On Wed, Sep 7, 2016 at 9:55 PM, Brian Rak <b...@gameservers.com> wrote:
> --- src_clean/qemu-seccomp.c 2016-09-02 11:34:22.000000000 -0400
> +++ src/qemu-seccomp.c 2016-09-06 11:28:23.189162653 -0400
> @@ -65,6 +65,7 @@
> { SCMP_SYS(prctl), 245 },
> { SCMP_SYS(signalfd), 245 },
> { SCMP_SYS(getrlimit), 245 },
> + { SCMP_SYS(getrusage), 245 },
> { SCMP_SYS(set_tid_address), 245 },
> { SCMP_SYS(statfs), 245 },
> { SCMP_SYS(unlink), 245 },
Hi,
Care to send a proper commit message, stating the use case, issues, etc?
Thanks,
>
>
> On 9/6/2016 12:43 PM, Eduardo Otubo wrote:
>
> This feature is enabled by default in virt-test/avocado and yes lots of
> people use it.
>
> Please send a patch and I'll merge it.
>
>
> On Tue, Sep 6, 2016, 18:41 Brian Rak <b...@gameservers.com> wrote:
>>
>> I've been testing out 2.7.0 with seccomp support. Whenever I connect to
>> the VNC console, the process gets killed by the kernel. dmesg shows:
>>
>> audit: type=1326 audit(1473175350.674:2): auid=0 uid=107 gid=107
>> ses=423110 pid=32202 comm="qemu-kvm" exe="/bin/qemu-system-x86_64"
>> sig=31 arch=c000003e syscall=98 compat=0 ip=0x7f2beba83477 code=0x0
>>
>> syscall 98 appears to be getrusage, which does not appear in
>> qemu-seccomp.c.
>>
>> Is seccomp a supported feature these days? I'm guessing it does not get
>> a whole lot of use.
>>
>>
>
--
Eduardo Otubo
ProfitBricks
