Proxmox-Port/qemu
1
0
Fork 0
mirror of https://github.com/qemu/qemu.git synced 2025-08-15 22:31:15 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
4f8bde99c1
qemu/tools/virtiofsd
History
Stefan Hajnoczi 4f8bde99c1 virtiofsd: add seccomp whitelist 
Only allow system calls that are needed by virtiofsd.  All other system
calls cause SIGSYS to be directed at the thread and the process will
coredump.

Restricting system calls reduces the kernel attack surface and limits
what the process can do when compromised.

Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
with additional entries by:
Signed-off-by: Ganesh Maharaj Mahalingam <ganesh.mahalingam@intel.com>
Signed-off-by: Masayoshi Mizuma <m.mizuma@jp.fujitsu.com>
Signed-off-by: Misono Tomohiro <misono.tomohiro@jp.fujitsu.com>
Signed-off-by: piaojun <piaojun@huawei.com>
Signed-off-by: Vivek Goyal <vgoyal@redhat.com>
Signed-off-by: Eric Ren <renzhen@linux.alibaba.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
2020-01-23 16:41:37 +00:00
..
50-qemu-virtiofsd.json.in virtiofsd: add vhost-user.json file 2020-01-23 16:41:36 +00:00
buffer.c virtiofsd: add fuse_mbuf_iter API 2020-01-23 16:41:36 +00:00
fuse_common.h virtiofsd: add fuse_mbuf_iter API 2020-01-23 16:41:36 +00:00
fuse_i.h virtiofsd: Plumb fuse_bufvec through to do_write_buf 2020-01-23 16:41:36 +00:00
fuse_log.c virtiofsd: Fix common header and define for QEMU builds 2020-01-23 16:41:36 +00:00
fuse_log.h virtiofsd: Format imported files to qemu style 2020-01-23 16:41:36 +00:00
fuse_lowlevel.c virtiofsd: check input buffer size in fuse_lowlevel.c ops 2020-01-23 16:41:36 +00:00
fuse_lowlevel.h virtiofsd: add --print-capabilities option 2020-01-23 16:41:36 +00:00
fuse_misc.h virtiofsd: Format imported files to qemu style 2020-01-23 16:41:36 +00:00
fuse_opt.c virtiofsd: Fix common header and define for QEMU builds 2020-01-23 16:41:36 +00:00
fuse_opt.h virtiofsd: Format imported files to qemu style 2020-01-23 16:41:36 +00:00
fuse_signals.c virtiofsd: Fix common header and define for QEMU builds 2020-01-23 16:41:36 +00:00
fuse_virtio.c virtiofsd: Pass write iov's all the way through 2020-01-23 16:41:36 +00:00
fuse_virtio.h virtiofsd: Fast path for virtio read 2020-01-23 16:41:36 +00:00
fuse.h virtiofsd: Format imported files to qemu style 2020-01-23 16:41:36 +00:00
helper.c virtiofsd: passthrough_ll: add fallback for racy ops 2020-01-23 16:41:36 +00:00
Makefile.objs virtiofsd: add seccomp whitelist 2020-01-23 16:41:37 +00:00
passthrough_helpers.h virtiofsd: Format imported files to qemu style 2020-01-23 16:41:36 +00:00
passthrough_ll.c virtiofsd: add seccomp whitelist 2020-01-23 16:41:37 +00:00
seccomp.c virtiofsd: add seccomp whitelist 2020-01-23 16:41:37 +00:00
seccomp.h virtiofsd: add seccomp whitelist 2020-01-23 16:41:37 +00:00