On 08/11/2018 02:10 AM, Stefan Berger wrote: > On 08/10/2018 06:21 PM, Paul Moore wrote: >> On Thu, Aug 9, 2018 at 3:00 PM Stefan Berger >> <stefanb@xxxxxxxxxxxxxxxxxx> wrote: >>> Hello! >>> >>> I am the maintainer of 'swtpm', which is a TPM 1.2 & 2 emulator for >>> QEMU. 'swtpm' is started by libvirt as part of starting a QEMU VM with >>> an attached TPM. >>> >>> The plan is to have swtpm packaged and made available as part of >>> Fedora. I am wondering how to go about having the Fedora SELinux policy, >>> particularly sVirt, extended for support of swtpm? I have played around >>> with SELinux support for sVirt myself. I had to adapt it depending on >>> the version of Fedora I was using. >>> >>> Here are some of the files I have used: >>> >>> https://github.com/stefanberger/swtpm/tree/tpm2-preview.v2/src/selinux >>> >>> Particularly this one here may be of interest: >>> https://github.com/stefanberger/swtpm/blob/tpm2-preview.v2/src/selinux/swtpm_svirt.te >>> >> A quick note for the mailing list archives, and to let everyone know >> that Stefan isn't being ignored :) ... Lukas and Stefan have been in >> touch and they are working on how to best support swtpm in Fedora; I'm >> sure they will have it sorted out in a few weeks. > > Lukas is out, I will be out, so this can rest for a while. > Hi, I'm back from my PTO, feel free to contact me when you'll be back. THanks, Lukas. > Thanks, > Stefan >> > -- Lukas Vrabec Software Engineer, Security Technologies Red Hat, Inc.
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________ selinux mailing list -- selinux@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to selinux-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/selinux@xxxxxxxxxxxxxxxxxxxxxxx/message/R6HB3VX235H6LGCS7WMTFQHSPWJXLEKH/
