From: Christian Brauner <christian.brauner@ubuntu.com>
Date: Fri, 3 Jul 2020 10:56:48 +0000 (+0200)
Subject: cgroups: update terminology
X-Git-Tag: lxc-5.0.0~399
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=29a01c374245c6c6cf719a17d560638fd7df9b0d;p=thirdparty%2Flxc.git

cgroups: update terminology

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
---

diff --git a/src/lxc/cgroups/cgfsng.c b/src/lxc/cgroups/cgfsng.c
index bab4ba340..31ad219c1 100644
--- a/src/lxc/cgroups/cgfsng.c
+++ b/src/lxc/cgroups/cgfsng.c
@@ -2562,8 +2562,8 @@ static int device_cgroup_rule_parse(struct device_item *device, const char *key,
 		device->major = -1;
 		device->minor = -1;
 		device->global_rule = device->allow
-					  ? LXC_BPF_DEVICE_CGROUP_BLACKLIST
-					  : LXC_BPF_DEVICE_CGROUP_WHITELIST;
+					  ? LXC_BPF_DEVICE_CGROUP_DENYLIST
+					  : LXC_BPF_DEVICE_CGROUP_ALLOWLIST;
 		device->allow = -1;
 		return 0;
 	}
diff --git a/src/lxc/cgroups/cgroup2_devices.c b/src/lxc/cgroups/cgroup2_devices.c
index 04ba7b332..59a9c4bd6 100644
--- a/src/lxc/cgroups/cgroup2_devices.c
+++ b/src/lxc/cgroups/cgroup2_devices.c
@@ -176,7 +176,7 @@ struct bpf_program *bpf_program_new(uint32_t prog_type)
 	/*
 	 * By default a whitelist is used unless the user tells us otherwise.
 	 */
-	prog->device_list_type = LXC_BPF_DEVICE_CGROUP_WHITELIST;
+	prog->device_list_type = LXC_BPF_DEVICE_CGROUP_ALLOWLIST;
 
 	return move_ptr(prog);
 }
@@ -298,7 +298,7 @@ int bpf_program_finalize(struct bpf_program *prog)
 		return ret_set_errno(-1, EINVAL);
 
 	TRACE("Implementing %s bpf device cgroup program",
-	      prog->device_list_type == LXC_BPF_DEVICE_CGROUP_BLACKLIST
+	      prog->device_list_type == LXC_BPF_DEVICE_CGROUP_DENYLIST
 		  ? "blacklist"
 		  : "whitelist");
 
@@ -450,10 +450,10 @@ int bpf_list_add_device(struct lxc_conf *conf, struct device_item *device)
 		if (cur->global_rule > LXC_BPF_DEVICE_CGROUP_LOCAL_RULE &&
 		    device->global_rule > LXC_BPF_DEVICE_CGROUP_LOCAL_RULE) {
 			TRACE("Switched from %s to %s",
-			      cur->global_rule == LXC_BPF_DEVICE_CGROUP_WHITELIST
+			      cur->global_rule == LXC_BPF_DEVICE_CGROUP_ALLOWLIST
 				  ? "whitelist"
 				  : "blacklist",
-			      device->global_rule == LXC_BPF_DEVICE_CGROUP_WHITELIST
+			      device->global_rule == LXC_BPF_DEVICE_CGROUP_ALLOWLIST
 				  ? "whitelist"
 				  : "blacklist");
 			cur->global_rule = device->global_rule;
diff --git a/src/lxc/conf.h b/src/lxc/conf.h
index 7f54539e0..e3dba87c4 100644
--- a/src/lxc/conf.h
+++ b/src/lxc/conf.h
@@ -215,8 +215,8 @@ struct lxc_state_client {
 
 enum {
 	LXC_BPF_DEVICE_CGROUP_LOCAL_RULE = -1,
-	LXC_BPF_DEVICE_CGROUP_WHITELIST  =  0,
-	LXC_BPF_DEVICE_CGROUP_BLACKLIST  =  1,
+	LXC_BPF_DEVICE_CGROUP_ALLOWLIST  =  0,
+	LXC_BPF_DEVICE_CGROUP_DENYLIST  =  1,
 };
 
 struct device_item {
@@ -227,8 +227,8 @@ struct device_item {
 	int allow;
 	/*
 	 * LXC_BPF_DEVICE_CGROUP_LOCAL_RULE -> no global rule
-	 * LXC_BPF_DEVICE_CGROUP_WHITELIST  -> whitelist (deny all)
-	 * LXC_BPF_DEVICE_CGROUP_BLACKLIST  -> blacklist (allow all)
+	 * LXC_BPF_DEVICE_CGROUP_ALLOWLIST  -> allowlist (deny all)
+	 * LXC_BPF_DEVICE_CGROUP_DENYLIST   -> denylist (allow all)
 	 */
 	int global_rule;
 };