openkylin
/
libvirt
mirror of https://gitee.com/openkylin/libvirt.git
9
0
Fork 0
Code Issues Projects Releases Wiki Activity

qemu: add capability flag for seccomp sandbox 

This series adds support to run QEMU with seccomp sandbox enabled. It can be
configured in qemu.conf to on, off, or the QEMU default, which is off in 1.2.
Default value is the QEMU default.
This commit is contained in:
Ján Tomko 2012-09-18 15:24:51 +08:00 committed by Daniel Veillard
parent 1020a5041b
commit ede22e58ff
2 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
src/qemu/qemu_capabilities.c
View File

@ -179,6 +179,7 @@ VIR_ENUM_IMPL(qemuCaps, QEMU_CAPS_LAST,
"usb-redir.filter",
"ide-drive.wwn",
"scsi-disk.wwn",
"seccomp-sandbox",
);
struct _qemuCaps {
@ -1199,6 +1200,8 @@ qemuCapsComputeCmdFlags(const char *help,
}
if (strstr(help, "-smbios type"))
qemuCapsSet(caps, QEMU_CAPS_SMBIOS_TYPE);
if (strstr(help, "-sandbox"))
qemuCapsSet(caps, QEMU_CAPS_SECCOMP_SANDBOX);
if ((netdev = strstr(help, "-netdev"))) {
/* Disable -netdev on 0.12 since although it exists,

1
src/qemu/qemu_capabilities.h
View File

@ -144,6 +144,7 @@ enum qemuCapsFlags {
QEMU_CAPS_USB_REDIR_FILTER = 106, /* usb-redir.filter */
QEMU_CAPS_IDE_DRIVE_WWN = 107, /* Is ide-drive.wwn available? */
QEMU_CAPS_SCSI_DISK_WWN = 108, /* Is scsi-disk.wwn available? */
QEMU_CAPS_SECCOMP_SANDBOX = 109, /* -sandbox */
QEMU_CAPS_LAST, /* this must always be the last item */
};