QEMU-Nyx-fork

Go to file

Paul Moore e9eecb5bf8 seccomp: add kill() to the syscall whitelist

The kill() syscall is triggered with the following command:

 # qemu -sandbox on -monitor stdio \
        -device intel-hda -device hda-duplex -vnc :0

The resulting syslog/audit message:

 # ausearch -m SECCOMP
 ----
 time->Wed Nov 20 09:52:08 2013
 type=SECCOMP msg=audit(1384912328.482:6656): auid=0 uid=0 gid=0 ses=854
  subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 pid=12087
  comm="qemu-kvm" sig=31 syscall=62 compat=0 ip=0x7f7a1d2abc67 code=0x0
 # scmp_sys_resolver 62
 kill

Reported-by: CongLi <coli@redhat.com>
Tested-by: CongLi <coli@redhat.com>
Signed-off-by: Paul Moore <pmoore@redhat.com>
Acked-by: Eduardo Otubo <otubo@linux.vnet.ibm.com>

2013-12-03 10:21:32 -02:00

audio

ossaudio: check for oss support in oss_audio_init

2013-11-07 12:26:00 +01:00

backends

rng-egd: offset the point when repeatedly read from the buffer

2013-11-21 17:39:17 +01:00

block

qcow2: fix possible corruption when reading multiple clusters

2013-11-14 13:09:07 +01:00

bsd-user

*-user: Improve documentation for lock_user function

2013-09-20 20:09:24 +04:00

default-configs

arm11mpcore: Split off SCU device

2013-11-05 17:47:30 +01:00

disas

disas/ppc.c: Fix little endian disassembly

2013-09-02 10:06:41 +02:00

docs

docs/memory.txt: Clarify and expand priority/overlap documentation

2013-11-05 19:59:24 -08:00

dtc @ bc895d6d09

dtc: add submodule

2013-04-18 13:50:53 +02:00

fpu

softfloat: Fix shift128Right for shift counts 64..127

2013-06-10 11:36:12 -05:00

fsdev

fsdev: Fix potential memory leak

2013-07-09 13:38:56 -05:00

gdb-xml

target-arm: Add AArch64 gdbstub support

2013-09-10 19:11:28 +01:00

PPC: BookE: Make FIT/WDT timers at best millisecond grained

2013-11-25 20:35:12 -08:00

include

atomic.h: Fix build with clang

2013-11-21 17:38:57 +01:00

libcacard

Merge remote-tracking branch 'stefanha/block' into staging

2013-09-23 11:53:05 -05:00

linux-headers

linux-headers: update to 3.12-rc1

2013-09-20 12:38:48 +02:00

linux-user

linux-user: Fix stat64 syscall for SPARC64

2013-11-07 07:02:44 +01:00

net

net: fix qemu_flush_queued_packets() in presence of a hub

2013-11-08 17:32:34 +01:00

pc-bios

sun4m: Add FCode ROM for TCX framebuffer

2013-11-21 17:38:52 +01:00

pixman @ 97336fad32

qapi: move include files to include/qobject/

2012-12-19 08:31:31 +01:00

po: Update all *.po files

2013-08-07 12:48:00 -05:00

qapi

qapi: fix memleak by adding implict struct functions in dealloc visitor

2013-11-05 19:58:38 -08:00

qga

qga: Fix two format strings for MinGW

2013-11-25 20:35:28 -08:00

qobject

qdict: Extract qdict_extract_subqdict

2013-09-25 16:21:28 +02:00

qom

qom: Fix memory leak in object_property_set_link()

2013-11-19 10:58:21 +01:00

roms

pseries: Update SLOF firmware image

2013-11-08 04:33:19 +01:00

scripts

Adjust qapi-visit for python-2.4.3

2013-11-11 10:02:21 -05:00

slirp

misc: Spelling and grammar fixes in comments

2013-10-26 13:06:45 +04:00

stubs

Merge remote-tracking branch 'kiszka/queues/slirp' into staging

2013-09-17 10:01:24 -05:00

sysconfigs/target

Eliminate cpus-x86_64.conf file

2012-09-21 15:12:58 +02:00

target-alpha

misc: New spelling fixes in comments

2013-10-26 13:01:57 +04:00

target-arm

target-arm: fix sorting issue of KVM cpreg list

2013-10-31 14:00:16 +01:00

target-cris

tcg: Remove stray semi-colons from target-*/helper.h

2013-10-10 11:43:37 -07:00

target-i386

Here are a bunch of 1.7-tagged patches that I was afraid

2013-11-25 09:41:24 -08:00

target-lm32

target: Include softmmu_exec.h where forgotten

2013-09-02 09:08:30 -07:00

target-m68k

Merge remote-tracking branch 'rth/tcg-pull' into staging

2013-10-11 09:36:52 -07:00

target-microblaze

microblaze: At swx, check that the reserved word is unmodified

2013-10-24 22:32:56 +02:00

target-mips

Merge remote-tracking branch 'rth/tcg-pull' into staging

2013-10-11 09:36:52 -07:00

target-moxie

cpu: Drop cpu_model_str from CPU_COMMON

2013-10-07 11:48:47 +02:00

target-openrisc

target-openrisc: Correct memory bounds checking for the tlb buffers

2013-11-20 21:47:17 +08:00

target-ppc

spapr: Use DeviceClass::fw_name for device tree CPU node

2013-10-25 23:25:48 +02:00

target-s390x

exec: Fix prototype of phys_mem_set_alloc and related functions

2013-10-14 08:50:34 -07:00

target-sh4

Merge remote-tracking branch 'rth/tcg-pull' into staging

2013-10-11 09:36:52 -07:00

target-sparc

Merge remote-tracking branch 'rth/tcg-pull' into staging

2013-10-11 09:36:52 -07:00

target-unicore32

Merge remote-tracking branch 'rth/tcg-pull' into staging

2013-10-11 09:36:52 -07:00

target-xtensa

target-xtensa: add missing DEBUG section to dc233c config

2013-11-08 09:26:07 +04:00

tcg

tcg-ia64: Introduce tcg_opc_bswap64_i

2013-11-18 15:57:59 +10:00

tests

qemu-iotests: Fix test 041

2013-11-27 07:53:32 -08:00

trace

trace: Add ftrace tracing backend

2013-05-03 13:58:09 +02:00

curses: fixup SIGWINCH handler mess

2013-11-25 20:36:27 -08:00

util

qmp: access the local QemuOptsLists for drive option

2013-11-14 13:09:07 +01:00

.exrc

qemu: add .exrc

2012-09-07 09:02:44 +03:00

.gitignore

.gitignore: ignore qmp-commands.txt

2013-10-26 13:01:57 +04:00

.gitmodules

Use qemu-project.org domain name

2013-10-11 09:34:56 -07:00

.mailmap

Update mailmap

2013-09-05 09:40:31 -05:00

.travis.yml

.travis.yml: basic compile and check recipes

2013-11-13 15:48:38 +04:00

aio-posix.c

aio / timers: Convert aio_poll to use AioContext timers' deadline

2013-08-22 19:10:28 +02:00

aio-win32.c

aio-win32: replace incorrect AioHandler->opaque usage with ->e

2013-08-22 22:04:54 +02:00

arch_init.c

migration: drop MADVISE_DONT_NEED for incoming zero pages

2013-11-19 17:23:57 +01:00

async.c

aio / timers: aio_ctx_prepare sets timeout from AioContext timers

2013-08-22 19:10:28 +02:00

balloon.c

softmmu: move include files to include/sysemu/

2012-12-19 08:32:45 +01:00

block-migration.c

migration: omit drive ref as we have bdrv_ref now

2013-09-06 15:25:08 +02:00

block.c

block: Fail if requested driver is not available

2013-11-15 13:37:48 +01:00

blockdev-nbd.c

nbd: use BlockDriverState refcnt

2013-09-06 15:25:08 +02:00

blockdev.c

block/drive-mirror: Reuse backing HD for sync=none

2013-11-27 07:53:32 -08:00

blockjob.c

qapi: make use of new BlockJobType

2013-10-11 10:52:54 +02:00

bt-host.c

sysemu: avoid proliferation of include/ subdirectories

2013-04-15 18:19:25 +02:00

bt-vhci.c

sysemu: avoid proliferation of include/ subdirectories

2013-04-15 18:19:25 +02:00

Changelog

Use qemu-project.org domain name

2013-10-11 09:34:56 -07:00

CODING_STYLE

Replace Qemu by QEMU in internal documentation

2012-04-07 13:58:25 +00:00

configure

pc very last minute fixes for 1.7

2013-11-25 09:49:43 -08:00

COPYING

COPYING: update from FSF

2008-10-12 17:54:42 +00:00

COPYING.LIB

Update FSF address in GPL/LGPL boilerplate

2009-01-04 22:05:52 +00:00

coroutine-gthread.c

block: move include files to include/block/

2012-12-19 08:31:31 +01:00

coroutine-sigaltstack.c

Merge remote-tracking branch 'kwolf/for-anthony' into staging

2013-02-26 07:44:39 -06:00

coroutine-ucontext.c

Fix warnings suppressors to honor --disable-werror

2013-04-17 10:28:04 -05:00

coroutine-win32.c

block: move include files to include/block/

2012-12-19 08:31:31 +01:00

cpu-exec.c

cpu-exec: Also reload CPUClass *cc after longjmp return in cpu_exec()

2013-10-07 11:46:58 +02:00

cpus.c

timers: fix stop/cont with -icount

2013-11-06 21:47:05 -08:00

cputlb.c

cputlb: Remove dead function tlb_update_dirty()

2013-10-07 11:48:03 +02:00

device_tree.c

device_tree: Add qemu_devtree_setprop_sized_cells() utility functions

2013-07-19 12:58:46 +01:00

device-hotplug.c

hw: move device-hotplug.o to toplevel, compile it once

2013-03-01 13:57:13 +01:00

disas.c

disas: Implement fallback to dump object code as hex

2013-08-24 07:26:45 +02:00

dma-helpers.c

aio / timers: Untangle include files

2013-08-22 19:10:27 +02:00

dump.c

dump-guest-memory: Check for the correct return value

2013-10-25 23:25:48 +02:00

exec.c

pci, pc, virtio bug fixes

2013-11-13 11:48:35 -08:00

gdbstub.c

vl: allow "cont" from panicked state

2013-11-04 15:39:41 +02:00

HACKING

HACKING: Document vaddr type usage

2013-07-23 02:41:31 +02:00

hmp-commands.hx

hmp: add interface hmp_snapshot_delete_blkdev_internal

2013-09-12 10:12:47 +02:00

hmp.c

hmp: drop bogus "[not inserted]"

2013-10-17 10:10:14 +02:00

hmp.h

hmp: add interface hmp_snapshot_delete_blkdev_internal

2013-09-12 10:12:47 +02:00

iohandler.c

iohandler: switch to GPollFD

2013-02-21 16:17:31 -06:00

ioport.c

portio: Allow to mark portio lists as coalesced MMIO flushing

2013-10-17 17:24:15 +02:00

kvm-all.c

Merge remote-tracking branch 'qemu-kvm/uq/master' into staging

2013-09-23 11:52:49 -05:00

kvm-stub.c

kvm irqfd: support direct msimessage to irq translation

2013-09-20 12:37:52 +02:00

LICENSE

LICENSE: clarify

2013-08-12 09:15:12 -05:00

main-loop.c

slirp: set mainloop timeout with more precise value

2013-09-17 12:26:05 +02:00

MAINTAINERS

MAINTAINERS: add block driver sub-maintainers

2013-11-15 13:37:48 +01:00

Makefile

sun4m: Add FCode ROM for TCX framebuffer

2013-11-21 17:38:52 +01:00

Makefile.objs

qemu-ga: Add Windows VSS provider and requester as DLL

2013-09-09 14:17:57 -05:00

Makefile.target

default-configs/: CONFIG_GDBSTUB_XML removed

2013-10-16 18:21:01 +02:00

memory_mapping.c

cpu: Use QTAILQ for CPU list

2013-09-03 12:25:55 +02:00

memory.c

pci, pc, acpi fixes, enhancements

2013-10-31 16:58:32 +01:00

migration-exec.c

aio / timers: Untangle include files

2013-08-22 19:10:27 +02:00

migration-fd.c

aio / timers: Untangle include files

2013-08-22 19:10:27 +02:00

migration-rdma.c

rdma: constify ram_chunk_{index, start, end}

2013-09-24 13:22:50 +02:00

migration-tcp.c

aio / timers: Untangle include files

2013-08-22 19:10:27 +02:00

migration-unix.c

aio / timers: Untangle include files

2013-08-22 19:10:27 +02:00

migration.c

migration: Fix compiler warning ('caps' may be used uninitialized)

2013-10-05 14:02:29 +04:00

monitor.c

Merge remote-tracking branch 'agraf/ppc-for-upstream' into staging

2013-10-31 17:01:12 +01:00

nbd.c

nbd: use BlockDriverState refcnt

2013-09-06 15:25:08 +02:00

os-posix.c

Add option to mlock qemu and guest memory

2013-04-22 08:52:23 -05:00

os-win32.c

qemu-timer: move timeBeginPeriod/timeEndPeriod to os-win32

2013-04-12 18:27:16 +02:00

page_cache.c

remove some double-includes

2013-05-18 16:35:12 +04:00

qapi-schema.json

qapi-schema: Update description for NewImageMode

2013-11-14 13:09:06 +01:00

qdev-monitor.c

qdev-monitor: Inline qdev_init() for device_add

2013-11-05 18:06:51 +01:00

qdict-test-data.txt

Introduce QDict test data file

2009-09-04 09:37:34 -05:00

qemu-bridge-helper.c

qemu-bridge-helper: force usage of a very high MAC address for the bridge

2013-03-28 12:58:52 -05:00

qemu-char.c

Merge remote-tracking branch 'amit/char-remove-watch-on-unplug' into staging

2013-10-10 13:16:02 -07:00

qemu-coroutine-io.c

aio / timers: Untangle include files

2013-08-22 19:10:27 +02:00

qemu-coroutine-lock.c

block: Repair the throttling code.

2013-07-29 17:07:37 +02:00

qemu-coroutine-sleep.c

coroutine: add co_aio_sleep_ns() to allow sleep in block drivers

2013-10-30 12:22:09 +01:00

qemu-coroutine.c

coroutine: add ./configure --disable-coroutine-pool

2013-09-12 10:12:48 +02:00

qemu-doc.texi

doc: we use seabios, not bochs bios

2013-06-28 22:10:34 +04:00

qemu-img-cmds.hx

block: Image file option amendment

2013-09-12 10:12:46 +02:00

qemu-img.c

qemu-img: Fix overwriting 'ret' before using

2013-11-15 13:37:48 +01:00

qemu-img.texi

block: Image file option amendment

2013-09-12 10:12:46 +02:00

qemu-io-cmds.c

block/qapi: Human-readable ImageInfoSpecific dump

2013-10-11 10:52:54 +02:00

qemu-io.c

qemu-io: Let "open" pass options to block driver

2013-10-11 16:50:02 +02:00

qemu-log.c

qemu-log: default to stderr for logging output

2013-02-26 13:31:47 -06:00

qemu-nbd.c

block: Error parameter for open functions

2013-09-12 10:12:48 +02:00

qemu-nbd.texi

Add -f FMT / --format FMT arg to qemu-nbd

2013-04-15 14:29:20 -05:00

qemu-options-wrapper.h

vl.c: In qemu -h output, only print options for the arch we are running as

2011-12-19 10:27:33 -06:00

qemu-options.h

vl.c: Move option generation logic into a wrapper file

2011-12-19 10:27:33 -06:00

qemu-options.hx

doc: fix hardcoded helper path

2013-11-18 13:45:10 +02:00

qemu-seccomp.c

seccomp: add kill() to the syscall whitelist

2013-12-03 10:21:32 -02:00

qemu-tech.texi

qemu-tech.texi: update implemented xtensa features list

2012-11-29 13:00:52 -06:00

qemu-timer.c

timer: add timer_mod_anticipate and timer_mod_anticipate_ns

2013-10-17 17:31:00 +02:00

qemu.nsi

nsis: Improved support for parallel installation of 32 and 64 bit code

2013-11-07 07:02:44 +01:00

qemu.sasl

Fix command example in qemu.sasl

2013-07-19 12:52:03 +04:00

qmp-commands.hx

blockdev: 'blockdev-add' QMP command

2013-10-11 16:50:01 +02:00

qmp.c

QMP: Add cpu-add command

2013-05-01 13:06:07 +02:00

qtest.c

qtest: Fix FMT_timeval vs time_t

2013-09-02 09:08:29 -07:00

readline.c

monitor: avoid use of global *cur_mon in readline_completion()

2013-08-30 07:41:14 -04:00

README

Use qemu-project.org domain name

2013-10-11 09:34:56 -07:00

rules.mak

rules.mak: New string testing functions

2013-10-16 18:21:00 +02:00

savevm.c

The calculation of bytes_xfer in qemu_put_buffer() is wrong

2013-11-20 12:16:04 +01:00

spice-qemu-char.c

qemu-char: don't issue CHR_EVENT_OPEN in a BH

2013-06-10 11:38:37 -05:00

tcg-runtime.c

tcg: Implement multiword multiply helpers

2013-02-23 17:25:28 +00:00

tci.c

misc: Use new rotate functions

2013-09-25 21:23:05 +02:00

thread-pool.c

aio / timers: Untangle include files

2013-08-22 19:10:27 +02:00

thunk.c

exec: move include files to include/exec/

2012-12-19 08:31:31 +01:00

tpm.c

tpm.c: Don't try to put -1 in a variable of type TpmModel

2013-07-29 10:37:10 -05:00

trace-events

Merge remote-tracking branch 'mjt/trivial-patches' into staging

2013-09-23 11:52:55 -05:00

translate-all.c

exec: Delete is_tcg_gen_code and GETRA_EXT

2013-10-10 11:44:25 -07:00

translate-all.h

cputlb: Pass CPUState to cpu_unlink_tb()

2013-02-16 14:51:00 +01:00

user-exec.c

linux-user: fix segmentation fault passing with h2g(x) != x

2013-07-23 17:28:28 +03:00

VERSION

Open 2.0 development tree

2013-11-27 14:02:45 -08:00

version.rc

Use qemu-project.org domain name

2013-10-11 09:34:56 -07:00

vl.c

Merge remote-tracking branch 'mjt/trivial-patches' into staging

2013-11-19 12:59:26 -08:00

xbzrle.c

Move XBZRLE encoding code to a separate file to allow testing

2013-02-01 08:32:20 +01:00

xen-all.c

qemu/xen: make use of xenstore relative paths

2013-10-10 14:25:52 +00:00

xen-mapcache.c

hw: move headers to include/

2013-04-08 18:13:10 +02:00

xen-stub.c

pc: Initializing ram_memory under Xen.

2013-09-09 16:22:19 +00:00

README

Read the documentation in qemu-doc.html or on http://wiki.qemu-project.org

- QEMU team