mirrors/qemu
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

seccomp: Clean up error reporting in parse_sandbox()

Browse Source 
Calling error_report() in a function that takes an Error ** argument
is suspicious.  parse_sandbox() does that, and then fails without
setting an error.  Its caller main(), via qemu_opts_foreach(), is fine
with it, but clean it up anyway.

Cc: Eduardo Otubo <otubo@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Acked-by: Eduardo Otubo <otubo@redhat.com>
Message-Id: <20181017082702.5581-18-armbru@redhat.com>
This commit is contained in:
Markus Armbruster 2018-10-17 10:26:41 +02:00
parent fff4c9c325
commit 6548459769
2 changed files with 11 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
qemu-seccomp.c
View File

@ -12,11 +12,12 @@
* Contributions after 2012-01-13 are licensed under the terms of the * Contributions after 2012-01-13 are licensed under the terms of the
* GNU GPL, version 2 or (at your option) any later version. * GNU GPL, version 2 or (at your option) any later version.
*/ */
#include "qemu/osdep.h" #include "qemu/osdep.h"
#include "qapi/error.h"
#include "qemu/config-file.h" #include "qemu/config-file.h"
#include "qemu/option.h" #include "qemu/option.h"
#include "qemu/module.h" #include "qemu/module.h"
#include "qemu/error-report.h"
#include <sys/prctl.h> #include <sys/prctl.h>
#include <seccomp.h> #include <seccomp.h>
#include "sysemu/seccomp.h" #include "sysemu/seccomp.h"
@ -190,7 +191,7 @@ int parse_sandbox(void *opaque, QemuOpts *opts, Error **errp)
* to provide a little bit of consistency for * to provide a little bit of consistency for
* the command line */ * the command line */
} else { } else {
error_report("invalid argument for obsolete"); error_setg(errp, "invalid argument for obsolete");
return -1; return -1;
} }
} }
@ -205,14 +206,13 @@ int parse_sandbox(void *opaque, QemuOpts *opts, Error **errp)
/* calling prctl directly because we're /* calling prctl directly because we're
* not sure if host has CAP_SYS_ADMIN set*/ * not sure if host has CAP_SYS_ADMIN set*/
if (prctl(PR_SET_NO_NEW_PRIVS, 1)) { if (prctl(PR_SET_NO_NEW_PRIVS, 1)) {
error_report("failed to set no_new_privs " error_setg(errp, "failed to set no_new_privs aborting");
"aborting");
return -1; return -1;
} }
} else if (g_str_equal(value, "allow")) { } else if (g_str_equal(value, "allow")) {
/* default value */ /* default value */
} else { } else {
error_report("invalid argument for elevateprivileges"); error_setg(errp, "invalid argument for elevateprivileges");
return -1; return -1;
} }
} }
@ -224,7 +224,7 @@ int parse_sandbox(void *opaque, QemuOpts *opts, Error **errp)
} else if (g_str_equal(value, "allow")) { } else if (g_str_equal(value, "allow")) {
/* default value */ /* default value */
} else { } else {
error_report("invalid argument for spawn"); error_setg(errp, "invalid argument for spawn");
return -1; return -1;
} }
} }
@ -236,14 +236,14 @@ int parse_sandbox(void *opaque, QemuOpts *opts, Error **errp)
} else if (g_str_equal(value, "allow")) { } else if (g_str_equal(value, "allow")) {
/* default value */ /* default value */
} else { } else {
error_report("invalid argument for resourcecontrol"); error_setg(errp, "invalid argument for resourcecontrol");
return -1; return -1;
} }
} }
if (seccomp_start(seccomp_opts) < 0) { if (seccomp_start(seccomp_opts) < 0) {
error_report("failed to install seccomp syscall filter " error_setg(errp, "failed to install seccomp syscall filter "
"in the kernel"); "in the kernel");
return -1; return -1;
} }
} }

4
vl.c
View File

@ -3973,8 +3973,8 @@ int main(int argc, char **argv, char **envp)
#ifdef CONFIG_SECCOMP #ifdef CONFIG_SECCOMP
olist = qemu_find_opts_err("sandbox", NULL); olist = qemu_find_opts_err("sandbox", NULL);
if (olist && qemu_opts_foreach(olist, parse_sandbox, NULL, NULL)) { if (olist) {
exit(1); qemu_opts_foreach(olist, parse_sandbox, NULL, &error_fatal);
} }
#endif #endif