subject:"\[libvirt\] \[PATCH\] virt\-aa\-helper\: add NVRAM store file for read\/write"

Re: [libvirt] [PATCH] virt-aa-helper: add NVRAM store file for read/write

2015-08-26 Thread Cedric Bosdonnat

On Fri, 2015-08-21 at 11:01 +0200, Guido Günther wrote:
 Hi,
 On Thu, Aug 20, 2015 at 10:58:59AM -0700, Peter Kieser wrote:
  Some UEFI firmwares may want to use a non-volatile memory to store some
  variables.
  If AppArmor is enabled, and NVRAM store file is set currently virt-aa-helper
  does
  not add the NVRAM store file to the template. Add this file for read/write
  when
  this functionality is defined in domain XML.
 
 I'm not an export on apparmor things but it makes sense to me.
 ACK

ACK from me too. Just pushed it.
--
Cedric

 Cheers,
 -- Guido
 
  
  Signed-off-by: Peter Kieser pe...@kieser.ca
  ---
   src/security/virt-aa-helper.c | 4 
   1 file changed, 4 insertions(+)
  
  diff --git a/src/security/virt-aa-helper.c b/src/security/virt-aa-helper.c
  index 4ce1e7a..2f93172 100644
  --- a/src/security/virt-aa-helper.c
  +++ b/src/security/virt-aa-helper.c
  @@ -1047,6 +1047,10 @@ get_files(vahControl * ctl)
   if (vah_add_file(buf, ctl-def-os.loader-path, r) != 0)
   goto cleanup;
  
  +if (ctl-def-os.loader  ctl-def-os.loader-nvram)
  +if (vah_add_file(buf, ctl-def-os.loader-nvram, rw) != 0)
  +goto cleanup;
  +
   for (i = 0; i  ctl-def-ngraphics; i++) {
   if (ctl-def-graphics[i]-type == VIR_DOMAIN_GRAPHICS_TYPE_VNC 
   ctl-def-graphics[i]-data.vnc.socket 
  
  
 
 
 
  --
  libvir-list mailing list
  libvir-list@redhat.com
  https://www.redhat.com/mailman/listinfo/libvir-list
 
 --
 libvir-list mailing list
 libvir-list@redhat.com
 https://www.redhat.com/mailman/listinfo/libvir-list
 


--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

Re: [libvirt] [PATCH] virt-aa-helper: add NVRAM store file for read/write

2015-08-21 Thread Guido Günther

Hi,
On Thu, Aug 20, 2015 at 10:58:59AM -0700, Peter Kieser wrote:
 Some UEFI firmwares may want to use a non-volatile memory to store some
 variables.
 If AppArmor is enabled, and NVRAM store file is set currently virt-aa-helper
 does
 not add the NVRAM store file to the template. Add this file for read/write
 when
 this functionality is defined in domain XML.

I'm not an export on apparmor things but it makes sense to me.
ACK

Cheers,
-- Guido

 
 Signed-off-by: Peter Kieser pe...@kieser.ca
 ---
  src/security/virt-aa-helper.c | 4 
  1 file changed, 4 insertions(+)
 
 diff --git a/src/security/virt-aa-helper.c b/src/security/virt-aa-helper.c
 index 4ce1e7a..2f93172 100644
 --- a/src/security/virt-aa-helper.c
 +++ b/src/security/virt-aa-helper.c
 @@ -1047,6 +1047,10 @@ get_files(vahControl * ctl)
  if (vah_add_file(buf, ctl-def-os.loader-path, r) != 0)
  goto cleanup;
 
 +if (ctl-def-os.loader  ctl-def-os.loader-nvram)
 +if (vah_add_file(buf, ctl-def-os.loader-nvram, rw) != 0)
 +goto cleanup;
 +
  for (i = 0; i  ctl-def-ngraphics; i++) {
  if (ctl-def-graphics[i]-type == VIR_DOMAIN_GRAPHICS_TYPE_VNC 
  ctl-def-graphics[i]-data.vnc.socket 
 
 



 --
 libvir-list mailing list
 libvir-list@redhat.com
 https://www.redhat.com/mailman/listinfo/libvir-list

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

[libvirt] [PATCH] virt-aa-helper: add NVRAM store file for read/write

2015-08-20 Thread Peter Kieser

Some UEFI firmwares may want to use a non-volatile memory to store some 
variables.
If AppArmor is enabled, and NVRAM store file is set currently 
virt-aa-helper does
not add the NVRAM store file to the template. Add this file for 
read/write when

this functionality is defined in domain XML.

Signed-off-by: Peter Kieser pe...@kieser.ca
---
 src/security/virt-aa-helper.c | 4 
 1 file changed, 4 insertions(+)

diff --git a/src/security/virt-aa-helper.c b/src/security/virt-aa-helper.c
index 4ce1e7a..2f93172 100644
--- a/src/security/virt-aa-helper.c
+++ b/src/security/virt-aa-helper.c
@@ -1047,6 +1047,10 @@ get_files(vahControl * ctl)
 if (vah_add_file(buf, ctl-def-os.loader-path, r) != 0)
 goto cleanup;

+if (ctl-def-os.loader  ctl-def-os.loader-nvram)
+if (vah_add_file(buf, ctl-def-os.loader-nvram, rw) != 0)
+goto cleanup;
+
 for (i = 0; i  ctl-def-ngraphics; i++) {
 if (ctl-def-graphics[i]-type == VIR_DOMAIN_GRAPHICS_TYPE_VNC 
 ctl-def-graphics[i]-data.vnc.socket 




smime.p7s
Description: S/MIME Cryptographic Signature
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

Re: [libvirt] [PATCH] virt-aa-helper: add NVRAM store file for read/write

Re: [libvirt] [PATCH] virt-aa-helper: add NVRAM store file for read/write

[libvirt] [PATCH] virt-aa-helper: add NVRAM store file for read/write

3 matches

Site Navigation

Mail list logo

Footer information