[libvirt] [PATCH 0/4] Apparmor support for less common devices

Christian Ehrhardt christian.ehrhardt at canonical.com
Tue Mar 20 12:08:17 UTC 2018


So far users added manual rules for most of these uncommon devices,
but recent changes made some of the callbacks mandatory for hotplug
so we should take shot at implementing them as those callbacks as well
as for the initial start of a guest via virt-aa-helper.

Christian Ehrhardt (4):
  security, apparmor: add (Set|Restore)MemoryLabel
  security, apparmor: add (Set|Restore)InputLabel
  virt-aa-helper: generate rules for passthrough input devices
  virt-aa-helper: generate rules for nvdimm memory

 src/security/security_apparmor.c | 101 +++++++++++++++++++++++++++++++++++++++
 src/security/virt-aa-helper.c    |  14 ++++++
 2 files changed, 115 insertions(+)

-- 
2.7.4




More information about the libvir-list mailing list