On Mon, Mar 07, 2016 at 10=34=46AM +0100, mreza...@redhat.com wrote: > From: Miroslav Rezanina <mreza...@redhat.com> > > Newer version of nss-softokn libraries (> 3.16.2.3) use sysinfo call > so qemu using rbd image hang after start when run in sandbox mode. > > To allow using rbd images in sandbox mode we have to whitelist it. > > Signed-off-by: Miroslav Rezanina <mreza...@redhat.com> > --- > qemu-seccomp.c | 1 + > 1 file changed, 1 insertion(+) > > diff --git a/qemu-seccomp.c b/qemu-seccomp.c > index 2866e3c..e29fca1 100644 > --- a/qemu-seccomp.c > +++ b/qemu-seccomp.c > @@ -250,6 +250,7 @@ static const struct QemuSeccompSyscall > seccomp_whitelist[] = { > #ifdef HAVE_CACHEFLUSH > { SCMP_SYS(cacheflush), 240 }, > #endif > + { SCMP_SYS(sysinfo), 240 },
Are you sure you want to add this syscall to the bottom of the list? Did you estimate the frequency it is called by running strace? Thanks for the patch. -- Eduardo Otubo ProfitBricks GmbH
signature.asc
Description: Digital signature