On Friday, August 03, 2012 06:31:38 PM Anthony Liguori wrote: > Commit 0f66998 makes -enable-fips conditional on Linux hosts but then uses > it unconditionally in vl.c. > > Fix this by moving the fips handling to os-posix.c and adding a condition.
Sorry for not catching this, thanks for the fix. > Cc: Paul Moore <pmo...@redhat.com> > Signed-off-by: Anthony Liguori <aligu...@us.ibm.com> > --- > os-posix.c | 5 +++++ > vl.c | 3 --- > 2 files changed, 5 insertions(+), 3 deletions(-) > > diff --git a/os-posix.c b/os-posix.c > index daf3d6f..79fa228 100644 > --- a/os-posix.c > +++ b/os-posix.c > @@ -188,6 +188,11 @@ void os_parse_cmd_args(int index, const char *optarg) > case QEMU_OPTION_daemonize: > daemonize = 1; > break; > +#if defined(CONFIG_LINUX) > + case QEMU_OPTION_enablefips: > + fips_set_state(true); > + break; > +#endif > } > return; > } > diff --git a/vl.c b/vl.c > index 8cda85f..6d2ce45 100644 > --- a/vl.c > +++ b/vl.c > @@ -3199,9 +3199,6 @@ int main(int argc, char **argv, char **envp) > case QEMU_OPTION_qtest_log: > qtest_log = optarg; > break; > - case QEMU_OPTION_enablefips: > - fips_set_state(true); > - break; > default: > os_parse_cmd_args(popt->index, optarg); > } -- paul moore security and virtualization @ redhat
