[libvirt] [PATCH v2] Fix apparmor profile to make vfio pci passthrough work
Eric Blake
eblake at redhat.com
Thu Mar 27 15:10:09 UTC 2014
On 03/25/2014 03:27 PM, Serge Hallyn wrote:
> Quoting Cedric Bosdonnat (cbosdonnat at suse.com):
>> On Tue, 2014-03-25 at 10:40 -0500, Serge Hallyn wrote:
>>> Quoting Cédric Bosdonnat (cbosdonnat at suse.com):
>>>> See lp#1276719 for the bug description. As virt-aa-helper doesn't know
>>>> the VFIO groups to use for the guest, allow access to all
>>>> /dev/vfio/[0-9]* and /dev/vfio/vfio files if there is a potential need
>>>> for vfio
>>>> ---
>>>
>>> Thanks, Cédric! Looks good to me. Still needs a signed-off-by from you
>>> (I assume), but
>>>
>>> Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
>>
>> I wasn't aware I needed to sign-off my patches, but I can resubmit with
>> it ;)
>
> Actually it looks like I'm wrong, libvirt doesn't require them:
>
> http://libvirt.org/hacking.html (point 3)
>
> I've pushed this patch to ppa:ubuntu-virt/candidate, which is meant to
> go into trusty when qemu 2.0 is released.
> + if (needsVfio) {
> + virBufferAsprintf(&buf, " /dev/vfio/vfio rw,\n");
> + virBufferAsprintf(&buf, " /dev/vfio/[0-9]* rw,\n");
virBufferAsprintf should only be used with % format strings. This fails
'make syntax-check':
prohibit_virBufferAsprintf_with_string_literal
src/security/virt-aa-helper.c:1107: virBufferAsprintf(&buf, "
/dev/vfio/vfio rw,\n");
src/security/virt-aa-helper.c:1108: virBufferAsprintf(&buf, "
/dev/vfio/[0-9]* rw,\n");
maint.mk: use virBufferAddLit, not virBufferAsprintf, with a string literal
I made the obvious change, and pushed in time for 1.2.3.
--
Eric Blake eblake redhat com +1-919-301-3266
Libvirt virtualization library http://libvirt.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 604 bytes
Desc: OpenPGP digital signature
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20140327/a3631e18/attachment-0001.sig>
More information about the libvir-list
mailing list