 2016 08:03:13 -0400 (EDT) From: Miroslav Rezanina Message-ID: <458520326.444272.1460462593821.JavaMail.zimbra@redhat.com> In-Reply-To: <20160412115345.GC24071@vader> References: <1457343286-16019-1-git-send-email-mrezanin@redhat.com> <20160411201952.GA5606@ubuntumail> <20160412115345.GC24071@vader> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Subject: Re: [Qemu-devel] [PATCH] Whitelist sysinfo call List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Eduardo Otubo Cc: qemu-devel@nongnu.org ----- =E5=85=83=E3=81=AE=E3=83=A1=E3=83=83=E3=82=BB=E3=83=BC=E3=82=B8 ----- > =E5=B7=AE=E5=87=BA=E4=BA=BA: "Eduardo Otubo" > =E5=AE=9B=E5=85=88: "Serge Hallyn" > Cc: mrezanin@redhat.com, qemu-devel@nongnu.org, armbru@redhat.com > =E9=80=81=E4=BF=A1=E6=B8=88=E3=81=BF: 2016=E5=B9=B44=E6=9C=8812=E6=97=A5,= =E7=81=AB=E6=9B=9C=E6=97=A5 =E5=8D=88=E5=BE=8C 1:53:47 > =E4=BB=B6=E5=90=8D: Re: Re: [Qemu-devel] [PATCH] Whitelist sysinfo call >=20 > On Mon, Apr 11, 2016 at 08=3D19=3D52PM +0000, Serge Hallyn wrote: > > Quoting mrezanin@redhat.com (mrezanin@redhat.com): > > > From: Miroslav Rezanina > > >=20 > > > Newer version of nss-softokn libraries (> 3.16.2.3) use sysinfo call > > > so qemu using rbd image hang after start when run in sandbox mode. > > >=20 > > > To allow using rbd images in sandbox mode we have to whitelist it. > > >=20 > > > Signed-off-by: Miroslav Rezanina > >=20 > > Thanks. > >=20 > > Acked-by: Serge E. Hallyn >=20 > Also: I'll change the subject of this email a little bit for a cleaner > and more explicit commit. >=20 > Thanks. Ok, thanks. Mirek >=20 > >=20 > > > --- > > > qemu-seccomp.c | 1 + > > > 1 file changed, 1 insertion(+) > > >=20 > > > diff --git a/qemu-seccomp.c b/qemu-seccomp.c > > > index 2866e3c..e29fca1 100644 > > > --- a/qemu-seccomp.c > > > +++ b/qemu-seccomp.c > > > @@ -250,6 +250,7 @@ static const struct QemuSeccompSyscall > > > seccomp_whitelist[] =3D { > > > #ifdef HAVE_CACHEFLUSH > > > { SCMP_SYS(cacheflush), 240 }, > > > #endif > > > + { SCMP_SYS(sysinfo), 240 }, > > > }; > > > =20 > > > int seccomp_start(void) > > > -- > > > 2.5.0 > > >=20 > > >=20 > >=20 >=20 > -- > Eduardo Otubo > ProfitBricks GmbH >=20 --=20 Miroslav Rezanina Software Engineer - Virtualization Team