seccomp: Clean up error reporting in parse_sandbox()

Calling error_report() in a function that takes an Error ** argument is suspicious. parse_sandbox() does that, and then fails without setting an error. Its caller main(), via qemu_opts_foreach(), is fine with it, but clean it up anyway. Cc: Eduardo Otubo <otubo@redhat.com> Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com> Acked-by: Eduardo Otubo <otubo@redhat.com> Message-Id: <20181017082702.5581-18-armbru@redhat.com>
2018-10-17 10:26:41 +02:00 · 2018-10-17 10:26:41 +02:00 · 6548459769
parent fff4c9c325
commit 6548459769
2 changed files with 11 additions and 11 deletions
--- a/qemu-seccomp.c
+++ b/qemu-seccomp.c
@ -12,11 +12,12 @@
 * Contributions after 2012-01-13 are licensed under the terms of the
 * GNU GPL, version 2 or (at your option) any later version.
 */
+
 #include "qemu/osdep.h"
+#include "qapi/error.h"
 #include "qemu/config-file.h"
 #include "qemu/option.h"
 #include "qemu/module.h"
-#include "qemu/error-report.h"
 #include <sys/prctl.h>
 #include <seccomp.h>
 #include "sysemu/seccomp.h"
@ -190,7 +191,7 @@ int parse_sandbox(void *opaque, QemuOpts *opts, Error **errp)
                 * to provide a little bit of consistency for
                 * the command line */
            } else {
-                error_report("invalid argument for obsolete");
+                error_setg(errp, "invalid argument for obsolete");
                return -1;
            }
        }
@ -205,14 +206,13 @@ int parse_sandbox(void *opaque, QemuOpts *opts, Error **errp)
                /* calling prctl directly because we're
                 * not sure if host has CAP_SYS_ADMIN set*/
                if (prctl(PR_SET_NO_NEW_PRIVS, 1)) {
-                    error_report("failed to set no_new_privs "
-                                 "aborting");
+                    error_setg(errp, "failed to set no_new_privs aborting");
                    return -1;
                }
            } else if (g_str_equal(value, "allow")) {
                /* default value */
            } else {
-                error_report("invalid argument for elevateprivileges");
+                error_setg(errp, "invalid argument for elevateprivileges");
                return -1;
            }
        }
@ -224,7 +224,7 @@ int parse_sandbox(void *opaque, QemuOpts *opts, Error **errp)
            } else if (g_str_equal(value, "allow")) {
                /* default value */
            } else {
-                error_report("invalid argument for spawn");
+                error_setg(errp, "invalid argument for spawn");
                return -1;
            }
        }
@ -236,14 +236,14 @@ int parse_sandbox(void *opaque, QemuOpts *opts, Error **errp)
            } else if (g_str_equal(value, "allow")) {
                /* default value */
            } else {
-                error_report("invalid argument for resourcecontrol");
+                error_setg(errp, "invalid argument for resourcecontrol");
                return -1;
            }
        }

        if (seccomp_start(seccomp_opts) < 0) {
-            error_report("failed to install seccomp syscall filter "
-                         "in the kernel");
+            error_setg(errp, "failed to install seccomp syscall filter "
+                       "in the kernel");
            return -1;
        }
    }
--- a/vl.c
+++ b/vl.c
@ -3973,8 +3973,8 @@ int main(int argc, char **argv, char **envp)

 #ifdef CONFIG_SECCOMP
    olist = qemu_find_opts_err("sandbox", NULL);
-    if (olist && qemu_opts_foreach(olist, parse_sandbox, NULL, NULL)) {
-        exit(1);
+    if (olist) {
+        qemu_opts_foreach(olist, parse_sandbox, NULL, &error_fatal);
    }
 #endif