On Fri, Sep 08, 2017 at 01:44:03PM +0200, Eduardo Otubo wrote: > This patch changes the default behavior of the seccomp filter from > whitelist to blacklist. By default now all system calls are allowed and > a small black list of definitely forbidden ones was created. > > Signed-off-by: Eduardo Otubo <ot...@redhat.com> > --- > include/sysemu/seccomp.h | 2 + > qemu-seccomp.c | 260 > +++++------------------------------------------ > vl.c | 1 - > 3 files changed, 30 insertions(+), 233 deletions(-)
Reviewed-by: Daniel P. Berrange <berra...@redhat.com> Regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
