On 08/22/2018 10:40 AM, Eduardo Otubo wrote:
The following changes since commit 13b7b188501d419a7d63c016e00065bcc693b7d4:
Merge remote-tracking branch 'remotes/kraxel/tags/vga-20180821-pull-request'
into staging (2018-08-21 15:57:56 +0100)
are available in the Git repository at:
https://github.com/otubo/qemu.git tags/pull-seccomp-20180822
for you to fetch changes up to 2131f3e6e98195b4ce43a87c78cd9d8cb9f4da2c:
seccomp: set the seccomp filter to all threads (2018-08-22 17:35:34 +0200)
----------------------------------------------------------------
pull-seccomp-20180822
----------------------------------------------------------------
Marc-André Lureau (3):
seccomp: use SIGSYS signal instead of killing the thread
seccomp: prefer SCMP_ACT_KILL_PROCESS if available
seccomp: set the seccomp filter to all threads
Let's hold off on this pull request until the technical debate on 3/3
has settled (namely, there's no point in letting the process continue if
tsync fails on older OS, because it is NOT providing the security that
it claims).
--
Eric Blake, Principal Software Engineer
Red Hat, Inc. +1-919-301-3266
Virtualization: qemu.org | libvirt.org