qemu/include/sysemu
Eduardo Otubo 73a1e64725 seccomp: add elevateprivileges argument to command line
This patch introduces the new argument
[,elevateprivileges=allow|deny|children] to the `-sandbox on'. It allows
or denies Qemu process to elevate its privileges by blacklisting all
set*uid|gid system calls. The 'children' option will let forks and
execves run unprivileged.

Signed-off-by: Eduardo Otubo <otubo@redhat.com>
2017-09-15 10:15:06 +02:00
..
accel.h vl: convert -tb-size to qemu_strtoul 2017-07-04 14:39:28 +02:00
arch_init.h audio: Move arch_init audio code to hw/audio/soundhw.c 2017-05-19 10:48:53 +02:00
balloon.h Clean up ill-advised or unusual header guards 2016-07-12 16:20:46 +02:00
block-backend.h block: move ThrottleGroup membership to ThrottleGroupMember 2017-09-05 16:47:51 +02:00
blockdev.h blockdev: Make orphaned -drive fatal 2017-02-21 13:17:45 +01:00
bt.h Clean up header guards that don't match their file name 2016-07-12 16:19:16 +02:00
cpus.h migration: Mark CPU states dirty before incoming migration/loadvm 2017-06-06 08:53:24 +10:00
cryptodev.h cryptodev: wrap the ready flag 2017-01-10 07:02:52 +02:00
device_tree.h Clean up ill-advised or unusual header guards 2016-07-12 16:20:46 +02:00
dma.h dma-helpers: explicitly pass alignment into DMA helpers 2016-10-27 16:29:13 -04:00
dump-arch.h dump: allow target to set the physical base 2016-01-15 14:40:25 +00:00
dump.h dump: Acquire BQL around vm_start() in dump thread 2017-05-05 12:10:00 +02:00
hax.h migration: Mark CPU states dirty before incoming migration/loadvm 2017-06-06 08:53:24 +10:00
hostmem.h hostmem: introduce host_memory_backend_mr_inited() 2017-04-20 15:22:41 -03:00
hw_accel.h migration: Mark CPU states dirty before incoming migration/loadvm 2017-06-06 08:53:24 +10:00
iothread.h qemu-iothread: IOThread supports the GMainContext event loop 2017-09-08 09:32:48 +08:00
kvm_int.h kvm-all: add support for multiple address spaces 2015-07-06 17:59:43 +02:00
kvm.h kvm: workaround build break on gcc-7.1.1 / fedora26 2017-08-08 10:40:20 +02:00
memory_mapping.h Use scripts/clean-includes to drop redundant qemu/typedefs.h 2016-03-22 22:20:16 +01:00
numa.h hmp: extend "info numa" with hotplugged memory information 2017-09-14 15:52:10 +01:00
os-posix.h util: drop old utimensat() compat code 2017-05-25 10:30:14 +02:00
os-win32.h log: Add locking to large logging blocks 2016-11-01 10:29:03 -06:00
qtest.h include: Clean up includes 2016-02-23 12:43:05 +00:00
replay.h shutdown: Preserve shutdown cause through replay 2017-05-23 13:28:17 +02:00
reset.h hw: move reset handlers from vl.c to hw/core 2017-01-16 17:52:35 +01:00
rng-random.h rng-random: rename RndRandom to RngRandom 2016-05-23 12:18:43 +05:30
rng.h rng: switch request queue to QSIMPLEQ 2016-03-08 12:54:14 +05:30
seccomp.h seccomp: add elevateprivileges argument to command line 2017-09-15 10:15:06 +02:00
sysemu.h migration: move only_migratable to MigrationState 2017-06-28 11:18:38 +02:00
tpm_backend_int.h Clean up header guards that don't match their file name 2016-07-12 16:19:16 +02:00
tpm_backend.h tpm: Clean up model registration & lookup 2017-09-04 13:09:13 +02:00
tpm.h TPM: fix build with tpm disabled 2015-06-03 18:19:15 +02:00
watchdog.h watchdog: introduction of get_watchdog_action 2016-01-27 15:34:47 +01:00
xen-mapcache.h xen/mapcache: introduce xen_replace_cache_entry() 2017-07-18 14:16:09 -07:00