]> git.ipfire.org Git - thirdparty/qemu.git/commit - qemu-options.hx
projects / thirdparty / qemu.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 995a226) | patch
seccomp: add resourcecontrol argument to command line
authorEduardo Otubo <otubo@redhat.com>
Mon, 13 Mar 2017 21:18:51 +0000 (22:18 +0100)
committerEduardo Otubo <otubo@redhat.com>
Fri, 15 Sep 2017 08:15:06 +0000 (10:15 +0200)
commit24f8cdc5722476e12d8e39d71f66311b4fa971c1
tree46fd71cfaaa2c1632bfce0d683941c15c84970f1tree | snapshot
parent995a226f880b807e05240e8752d6ce65679775becommit | diff
seccomp: add resourcecontrol argument to command line

This patch adds [,resourcecontrol=deny] to `-sandbox on' option. It
blacklists all process affinity and scheduler priority system calls to
avoid any bigger of the process.

Signed-off-by: Eduardo Otubo <otubo@redhat.com>
include/sysemu/seccomp.h diff | blob | blame | history
qemu-options.hx diff | blob | blame | history
qemu-seccomp.c diff | blob | blame | history
vl.c diff | blob | blame | history
Mirror of https://git.qemu.org/git/qemu.git