[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [libvirt] [PATCHv2 3/4] qemu: add -sandbox to command line if requested



On 09/14/12 17:14, Corey Bryant wrote:
> On 09/12/2012 04:03 AM, Ján Tomko wrote:
>> +    if (qemuCapsGet(qemuCaps, QEMU_CAPS_SECCOMP_SANDBOX)) {
>> +        if (driver->seccompSandbox == 0)
>> +            virCommandAddArgList(cmd, "-sandbox", "off", NULL);
>> +        else if (driver->seccompSandbox > 0)
>> +            virCommandAddArgList(cmd, "-sandbox", "on", NULL);
>> +    } else if (driver->seccompSandbox > 0) {
> 
> Should this be (driver->seccompSandbox >= 0) ?
> 
>> +        virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
>> +                       _("QEMU does not support seccomp sandboxes"));
>> +        goto error;
>> +    }
>> +

I don't think so. If QEMU doesn't support -sandbox, it's like it was
off, which is what the user requested by setting it to 0.

Jan


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]