From 705cdb391bcd6e116cf632c175a881493d481e94 Mon Sep 17 00:00:00 2001 From: Eduardo Otubo Date: Tue, 24 Sep 2013 14:50:44 -0300 Subject: [PATCH] seccomp: fine tuning whitelist by adding times() This was causing Qemu process to hang when using -sandbox on as discribed on RHBZ: https://bugzilla.redhat.com/show_bug.cgi?id=1004175 Signed-off-by: Eduardo Otubo Tested-by: Paul Moore Acked-by: Paul Moore (cherry picked from commit c236f4519c9838801798f3705c17dce9ab9e3b9d) --- qemu-seccomp.c | 1 + 1 file changed, 1 insertion(+) diff --git a/qemu-seccomp.c b/qemu-seccomp.c index 031da1d..4a57b4b 100644 --- a/qemu-seccomp.c +++ b/qemu-seccomp.c @@ -96,6 +96,7 @@ static const struct QemuSeccompSyscall seccomp_whitelist[] = { { SCMP_SYS(getuid), 245 }, { SCMP_SYS(geteuid), 245 }, { SCMP_SYS(timer_create), 245 }, + { SCMP_SYS(times), 245 }, { SCMP_SYS(exit), 245 }, { SCMP_SYS(clock_gettime), 245 }, { SCMP_SYS(time), 245 },