[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [RFC] [PATCH 2/2] Adding basic calls to libseccomp in v
Re: [Qemu-devel] [RFC] [PATCH 2/2] Adding basic calls to libseccomp in vl.c
Mon, 07 May 2012 08:34:50 -0400 (EDT)
> > At least the following are also used: recvmsg, sendmsg, accept, connect,
> > bind, listen, ioctl, fallocate, eventfd. I don't know if all of them
> > have to be included in the list. Other syscalls are not used but
> > probably should be allowed for simplicity, for example poll.
> You straced those syscalls from what kind of guest? Can you provide
> the frequency they appear on a strace of you example so we can set the
> priority? Don't need any fancy report, just some grep's and wc's on a
> strace output should be just fine.
No, just looking at the code. (Uhm, fallocate is not used in master yet).
ioctl is the only one with pretty high priority.
Re: [Qemu-devel] [RFC] [PATCH 0/2] Sandboxing Qemu guests with Libseccomp, Daniel P. Berrange, 2012/05/08