Re: [libvirt] [PATCH 2/2] security: aa-helper: gl devices in sysfs at arbitrary depth

2019-03-06 Thread Christian Ehrhardt
On Tue, Mar 5, 2019 at 5:48 PM Jamie Strandboge wrote: > > On Tue, 05 Mar 2019, Christian Ehrhardt wrote: > > > Further testing with more devices showed that we sometimes have a > > different depth of pci device paths when accessing sysfs for device > > attributes. > > > > But since the access is

Re: [libvirt] [PATCH 2/2] security: aa-helper: gl devices in sysfs at arbitrary depth

2019-03-05 Thread Jamie Strandboge
On Tue, 05 Mar 2019, Christian Ehrhardt wrote: > Further testing with more devices showed that we sometimes have a > different depth of pci device paths when accessing sysfs for device > attributes. > > But since the access is limited to a set of filenames and read only it > is safe to use a wild

[libvirt] [PATCH 2/2] security: aa-helper: gl devices in sysfs at arbitrary depth

2019-03-05 Thread Christian Ehrhardt
Further testing with more devices showed that we sometimes have a different depth of pci device paths when accessing sysfs for device attributes. But since the access is limited to a set of filenames and read only it is safe to use a wildcard for that. Related apparmor denies - while we formerly