[libvirt] [PATCH] security: aa-helper: fix static defined vfio MDEVs
Christian Ehrhardt
christian.ehrhardt at canonical.com
Thu Nov 22 10:32:43 UTC 2018
On Thu, Nov 22, 2018 at 11:27 AM Christian Ehrhardt <
christian.ehrhardt at canonical.com> wrote:
> For vfio MDEVs we need to allow qemu the vfio access in apparmor.
>
> This is extending the older fix 74e86b6b: "Fix apparmor profile
> to make vfio pci passthrough work" which was for VFIO PCI
> passthrough on static hostdevs to now also cover vfio MDEVs.
> It is having the same limitations of the lifecycle at that time
> being unable to detect the actual vfio device and therefore
> adds a wildcars.
>
obviously wildcards - not afraid of bad traffic, but not worth a V2.
Fixed locally already as well as the first line which had the word "access"
twice.
Waiting for feedback to make a V2 with actual (not just commit words)
changes as needed.
P.S. @Boris as I know you are affected by missing this I you to CC on the
thread as well. Enjoy my typos :-/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20181122/f726be6d/attachment-0001.htm>
More information about the libvir-list
mailing list