Re: [Qemu-devel] [PATCHv6 5/5] seccomp: add resourcecontrol argument to command line

On Fri, Sep 08, 2017 at 01:44:07PM +0200, Eduardo Otubo wrote: > This patch adds [,resourcecontrol=deny] to `-sandbox on' option. It > blacklists all process affinity and scheduler priority system calls to > avoid any bigger of the process. > > Signed-off-by: Eduardo Otubo > --- > include/sysemu

Re: [Qemu-devel] [PATCHv6 5/5] seccomp: add resourcecontrol argument to command line

On 08.09.2017 13:44, Eduardo Otubo wrote: > This patch adds [,resourcecontrol=deny] to `-sandbox on' option. It > blacklists all process affinity and scheduler priority system calls to > avoid any bigger of the process. > > Signed-off-by: Eduardo Otubo > --- > include/sysemu/seccomp.h | 1 + >

[Qemu-devel] [PATCHv6 5/5] seccomp: add resourcecontrol argument to command line

This patch adds [,resourcecontrol=deny] to `-sandbox on' option. It blacklists all process affinity and scheduler priority system calls to avoid any bigger of the process. Signed-off-by: Eduardo Otubo --- include/sysemu/seccomp.h | 1 + qemu-options.hx | 9 ++--- qemu-seccomp.c