[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-commits] [qemu/qemu] 5ce439: configure: Enable seccomp sandbox for
|
From: |
GitHub |
|
Subject: |
[Qemu-commits] [qemu/qemu] 5ce439: configure: Enable seccomp sandbox for MIPS |
|
Date: |
Mon, 18 Apr 2016 03:30:06 -0700 |
Branch: refs/heads/master
Home: https://github.com/qemu/qemu
Commit: 5ce43972812e4d9473d5acfd1d12e52cb9778b2c
https://github.com/qemu/qemu/commit/5ce43972812e4d9473d5acfd1d12e52cb9778b2c
Author: James Hogan <address@hidden>
Date: 2016-04-16 (Sat, 16 Apr 2016)
Changed paths:
M configure
Log Message:
-----------
configure: Enable seccomp sandbox for MIPS
Enable seccomp on MIPS since libseccomp version 2.2.0 when MIPS support
was first added.
Signed-off-by: James Hogan <address@hidden>
Reviewed-by: Andrew Jones <address@hidden>
Acked-by: Eduardo Otubo <address@hidden>
Commit: 81bed73b5395c4c17dee6efebd44dd34b8f40d99
https://github.com/qemu/qemu/commit/81bed73b5395c4c17dee6efebd44dd34b8f40d99
Author: James Hogan <address@hidden>
Date: 2016-04-16 (Sat, 16 Apr 2016)
Changed paths:
M qemu-seccomp.c
Log Message:
-----------
seccomp: Whitelist cacheflush since 2.2.0 not 2.2.3
The cacheflush system call (found on MIPS and ARM) has been included in
the libseccomp header since 2.2.0, so include it back to that version.
Previously it was only enabled since 2.2.3 since that is when it was
enabled properly for ARM.
This will allow seccomp support to be enabled for MIPS back to
libseccomp 2.2.0.
Signed-off-by: James Hogan <address@hidden>
Reviewed-By: Andrew Jones <address@hidden>
Acked-by: Eduardo Otubo <address@hidden>
Commit: 8e08f8a4a7f613af65b29fcc3ac3bfc2a08a3343
https://github.com/qemu/qemu/commit/8e08f8a4a7f613af65b29fcc3ac3bfc2a08a3343
Author: Miroslav Rezanina <address@hidden>
Date: 2016-04-16 (Sat, 16 Apr 2016)
Changed paths:
M qemu-seccomp.c
Log Message:
-----------
seccomp: adding sysinfo system call to whitelist
Newer version of nss-softokn libraries (> 3.16.2.3) use sysinfo call
so qemu using rbd image hang after start when run in sandbox mode.
To allow using rbd images in sandbox mode we have to whitelist it.
Signed-off-by: Miroslav Rezanina <address@hidden>
Acked-by: Eduardo Otubo <address@hidden>
Commit: adde0204e4edbebfeb77d244cad7d9d8be7ed7e0
https://github.com/qemu/qemu/commit/adde0204e4edbebfeb77d244cad7d9d8be7ed7e0
Author: Peter Maydell <address@hidden>
Date: 2016-04-18 (Mon, 18 Apr 2016)
Changed paths:
M configure
M qemu-seccomp.c
Log Message:
-----------
Merge remote-tracking branch 'remotes/otubo/tags/pull-seccomp-20160416' into
staging
seccomp branch queue
# gpg: Signature made Sat 16 Apr 2016 19:58:46 BST using RSA key ID 12F8BD2F
# gpg: Good signature from "Eduardo Otubo (Software Engineer @ ProfitBricks)
<address@hidden>"
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 1C96 46B6 E1D1 C38A F2EC 3FDE FD0C FF5B 12F8 BD2F
* remotes/otubo/tags/pull-seccomp-20160416:
seccomp: adding sysinfo system call to whitelist
seccomp: Whitelist cacheflush since 2.2.0 not 2.2.3
configure: Enable seccomp sandbox for MIPS
Signed-off-by: Peter Maydell <address@hidden>
Compare: https://github.com/qemu/qemu/compare/c6c598ca5fba...adde0204e4ed
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Qemu-commits] [qemu/qemu] 5ce439: configure: Enable seccomp sandbox for MIPS,
GitHub <=