Fix process exit with -sandbox on (bz #1027421)
This commit is contained in:
Cole Robinson
parent
cb4937d525
commit
4b07b93c5a
28
0321-seccomp-fine-tuning-whitelist-by-adding-times.patch
Normal file
28
0321-seccomp-fine-tuning-whitelist-by-adding-times.patch
Normal file
@ -0,0 +1,28 @@
|
||||
From 705cdb391bcd6e116cf632c175a881493d481e94 Mon Sep 17 00:00:00 2001
|
||||
From: Eduardo Otubo <otubo@linux.vnet.ibm.com>
|
||||
Date: Tue, 24 Sep 2013 14:50:44 -0300
|
||||
Subject: [PATCH] seccomp: fine tuning whitelist by adding times()
|
||||
|
||||
This was causing Qemu process to hang when using -sandbox on as
|
||||
discribed on RHBZ: https://bugzilla.redhat.com/show_bug.cgi?id=1004175
|
||||
|
||||
Signed-off-by: Eduardo Otubo <otubo@linux.vnet.ibm.com>
|
||||
Tested-by: Paul Moore <pmoore@redhat.com>
|
||||
Acked-by: Paul Moore <pmoore@redhat.com>
|
||||
(cherry picked from commit c236f4519c9838801798f3705c17dce9ab9e3b9d)
|
||||
---
|
||||
qemu-seccomp.c | 1 +
|
||||
1 file changed, 1 insertion(+)
|
||||
|
||||
diff --git a/qemu-seccomp.c b/qemu-seccomp.c
|
||||
index 031da1d..4a57b4b 100644
|
||||
--- a/qemu-seccomp.c
|
||||
+++ b/qemu-seccomp.c
|
||||
@@ -96,6 +96,7 @@ static const struct QemuSeccompSyscall seccomp_whitelist[] = {
|
||||
{ SCMP_SYS(getuid), 245 },
|
||||
{ SCMP_SYS(geteuid), 245 },
|
||||
{ SCMP_SYS(timer_create), 245 },
|
||||
+ { SCMP_SYS(times), 245 },
|
||||
{ SCMP_SYS(exit), 245 },
|
||||
{ SCMP_SYS(clock_gettime), 245 },
|
||||
{ SCMP_SYS(time), 245 },
|
||||
@ -131,7 +131,7 @@
|
||||
Summary: QEMU is a FAST! processor emulator
|
||||
Name: qemu
|
||||
Version: 1.4.2
|
||||
Release: 13%{?dist}
|
||||
Release: 14%{?dist}
|
||||
# Epoch because we pushed a qemu-1.0 package. AIUI this can't ever be dropped
|
||||
Epoch: 2
|
||||
License: GPLv2+ and LGPLv2+ and BSD
|
||||
@ -306,6 +306,8 @@ Patch0318: 0318-scsi-Allocate-SCSITargetReq-r-buf-dynamically.patch
|
||||
# Fix 9pfs xattrs on kernel 3.11 (bz #1013676)
|
||||
Patch0319: 0319-hw-9pfs-Be-robust-against-paths-without-FS_IOC_GETVE.patch
|
||||
Patch0320: 0320-hw-9pfs-Fix-errno-value-for-xattr-functions.patch
|
||||
# Fix process exit with -sandbox on (bz #1027421)
|
||||
Patch0321: 0321-seccomp-fine-tuning-whitelist-by-adding-times.patch
|
||||
|
||||
BuildRequires: SDL-devel
|
||||
BuildRequires: zlib-devel
|
||||
@ -909,6 +911,8 @@ CAC emulation development files.
|
||||
# Fix 9pfs xattrs on kernel 3.11 (bz #1013676)
|
||||
%patch0319 -p1
|
||||
%patch0320 -p1
|
||||
# Fix process exit with -sandbox on (bz #1027421)
|
||||
%patch0321 -p1
|
||||
|
||||
%build
|
||||
%if %{with kvmonly}
|
||||
@ -1555,6 +1559,9 @@ getent passwd qemu >/dev/null || \
|
||||
%endif
|
||||
|
||||
%changelog
|
||||
* Sun Nov 17 2013 Cole Robinson <crobinso@redhat.com> - 2:1.4.2-14
|
||||
- Fix process exit with -sandbox on (bz #1027421)
|
||||
|
||||
* Tue Nov 05 2013 Cole Robinson <crobinso@redhat.com> - 2:1.4.2-13
|
||||
- ksmtuned: Fix matching qemu w/o set_process_name (bz #1012604)
|
||||
- ksmtuned: Fix committed_memory when no qemu running (bz #1012610)
|
||||
|
||||
Loading…
Reference in New Issue
Block a user