search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
(parent: 8e1d4ef) | patch
virtiofsd: add seccomp whitelist
commit4f8bde99c175ffd86b5125098a4707d43f5e80c6
authorStefan Hajnoczi <stefanha@redhat.com>
Wed, 13 Mar 2019 09:32:51 +0000 (13 09:32 +0000)
committerDr. David Alan Gilbert <dgilbert@redhat.com>
Thu, 23 Jan 2020 16:41:37 +0000 (23 16:41 +0000)
treedff3e147bad537c6308fccd1e3f5d89a2e1327c8tree | snapshot (tar.gz zip)
parent8e1d4ef231d8327be219f7aea7aa15d181375bbccommit | diff
virtiofsd: add seccomp whitelist

Only allow system calls that are needed by virtiofsd.  All other system
calls cause SIGSYS to be directed at the thread and the process will
coredump.

Restricting system calls reduces the kernel attack surface and limits
what the process can do when compromised.

Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
with additional entries by:
Signed-off-by: Ganesh Maharaj Mahalingam <ganesh.mahalingam@intel.com>
Signed-off-by: Masayoshi Mizuma <m.mizuma@jp.fujitsu.com>
Signed-off-by: Misono Tomohiro <misono.tomohiro@jp.fujitsu.com>
Signed-off-by: piaojun <piaojun@huawei.com>
Signed-off-by: Vivek Goyal <vgoyal@redhat.com>
Signed-off-by: Eric Ren <renzhen@linux.alibaba.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Makefile diff | blob | blame | history
tools/virtiofsd/Makefile.objs diff | blob | blame | history
tools/virtiofsd/passthrough_ll.c diff | blob | blame | history
tools/virtiofsd/seccomp.c [new file with mode: 0644] blob
tools/virtiofsd/seccomp.h [new file with mode: 0644] blob
AR7 emulation for QEMU