On Fri, Sep 08, 2017 at 01:44:06PM +0200, Eduardo Otubo wrote:
> This patch adds [,spawn=deny] argument to `-sandbox on' option. It
> blacklists fork and execve system calls, avoiding Qemu to spawn new
> threads or processes.
>
> Signed-off-by: Eduardo Otubo
> ---
>
On 08.09.2017 13:44, Eduardo Otubo wrote:
> This patch adds [,spawn=deny] argument to `-sandbox on' option. It
> blacklists fork and execve system calls, avoiding Qemu to spawn new
> threads or processes.
>
> Signed-off-by: Eduardo Otubo
> ---
> include/sysemu/seccomp.h | 1 +
This patch adds [,spawn=deny] argument to `-sandbox on' option. It
blacklists fork and execve system calls, avoiding Qemu to spawn new
threads or processes.
Signed-off-by: Eduardo Otubo
---
include/sysemu/seccomp.h | 1 +
qemu-options.hx | 9 +++--