From nobody Tue Feb 10 19:10:38 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 216.205.24.124 as permitted sender) client-ip=216.205.24.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 216.205.24.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1632493788; cv=none; d=zohomail.com; s=zohoarc; b=bXwxAZulTv8PXakldRSqkd/Qm9evca+HjKHN6FNh4zG67ymUWP8uYAspzbdX9VBGDTrCt/gz66YzZkqEAJ+8gn4ryyDD3u+NSpUACGwZCDbwoum8sLOy/HkEJhUoJYTfM1lHjOKGfZiiwE56atpYENDrGA3RSDjuv1qU1MTBt+k= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1632493788; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=g0OKbTr6tddHWAL7jIvP3ObCz9PdGSTHWT7DtKJdVpI=; b=ZGs+Ibf4RRjESqyNQJtTNNas2sYHO/2FEetiGBNxDc+RBrWAnfaORKnhffs1JmqEbhWg/381V6Lk9lRMI88xLn4Q0fDnimLU6NTEdWI9SkW1Lws7p0mU4Y9KbJWr6bL/UO3P0azUJBLEqwFB/EZg22hUaHo7ToIYKv4vTyV4okA= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 216.205.24.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [216.205.24.124]) by mx.zohomail.com with SMTPS id 163249378858462.73936647784342; Fri, 24 Sep 2021 07:29:48 -0700 (PDT) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-73-UfAfkVbdM5K920tUkwSRew-1; Fri, 24 Sep 2021 10:29:42 -0400 Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com [10.5.11.16]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 5F7AA18D6A33; Fri, 24 Sep 2021 14:29:36 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id E258C171FF; Fri, 24 Sep 2021 14:29:35 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 4D1541806D00; Fri, 24 Sep 2021 14:28:58 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com [10.5.11.23]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 18OESsRr021548 for ; Fri, 24 Sep 2021 10:28:54 -0400 Received: by smtp.corp.redhat.com (Postfix) id 87DE019D9B; Fri, 24 Sep 2021 14:28:54 +0000 (UTC) Received: from hjs.redhat.com (unknown [10.43.2.20]) by smtp.corp.redhat.com (Postfix) with ESMTP id 1105019724 for ; Fri, 24 Sep 2021 14:28:53 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1632493787; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=g0OKbTr6tddHWAL7jIvP3ObCz9PdGSTHWT7DtKJdVpI=; b=XiwnWb9nZO4NGgaPDL8kqGggY+DLgoqReswTXUGF6l5R7r+bUnnWg99+Us5nNujZVS8y+9 eDdEO0ZpuG2l+inEUr8f5uNNsPSy+FMegXVpNy5uL1pYCBekhu9WYQfpd8Z6VXgI/IBA/E z7ABMnvY1zEGYjf3fG1ROpNgiImcps4= X-MC-Unique: UfAfkVbdM5K920tUkwSRew-1 From: =?UTF-8?q?J=C3=A1n=20Tomko?= To: libvir-list@redhat.com Subject: [libvirt PATCH 1/5] qemu: always assume QEMU_CAPS_SECCOMP_BLACKLIST Date: Fri, 24 Sep 2021 16:28:43 +0200 Message-Id: In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23 X-loop: libvir-list@redhat.com X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1632493789028100007 elevateprivileges was introduced by QEMU commit: 73a1e64725 "seccomp: add elevateprivileges argument to command line" released in 2.11.0 and later made conditional on SECCOMP support by: 9d0fdecbad sandbox: disable -sandbox if CONFIG_SECCOMP undefined Use the existence of the sandbox option as a witness for its support. Signed-off-by: J=C3=A1n Tomko Reviewed-by: Michal Privoznik --- src/qemu/qemu_command.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c index b60ee1192b..fa9998a191 100644 --- a/src/qemu/qemu_command.c +++ b/src/qemu/qemu_command.c @@ -10120,7 +10120,7 @@ qemuBuildSeccompSandboxCommandLine(virCommand *cmd, } =20 /* Use blacklist by default if supported */ - if (virQEMUCapsGet(qemuCaps, QEMU_CAPS_SECCOMP_BLACKLIST)) { + if (virQEMUCapsGet(qemuCaps, QEMU_CAPS_SECCOMP_SANDBOX)) { virCommandAddArgList(cmd, "-sandbox", "on,obsolete=3Ddeny,elevateprivileges=3Ddeny," "spawn=3Ddeny,resourcecontrol=3Ddeny", --=20 2.31.1 From nobody Tue Feb 10 19:10:38 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 216.205.24.124 as permitted sender) client-ip=216.205.24.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 216.205.24.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1632493799; cv=none; d=zohomail.com; s=zohoarc; b=K61IgFDGUOLab+c9keoDdxWcEwOFAAfwnAXp3Bn9cWbG2z0JBQXvZMXXHYIEUqmMIvr+WC8H31UOkRwOGZJvgXv8GgupksWiwv2FAfZGbEW2zecF2bPNrEhXTfKmsNtl43vOxsEk4Ui42hjhJlkSM6kkXJCMfKU8xRFii9NDaP8= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1632493799; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=UXGNLfBlKW1RNhi5Y/NG+Y7Yiv55MjBD+AyvKiAPu5o=; b=QfIsb1r1H+ty5mMOXnR/fFsH4haiEtv5EH0HtIy6xaN1N23bvSiyovPbfTLC/G5SdVaBdy5/ydgSFQGVgSfeWTLwaQBQZgW7tjCqewXAvpBSVKatLoetec/9MRA/6bdG9m6oRic4keHCv4kYqkpDn6vgtmYczNyJH1p44kk6Flw= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 216.205.24.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [216.205.24.124]) by mx.zohomail.com with SMTPS id 1632493799340404.26348812495814; Fri, 24 Sep 2021 07:29:59 -0700 (PDT) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-301-CUosdWu3NNiuH8nwn5k06w-1; Fri, 24 Sep 2021 10:29:56 -0400 Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.12]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 51FC81084684; Fri, 24 Sep 2021 14:29:51 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 3173C60CC6; Fri, 24 Sep 2021 14:29:51 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id E78C64E58F; Fri, 24 Sep 2021 14:29:50 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com [10.5.11.23]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 18OESt6I021553 for ; Fri, 24 Sep 2021 10:28:55 -0400 Received: by smtp.corp.redhat.com (Postfix) id 5782F19724; Fri, 24 Sep 2021 14:28:55 +0000 (UTC) Received: from hjs.redhat.com (unknown [10.43.2.20]) by smtp.corp.redhat.com (Postfix) with ESMTP id D54A519D9B for ; Fri, 24 Sep 2021 14:28:54 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1632493798; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=UXGNLfBlKW1RNhi5Y/NG+Y7Yiv55MjBD+AyvKiAPu5o=; b=VEljQtzq6bp/a/JpoRbyqpWgip1plzc202p8xPOIH55csnt1q0tgtD50pBJTp1wORj9IbT grhddd01C9oW+rpeFM3p3bKOjWBiB/iy+CFSylDCxrUyhRg9iLBOhR+mJVhsHDY1vAwrwu hHCvyrc0XlT5+DunIIt/acndGgnWDLk= X-MC-Unique: CUosdWu3NNiuH8nwn5k06w-1 From: =?UTF-8?q?J=C3=A1n=20Tomko?= To: libvir-list@redhat.com Subject: [libvirt PATCH 2/5] qemu: conf: simplify seccomp_sandbox comment Date: Fri, 24 Sep 2021 16:28:44 +0200 Message-Id: In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23 X-loop: libvir-list@redhat.com X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1632493800465100001 It contains too many negations and conditions that are no longer relevant now that we only support QEMU >=3D 2.11. Signed-off-by: J=C3=A1n Tomko Reviewed-by: Michal Privoznik --- src/qemu/qemu.conf | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/src/qemu/qemu.conf b/src/qemu/qemu.conf index 8722dc169c..71fd125699 100644 --- a/src/qemu/qemu.conf +++ b/src/qemu/qemu.conf @@ -769,13 +769,12 @@ =20 =20 =20 -# Use seccomp syscall sandbox in QEMU. -# 1 =3D=3D seccomp enabled, 0 =3D=3D seccomp disabled +# Use seccomp syscall filtering sandbox in QEMU. +# 1 =3D=3D filter enabled, 0 =3D=3D filter disabled # -# If it is unset (or -1), then seccomp will be enabled -# only if QEMU >=3D 2.11.0 is detected, otherwise it is -# left disabled. This ensures the default config gets -# protection for new QEMU using the blacklist approach. +# Unless this option is disabled, QEMU will be run with +# a seccomp filter that stops it from executing certain +# syscalls. # #seccomp_sandbox =3D 1 =20 --=20 2.31.1 From nobody Tue Feb 10 19:10:38 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 216.205.24.124 as permitted sender) client-ip=216.205.24.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 216.205.24.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1632493784; cv=none; d=zohomail.com; s=zohoarc; b=dAdoK7De22CoCofykyG23wz0ICqHo5zGI51hgjdqYlq3T3VTkOmCHOAhI3xFu6tDUXHG3QoJVZ1/k+WNuPxYLhMhmmKPlwTq4gd62cbvJu1FDvaOiHGanR7R/Wt9gC16kTFB/zaCf1n39ju1NxBGe5OmEn/QRKg05vcSM2Y8+co= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1632493784; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=DjUuokYMU14gOTcW3iTpWu1tfv7LshUdZFcbntP2bSc=; b=VBcmW27DI3OvuOOTuIWj/Z58d/XmCCOfmPSZkwapbhBLui3DVUHrFLS/apOYYjDgtt3sXhG7cL7l30puGfyw8FCcf0ta8hgumibk7Lj7veAarxHecs0E18PHPsaiUv5MmXBPdMNmuaCw/66xKD/6zer8tej/I2hZ05ixYDZ53Nk= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 216.205.24.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [216.205.24.124]) by mx.zohomail.com with SMTPS id 1632493784604582.7926080761052; Fri, 24 Sep 2021 07:29:44 -0700 (PDT) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-271-0AxrGf7cNbm8so6V9AghFg-1; Fri, 24 Sep 2021 10:29:41 -0400 Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 07FAA835DEA; Fri, 24 Sep 2021 14:29:37 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id C908F652A1; Fri, 24 Sep 2021 14:29:36 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id D530C1806D03; Fri, 24 Sep 2021 14:29:35 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com [10.5.11.23]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 18OESuXP021561 for ; Fri, 24 Sep 2021 10:28:56 -0400 Received: by smtp.corp.redhat.com (Postfix) id 26ECF19724; Fri, 24 Sep 2021 14:28:56 +0000 (UTC) Received: from hjs.redhat.com (unknown [10.43.2.20]) by smtp.corp.redhat.com (Postfix) with ESMTP id A515F19D9B for ; Fri, 24 Sep 2021 14:28:55 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1632493783; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=DjUuokYMU14gOTcW3iTpWu1tfv7LshUdZFcbntP2bSc=; b=CHUf60VfAjq9omZPGrfoZ9u0qeVNdSXFAW/C4TXQJsx9FH1fnN1x1ImPpvuCjjm8q7/Qf9 jlWFJvsdsiVryyxqfUR0Z3GP+RLG3/cmacbBfrENtFURNAk4/FcqDzzR0FOMwlyk5HLbLA Z1iw2wY6LNBr+zxAQQJ1qKnebMmfAcs= X-MC-Unique: 0AxrGf7cNbm8so6V9AghFg-1 From: =?UTF-8?q?J=C3=A1n=20Tomko?= To: libvir-list@redhat.com Subject: [libvirt PATCH 3/5] qemu: seccomp: remove dead code Date: Fri, 24 Sep 2021 16:28:45 +0200 Message-Id: <9f7d21696f9accad9af698d744a19b94aa50edd5.1632493658.git.jtomko@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23 X-loop: libvir-list@redhat.com X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1632493786440100003 There is no QEMU we support that would need the old syntax for -sandbox on. Signed-off-by: J=C3=A1n Tomko Reviewed-by: Michal Privoznik --- src/qemu/qemu_command.c | 5 ----- 1 file changed, 5 deletions(-) diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c index fa9998a191..48df8818a6 100644 --- a/src/qemu/qemu_command.c +++ b/src/qemu/qemu_command.c @@ -10119,7 +10119,6 @@ qemuBuildSeccompSandboxCommandLine(virCommand *cmd, return 0; } =20 - /* Use blacklist by default if supported */ if (virQEMUCapsGet(qemuCaps, QEMU_CAPS_SECCOMP_SANDBOX)) { virCommandAddArgList(cmd, "-sandbox", "on,obsolete=3Ddeny,elevateprivileges=3Ddeny," @@ -10128,10 +10127,6 @@ qemuBuildSeccompSandboxCommandLine(virCommand *cmd, return 0; } =20 - /* Seccomp whitelist is opt-in */ - if (cfg->seccompSandbox > 0) - virCommandAddArgList(cmd, "-sandbox", "on", NULL); - return 0; =20 } --=20 2.31.1 From nobody Tue Feb 10 19:10:38 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) client-ip=170.10.133.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1632493800; cv=none; d=zohomail.com; s=zohoarc; b=UajmwnuSnDupIzwJb2kyUjPDvCFs4U6jbqgRjPwoK/dEd+7aHmqMxK/Jr5vRA2CJFDPlfhi4xSr1RfyFp1NjyRxnKqYPwFUU2SHD7P97qn6qxdKt30YDHMszxHrRfVmY7dDYDdl9EvM0uOou+qVKxRgWwR8hRNRL9cKt0Gv5ITg= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1632493800; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=PjHoimz0NFwm0NX4NrnEfzostanaBT9GhnBQFm/aNlY=; b=f/H/LfPpHDCcYZkS42lfTUfFH5So66fZnpYPRfkeSK7OmLePBOSKhwoHAzU2OqYBEcCTC5pDoNa0xckLJKNCAJ0dD3IfacU8e7beFJElZA+7hwDh24NmR8AokvYRGYbNom23yfGKFFQZBD01aSNckDR7YvV4TEMzlcKGrio87Gw= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by mx.zohomail.com with SMTPS id 1632493800344862.27529171242; Fri, 24 Sep 2021 07:30:00 -0700 (PDT) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-340-zo1Be5lTNWejz0D2HZgFbg-1; Fri, 24 Sep 2021 10:29:56 -0400 Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com [10.5.11.23]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 70EC1DF8A8; Fri, 24 Sep 2021 14:29:51 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 447421972D; Fri, 24 Sep 2021 14:29:51 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 13F38181A1D0; Fri, 24 Sep 2021 14:29:51 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com [10.5.11.23]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 18OESv83021579 for ; Fri, 24 Sep 2021 10:28:57 -0400 Received: by smtp.corp.redhat.com (Postfix) id 1DB6219D9B; Fri, 24 Sep 2021 14:28:57 +0000 (UTC) Received: from hjs.redhat.com (unknown [10.43.2.20]) by smtp.corp.redhat.com (Postfix) with ESMTP id 754B919724 for ; Fri, 24 Sep 2021 14:28:56 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1632493799; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=PjHoimz0NFwm0NX4NrnEfzostanaBT9GhnBQFm/aNlY=; b=P/9tT8s8WtaLLa//WeMbTVSAm+KMpd/NtmL6PwYkG2TI9WLoivCHOJjIKlHvcBnwo08F51 Q7Ix9iigcR4GfdlD4DgYjbCpTARPNki2JLjOC/syu54UrX1feR2KGEZ6mRJZwZh0qSEKKH rOBfWIP8jQKwkBU31eNY7zgxf/Q1igo= X-MC-Unique: zo1Be5lTNWejz0D2HZgFbg-1 From: =?UTF-8?q?J=C3=A1n=20Tomko?= To: libvir-list@redhat.com Subject: [libvirt PATCH 4/5] qemu: capabilities: deprecate QEMU_CAPS_SECCOMP_BLACKLIST Date: Fri, 24 Sep 2021 16:28:46 +0200 Message-Id: <1587aca05756fad0976609ae945628bc65af28ab.1632493658.git.jtomko@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23 X-loop: libvir-list@redhat.com X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1632493802542100003 Signed-off-by: J=C3=A1n Tomko Reviewed-by: Michal Privoznik --- src/qemu/qemu_capabilities.c | 3 +-- src/qemu/qemu_capabilities.h | 2 +- tests/qemucapabilitiesdata/caps_2.11.0.s390x.xml | 1 - tests/qemucapabilitiesdata/caps_2.11.0.x86_64.xml | 1 - tests/qemucapabilitiesdata/caps_2.12.0.aarch64.xml | 1 - tests/qemucapabilitiesdata/caps_2.12.0.ppc64.xml | 1 - tests/qemucapabilitiesdata/caps_2.12.0.s390x.xml | 1 - tests/qemucapabilitiesdata/caps_2.12.0.x86_64.xml | 1 - tests/qemucapabilitiesdata/caps_3.0.0.ppc64.xml | 1 - tests/qemucapabilitiesdata/caps_3.0.0.riscv32.xml | 1 - tests/qemucapabilitiesdata/caps_3.0.0.riscv64.xml | 1 - tests/qemucapabilitiesdata/caps_3.0.0.s390x.xml | 1 - tests/qemucapabilitiesdata/caps_3.0.0.x86_64.xml | 1 - tests/qemucapabilitiesdata/caps_3.1.0.ppc64.xml | 1 - tests/qemucapabilitiesdata/caps_3.1.0.x86_64.xml | 1 - tests/qemucapabilitiesdata/caps_4.0.0.aarch64.xml | 1 - tests/qemucapabilitiesdata/caps_4.0.0.ppc64.xml | 1 - tests/qemucapabilitiesdata/caps_4.0.0.riscv32.xml | 1 - tests/qemucapabilitiesdata/caps_4.0.0.riscv64.xml | 1 - tests/qemucapabilitiesdata/caps_4.0.0.s390x.xml | 1 - tests/qemucapabilitiesdata/caps_4.0.0.x86_64.xml | 1 - tests/qemucapabilitiesdata/caps_4.1.0.x86_64.xml | 1 - tests/qemucapabilitiesdata/caps_4.2.0.aarch64.xml | 1 - tests/qemucapabilitiesdata/caps_4.2.0.ppc64.xml | 1 - tests/qemucapabilitiesdata/caps_4.2.0.s390x.xml | 1 - tests/qemucapabilitiesdata/caps_4.2.0.x86_64.xml | 1 - tests/qemucapabilitiesdata/caps_5.0.0.aarch64.xml | 1 - tests/qemucapabilitiesdata/caps_5.0.0.ppc64.xml | 1 - tests/qemucapabilitiesdata/caps_5.0.0.riscv64.xml | 1 - tests/qemucapabilitiesdata/caps_5.0.0.x86_64.xml | 1 - tests/qemucapabilitiesdata/caps_5.1.0.sparc.xml | 1 - tests/qemucapabilitiesdata/caps_5.1.0.x86_64.xml | 1 - tests/qemucapabilitiesdata/caps_5.2.0.aarch64.xml | 1 - tests/qemucapabilitiesdata/caps_5.2.0.ppc64.xml | 1 - tests/qemucapabilitiesdata/caps_5.2.0.riscv64.xml | 1 - tests/qemucapabilitiesdata/caps_5.2.0.s390x.xml | 1 - tests/qemucapabilitiesdata/caps_5.2.0.x86_64.xml | 1 - tests/qemucapabilitiesdata/caps_6.0.0.aarch64.xml | 1 - tests/qemucapabilitiesdata/caps_6.0.0.s390x.xml | 1 - tests/qemucapabilitiesdata/caps_6.0.0.x86_64.xml | 1 - tests/qemucapabilitiesdata/caps_6.1.0.x86_64.xml | 1 - 41 files changed, 2 insertions(+), 42 deletions(-) diff --git a/src/qemu/qemu_capabilities.c b/src/qemu/qemu_capabilities.c index db5432c9fc..4f18a2488a 100644 --- a/src/qemu/qemu_capabilities.c +++ b/src/qemu/qemu_capabilities.c @@ -468,7 +468,7 @@ VIR_ENUM_IMPL(virQEMUCaps, /* 285 */ "qcow2-luks", /* QEMU_CAPS_QCOW2_LUKS */ "pcie-pci-bridge", /* QEMU_CAPS_DEVICE_PCIE_PCI_BRIDGE */ - "seccomp-blacklist", /* QEMU_CAPS_SECCOMP_BLACKLIST */ + "seccomp-blacklist", /* X_QEMU_CAPS_SECCOMP_BLACKLIST */ "query-cpus-fast", /* QEMU_CAPS_QUERY_CPUS_FAST */ "disk-write-cache", /* QEMU_CAPS_DISK_WRITE_CACHE */ =20 @@ -3209,7 +3209,6 @@ static struct virQEMUCapsCommandLineProps virQEMUCaps= CommandLine[] =3D { { "numa", NULL, QEMU_CAPS_NUMA }, /* not needed after qemuCaps->versio= n < 3000000 */ { "overcommit", NULL, QEMU_CAPS_OVERCOMMIT }, { "sandbox", "enable", QEMU_CAPS_SECCOMP_SANDBOX }, - { "sandbox", "elevateprivileges", QEMU_CAPS_SECCOMP_BLACKLIST }, { "spice", "gl", QEMU_CAPS_SPICE_GL }, { "spice", "unix", QEMU_CAPS_SPICE_UNIX }, { "spice", "rendernode", QEMU_CAPS_SPICE_RENDERNODE }, diff --git a/src/qemu/qemu_capabilities.h b/src/qemu/qemu_capabilities.h index 097f28bd40..786c695880 100644 --- a/src/qemu/qemu_capabilities.h +++ b/src/qemu/qemu_capabilities.h @@ -448,7 +448,7 @@ typedef enum { /* virQEMUCapsFlags grouping marker for = syntax-check */ /* 285 */ QEMU_CAPS_QCOW2_LUKS, /* qcow2 format support LUKS encryption */ QEMU_CAPS_DEVICE_PCIE_PCI_BRIDGE, /* -device pcie-pci-bridge */ - QEMU_CAPS_SECCOMP_BLACKLIST, /* -sandbox.elevateprivileges */ + X_QEMU_CAPS_SECCOMP_BLACKLIST, /* -sandbox.elevateprivileges */ QEMU_CAPS_QUERY_CPUS_FAST, /* query-cpus-fast command */ QEMU_CAPS_DISK_WRITE_CACHE, /* qemu block frontends support write-cach= e param */ =20 diff --git a/tests/qemucapabilitiesdata/caps_2.11.0.s390x.xml b/tests/qemuc= apabilitiesdata/caps_2.11.0.s390x.xml index f2a89d5c58..602b7ea10f 100644 --- a/tests/qemucapabilitiesdata/caps_2.11.0.s390x.xml +++ b/tests/qemucapabilitiesdata/caps_2.11.0.s390x.xml @@ -79,7 +79,6 @@ - diff --git a/tests/qemucapabilitiesdata/caps_2.11.0.x86_64.xml b/tests/qemu= capabilitiesdata/caps_2.11.0.x86_64.xml index 1e08a04c82..8749f4ee64 100644 --- a/tests/qemucapabilitiesdata/caps_2.11.0.x86_64.xml +++ b/tests/qemucapabilitiesdata/caps_2.11.0.x86_64.xml @@ -149,7 +149,6 @@ - diff --git a/tests/qemucapabilitiesdata/caps_2.12.0.aarch64.xml b/tests/qem= ucapabilitiesdata/caps_2.12.0.aarch64.xml index 3b01fef4f1..6e2daa8cea 100644 --- a/tests/qemucapabilitiesdata/caps_2.12.0.aarch64.xml +++ b/tests/qemucapabilitiesdata/caps_2.12.0.aarch64.xml @@ -112,7 +112,6 @@ - diff --git a/tests/qemucapabilitiesdata/caps_2.12.0.ppc64.xml b/tests/qemuc= apabilitiesdata/caps_2.12.0.ppc64.xml index a808015ab2..bc6d8ac396 100644 --- a/tests/qemucapabilitiesdata/caps_2.12.0.ppc64.xml +++ b/tests/qemucapabilitiesdata/caps_2.12.0.ppc64.xml @@ -108,7 +108,6 @@ - diff --git a/tests/qemucapabilitiesdata/caps_2.12.0.s390x.xml b/tests/qemuc= apabilitiesdata/caps_2.12.0.s390x.xml index 288aba3bc0..d66adcd8f4 100644 --- a/tests/qemucapabilitiesdata/caps_2.12.0.s390x.xml +++ b/tests/qemucapabilitiesdata/caps_2.12.0.s390x.xml @@ -79,7 +79,6 @@ - diff --git a/tests/qemucapabilitiesdata/caps_2.12.0.x86_64.xml b/tests/qemu= capabilitiesdata/caps_2.12.0.x86_64.xml index 43060efbac..984529f5f5 100644 --- a/tests/qemucapabilitiesdata/caps_2.12.0.x86_64.xml +++ b/tests/qemucapabilitiesdata/caps_2.12.0.x86_64.xml @@ -146,7 +146,6 @@ - diff --git a/tests/qemucapabilitiesdata/caps_3.0.0.ppc64.xml b/tests/qemuca= pabilitiesdata/caps_3.0.0.ppc64.xml index 4c48c2ced2..fcfaef079a 100644 --- a/tests/qemucapabilitiesdata/caps_3.0.0.ppc64.xml +++ b/tests/qemucapabilitiesdata/caps_3.0.0.ppc64.xml @@ -107,7 +107,6 @@ - diff --git a/tests/qemucapabilitiesdata/caps_3.0.0.riscv32.xml b/tests/qemu= capabilitiesdata/caps_3.0.0.riscv32.xml index e8fabd1817..7b4ca7c0a4 100644 --- a/tests/qemucapabilitiesdata/caps_3.0.0.riscv32.xml +++ b/tests/qemucapabilitiesdata/caps_3.0.0.riscv32.xml @@ -52,7 +52,6 @@ - diff --git a/tests/qemucapabilitiesdata/caps_3.0.0.riscv64.xml b/tests/qemu= capabilitiesdata/caps_3.0.0.riscv64.xml index 1ac6e45ddc..4a3d105ef8 100644 --- a/tests/qemucapabilitiesdata/caps_3.0.0.riscv64.xml +++ b/tests/qemucapabilitiesdata/caps_3.0.0.riscv64.xml @@ -52,7 +52,6 @@ - diff --git a/tests/qemucapabilitiesdata/caps_3.0.0.s390x.xml b/tests/qemuca= pabilitiesdata/caps_3.0.0.s390x.xml index 1a2b45f43b..d7a2526463 100644 --- a/tests/qemucapabilitiesdata/caps_3.0.0.s390x.xml +++ b/tests/qemucapabilitiesdata/caps_3.0.0.s390x.xml @@ -81,7 +81,6 @@ - diff --git a/tests/qemucapabilitiesdata/caps_3.0.0.x86_64.xml b/tests/qemuc= apabilitiesdata/caps_3.0.0.x86_64.xml index 35284d476d..5d4927a7e8 100644 --- a/tests/qemucapabilitiesdata/caps_3.0.0.x86_64.xml +++ b/tests/qemucapabilitiesdata/caps_3.0.0.x86_64.xml @@ -148,7 +148,6 @@ - diff --git a/tests/qemucapabilitiesdata/caps_3.1.0.ppc64.xml b/tests/qemuca= pabilitiesdata/caps_3.1.0.ppc64.xml index 5f15ce0b99..9a7be45ee9 100644 --- a/tests/qemucapabilitiesdata/caps_3.1.0.ppc64.xml +++ b/tests/qemucapabilitiesdata/caps_3.1.0.ppc64.xml @@ -108,7 +108,6 @@ - diff --git a/tests/qemucapabilitiesdata/caps_3.1.0.x86_64.xml b/tests/qemuc= apabilitiesdata/caps_3.1.0.x86_64.xml index b1f326c32b..4e56e62908 100644 --- a/tests/qemucapabilitiesdata/caps_3.1.0.x86_64.xml +++ b/tests/qemucapabilitiesdata/caps_3.1.0.x86_64.xml @@ -148,7 +148,6 @@ - diff --git a/tests/qemucapabilitiesdata/caps_4.0.0.aarch64.xml b/tests/qemu= capabilitiesdata/caps_4.0.0.aarch64.xml index de7a495266..bc4e8032e7 100644 --- a/tests/qemucapabilitiesdata/caps_4.0.0.aarch64.xml +++ b/tests/qemucapabilitiesdata/caps_4.0.0.aarch64.xml @@ -113,7 +113,6 @@ - diff --git a/tests/qemucapabilitiesdata/caps_4.0.0.ppc64.xml b/tests/qemuca= pabilitiesdata/caps_4.0.0.ppc64.xml index d5dd46105e..b312e77f99 100644 --- a/tests/qemucapabilitiesdata/caps_4.0.0.ppc64.xml +++ b/tests/qemucapabilitiesdata/caps_4.0.0.ppc64.xml @@ -115,7 +115,6 @@ - diff --git a/tests/qemucapabilitiesdata/caps_4.0.0.riscv32.xml b/tests/qemu= capabilitiesdata/caps_4.0.0.riscv32.xml index 4b3ff9c237..8518630324 100644 --- a/tests/qemucapabilitiesdata/caps_4.0.0.riscv32.xml +++ b/tests/qemucapabilitiesdata/caps_4.0.0.riscv32.xml @@ -115,7 +115,6 @@ - diff --git a/tests/qemucapabilitiesdata/caps_4.0.0.riscv64.xml b/tests/qemu= capabilitiesdata/caps_4.0.0.riscv64.xml index 44903c3b8f..21e4cc7a2d 100644 --- a/tests/qemucapabilitiesdata/caps_4.0.0.riscv64.xml +++ b/tests/qemucapabilitiesdata/caps_4.0.0.riscv64.xml @@ -115,7 +115,6 @@ - diff --git a/tests/qemucapabilitiesdata/caps_4.0.0.s390x.xml b/tests/qemuca= pabilitiesdata/caps_4.0.0.s390x.xml index f17003a446..98d3ed773d 100644 --- a/tests/qemucapabilitiesdata/caps_4.0.0.s390x.xml +++ b/tests/qemucapabilitiesdata/caps_4.0.0.s390x.xml @@ -81,7 +81,6 @@ - diff --git a/tests/qemucapabilitiesdata/caps_4.0.0.x86_64.xml b/tests/qemuc= apabilitiesdata/caps_4.0.0.x86_64.xml index 512239c6c8..49a5dfb255 100644 --- a/tests/qemucapabilitiesdata/caps_4.0.0.x86_64.xml +++ b/tests/qemucapabilitiesdata/caps_4.0.0.x86_64.xml @@ -147,7 +147,6 @@ - diff --git a/tests/qemucapabilitiesdata/caps_4.1.0.x86_64.xml b/tests/qemuc= apabilitiesdata/caps_4.1.0.x86_64.xml index 2f7f9caf0c..8ebeae479f 100644 --- a/tests/qemucapabilitiesdata/caps_4.1.0.x86_64.xml +++ b/tests/qemucapabilitiesdata/caps_4.1.0.x86_64.xml @@ -147,7 +147,6 @@ - diff --git a/tests/qemucapabilitiesdata/caps_4.2.0.aarch64.xml b/tests/qemu= capabilitiesdata/caps_4.2.0.aarch64.xml index 57470c66d9..4a8eb0a02e 100644 --- a/tests/qemucapabilitiesdata/caps_4.2.0.aarch64.xml +++ b/tests/qemucapabilitiesdata/caps_4.2.0.aarch64.xml @@ -115,7 +115,6 @@ - diff --git a/tests/qemucapabilitiesdata/caps_4.2.0.ppc64.xml b/tests/qemuca= pabilitiesdata/caps_4.2.0.ppc64.xml index 6b2d2e0ea3..74dc0ff20c 100644 --- a/tests/qemucapabilitiesdata/caps_4.2.0.ppc64.xml +++ b/tests/qemucapabilitiesdata/caps_4.2.0.ppc64.xml @@ -115,7 +115,6 @@ - diff --git a/tests/qemucapabilitiesdata/caps_4.2.0.s390x.xml b/tests/qemuca= pabilitiesdata/caps_4.2.0.s390x.xml index 290de2730e..9531360c20 100644 --- a/tests/qemucapabilitiesdata/caps_4.2.0.s390x.xml +++ b/tests/qemucapabilitiesdata/caps_4.2.0.s390x.xml @@ -81,7 +81,6 @@ - diff --git a/tests/qemucapabilitiesdata/caps_4.2.0.x86_64.xml b/tests/qemuc= apabilitiesdata/caps_4.2.0.x86_64.xml index b8d53e0db1..826d7d7391 100644 --- a/tests/qemucapabilitiesdata/caps_4.2.0.x86_64.xml +++ b/tests/qemucapabilitiesdata/caps_4.2.0.x86_64.xml @@ -148,7 +148,6 @@ - diff --git a/tests/qemucapabilitiesdata/caps_5.0.0.aarch64.xml b/tests/qemu= capabilitiesdata/caps_5.0.0.aarch64.xml index ac1ef84195..69a7e49170 100644 --- a/tests/qemucapabilitiesdata/caps_5.0.0.aarch64.xml +++ b/tests/qemucapabilitiesdata/caps_5.0.0.aarch64.xml @@ -117,7 +117,6 @@ - diff --git a/tests/qemucapabilitiesdata/caps_5.0.0.ppc64.xml b/tests/qemuca= pabilitiesdata/caps_5.0.0.ppc64.xml index 2708ac16f6..13e4f6c8bb 100644 --- a/tests/qemucapabilitiesdata/caps_5.0.0.ppc64.xml +++ b/tests/qemucapabilitiesdata/caps_5.0.0.ppc64.xml @@ -117,7 +117,6 @@ - diff --git a/tests/qemucapabilitiesdata/caps_5.0.0.riscv64.xml b/tests/qemu= capabilitiesdata/caps_5.0.0.riscv64.xml index 6a90077c13..1244c3f3d3 100644 --- a/tests/qemucapabilitiesdata/caps_5.0.0.riscv64.xml +++ b/tests/qemucapabilitiesdata/caps_5.0.0.riscv64.xml @@ -115,7 +115,6 @@ - diff --git a/tests/qemucapabilitiesdata/caps_5.0.0.x86_64.xml b/tests/qemuc= apabilitiesdata/caps_5.0.0.x86_64.xml index c8934543bd..4e52632455 100644 --- a/tests/qemucapabilitiesdata/caps_5.0.0.x86_64.xml +++ b/tests/qemucapabilitiesdata/caps_5.0.0.x86_64.xml @@ -148,7 +148,6 @@ - diff --git a/tests/qemucapabilitiesdata/caps_5.1.0.sparc.xml b/tests/qemuca= pabilitiesdata/caps_5.1.0.sparc.xml index 7b8abcd902..5e5e6f816b 100644 --- a/tests/qemucapabilitiesdata/caps_5.1.0.sparc.xml +++ b/tests/qemucapabilitiesdata/caps_5.1.0.sparc.xml @@ -44,7 +44,6 @@ - diff --git a/tests/qemucapabilitiesdata/caps_5.1.0.x86_64.xml b/tests/qemuc= apabilitiesdata/caps_5.1.0.x86_64.xml index f17e502f75..bfead7e210 100644 --- a/tests/qemucapabilitiesdata/caps_5.1.0.x86_64.xml +++ b/tests/qemucapabilitiesdata/caps_5.1.0.x86_64.xml @@ -147,7 +147,6 @@ - diff --git a/tests/qemucapabilitiesdata/caps_5.2.0.aarch64.xml b/tests/qemu= capabilitiesdata/caps_5.2.0.aarch64.xml index bc524d5e99..0a3128de5b 100644 --- a/tests/qemucapabilitiesdata/caps_5.2.0.aarch64.xml +++ b/tests/qemucapabilitiesdata/caps_5.2.0.aarch64.xml @@ -116,7 +116,6 @@ - diff --git a/tests/qemucapabilitiesdata/caps_5.2.0.ppc64.xml b/tests/qemuca= pabilitiesdata/caps_5.2.0.ppc64.xml index 82e89ba544..3e067e4e7e 100644 --- a/tests/qemucapabilitiesdata/caps_5.2.0.ppc64.xml +++ b/tests/qemucapabilitiesdata/caps_5.2.0.ppc64.xml @@ -115,7 +115,6 @@ - diff --git a/tests/qemucapabilitiesdata/caps_5.2.0.riscv64.xml b/tests/qemu= capabilitiesdata/caps_5.2.0.riscv64.xml index 17d6245259..02c7ff8da1 100644 --- a/tests/qemucapabilitiesdata/caps_5.2.0.riscv64.xml +++ b/tests/qemucapabilitiesdata/caps_5.2.0.riscv64.xml @@ -113,7 +113,6 @@ - diff --git a/tests/qemucapabilitiesdata/caps_5.2.0.s390x.xml b/tests/qemuca= pabilitiesdata/caps_5.2.0.s390x.xml index 3a0d0b585a..fa207ffaf5 100644 --- a/tests/qemucapabilitiesdata/caps_5.2.0.s390x.xml +++ b/tests/qemucapabilitiesdata/caps_5.2.0.s390x.xml @@ -79,7 +79,6 @@ - diff --git a/tests/qemucapabilitiesdata/caps_5.2.0.x86_64.xml b/tests/qemuc= apabilitiesdata/caps_5.2.0.x86_64.xml index e09880e937..d7ed08e12d 100644 --- a/tests/qemucapabilitiesdata/caps_5.2.0.x86_64.xml +++ b/tests/qemucapabilitiesdata/caps_5.2.0.x86_64.xml @@ -147,7 +147,6 @@ - diff --git a/tests/qemucapabilitiesdata/caps_6.0.0.aarch64.xml b/tests/qemu= capabilitiesdata/caps_6.0.0.aarch64.xml index d678d713ad..78da04a3e5 100644 --- a/tests/qemucapabilitiesdata/caps_6.0.0.aarch64.xml +++ b/tests/qemucapabilitiesdata/caps_6.0.0.aarch64.xml @@ -117,7 +117,6 @@ - diff --git a/tests/qemucapabilitiesdata/caps_6.0.0.s390x.xml b/tests/qemuca= pabilitiesdata/caps_6.0.0.s390x.xml index 1dc2f1fe19..a70a489d62 100644 --- a/tests/qemucapabilitiesdata/caps_6.0.0.s390x.xml +++ b/tests/qemucapabilitiesdata/caps_6.0.0.s390x.xml @@ -79,7 +79,6 @@ - diff --git a/tests/qemucapabilitiesdata/caps_6.0.0.x86_64.xml b/tests/qemuc= apabilitiesdata/caps_6.0.0.x86_64.xml index 571336c1fa..a84d5f30cf 100644 --- a/tests/qemucapabilitiesdata/caps_6.0.0.x86_64.xml +++ b/tests/qemucapabilitiesdata/caps_6.0.0.x86_64.xml @@ -146,7 +146,6 @@ - diff --git a/tests/qemucapabilitiesdata/caps_6.1.0.x86_64.xml b/tests/qemuc= apabilitiesdata/caps_6.1.0.x86_64.xml index 74b87847d0..f8f26eb9ff 100644 --- a/tests/qemucapabilitiesdata/caps_6.1.0.x86_64.xml +++ b/tests/qemucapabilitiesdata/caps_6.1.0.x86_64.xml @@ -145,7 +145,6 @@ - --=20 2.31.1 From nobody Tue Feb 10 19:10:38 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) client-ip=170.10.129.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1632493803; cv=none; d=zohomail.com; s=zohoarc; b=SAU2SvNEVRvIpwXdmbWbPeGu0IX2Dzlle43fpQTmkn9oXZe8SHr4enX5gslQZCD2Av5CvO+d5rmmwe4VJdPAOwl756r2j1WQUGwy2W56n4YZ510MT9QqTbTBcRA3mndtgdJUOm8RG94HjIOdS2v+FenbLPS5TrCQcEfnuSNO4mM= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1632493803; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=Z4jHdxkOa5DlYczKI82loeulU89guibEHLvgDMK3uFk=; b=HBYM7ULN1UIO570hTZR43VSa4cSVfWcQzQy5d3q7WdDbNBXGRqZlC7CsWvY4ZyZm6EeuTP5rbFD/riCaeJonoLmuR2PIKVU+wHryNm30w9M8g9y0yC3OaLCxdnSLsGdFa9PFb/wdLFrTfpQCNtuD9fC1+QG+qB5PgfXVZ1mb/xw= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by mx.zohomail.com with SMTPS id 1632493802983341.3559213630841; Fri, 24 Sep 2021 07:30:02 -0700 (PDT) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-47-uv4dqlvXPnSpkh_f5QMe4g-1; Fri, 24 Sep 2021 10:29:59 -0400 Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com [10.5.11.16]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 267D4802935; Fri, 24 Sep 2021 14:29:54 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 059D61803B; Fri, 24 Sep 2021 14:29:54 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id BF0354EA38; Fri, 24 Sep 2021 14:29:53 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com [10.5.11.23]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 18OESv0W021584 for ; Fri, 24 Sep 2021 10:28:57 -0400 Received: by smtp.corp.redhat.com (Postfix) id E0EF819D9B; Fri, 24 Sep 2021 14:28:57 +0000 (UTC) Received: from hjs.redhat.com (unknown [10.43.2.20]) by smtp.corp.redhat.com (Postfix) with ESMTP id 6B18019724 for ; Fri, 24 Sep 2021 14:28:57 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1632493801; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=Z4jHdxkOa5DlYczKI82loeulU89guibEHLvgDMK3uFk=; b=BDP95Hoj2PuY4ncPtJOzPz7/EXfC74Pa91DtHpym+yY2bR3bDUrPNPBLenp4+32fPUuj91 xGejmbRbWXqxgAQ731HYriimkez0+fA2Ua8FNTAWt2IE7+mhJfRgZBWK4McKxKZ/CxJr9U Wh8msuWrS7Lgd/VI69nruS0CkEI288w= X-MC-Unique: uv4dqlvXPnSpkh_f5QMe4g-1 From: =?UTF-8?q?J=C3=A1n=20Tomko?= To: libvir-list@redhat.com Subject: [libvirt PATCH 5/5] qemu: capabilities: do not look at parameters for sandbox Date: Fri, 24 Sep 2021 16:28:47 +0200 Message-Id: <1c11e1b6d52b747031f8474c934d14aafa7bb126.1632493658.git.jtomko@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23 X-loop: libvir-list@redhat.com X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1632493805029100001 Assume the presence of the 'sandbox' option is enough, no need to look at the parameters. Signed-off-by: J=C3=A1n Tomko Reviewed-by: Michal Privoznik --- src/qemu/qemu_capabilities.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/qemu/qemu_capabilities.c b/src/qemu/qemu_capabilities.c index 4f18a2488a..bfb59965e2 100644 --- a/src/qemu/qemu_capabilities.c +++ b/src/qemu/qemu_capabilities.c @@ -3208,7 +3208,7 @@ static struct virQEMUCapsCommandLineProps virQEMUCaps= CommandLine[] =3D { { "machine", "kernel_irqchip", QEMU_CAPS_MACHINE_KERNEL_IRQCHIP }, { "numa", NULL, QEMU_CAPS_NUMA }, /* not needed after qemuCaps->versio= n < 3000000 */ { "overcommit", NULL, QEMU_CAPS_OVERCOMMIT }, - { "sandbox", "enable", QEMU_CAPS_SECCOMP_SANDBOX }, + { "sandbox", NULL, QEMU_CAPS_SECCOMP_SANDBOX }, { "spice", "gl", QEMU_CAPS_SPICE_GL }, { "spice", "unix", QEMU_CAPS_SPICE_UNIX }, { "spice", "rendernode", QEMU_CAPS_SPICE_RENDERNODE }, --=20 2.31.1