From: Yi Min Zhao <zyimin@linux.ibm.com>
To: "Ján Tomko" <jtomko@redhat.com>
Cc: Eduardo Otubo <otubo@redhat.com>,
borntraeger@de.ibm.com, fiuczy@linux.ibm.com,
qemu-devel@nongnu.org, pbonzini@redhat.com
Subject: Re: [Qemu-devel] [PATCH v2 1/1] sandbox: disable -sandbox if CONFIG_SECCOMP undefined
Date: Wed, 23 May 2018 17:16:29 +0800 [thread overview]
Message-ID: <397e4f8c-0913-6ffd-13fa-743abbbd47e4@linux.ibm.com> (raw)
In-Reply-To: <20180523074757.GI26766@dnr>
在 2018/5/23 下午3:47, Ján Tomko 写道:
> On Sat, May 19, 2018 at 04:20:37PM +0800, Yi Min Zhao wrote:
>>
>>
>> 在 2018/5/18 下午9:07, Ján Tomko 写道:
>>> On Fri, May 18, 2018 at 11:19:16AM +0200, Eduardo Otubo wrote:
>>>> On 18/05/2018 - 09:52:12, Ján Tomko wrote:
>>>>> But now libvirt requires QEMU >= 1.5.0 which already supports
>>>>> query-command-line-options, so if you want the option gone completely
>>>>> --without-seccomp, I can add the code that probes for it and
>>>>> make seccomp_sandbox = 0 a no-op if it's compiled out.
>>>>
>>>> This looks like a good solution for the libvirt side. Can you add
>>>> this support
>>>> so we can merge this fix?
>>>>
>>>
>>> Patches proposed:
>>> https://www.redhat.com/archives/libvir-list/2018-May/msg01430.html
>>>
>>> Jano
>> Thanks for your work!
>
> Now pushed in libvirt master:
> commit b87222a90919040c12fb6d7c8dcc20f944a66495
> Author: Ján Tomko <jtomko@redhat.com>
> AuthorDate: 2018-05-18 14:57:51 +0200
> Commit: Ján Tomko <jtomko@redhat.com>
> CommitDate: 2018-05-23 09:45:48 +0200
>
> qemu: only pass -sandbox off if supported
>
> This way we don't rely on QEMU supplying the -sandbox option
> without CONFIG_SECCOMP.
>
> Signed-off-by: Ján Tomko <jtomko@redhat.com>
> Reviewed-by: John Ferlan <jferlan@redhat.com>
>
> git describe: v4.3.0-258-gb87222a909
> https://libvirt.org/git/?p=libvirt.git;a=commitdiff;h=b87222a90919040c12fb6d7c8dcc20f944a66495
>
>
> Jano
Thanks! But I have not got response from Paolo. I have added him to CC
list.
next prev parent reply other threads:[~2018-05-23 9:28 UTC|newest]
Thread overview: 21+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-05-15 11:33 [Qemu-devel] [PATCH v2 0/1] Bug: Sandbox: libvirt breakdowns qemu guest Yi Min Zhao
2018-05-15 11:33 ` [Qemu-devel] [PATCH v2 1/1] sandbox: disable -sandbox if CONFIG_SECCOMP undefined Yi Min Zhao
2018-05-15 15:25 ` Eric Blake
2018-05-16 1:05 ` Yi Min Zhao
2018-05-17 11:33 ` Yi Min Zhao
2018-05-17 12:41 ` Eduardo Otubo
2018-05-17 14:36 ` Yi Min Zhao
2018-05-18 7:52 ` Ján Tomko
2018-05-18 9:19 ` Eduardo Otubo
2018-05-18 13:07 ` Ján Tomko
2018-05-19 8:20 ` Yi Min Zhao
2018-05-23 7:47 ` Ján Tomko
2018-05-23 9:16 ` Yi Min Zhao [this message]
2018-05-23 10:33 ` Eduardo Otubo
2018-05-23 12:17 ` Yi Min Zhao
2018-05-24 7:53 ` Eduardo Otubo
2018-05-24 13:40 ` Paolo Bonzini
2018-05-25 4:23 ` Yi Min Zhao
2018-05-25 9:36 ` Eduardo Otubo
2018-05-28 12:55 ` Yi Min Zhao
2018-05-18 12:08 ` Eric Blake
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=397e4f8c-0913-6ffd-13fa-743abbbd47e4@linux.ibm.com \
--to=zyimin@linux.ibm.com \
--cc=borntraeger@de.ibm.com \
--cc=fiuczy@linux.ibm.com \
--cc=jtomko@redhat.com \
--cc=otubo@redhat.com \
--cc=pbonzini@redhat.com \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.