aboutsummaryrefslogtreecommitdiff
path: root/qemu-seccomp.c
diff options
context:
space:
mode:
authorPaolo Bonzini <pbonzini@redhat.com>2015-01-20 14:32:33 +0100
committerEduardo Otubo <eduardo.otubo@profitbricks.com>2015-01-23 14:07:08 +0100
commit4b45b055491a319292beefb8080a81d96cf55cf6 (patch)
tree98c3a702056bde7832df39acd6c7a38dc3e71dd4 /qemu-seccomp.c
parent8f970eff6e318524f189f105c236e47633759890 (diff)
seccomp: add mlockall to whitelist
This is used by "-realtime mlock=on". Signed-off-by: Eduardo Otubo <eduardo.otubo@profitbricks.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Reviewed-by: Amit Shah <amit.shah@redhat.com> Reviewed-by: Eduardo Habkost <ehabkost@redhat.com> Tested-by: Eduardo Habkost <ehabkost@redhat.com> Acked-by: Eduardo Otubo <eduardo.otubo@profitbricks.com>
Diffstat (limited to 'qemu-seccomp.c')
-rw-r--r--qemu-seccomp.c1
1 files changed, 1 insertions, 0 deletions
diff --git a/qemu-seccomp.c b/qemu-seccomp.c
index b0c626984f..f9de0d3390 100644
--- a/qemu-seccomp.c
+++ b/qemu-seccomp.c
@@ -229,6 +229,7 @@ static const struct QemuSeccompSyscall seccomp_whitelist[] = {
{ SCMP_SYS(shmdt), 240 },
{ SCMP_SYS(timerfd_create), 240 },
{ SCMP_SYS(shmctl), 240 },
+ { SCMP_SYS(mlockall), 240 },
{ SCMP_SYS(mlock), 240 },
{ SCMP_SYS(munlock), 240 },
{ SCMP_SYS(semctl), 240 },