diff options
Diffstat (limited to 'softmmu/qemu-seccomp.c')
-rw-r--r-- | softmmu/qemu-seccomp.c | 16 |
1 files changed, 8 insertions, 8 deletions
diff --git a/softmmu/qemu-seccomp.c b/softmmu/qemu-seccomp.c index 377ef69..9c29d9c 100644 --- a/softmmu/qemu-seccomp.c +++ b/softmmu/qemu-seccomp.c @@ -45,8 +45,8 @@ const struct scmp_arg_cmp sched_setscheduler_arg[] = { { .arg = 1, .op = SCMP_CMP_NE, .datum_a = SCHED_IDLE } }; -static const struct QemuSeccompSyscall blacklist[] = { - /* default set of syscalls to blacklist */ +static const struct QemuSeccompSyscall denylist[] = { + /* default set of syscalls that should get blocked */ { SCMP_SYS(reboot), QEMU_SECCOMP_SET_DEFAULT }, { SCMP_SYS(swapon), QEMU_SECCOMP_SET_DEFAULT }, { SCMP_SYS(swapoff), QEMU_SECCOMP_SET_DEFAULT }, @@ -175,18 +175,18 @@ static int seccomp_start(uint32_t seccomp_opts, Error **errp) goto seccomp_return; } - for (i = 0; i < ARRAY_SIZE(blacklist); i++) { + for (i = 0; i < ARRAY_SIZE(denylist); i++) { uint32_t action; - if (!(seccomp_opts & blacklist[i].set)) { + if (!(seccomp_opts & denylist[i].set)) { continue; } - action = qemu_seccomp_get_action(blacklist[i].set); - rc = seccomp_rule_add_array(ctx, action, blacklist[i].num, - blacklist[i].narg, blacklist[i].arg_cmp); + action = qemu_seccomp_get_action(denylist[i].set); + rc = seccomp_rule_add_array(ctx, action, denylist[i].num, + denylist[i].narg, denylist[i].arg_cmp); if (rc < 0) { error_setg_errno(errp, -rc, - "failed to add seccomp blacklist rules"); + "failed to add seccomp denylist rules"); goto seccomp_return; } } |