From: "Dr. David Alan Gilbert (git)" <dgilbert@redhat.com> To: qemu-devel@nongnu.org, wainersm@redhat.com, groug@kaod.org, philmd@redhat.com, vgoyal@redhat.com Cc: virtio-fs@redhat.com Subject: [PULL 3/6] tools/virtiofsd: Replace the word 'whitelist' Date: Tue, 16 Feb 2021 18:37:31 +0000 [thread overview] Message-ID: <20210216183734.57810-4-dgilbert@redhat.com> (raw) In-Reply-To: <20210216183734.57810-1-dgilbert@redhat.com> From: Philippe Mathieu-Daudé <philmd@redhat.com> Follow the inclusive terminology from the "Conscious Language in your Open Source Projects" guidelines [*] and replace the words "whitelist" appropriately. [*] https://github.com/conscious-lang/conscious-lang-docs/blob/main/faq.md Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com> Message-Id: <20210205171817.2108907-3-philmd@redhat.com> Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com> --- tools/virtiofsd/passthrough_ll.c | 6 +++--- tools/virtiofsd/passthrough_seccomp.c | 12 ++++++------ 2 files changed, 9 insertions(+), 9 deletions(-) diff --git a/tools/virtiofsd/passthrough_ll.c b/tools/virtiofsd/passthrough_ll.c index 147b59338a..5f3afe8557 100644 --- a/tools/virtiofsd/passthrough_ll.c +++ b/tools/virtiofsd/passthrough_ll.c @@ -3204,7 +3204,7 @@ static void setup_mounts(const char *source) } /* - * Only keep whitelisted capabilities that are needed for file system operation + * Only keep capabilities in allowlist that are needed for file system operation * The (possibly NULL) modcaps_in string passed in is free'd before exit. */ static void setup_capabilities(char *modcaps_in) @@ -3214,8 +3214,8 @@ static void setup_capabilities(char *modcaps_in) capng_restore_state(&cap.saved); /* - * Whitelist file system-related capabilities that are needed for a file - * server to act like root. Drop everything else like networking and + * Add to allowlist file system-related capabilities that are needed for a + * file server to act like root. Drop everything else like networking and * sysadmin capabilities. * * Exclusions: diff --git a/tools/virtiofsd/passthrough_seccomp.c b/tools/virtiofsd/passthrough_seccomp.c index ea852e2e33..62441cfcdb 100644 --- a/tools/virtiofsd/passthrough_seccomp.c +++ b/tools/virtiofsd/passthrough_seccomp.c @@ -21,7 +21,7 @@ #endif #endif -static const int syscall_whitelist[] = { +static const int syscall_allowlist[] = { /* TODO ireg sem*() syscalls */ SCMP_SYS(brk), SCMP_SYS(capget), /* For CAP_FSETID */ @@ -117,12 +117,12 @@ static const int syscall_whitelist[] = { }; /* Syscalls used when --syslog is enabled */ -static const int syscall_whitelist_syslog[] = { +static const int syscall_allowlist_syslog[] = { SCMP_SYS(send), SCMP_SYS(sendto), }; -static void add_whitelist(scmp_filter_ctx ctx, const int syscalls[], size_t len) +static void add_allowlist(scmp_filter_ctx ctx, const int syscalls[], size_t len) { size_t i; @@ -153,10 +153,10 @@ void setup_seccomp(bool enable_syslog) exit(1); } - add_whitelist(ctx, syscall_whitelist, G_N_ELEMENTS(syscall_whitelist)); + add_allowlist(ctx, syscall_allowlist, G_N_ELEMENTS(syscall_allowlist)); if (enable_syslog) { - add_whitelist(ctx, syscall_whitelist_syslog, - G_N_ELEMENTS(syscall_whitelist_syslog)); + add_allowlist(ctx, syscall_allowlist_syslog, + G_N_ELEMENTS(syscall_allowlist_syslog)); } /* libvhost-user calls this for post-copy migration, we don't need it */ -- 2.29.2
WARNING: multiple messages have this Message-ID (diff)
From: "Dr. David Alan Gilbert (git)" <dgilbert@redhat.com> To: qemu-devel@nongnu.org, wainersm@redhat.com, groug@kaod.org, philmd@redhat.com, vgoyal@redhat.com Cc: virtio-fs@redhat.com Subject: [Virtio-fs] [PULL 3/6] tools/virtiofsd: Replace the word 'whitelist' Date: Tue, 16 Feb 2021 18:37:31 +0000 [thread overview] Message-ID: <20210216183734.57810-4-dgilbert@redhat.com> (raw) In-Reply-To: <20210216183734.57810-1-dgilbert@redhat.com> From: Philippe Mathieu-Daudé <philmd@redhat.com> Follow the inclusive terminology from the "Conscious Language in your Open Source Projects" guidelines [*] and replace the words "whitelist" appropriately. [*] https://github.com/conscious-lang/conscious-lang-docs/blob/main/faq.md Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com> Message-Id: <20210205171817.2108907-3-philmd@redhat.com> Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com> --- tools/virtiofsd/passthrough_ll.c | 6 +++--- tools/virtiofsd/passthrough_seccomp.c | 12 ++++++------ 2 files changed, 9 insertions(+), 9 deletions(-) diff --git a/tools/virtiofsd/passthrough_ll.c b/tools/virtiofsd/passthrough_ll.c index 147b59338a..5f3afe8557 100644 --- a/tools/virtiofsd/passthrough_ll.c +++ b/tools/virtiofsd/passthrough_ll.c @@ -3204,7 +3204,7 @@ static void setup_mounts(const char *source) } /* - * Only keep whitelisted capabilities that are needed for file system operation + * Only keep capabilities in allowlist that are needed for file system operation * The (possibly NULL) modcaps_in string passed in is free'd before exit. */ static void setup_capabilities(char *modcaps_in) @@ -3214,8 +3214,8 @@ static void setup_capabilities(char *modcaps_in) capng_restore_state(&cap.saved); /* - * Whitelist file system-related capabilities that are needed for a file - * server to act like root. Drop everything else like networking and + * Add to allowlist file system-related capabilities that are needed for a + * file server to act like root. Drop everything else like networking and * sysadmin capabilities. * * Exclusions: diff --git a/tools/virtiofsd/passthrough_seccomp.c b/tools/virtiofsd/passthrough_seccomp.c index ea852e2e33..62441cfcdb 100644 --- a/tools/virtiofsd/passthrough_seccomp.c +++ b/tools/virtiofsd/passthrough_seccomp.c @@ -21,7 +21,7 @@ #endif #endif -static const int syscall_whitelist[] = { +static const int syscall_allowlist[] = { /* TODO ireg sem*() syscalls */ SCMP_SYS(brk), SCMP_SYS(capget), /* For CAP_FSETID */ @@ -117,12 +117,12 @@ static const int syscall_whitelist[] = { }; /* Syscalls used when --syslog is enabled */ -static const int syscall_whitelist_syslog[] = { +static const int syscall_allowlist_syslog[] = { SCMP_SYS(send), SCMP_SYS(sendto), }; -static void add_whitelist(scmp_filter_ctx ctx, const int syscalls[], size_t len) +static void add_allowlist(scmp_filter_ctx ctx, const int syscalls[], size_t len) { size_t i; @@ -153,10 +153,10 @@ void setup_seccomp(bool enable_syslog) exit(1); } - add_whitelist(ctx, syscall_whitelist, G_N_ELEMENTS(syscall_whitelist)); + add_allowlist(ctx, syscall_allowlist, G_N_ELEMENTS(syscall_allowlist)); if (enable_syslog) { - add_whitelist(ctx, syscall_whitelist_syslog, - G_N_ELEMENTS(syscall_whitelist_syslog)); + add_allowlist(ctx, syscall_allowlist_syslog, + G_N_ELEMENTS(syscall_allowlist_syslog)); } /* libvhost-user calls this for post-copy migration, we don't need it */ -- 2.29.2
next prev parent reply other threads:[~2021-02-16 18:50 UTC|newest] Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top 2021-02-16 18:37 [PULL 0/6] virtiofs queue Dr. David Alan Gilbert (git) 2021-02-16 18:37 ` [Virtio-fs] " Dr. David Alan Gilbert (git) 2021-02-16 18:37 ` [PULL 1/6] virtiofsd: Allow to build it without the tools Dr. David Alan Gilbert (git) 2021-02-16 18:37 ` [Virtio-fs] " Dr. David Alan Gilbert (git) 2021-02-16 18:37 ` [PULL 2/6] virtiofsd: vu_dispatch locking should never fail Dr. David Alan Gilbert (git) 2021-02-16 18:37 ` [Virtio-fs] " Dr. David Alan Gilbert (git) 2021-02-16 18:37 ` Dr. David Alan Gilbert (git) [this message] 2021-02-16 18:37 ` [Virtio-fs] [PULL 3/6] tools/virtiofsd: Replace the word 'whitelist' Dr. David Alan Gilbert (git) 2021-02-16 18:37 ` [PULL 4/6] virtiofsd: Save error code early at the failure callsite Dr. David Alan Gilbert (git) 2021-02-16 18:37 ` [Virtio-fs] " Dr. David Alan Gilbert (git) 2021-02-16 18:37 ` [PULL 5/6] viriofsd: Add support for FUSE_HANDLE_KILLPRIV_V2 Dr. David Alan Gilbert (git) 2021-02-16 18:37 ` [Virtio-fs] " Dr. David Alan Gilbert (git) 2021-02-16 18:37 ` [PULL 6/6] virtiofsd: Do not use a thread pool by default Dr. David Alan Gilbert (git) 2021-02-16 18:37 ` [Virtio-fs] " Dr. David Alan Gilbert (git) 2021-02-17 19:18 ` [PULL 0/6] virtiofs queue Peter Maydell 2021-02-17 19:18 ` [Virtio-fs] " Peter Maydell
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=20210216183734.57810-4-dgilbert@redhat.com \ --to=dgilbert@redhat.com \ --cc=groug@kaod.org \ --cc=philmd@redhat.com \ --cc=qemu-devel@nongnu.org \ --cc=vgoyal@redhat.com \ --cc=virtio-fs@redhat.com \ --cc=wainersm@redhat.com \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.