On Thu, 2023-04-13 at 16:35 +0200, Michal Prívozník wrote:
> On 4/1/23 02:42, Eric Farman wrote:
> > Commit dbf1f68410 ("security: do not remember/recall labels for
> > VFIO")
> > rightly changed the DAC and SELinux labeling parameters to fix a
> > problem
> > with "VFIO hostdevs" but really only
On 4/1/23 02:42, Eric Farman wrote:
> Commit dbf1f68410 ("security: do not remember/recall labels for VFIO")
> rightly changed the DAC and SELinux labeling parameters to fix a problem
> with "VFIO hostdevs" but really only addressed the PCI codepaths.
> As a result, we can still encounter this
On Sat, 2023-04-01 at 02:42 +0200, Eric Farman wrote:
> Commit dbf1f68410 ("security: do not remember/recall labels for
> VFIO")
> rightly changed the DAC and SELinux labeling parameters to fix a
> problem
> with "VFIO hostdevs" but really only addressed the PCI codepaths.
> As a result, we can
Commit dbf1f68410 ("security: do not remember/recall labels for VFIO")
rightly changed the DAC and SELinux labeling parameters to fix a problem
with "VFIO hostdevs" but really only addressed the PCI codepaths.
As a result, we can still encounter this with VFIO MDEVs such as
vfio-ccw and vfio-ap,