[libvirt] [PATCH] qemu: Enforce qemuSecurity wrappers
Michal Privoznik
mprivozn at redhat.com
Mon Mar 6 11:58:16 UTC 2017
On 06.03.2017 12:43, Peter Krempa wrote:
> On Tue, Feb 14, 2017 at 15:30:44 +0100, Michal Privoznik wrote:
>> Now that we have some qemuSecurity wrappers over
>> virSecurityManager APIs, lets make sure everybody sticks with
>> them. We have them for a reason and calling virSecurityManager
>> API directly instead of wrapper may lead into accidentally
>> labelling a file on the host instead of namespace.
>>
>> Signed-off-by: Michal Privoznik <mprivozn at redhat.com>
>> ---
>>
>> This is an alternative approach to:
>>
>> https://www.redhat.com/archives/libvir-list/2017-February/msg00271.html
>
> While I think that by putting some more effor to the script checking the
> rules it would be possible to achieve the same even without having to
> have macros for the APIs which don't require wrapping I must agree that
> it's better to have a check with techincal debt rather than a bug.
Agreed. I believe we might turn some of those dummy #define-s into
actual functions one day. But at least for now we will not introduce new
bugs.
>
> ACK
>
Thank you, pushed. One thing less to remember while reviewing qemu patches.
Michal
More information about the libvir-list
mailing list