[libvirt PATCH 05/23] qemu: remove use of the term 'blacklist' in seccomp capability

Peter Krempa pkrempa at redhat.com
Fri Jun 19 13:05:40 UTC 2020


On Fri, Jun 19, 2020 at 13:23:24 +0100, Daniel Berrange wrote:
> On Fri, Jun 19, 2020 at 01:56:55PM +0200, Ján Tomko wrote:
> > On a Friday in 2020, Daniel P. Berrangé wrote:

[...]

> > > diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c
> > > index 72874ee4fd..56ec5c0352 100644
> > > --- a/src/qemu/qemu_domain.c
> > > +++ b/src/qemu/qemu_domain.c
> > > @@ -3851,9 +3851,13 @@ qemuDomainObjPrivateXMLParse(xmlXPathContextPtr ctxt,
> > >             if (str) {
> > >                 int flag = virQEMUCapsTypeFromString(str);
> > >                 if (flag < 0) {
> > > -                    virReportError(VIR_ERR_INTERNAL_ERROR,
> > > -                                   _("Unknown qemu capabilities flag %s"), str);
> > > -                    goto error;
> > > +                    if (g_str_equal(str, "seccomp-blacklist")) {
> > > +                        flag = QEMU_CAPS_SECCOMP_FILTER_GROUPS;
> > 
> > I'd just leave the XML as-is, to avoid introducing this special-casing.
> 
> Renaming the capability lets us eliminate this from all the capabilities
> test data files we have (and the ones we cointinue to add in future), so
> I think it is a net win to just have this 2 line special case.

I will consider this being a win/improvement of the code if you make it
a generic concept for renaming capabilities as I've mentioned in my
review. Having a one-off hack seems to be too forced without any
possible improvement in the code.

I will happily ack it it's made a generic concept.




More information about the libvir-list mailing list