So far users added manual rules for most of these uncommon devices, but recent changes made some of the callbacks mandatory for hotplug so we should take shot at implementing them as those callbacks as well as for the initial start of a guest via virt-aa-helper. *Updates since v1* - Set(Memory|Input)Label: remove seclabel check already done in reload_profile - virt-aa-helper: check pointers before accessing them - add tests for new virt-aa-helper supported xml elements - extend tests to check for expected content (new patch in series) *Updates since v2* - Restore(Memory|Input)Label: drop secdef/relabel check - Set(Memory|Input)Label: check more pointers to be valid before using them *Updates since v3* - added the Acked-by of Jamie Strandboge on patches 1-4 - reuse the already existing tmpdir in virt-aa-helper-test for better cleanup Christian Ehrhardt (5): security, apparmor: add (Set|Restore)MemoryLabel security, apparmor: add (Set|Restore)InputLabel virt-aa-helper: generate rules for passthrough input devices virt-aa-helper: generate rules for nvdimm memory virt-aa-helper: test: check for expected profile content src/security/security_apparmor.c | 94 ++++++++++++++++++++++++++++++++++++++++ src/security/virt-aa-helper.c | 16 +++++++ tests/virt-aa-helper-test | 87 ++++++++++++++++++++++--------------- 3 files changed, 163 insertions(+), 34 deletions(-) -- 2.7.4 -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list
