subject:"\[Qemu\-devel\] \[PATCHv6 4\/5\] seccomp\: add spawn argument to command line"

Re: [Qemu-devel] [PATCHv6 4/5] seccomp: add spawn argument to command line

2017-09-14 Thread Daniel P. Berrange

On Fri, Sep 08, 2017 at 01:44:06PM +0200, Eduardo Otubo wrote: > This patch adds [,spawn=deny] argument to `-sandbox on' option. It > blacklists fork and execve system calls, avoiding Qemu to spawn new > threads or processes. > > Signed-off-by: Eduardo Otubo > --- >

Re: [Qemu-devel] [PATCHv6 4/5] seccomp: add spawn argument to command line

2017-09-08 Thread Thomas Huth

On 08.09.2017 13:44, Eduardo Otubo wrote: > This patch adds [,spawn=deny] argument to `-sandbox on' option. It > blacklists fork and execve system calls, avoiding Qemu to spawn new > threads or processes. > > Signed-off-by: Eduardo Otubo > --- > include/sysemu/seccomp.h | 1 +

[Qemu-devel] [PATCHv6 4/5] seccomp: add spawn argument to command line

2017-09-08 Thread Eduardo Otubo

This patch adds [,spawn=deny] argument to `-sandbox on' option. It blacklists fork and execve system calls, avoiding Qemu to spawn new threads or processes. Signed-off-by: Eduardo Otubo --- include/sysemu/seccomp.h | 1 + qemu-options.hx | 9 +++--