On 11/22/18 11:32 AM, Christian Ehrhardt wrote:
On Thu, Nov 22, 2018 at 11:27 AM Christian Ehrhardt <
christian.ehrhardt@xxxxxxxxxxxxx> wrote:
For vfio MDEVs we need to allow qemu the vfio access in apparmor.
This is extending the older fix 74e86b6b: "Fix apparmor profile
to make vfio pci passthrough work" which was for VFIO PCI
passthrough on static hostdevs to now also cover vfio MDEVs.
It is having the same limitations of the lifecycle at that time
being unable to detect the actual vfio device and therefore
adds a wildcars.
obviously wildcards - not afraid of bad traffic, but not worth a V2.
Fixed locally already as well as the first line which had the word "access"
twice.
Waiting for feedback to make a V2 with actual (not just commit words)
changes as needed.
Since the code changes except for vfio-ccw seem to be in line with the
ppa I tested already
Reviewed-by: Boris Fiuczynski <fiuczy@xxxxxxxxxxxxx>
P.S. @Boris as I know you are affected by missing this I you to CC on the
thread as well. Enjoy my typos :-/
I sure am! :)
--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list
--
Mit freundlichen Grüßen/Kind regards
Boris Fiuczynski
IBM Deutschland Research & Development GmbH
Vorsitzender des Aufsichtsrats: Martina Köderitz
Geschäftsführung: Dirk Wittkopp
Sitz der Gesellschaft: Böblingen
Registergericht: Amtsgericht Stuttgart, HRB 243294
--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list
