Move the building of -sandbox command line into a separate function.
Signed-off-by: Ján Tomko <jtomko@xxxxxxxxxx>
---
src/qemu/qemu_command.c | 30 +++++++++++++++++++++---------
1 file changed, 21 insertions(+), 9 deletions(-)
diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c
index 514c3ab2e..dfeba54ee 100644
--- a/src/qemu/qemu_command.c
+++ b/src/qemu/qemu_command.c
@@ -9969,6 +9969,26 @@ qemuBuildCommandLineValidate(virQEMUDriverPtr driver,
}
+static int
+qemuBuildSeccompSandboxCommandLine(virCommandPtr cmd,
+ virQEMUDriverConfigPtr cfg,
+ virQEMUCapsPtr qemuCaps)
+{
+ if (virQEMUCapsGet(qemuCaps, QEMU_CAPS_SECCOMP_SANDBOX)) {
+ if (cfg->seccompSandbox == 0)
+ virCommandAddArgList(cmd, "-sandbox", "off", NULL);
+ else if (cfg->seccompSandbox > 0)
+ virCommandAddArgList(cmd, "-sandbox", "on", NULL);
+ } else if (cfg->seccompSandbox > 0) {
+ virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
+ _("QEMU does not support seccomp sandboxes"));
+ return -1;
+ }
+ return 0;
+
+}
+
+
/*
* Constructs a argv suitable for launching qemu with config defined
* for a given virtual machine.
@@ -10206,16 +10226,8 @@ qemuBuildCommandLine(virQEMUDriverPtr driver,
? qemucmd->env_value[i] : "");
}
- if (virQEMUCapsGet(qemuCaps, QEMU_CAPS_SECCOMP_SANDBOX)) {
- if (cfg->seccompSandbox == 0)
- virCommandAddArgList(cmd, "-sandbox", "off", NULL);
- else if (cfg->seccompSandbox > 0)
- virCommandAddArgList(cmd, "-sandbox", "on", NULL);
- } else if (cfg->seccompSandbox > 0) {
- virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
- _("QEMU does not support seccomp sandboxes"));
+ if (qemuBuildSeccompSandboxCommandLine(cmd, cfg, qemuCaps) < 0)
goto error;
- }
if (qemuBuildPanicCommandLine(cmd, def, qemuCaps) < 0)
goto error;
--
2.16.1
--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list
