External/libvirt
1
0
Fork 0
mirror of https://gitlab.com/libvirt/libvirt.git synced 2025-03-07 17:28:15 +00:00
Code

qemu: seccomp: remove dead code

Browse Source 
There is no QEMU we support that would need the old syntax
for -sandbox on.

Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
This commit is contained in:
Ján Tomko 2021-09-24 16:20:01 +02:00
parent d1be5aa6a4
commit cfb8951e68
1 changed files with 0 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
src/qemu/qemu_command.c
View File

@ -10119,7 +10119,6 @@ qemuBuildSeccompSandboxCommandLine(virCommand *cmd,
return 0; return 0;
} }
/* Use blacklist by default if supported */
if (virQEMUCapsGet(qemuCaps, QEMU_CAPS_SECCOMP_SANDBOX)) { if (virQEMUCapsGet(qemuCaps, QEMU_CAPS_SECCOMP_SANDBOX)) {
virCommandAddArgList(cmd, "-sandbox", virCommandAddArgList(cmd, "-sandbox",
"on,obsolete=deny,elevateprivileges=deny," "on,obsolete=deny,elevateprivileges=deny,"
@ -10128,10 +10127,6 @@ qemuBuildSeccompSandboxCommandLine(virCommand *cmd,
return 0; return 0;
} }
/* Seccomp whitelist is opt-in */
if (cfg->seccompSandbox > 0)
virCommandAddArgList(cmd, "-sandbox", "on", NULL);
return 0; return 0;
} }