aboutsummaryrefslogtreecommitdiff
path: root/softmmu/qemu-seccomp.c
diff options
context:
space:
mode:
Diffstat (limited to 'softmmu/qemu-seccomp.c')
-rw-r--r--softmmu/qemu-seccomp.c16
1 files changed, 8 insertions, 8 deletions
diff --git a/softmmu/qemu-seccomp.c b/softmmu/qemu-seccomp.c
index 377ef69..9c29d9c 100644
--- a/softmmu/qemu-seccomp.c
+++ b/softmmu/qemu-seccomp.c
@@ -45,8 +45,8 @@ const struct scmp_arg_cmp sched_setscheduler_arg[] = {
{ .arg = 1, .op = SCMP_CMP_NE, .datum_a = SCHED_IDLE }
};
-static const struct QemuSeccompSyscall blacklist[] = {
- /* default set of syscalls to blacklist */
+static const struct QemuSeccompSyscall denylist[] = {
+ /* default set of syscalls that should get blocked */
{ SCMP_SYS(reboot), QEMU_SECCOMP_SET_DEFAULT },
{ SCMP_SYS(swapon), QEMU_SECCOMP_SET_DEFAULT },
{ SCMP_SYS(swapoff), QEMU_SECCOMP_SET_DEFAULT },
@@ -175,18 +175,18 @@ static int seccomp_start(uint32_t seccomp_opts, Error **errp)
goto seccomp_return;
}
- for (i = 0; i < ARRAY_SIZE(blacklist); i++) {
+ for (i = 0; i < ARRAY_SIZE(denylist); i++) {
uint32_t action;
- if (!(seccomp_opts & blacklist[i].set)) {
+ if (!(seccomp_opts & denylist[i].set)) {
continue;
}
- action = qemu_seccomp_get_action(blacklist[i].set);
- rc = seccomp_rule_add_array(ctx, action, blacklist[i].num,
- blacklist[i].narg, blacklist[i].arg_cmp);
+ action = qemu_seccomp_get_action(denylist[i].set);
+ rc = seccomp_rule_add_array(ctx, action, denylist[i].num,
+ denylist[i].narg, denylist[i].arg_cmp);
if (rc < 0) {
error_setg_errno(errp, -rc,
- "failed to add seccomp blacklist rules");
+ "failed to add seccomp denylist rules");
goto seccomp_return;
}
}