[PATCH] virt-aa-helper: Allow swtpm to fsync on dir
Michal Prívozník
mprivozn at redhat.com
Wed Jul 14 11:33:15 UTC 2021
On 7/14/21 9:13 AM, Michal Prívozník wrote:
> On 7/13/21 8:38 PM, Stefan Berger wrote:
>> Allow swtpm (0.7.0 or later) to fsync on the directory where it writes
>> its state files into so that "the entry in the directory containing the
>> file has also reached disk" (fsync(2)).
>>
>> Signed-off-by: Stefan Berger <stefanb at linux.ibm.com>
>> ---
>> src/security/virt-aa-helper.c | 5 ++++-
>> 1 file changed, 4 insertions(+), 1 deletion(-)
>>
>> diff --git a/src/security/virt-aa-helper.c b/src/security/virt-aa-helper.c
>> index 52cfebf6e0..e21557c810 100644
>> --- a/src/security/virt-aa-helper.c
>> +++ b/src/security/virt-aa-helper.c
>> @@ -1250,8 +1250,11 @@ get_files(vahControl * ctl)
>> " \"%s/libvirt/qemu/swtpm/%s-swtpm.sock\" rw,\n",
>> RUNSTATEDIR, shortName);
>> /* Paths for swtpm to use: give it access to its state
>> - * directory, log, and PID files.
>> + * directory (state files and fsync on dir), log, and PID files.
>> */
>> + virBufferAsprintf(&buf,
>> + " \"%s/lib/libvirt/swtpm/%s/%s/\" r,\n",
>> + LOCALSTATEDIR, uuidstr, tpmpath);
>> virBufferAsprintf(&buf,
>> " \"%s/lib/libvirt/swtpm/%s/%s/**\" rwk,\n",
>> LOCALSTATEDIR, uuidstr, tpmpath);
>>
>
> Reviewed-by: Michal Privoznik <mprivozn at redhat.com>
>
Just realized that you might not have commit access after we switched to
gitlab. So I went ahead and pushed this for you.
Michal
More information about the libvir-list
mailing list