On 1/18/19 7:03 AM, Ján Tomko wrote: > On Thu, Jan 17, 2019 at 08:21:00AM -0500, John Ferlan wrote: >> >> >> On 1/15/19 8:23 AM, Ján Tomko wrote: >>> Split out parts of the config parsing code to make >>> the parent function easier to read. >>> >>> Signed-off-by: Ján Tomko <jtomko@xxxxxxxxxx> >>> --- >>> src/qemu/qemu_conf.c | 219 +++++++++++++++++++++++-------------------- >>> 1 file changed, 117 insertions(+), 102 deletions(-) >>> >>> diff --git a/src/qemu/qemu_conf.c b/src/qemu/qemu_conf.c >>> index 7fdfed7db1..135cb9e25d 100644 >>> --- a/src/qemu/qemu_conf.c >>> +++ b/src/qemu/qemu_conf.c >>> @@ -423,6 +423,121 @@ >>> virQEMUDriverConfigHugeTLBFSInit(virHugeTLBFSPtr hugetlbfs, >>> } >>> >>> >>> +static int >>> +virQEMUDriverConfigLoadSecurityEntry(virQEMUDriverConfigPtr cfg, >>> + virConfPtr conf, >>> + bool privileged) >> >> This does security, cgroups, and namespaces... >> > > The division is based on src/qemu/libvirtd_qemu.aug > > [...] > >>> +> + if (virConfGetValueInt(conf, "seccomp_sandbox", >> &cfg->seccompSandbox) < 0) >>> + goto cleanup; >>> + >> >> And again, not security related. >> > > How is seccomp not security related? > > Jano Bad cut/snip by me - I meant after seccomp, as in the namespace stuff. John -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list
