[libvirt PATCH 05/23] qemu: remove use of the term 'blacklist' in seccomp capability

Peter Krempa pkrempa at redhat.com
Fri Jun 19 09:55:28 UTC 2020


On Fri, Jun 19, 2020 at 10:32:42 +0100, Daniel Berrange wrote:
> The concept we're really testing for is whether QEMU supports
> the seccomp syscall filter groups. We need to keep one place
> using the old term to deal with upgrades from existing hosts
> with running VMs.
> 
> Signed-off-by: Daniel P. Berrangé <berrange at redhat.com>
> ---
> diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c
> index 72874ee4fd..56ec5c0352 100644
> --- a/src/qemu/qemu_domain.c
> +++ b/src/qemu/qemu_domain.c
> @@ -3851,9 +3851,13 @@ qemuDomainObjPrivateXMLParse(xmlXPathContextPtr ctxt,
>              if (str) {
>                  int flag = virQEMUCapsTypeFromString(str);
>                  if (flag < 0) {
> -                    virReportError(VIR_ERR_INTERNAL_ERROR,
> -                                   _("Unknown qemu capabilities flag %s"), str);
> -                    goto error;
> +                    if (g_str_equal(str, "seccomp-blacklist")) {
> +                        flag = QEMU_CAPS_SECCOMP_FILTER_GROUPS;
> +                    } else {
> +                        virReportError(VIR_ERR_INTERNAL_ERROR,
> +                                       _("Unknown qemu capabilities flag %s"), str);

I think this should become an array so that we can extend it arbitrarily
later. This concept may come in useful.

Additionally making it with a proper explanation will prevent us from
having a magic constant in a random place in the code without proper
explanation.




More information about the libvir-list mailing list