From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([2001:4830:134:3::10]:36838)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <marcandre.lureau@gmail.com>) id 1ZkZRs-00020n-Q1
	for qemu-devel@nongnu.org; Fri, 09 Oct 2015 11:19:09 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <marcandre.lureau@gmail.com>) id 1ZkZRr-0008E2-RM
	for qemu-devel@nongnu.org; Fri, 09 Oct 2015 11:19:08 -0400
Received: from mail-qg0-x231.google.com ([2607:f8b0:400d:c04::231]:33964)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <marcandre.lureau@gmail.com>) id 1ZkZRr-0008Dx-ON
	for qemu-devel@nongnu.org; Fri, 09 Oct 2015 11:19:07 -0400
Received: by qgez77 with SMTP id z77so71548243qge.1
	for <qemu-devel@nongnu.org>; Fri, 09 Oct 2015 08:19:07 -0700 (PDT)
Sender: =?UTF-8?B?TWFyYy1BbmRyw6kgTHVyZWF1?= <marcandre.lureau@gmail.com>
From: marcandre.lureau@redhat.com
Date: Fri,  9 Oct 2015 17:17:41 +0200
Message-Id: <1444403861-3240-28-git-send-email-marcandre.lureau@redhat.com>
In-Reply-To: <1444403861-3240-1-git-send-email-marcandre.lureau@redhat.com>
References: <1444403861-3240-1-git-send-email-marcandre.lureau@redhat.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Subject: [Qemu-devel] [PATCH v8 27/27] seccomp: add memfd_create to whitelist
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: qemu-devel@nongnu.org
Cc: haifeng.lin@huawei.com, mst@redhat.com, thibaut.collet@6wind.com, jasowang@redhat.com, Eduardo Otubo <eduardo.otubo@profitbricks.com>, =?UTF-8?q?Marc-Andr=C3=A9=20Lureau?= <marcandre.lureau@redhat.com>, pbonzini@redhat.com

From: Eduardo Otubo <eduardo.otubo@profitbricks.com>

This is used by memfd code.

Signed-off-by: Eduardo Otubo <eduardo.otubo@profitbricks.com>
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
---
 qemu-seccomp.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/qemu-seccomp.c b/qemu-seccomp.c
index f9de0d3..80d034a 100644
--- a/qemu-seccomp.c
+++ b/qemu-seccomp.c
@@ -237,7 +237,8 @@ static const struct QemuSeccompSyscall seccomp_whitelist[] = {
     { SCMP_SYS(fadvise64), 240 },
     { SCMP_SYS(inotify_init1), 240 },
     { SCMP_SYS(inotify_add_watch), 240 },
-    { SCMP_SYS(mbind), 240 }
+    { SCMP_SYS(mbind), 240 },
+    { SCMP_SYS(memfd_create), 240 }
 };
 
 int seccomp_start(void)
-- 
2.4.3