[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [libvirt] [PATCH v2] security: aa-helper: fix static defined vfio MDEVs



On Thu, Nov 22, 2018 at 01:55:02PM +0100, Christian Ehrhardt wrote:
> virt-aa-helper needs to grant QEMU access to VFIO MDEV devices.
>
> This extends commit 74e86b6b which only covered PCI hostdevs for VFIO-PCI
> assignment by now also covering vfio MDEVs.
> It has still the same limitations regarding the device lifecycle, IOW we're
> unable to predict the actual VFIO device being created, thus we need
> wildcards.
>
> Also note that the hotplug case, where apparmor is able to detect the actual
> VFIO device during runtime, is already covered by commit 606afafb.
>
> Signed-off-by: Christian Ehrhardt <christian ehrhardt canonical com>
> Reviewed-by: Erik Skultety <eskultet redhat com>
> Reviewed-by: Boris Fiuczynski <fiuczy linux ibm com>
> ---

I'm sorry if I sounded like I need to see a v2, I just wanted to give other
people time to look at it too before I merge it.
Anyhow, I merged the patch.

Thanks,
Erik


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]