Command line support for seccomp with -sandbox (v8) Signed-off-by: Eduardo Otubo <otubo@linux.vnet.ibm.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com> --- v7 -> v8 - Parse options correctly (aliguori)

commit: 7d76ad4fa4405bb20c35fd24c3c848d2bc48f694 [log] [tgz]
author: Eduardo Otubo <otubo@linux.vnet.ibm.com> Tue Aug 14 18:44:08 2012 -0300
committer: Anthony Liguori <aliguori@us.ibm.com> Thu Aug 16 13:41:16 2012 -0500
tree: 647c18a62aa16508fcb15b2a61bd91de3bee3c36
parent: 452dfbef600837c0e430564ea9e35138ef48f24c [diff] [blame]
diff --git a/qemu-options.hx b/qemu-options.hx
index 6aeef6a..3c411c4 100644
--- a/qemu-options.hx
+++ b/qemu-options.hx

@@ -2723,6 +2723,16 @@
 Old param mode (ARM only).
 ETEXI
 
+DEF("sandbox", HAS_ARG, QEMU_OPTION_sandbox, \
+    "-sandbox <arg>  Enable seccomp mode 2 system call filter (default 'off').\n",
+    QEMU_ARCH_ALL)
+STEXI
+@item -sandbox
+@findex -sandbox
+Enable Seccomp mode 2 system call filter. 'on' will enable syscall filtering and 'off' will
+disable it.  The default is 'off'.
+ETEXI
+
 DEF("readconfig", HAS_ARG, QEMU_OPTION_readconfig,
     "-readconfig <file>\n", QEMU_ARCH_ALL)
 STEXI
commit	7d76ad4fa4405bb20c35fd24c3c848d2bc48f694	[log] [tgz]
author	Eduardo Otubo <otubo@linux.vnet.ibm.com>	Tue Aug 14 18:44:08 2012 -0300
committer	Anthony Liguori <aliguori@us.ibm.com>	Thu Aug 16 13:41:16 2012 -0500
tree	647c18a62aa16508fcb15b2a61bd91de3bee3c36
parent	452dfbef600837c0e430564ea9e35138ef48f24c [diff] [blame]