On Thu, Jan 17, 2019 at 08:21:00AM -0500, John Ferlan wrote:
On 1/15/19 8:23 AM, Ján Tomko wrote:
> Split out parts of the config parsing code to make
> the parent function easier to read.
>
> Signed-off-by: Ján Tomko <jtomko(a)redhat.com>
> ---
> src/qemu/qemu_conf.c | 219 +++++++++++++++++++++++--------------------
> 1 file changed, 117 insertions(+), 102 deletions(-)
>
> diff --git a/src/qemu/qemu_conf.c b/src/qemu/qemu_conf.c
> index 7fdfed7db1..135cb9e25d 100644
> --- a/src/qemu/qemu_conf.c
> +++ b/src/qemu/qemu_conf.c
> @@ -423,6 +423,121 @@ virQEMUDriverConfigHugeTLBFSInit(virHugeTLBFSPtr hugetlbfs,
> }
>
>
> +static int
> +virQEMUDriverConfigLoadSecurityEntry(virQEMUDriverConfigPtr cfg,
> + virConfPtr conf,
> + bool privileged)
This does security, cgroups, and namespaces...
The division is based on src/qemu/libvirtd_qemu.aug
[...]
> +> + if (virConfGetValueInt(conf,
"seccomp_sandbox",
&cfg->seccompSandbox) < 0)
> + goto cleanup;
> +
And again, not security related.
How is seccomp not security related?
Jano