diff mbox series

[05/12] tools/virtiofsd: Replace the word 'whitelist'

Message ID 20210202205824.1085853-6-philmd@redhat.com (mailing list archive)
State New, archived
Headers show
Series misc: Replace the words 'blacklist/whitelist' | expand

Commit Message

Philippe Mathieu-Daudé Feb. 2, 2021, 8:58 p.m. UTC
Follow the inclusive terminology from the "Conscious Language in your
Open Source Projects" guidelines [*] and replace the words "whitelist"
appropriately.

[*] https://github.com/conscious-lang/conscious-lang-docs/blob/main/faq.md

Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
---
 tools/virtiofsd/passthrough_ll.c      |  6 +++---
 tools/virtiofsd/passthrough_seccomp.c | 12 ++++++------
 2 files changed, 9 insertions(+), 9 deletions(-)

Comments

Dr. David Alan Gilbert (git) Feb. 3, 2021, 9:08 a.m. UTC | #1
* Philippe Mathieu-Daudé (philmd@redhat.com) wrote:
> Follow the inclusive terminology from the "Conscious Language in your
> Open Source Projects" guidelines [*] and replace the words "whitelist"
> appropriately.
> 
> [*] https://github.com/conscious-lang/conscious-lang-docs/blob/main/faq.md
> 
> Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>

Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>

> ---
>  tools/virtiofsd/passthrough_ll.c      |  6 +++---
>  tools/virtiofsd/passthrough_seccomp.c | 12 ++++++------
>  2 files changed, 9 insertions(+), 9 deletions(-)
> 
> diff --git a/tools/virtiofsd/passthrough_ll.c b/tools/virtiofsd/passthrough_ll.c
> index 5fb36d94074..4bf86d44211 100644
> --- a/tools/virtiofsd/passthrough_ll.c
> +++ b/tools/virtiofsd/passthrough_ll.c
> @@ -3132,7 +3132,7 @@ static void setup_mounts(const char *source)
>  }
>  
>  /*
> - * Only keep whitelisted capabilities that are needed for file system operation
> + * Only keep capabilities in allowlist that are needed for file system operation
>   * The (possibly NULL) modcaps_in string passed in is free'd before exit.
>   */
>  static void setup_capabilities(char *modcaps_in)
> @@ -3142,8 +3142,8 @@ static void setup_capabilities(char *modcaps_in)
>      capng_restore_state(&cap.saved);
>  
>      /*
> -     * Whitelist file system-related capabilities that are needed for a file
> -     * server to act like root.  Drop everything else like networking and
> +     * Add to allowlist file system-related capabilities that are needed for a
> +     * file server to act like root.  Drop everything else like networking and
>       * sysadmin capabilities.
>       *
>       * Exclusions:
> diff --git a/tools/virtiofsd/passthrough_seccomp.c b/tools/virtiofsd/passthrough_seccomp.c
> index a60d7da4b4e..c8b1ebbe830 100644
> --- a/tools/virtiofsd/passthrough_seccomp.c
> +++ b/tools/virtiofsd/passthrough_seccomp.c
> @@ -21,7 +21,7 @@
>  #endif
>  #endif
>  
> -static const int syscall_whitelist[] = {
> +static const int syscall_allowlist[] = {
>      /* TODO ireg sem*() syscalls */
>      SCMP_SYS(brk),
>      SCMP_SYS(capget), /* For CAP_FSETID */
> @@ -115,12 +115,12 @@ static const int syscall_whitelist[] = {
>  };
>  
>  /* Syscalls used when --syslog is enabled */
> -static const int syscall_whitelist_syslog[] = {
> +static const int syscall_allowlist_syslog[] = {
>      SCMP_SYS(send),
>      SCMP_SYS(sendto),
>  };
>  
> -static void add_whitelist(scmp_filter_ctx ctx, const int syscalls[], size_t len)
> +static void add_allowlist(scmp_filter_ctx ctx, const int syscalls[], size_t len)
>  {
>      size_t i;
>  
> @@ -151,10 +151,10 @@ void setup_seccomp(bool enable_syslog)
>          exit(1);
>      }
>  
> -    add_whitelist(ctx, syscall_whitelist, G_N_ELEMENTS(syscall_whitelist));
> +    add_allowlist(ctx, syscall_allowlist, G_N_ELEMENTS(syscall_allowlist));
>      if (enable_syslog) {
> -        add_whitelist(ctx, syscall_whitelist_syslog,
> -                      G_N_ELEMENTS(syscall_whitelist_syslog));
> +        add_allowlist(ctx, syscall_allowlist_syslog,
> +                      G_N_ELEMENTS(syscall_allowlist_syslog));
>      }
>  
>      /* libvhost-user calls this for post-copy migration, we don't need it */
> -- 
> 2.26.2
>
Daniel P. Berrangé Feb. 3, 2021, 10:11 a.m. UTC | #2
On Tue, Feb 02, 2021 at 09:58:17PM +0100, Philippe Mathieu-Daudé wrote:
> Follow the inclusive terminology from the "Conscious Language in your
> Open Source Projects" guidelines [*] and replace the words "whitelist"
> appropriately.
> 
> [*] https://github.com/conscious-lang/conscious-lang-docs/blob/main/faq.md
> 
> Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
> ---
>  tools/virtiofsd/passthrough_ll.c      |  6 +++---
>  tools/virtiofsd/passthrough_seccomp.c | 12 ++++++------
>  2 files changed, 9 insertions(+), 9 deletions(-)

Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>


Regards,
Daniel
diff mbox series

Patch

diff --git a/tools/virtiofsd/passthrough_ll.c b/tools/virtiofsd/passthrough_ll.c
index 5fb36d94074..4bf86d44211 100644
--- a/tools/virtiofsd/passthrough_ll.c
+++ b/tools/virtiofsd/passthrough_ll.c
@@ -3132,7 +3132,7 @@  static void setup_mounts(const char *source)
 }
 
 /*
- * Only keep whitelisted capabilities that are needed for file system operation
+ * Only keep capabilities in allowlist that are needed for file system operation
  * The (possibly NULL) modcaps_in string passed in is free'd before exit.
  */
 static void setup_capabilities(char *modcaps_in)
@@ -3142,8 +3142,8 @@  static void setup_capabilities(char *modcaps_in)
     capng_restore_state(&cap.saved);
 
     /*
-     * Whitelist file system-related capabilities that are needed for a file
-     * server to act like root.  Drop everything else like networking and
+     * Add to allowlist file system-related capabilities that are needed for a
+     * file server to act like root.  Drop everything else like networking and
      * sysadmin capabilities.
      *
      * Exclusions:
diff --git a/tools/virtiofsd/passthrough_seccomp.c b/tools/virtiofsd/passthrough_seccomp.c
index a60d7da4b4e..c8b1ebbe830 100644
--- a/tools/virtiofsd/passthrough_seccomp.c
+++ b/tools/virtiofsd/passthrough_seccomp.c
@@ -21,7 +21,7 @@ 
 #endif
 #endif
 
-static const int syscall_whitelist[] = {
+static const int syscall_allowlist[] = {
     /* TODO ireg sem*() syscalls */
     SCMP_SYS(brk),
     SCMP_SYS(capget), /* For CAP_FSETID */
@@ -115,12 +115,12 @@  static const int syscall_whitelist[] = {
 };
 
 /* Syscalls used when --syslog is enabled */
-static const int syscall_whitelist_syslog[] = {
+static const int syscall_allowlist_syslog[] = {
     SCMP_SYS(send),
     SCMP_SYS(sendto),
 };
 
-static void add_whitelist(scmp_filter_ctx ctx, const int syscalls[], size_t len)
+static void add_allowlist(scmp_filter_ctx ctx, const int syscalls[], size_t len)
 {
     size_t i;
 
@@ -151,10 +151,10 @@  void setup_seccomp(bool enable_syslog)
         exit(1);
     }
 
-    add_whitelist(ctx, syscall_whitelist, G_N_ELEMENTS(syscall_whitelist));
+    add_allowlist(ctx, syscall_allowlist, G_N_ELEMENTS(syscall_allowlist));
     if (enable_syslog) {
-        add_whitelist(ctx, syscall_whitelist_syslog,
-                      G_N_ELEMENTS(syscall_whitelist_syslog));
+        add_allowlist(ctx, syscall_allowlist_syslog,
+                      G_N_ELEMENTS(syscall_allowlist_syslog));
     }
 
     /* libvhost-user calls this for post-copy migration, we don't need it */