[libvirt] [PATCH] Avoid high privileges taint warning for QEMU session driver

Thursday, 23 June 2011

The code emitting taint warnings was mistakenly thinking
that guests run from the QEMU session driver were tainted
for having high privileges. This is of course nonsense
since the session driver is always unprivileged

* src/qemu/qemu_domain.c: Don't warn for high privileges in
  non-privileged QEMU
---
 src/qemu/qemu_domain.c |    7 ++++---
 1 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c
index fab316f..3af1c86 100644
--- a/src/qemu/qemu_domain.c
+++ b/src/qemu/qemu_domain.c
@@ -788,9 +788,10 @@ void qemuDomainObjCheckTaint(struct qemud_driver *driver,
 {
     int i;
 
-    if (!driver->clearEmulatorCapabilities ||
-        driver->user == 0 ||
-        driver->group == 0)
+    if (driver->privileged &&
+        (!driver->clearEmulatorCapabilities ||
+         driver->user == 0 ||
+         driver->group == 0))
         qemuDomainObjTaint(driver, obj, VIR_DOMAIN_TAINT_HIGH_PRIVILEGES, logFD);
 
     if (obj->def->namespaceData) {
-- 
1.7.4.4


    

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

[libvirt] [PATCH] Avoid high privileges taint warning for QEMU session driver