Merge remote-tracking branch 'remotes/otubo/tags/pull-seccomp-20141111' into staging

seccomp branch queue

# gpg: Signature made Tue 11 Nov 2014 16:12:48 GMT using RSA key ID 12F8BD2F
# gpg: Can't check signature: public key not found

* remotes/otubo/tags/pull-seccomp-20141111:
  seccomp: change configure to avoid arm 32 to break
  seccomp: whitelist syscalls fallocate(), fadvise64(), inotify_init1() and inotify_add_watch()

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

2 files changed, 7 insertions, 2 deletions

diff --git a/configure b/configure
index 2f17bf3803..47048f0086 100755
--- a/configure
+++ b/configure
@@ -1823,7 +1823,8 @@ fi
 # libseccomp check
 
 if test "$seccomp" != "no" ; then
-    if $pkg_config --atleast-version=2.1.0 libseccomp; then
+    if test "$cpu" = "i386" || test "$cpu" = "x86_64" &&
+        $pkg_config --atleast-version=2.1.1 libseccomp; then
         libs_softmmu="$libs_softmmu `$pkg_config --libs libseccomp`"
         QEMU_CFLAGS="$QEMU_CFLAGS `$pkg_config --cflags libseccomp`"
 	seccomp="yes"
diff --git a/qemu-seccomp.c b/qemu-seccomp.c
index 0503764047..af6a375127 100644
--- a/qemu-seccomp.c
+++ b/qemu-seccomp.c
@@ -231,7 +231,11 @@ static const struct QemuSeccompSyscall seccomp_whitelist[] = {
     { SCMP_SYS(shmctl), 240 },
     { SCMP_SYS(mlock), 240 },
     { SCMP_SYS(munlock), 240 },
-    { SCMP_SYS(semctl), 240 }
+    { SCMP_SYS(semctl), 240 },
+    { SCMP_SYS(fallocate), 240 },
+    { SCMP_SYS(fadvise64), 240 },
+    { SCMP_SYS(inotify_init1), 240 },
+    { SCMP_SYS(inotify_add_watch), 240 }
 };
 
 int seccomp_start(void)