[PATCH] security_selinux: Set and restore /dev/sgx_* labels
Ján Tomko
jtomko at redhat.com
Mon Jan 9 02:53:19 UTC 2023
On a Wednesday in 2023, Michal Privoznik wrote:
>For SGX type of memory, QEMU needs to open and talk to
>/dev/sgx_vepc and /dev/sgx_provision files. But we do not set nor
>restore SELinux labels on these files when starting a guest.
>
>Signed-off-by: Michal Privoznik <mprivozn at redhat.com>
>---
> src/security/security_dac.c | 3 ---
> src/security/security_manager.h | 4 ++++
> src/security/security_selinux.c | 24 ++++++++++++++++++++++--
> 3 files changed, 26 insertions(+), 5 deletions(-)
>
Reviewed-by: Ján Tomko <jtomko at redhat.com>
Jano
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 228 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20230109/758faa96/attachment.sig>
More information about the libvir-list
mailing list