From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:53399) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1VJ1OF-0008Hx-Vx for qemu-devel@nongnu.org; Mon, 09 Sep 2013 09:20:37 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1VJ1O7-0006SE-2F for qemu-devel@nongnu.org; Mon, 09 Sep 2013 09:20:27 -0400 Received: from e24smtp05.br.ibm.com ([32.104.18.26]:54272) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1VJ1O6-0006R9-LZ for qemu-devel@nongnu.org; Mon, 09 Sep 2013 09:20:18 -0400 Received: from /spool/local by e24smtp05.br.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted for from ; Mon, 9 Sep 2013 10:20:15 -0300 Received: from d24relay02.br.ibm.com (d24relay02.br.ibm.com [9.13.184.26]) by d24dlp01.br.ibm.com (Postfix) with ESMTP id B3F6D352005F for ; Mon, 9 Sep 2013 09:20:11 -0400 (EDT) Received: from d24av01.br.ibm.com (d24av01.br.ibm.com [9.8.31.91]) by d24relay02.br.ibm.com (8.13.8/8.13.8/NCO v10.0) with ESMTP id r89DIQBR44367894 for ; Mon, 9 Sep 2013 10:18:26 -0300 Received: from d24av01.br.ibm.com (localhost [127.0.0.1]) by d24av01.br.ibm.com (8.14.4/8.14.4/NCO v10.0 AVout) with ESMTP id r89DKBE5008701 for ; Mon, 9 Sep 2013 10:20:11 -0300 Message-ID: <522DCB0A.30406@linux.vnet.ibm.com> Date: Mon, 09 Sep 2013 10:20:10 -0300 From: Eduardo Otubo MIME-Version: 1.0 References: <1378297508-7242-1-git-send-email-otubo@linux.vnet.ibm.com> <522A21C2.3010801@linux.vnet.ibm.com> <522DA514.5070702@redhat.com> <11305371.SUiNjF4f3Q@sifl> In-Reply-To: <11305371.SUiNjF4f3Q@sifl> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Subject: Re: [Qemu-devel] [PATCH] seccomp: adding times() to the whitelist List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Paul Moore Cc: Paolo Bonzini , coreyb@linux.vnet.ibm.com, qemu-devel@nongnu.org On 09/09/2013 09:36 AM, Paul Moore wrote: > On Monday, September 09, 2013 12:38:12 PM Paolo Bonzini wrote: >> Il 06/09/2013 20:41, Eduardo Otubo ha scritto: >>> Hello, >>> >>> Any chance to get this patch applied? >>> >>> Thanks! >> >> Paul, perhaps you can add yourself to MAINTAINERS and send a pull request? >> >> Paolo > > Out of respect for the work that Eduardo has done, and is continuing to do, > with the QEMU seccomp filtering, I think Eduardo should be the one to take on > this role. If Eduardo declines I'll do ahead and submit a patch adding myself > to the MAINTAINERS file. If this is ok for everyone, I would be really glad to take this role to myself. Paul, thanks for this vote of confidence. Paolo, should I send a patch for MAINTAINERS right away? Regards, > >>> On 09/04/2013 11:11 AM, Paul Moore wrote: >>>> On Wednesday, September 04, 2013 09:25:08 AM Eduardo Otubo wrote: >>>>> This was causing Qemu process to hang when using -sandbox on. >>>>> >>>>> Related RHBZ: https://bugzilla.redhat.com/show_bug.cgi?id=1004175 >>>>> >>>>> Signed-off-by: Eduardo Otubo >>>> >>>> Works for me. >>>> >>>> Tested-by: Paul Moore >>>> >>>>> --- >>>>> >>>>> qemu-seccomp.c | 1 + >>>>> 1 files changed, 1 insertions(+), 0 deletions(-) >>>>> >>>>> diff --git a/qemu-seccomp.c b/qemu-seccomp.c >>>>> index 37d38f8..69cee44 100644 >>>>> --- a/qemu-seccomp.c >>>>> +++ b/qemu-seccomp.c >>>>> @@ -90,6 +90,7 @@ static const struct QemuSeccompSyscall >>>>> seccomp_whitelist[] >>>>> = { { SCMP_SYS(getuid), 245 }, >>>>> >>>>> { SCMP_SYS(geteuid), 245 }, >>>>> { SCMP_SYS(timer_create), 245 }, >>>>> >>>>> + { SCMP_SYS(times), 245 }, >>>>> >>>>> { SCMP_SYS(exit), 245 }, >>>>> { SCMP_SYS(clock_gettime), 245 }, >>>>> { SCMP_SYS(time), 245 }, > -- Eduardo Otubo IBM Linux Technology Center