Google Git
Sign in
qemu / qemu / 24f8cdc5722476e12d8e39d71f66311b4fa971c1
commit24f8cdc5722476e12d8e39d71f66311b4fa971c1[log] [tgz]
authorEduardo Otubo <otubo@redhat.com>Mon Mar 13 22:18:51 2017 +0100
committerEduardo Otubo <otubo@redhat.com>Fri Sep 15 10:15:06 2017 +0200
tree46fd71cfaaa2c1632bfce0d683941c15c84970f1
parent995a226f880b807e05240e8752d6ce65679775be [diff]
seccomp: add resourcecontrol argument to command line

This patch adds [,resourcecontrol=deny] to `-sandbox on' option. It
blacklists all process affinity and scheduler priority system calls to
avoid any bigger of the process.

Signed-off-by: Eduardo Otubo <otubo@redhat.com>
4 files changed
tree: 46fd71cfaaa2c1632bfce0d683941c15c84970f1
  1. accel/
  2. audio/
  3. backends/
  4. block/
  5. bsd-user/
  6. chardev/
  7. contrib/
  8. crypto/
  9. default-configs/
  10. disas/
  11. docs/
  12. fpu/
  13. fsdev/
  14. gdb-xml/
  15. hw/
  16. include/
  17. io/
  18. libdecnumber/
  19. linux-headers/
  20. linux-user/
  21. migration/
  22. nbd/
  23. net/
  24. pc-bios/
  25. po/
  26. qapi/
  27. qga/
  28. qobject/
  29. qom/
  30. replay/
  31. roms/
  32. scripts/
  33. slirp/
  34. stubs/
  35. target/
  36. tcg/
  37. tests/
  38. trace/
  39. ui/
  40. util/
  41. dtc
  42. .dir-locals.el
  43. .editorconfig
  44. .exrc
  45. .gdbinit
  46. .gitignore
  47. .gitmodules
  48. .mailmap
  49. .shippable.yml
  50. .travis.yml
  51. arch_init.c
  52. atomic_template.h
  53. balloon.c
  54. block.c
  55. blockdev-nbd.c
  56. blockdev.c
  57. blockjob.c
  58. bootdevice.c
  59. bt-host.c
  60. bt-vhci.c
  61. Changelog
  62. CODING_STYLE
  63. configure
  64. COPYING
  65. COPYING.LIB
  66. COPYING.PYTHON
  67. cpus-common.c
  68. cpus.c
  69. device-hotplug.c
  70. device_tree.c
  71. disas.c
  72. dma-helpers.c
  73. dump.c
  74. exec.c
  75. gdbstub.c
  76. HACKING
  77. hax-stub.c
  78. hmp-commands-info.hx
  79. hmp-commands.hx
  80. hmp.c
  81. hmp.h
  82. ioport.c
  83. iothread.c
  84. LICENSE
  85. MAINTAINERS
  86. Makefile
  87. Makefile.objs
  88. Makefile.target
  89. memory.c
  90. memory_ldst.inc.c
  91. memory_mapping.c
  92. module-common.c
  93. monitor.c
  94. numa.c
  95. os-posix.c
  96. os-win32.c
  97. qapi-schema.json
  98. qdev-monitor.c
  99. qdict-test-data.txt
  100. qemu-bridge-helper.c
  101. qemu-doc.texi
  102. qemu-ga.texi
  103. qemu-img-cmds.hx
  104. qemu-img.c
  105. qemu-img.texi
  106. qemu-io-cmds.c
  107. qemu-io.c
  108. qemu-nbd.c
  109. qemu-nbd.texi
  110. qemu-option-trace.texi
  111. qemu-options-wrapper.h
  112. qemu-options.h
  113. qemu-options.hx
  114. qemu-seccomp.c
  115. qemu-tech.texi
  116. qemu.nsi
  117. qemu.sasl
  118. qmp.c
  119. qtest.c
  120. README
  121. replication.c
  122. replication.h
  123. rules.mak
  124. softmmu_template.h
  125. thunk.c
  126. tpm.c
  127. trace-events
  128. user-exec-stub.c
  129. user-exec.c
  130. VERSION
  131. version.rc
  132. vl.c