[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

[libvirt] [PATCHv3 1/4] qemu: add capability flag for seccomp sandbox



---
 src/qemu/qemu_capabilities.c |    3 +++
 src/qemu/qemu_capabilities.h |    1 +
 2 files changed, 4 insertions(+), 0 deletions(-)

diff --git a/src/qemu/qemu_capabilities.c b/src/qemu/qemu_capabilities.c
index 43645bf..b87c53c 100644
--- a/src/qemu/qemu_capabilities.c
+++ b/src/qemu/qemu_capabilities.c
@@ -177,6 +177,7 @@ VIR_ENUM_IMPL(qemuCaps, QEMU_CAPS_LAST,
 
               "disable-s4", /* 105 */
               "usb-redir.filter",
+              "seccomp-sandbox",
     );
 
 struct _qemuCaps {
@@ -1197,6 +1198,8 @@ qemuCapsComputeCmdFlags(const char *help,
     }
     if (strstr(help, "-smbios type"))
         qemuCapsSet(caps, QEMU_CAPS_SMBIOS_TYPE);
+    if (strstr(help, "-sandbox"))
+        qemuCapsSet(caps, QEMU_CAPS_SECCOMP_SANDBOX);
 
     if ((netdev = strstr(help, "-netdev"))) {
         /* Disable -netdev on 0.12 since although it exists,
diff --git a/src/qemu/qemu_capabilities.h b/src/qemu/qemu_capabilities.h
index c1519ed..dc09879 100644
--- a/src/qemu/qemu_capabilities.h
+++ b/src/qemu/qemu_capabilities.h
@@ -142,6 +142,7 @@ enum qemuCapsFlags {
     QEMU_CAPS_DISABLE_S3         = 104, /* S3 BIOS Advertisement on/off */
     QEMU_CAPS_DISABLE_S4         = 105, /* S4 BIOS Advertisement on/off */
     QEMU_CAPS_USB_REDIR_FILTER   = 106, /* usb-redir.filter */
+    QEMU_CAPS_SECCOMP_SANDBOX    = 107, /* -sandbox */
 
     QEMU_CAPS_LAST,                   /* this must always be the last item */
 };
-- 
1.7.8.6


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]