On Tuesday, October 08, 2013 09:42:24 PM Eduardo Otubo wrote:
v3: The "-netdev tap" option is checked in the vl.c file during the
process of the command line argument list. It sets tap_enabled to true
or false according to the configuration found. Later at the seccomp
filter installation, this value is checked wheter to install or not this
feature.
I like the idea of slowly making the QEMU syscall filter dependent on the
runtime configuration. With that in mind, I wonder if we should have a more
general purpose API in include/sysemu/seccomp.h that allows QEMU to indicate
to the the QEMU/seccomp code that a particular feature is enabled.
Maybe something like this:
#define SCMP_FEAT_TAP ...
int seccomp_feature_enable(int feature);
One more comment below.
Adding a system call blacklist right before the vcpus starts. This
filter is composed by the system calls that can't be executed after the
guests are up. This list should be refined as whitelist is, with as much
testing as we can do using virt-test.
Signed-off-by: Eduardo Otubo <address@hidden>
---
include/sysemu/seccomp.h | 6 ++++-
qemu-seccomp.c | 64
+++++++++++++++++++++++++++++++++++++++--------- vl.c |
21 +++++++++++++++-
3 files changed, 77 insertions(+), 14 deletions(-)
diff --git a/include/sysemu/seccomp.h b/include/sysemu/seccomp.h
index 1189fa2..9dc7e52 100644
--- a/include/sysemu/seccomp.h
+++ b/include/sysemu/seccomp.h
@@ -15,8 +15,12 @@
#ifndef QEMU_SECCOMP_H
#define QEMU_SECCOMP_H
+#define WHITELIST 0
+#define BLACKLIST 1
Should these #defines be namespaced in some way, e.g. SCMP_LIST_BLACKLIST?
#include <seccomp.h>
#include "qemu/osdep.h"
-int seccomp_start(void);
+int seccomp_start(int list_type);
+
#endif