On a Tuesday in 2025, Michal Privoznik wrote:
If SGX memory model is configured for domain then we need to allow QEMU access some additional files: 1) /dev/sgx_vepc needs to be RW 2) /dev/sgx_provision needs to be RO We already do this in SELinux driver but not in AppArmor. Resolves: https://gitlab.com/libvirt/libvirt/-/issues/751 Signed-off-by: Michal Privoznik <mprivozn@xxxxxxxxxx> --- I've tested this successfully on my ubuntu machine. src/security/virt-aa-helper.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-)
Reviewed-by: Ján Tomko <jtomko@xxxxxxxxxx> Jano
Attachment:
signature.asc
Description: PGP signature
