Re: [Qemu-devel] [PATCH 1/1] sandbox: avoid to compile options if CONFIG_SECCOMP undefined

[Yi Min Zhao]

在 2018/5/8 上午2:04, Eric Blake 写道:
> On 05/06/2018 10:32 PM, Yi Min Zhao wrote:
>
> In the subject line: s/avoid to compile/avoid compiling/
>
> > If CONFIG_SECCOMP is undefined, the option 'elevatorprivileges' remains
>
> s/elevator/elevate/
>
> > complied. This would make libvirt set the corresponding capability and
>
> s/complied/compiled/
Thanks for your correction.
> > then trigger the guest startup fails. So let's wrap the options with
> > CONFIG_SECCOMP.
> >
> > Signed-off-by: Yi Min Zhao <address@hidden>
> > ---
> >   vl.c | 2 ++
> >   1 file changed, 2 insertions(+)
> >
> > diff --git a/vl.c b/vl.c
> > index fce1fd12d8..cb07b19c02 100644
> > --- a/vl.c
> > +++ b/vl.c
> > @@ -268,6 +268,7 @@ static QemuOptsList qemu_sandbox_opts = {
> >               .name = "enable",
> >               .type = QEMU_OPT_BOOL,
> >           },
> > +#ifdef CONFIG_SECCOMP
> >           {
> >               .name = "obsolete",
> >               .type = QEMU_OPT_STRING,
> > @@ -284,6 +285,7 @@ static QemuOptsList qemu_sandbox_opts = {
> >               .name = "resourcecontrol",
> >               .type = QEMU_OPT_STRING,
> >           },
> > +#endif
>
> The commit message mentions only 'elevateprivileges' (once the typo is 
> fixed), but you are also crippling 'obsolete', 'spawn', and 
> 'resourcecontrol'.  Perhaps the commit message should call that out 
> better?  Or, since libvirt is looking at just 'elevateprivileges', per 
> this line in libvirt's qemu_capabilities.c:
>
> src/qemu/qemu_capabilities.c:    { "sandbox", "elevateprivileges", 
> QEMU_CAPS_SECCOMP_BLACKLIST },
>
> is it sufficient to just mask out that one option?
The problem is caused by 'elevateprivileges' ostensibly from Libvirt 
point of view. But in Qemu, CONFIG_SECCOMP controls other options except 
'enable' in parse_sandbox(). So if SECCOMP is not configured, we don't 
need other options instead of only elevateprivileges.