From 0091db9cbddb6c9fb4c96fbde980780c98006eda Mon Sep 17 00:00:00 2001 From: Adin Scannell Date: Tue, 30 Oct 2018 22:45:51 -0700 Subject: kvm: use private futexes. Use private futexes for performance and to align with other runtime uses. PiperOrigin-RevId: 219422634 Change-Id: Ief2af5e8302847ea6dc246e8d1ee4d64684ca9dd --- pkg/sentry/platform/kvm/machine_unsafe.go | 4 ++-- runsc/boot/filter/config.go | 1 - 2 files changed, 2 insertions(+), 3 deletions(-) diff --git a/pkg/sentry/platform/kvm/machine_unsafe.go b/pkg/sentry/platform/kvm/machine_unsafe.go index 4f5b01321..38c1f102f 100644 --- a/pkg/sentry/platform/kvm/machine_unsafe.go +++ b/pkg/sentry/platform/kvm/machine_unsafe.go @@ -88,7 +88,7 @@ func (c *vCPU) notify() { _, _, errno := syscall.RawSyscall6( syscall.SYS_FUTEX, uintptr(unsafe.Pointer(&c.state)), - linux.FUTEX_WAKE, + linux.FUTEX_WAKE|linux.FUTEX_PRIVATE_FLAG, ^uintptr(0), // Number of waiters. 0, 0, 0) if errno != 0 { @@ -106,7 +106,7 @@ func (c *vCPU) waitUntilNot(state uint32) { _, _, errno := syscall.Syscall6( syscall.SYS_FUTEX, uintptr(unsafe.Pointer(&c.state)), - linux.FUTEX_WAIT, + linux.FUTEX_WAIT|linux.FUTEX_PRIVATE_FLAG, uintptr(state), 0, 0, 0) if errno != 0 && errno != syscall.EINTR && errno != syscall.EAGAIN { diff --git a/runsc/boot/filter/config.go b/runsc/boot/filter/config.go index 378396b9b..83c1fbcce 100644 --- a/runsc/boot/filter/config.go +++ b/runsc/boot/filter/config.go @@ -438,7 +438,6 @@ func ptraceFilters() seccomp.SyscallRules { func kvmFilters() seccomp.SyscallRules { return seccomp.SyscallRules{ syscall.SYS_ARCH_PRCTL: {}, - syscall.SYS_FUTEX: {}, syscall.SYS_IOCTL: {}, syscall.SYS_MMAP: {}, syscall.SYS_RT_SIGSUSPEND: {}, -- cgit v1.2.3