[libvirt] [PATCHv2 3/4] qemu: add -sandbox to command line if requested
Corey Bryant
coreyb at linux.vnet.ibm.com
Fri Sep 14 15:14:09 UTC 2012
On 09/12/2012 04:03 AM, Ján Tomko wrote:
> ---
> src/qemu/qemu_command.c | 11 +++++++++++
> 1 files changed, 11 insertions(+), 0 deletions(-)
>
> diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c
> index a83d6de..c50c306 100644
> --- a/src/qemu/qemu_command.c
> +++ b/src/qemu/qemu_command.c
> @@ -6462,6 +6462,17 @@ qemuBuildCommandLine(virConnectPtr conn,
> ? qemucmd->env_value[i] : "");
> }
>
> + if (qemuCapsGet(qemuCaps, QEMU_CAPS_SECCOMP_SANDBOX)) {
> + if (driver->seccompSandbox == 0)
> + virCommandAddArgList(cmd, "-sandbox", "off", NULL);
> + else if (driver->seccompSandbox > 0)
> + virCommandAddArgList(cmd, "-sandbox", "on", NULL);
> + } else if (driver->seccompSandbox > 0) {
Should this be (driver->seccompSandbox >= 0) ?
> + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
> + _("QEMU does not support seccomp sandboxes"));
> + goto error;
> + }
> +
> return cmd;
>
> no_memory:
>
--
Regards,
Corey Bryant
More information about the libvir-list
mailing list