seccomp: removing unused syscalls gtom whitelist
v3 update: - reincluding getrlimit(), it is used by Xen. v2 update: - reincluding setrlimit(), it is used by Xen. Signed-off-by: Eduardo Otubo <otubo@linux.vnet.ibm.com> Reviewed-by: Paolo Bonzini <pbonzini@redhat.com> Message-id: 1374518017-10424-3-git-send-email-otubo@linux.vnet.ibm.com Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
This commit is contained in:
parent
7d7b2ad436
commit
2fb861eb02
@ -108,7 +108,6 @@ static const struct QemuSeccompSyscall seccomp_whitelist[] = {
|
||||
{ SCMP_SYS(lseek), 245 },
|
||||
{ SCMP_SYS(pselect6), 245 },
|
||||
{ SCMP_SYS(fork), 245 },
|
||||
{ SCMP_SYS(eventfd), 245 },
|
||||
{ SCMP_SYS(rt_sigprocmask), 245 },
|
||||
{ SCMP_SYS(write), 244 },
|
||||
{ SCMP_SYS(fcntl), 243 },
|
||||
@ -144,7 +143,6 @@ static const struct QemuSeccompSyscall seccomp_whitelist[] = {
|
||||
{ SCMP_SYS(newfstatat), 241 },
|
||||
{ SCMP_SYS(shutdown), 241 },
|
||||
{ SCMP_SYS(getsockopt), 241 },
|
||||
{ SCMP_SYS(semctl), 241 },
|
||||
{ SCMP_SYS(semop), 241 },
|
||||
{ SCMP_SYS(semtimedop), 241 },
|
||||
{ SCMP_SYS(epoll_ctl_old), 241 },
|
||||
@ -192,12 +190,10 @@ static const struct QemuSeccompSyscall seccomp_whitelist[] = {
|
||||
{ SCMP_SYS(lchown), 241 },
|
||||
{ SCMP_SYS(fchownat), 241 },
|
||||
{ SCMP_SYS(fstatfs), 241 },
|
||||
{ SCMP_SYS(sendfile), 241 },
|
||||
{ SCMP_SYS(getitimer), 241 },
|
||||
{ SCMP_SYS(syncfs), 241 },
|
||||
{ SCMP_SYS(fsync), 241 },
|
||||
{ SCMP_SYS(fchdir), 241 },
|
||||
{ SCMP_SYS(flock), 241 },
|
||||
{ SCMP_SYS(msync), 241 },
|
||||
{ SCMP_SYS(sched_setparam), 241 },
|
||||
{ SCMP_SYS(sched_setscheduler), 241 },
|
||||
|
Loading…
Reference in New Issue
Block a user