"denied null" AVCs from qemu-kvm with latest rawhide policy

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Running the latest Fedora rawhide policy packages
(selinux-policy-targeted-3.6.2-2.fc11.noarch,
selinux-policy-3.6.2-2.fc11.noarch), I observe the following "null"
AVCs reported in /var/log/Xorg.0.log:


(WW) avc:  denied  null for request=X11:MapWindow comm=qemu-kvm
xdevice="Virtual core keyboard"
scontext=unconfined_u:unconfined_r:qemu_t:s0-s0:c0.c1023
tcontext=system_u:system_r:xserver_t:s0-s0:c0.c1023 tclass=x_device
exaCopyDirty: Pending damage region empty!
(WW) avc:  denied  null for request=X11:GetInputFocus comm=qemu-kvm
xdevice="Virtual core keyboard"
scontext=unconfined_u:unconfined_r:qemu_t:s0-s0:c0.c1023
tcontext=system_u:system_r:xserver_t:s0-s0:c0.c1023 tclass=x_device
(WW) avc:  denied  null for request=X11:GetInputFocus comm=qemu-kvm
xdevice="Virtual core keyboard"
scontext=unconfined_u:unconfined_r:qemu_t:s0-s0:c0.c1023
tcontext=system_u:system_r:xserver_t:s0-s0:c0.c1023 tclass=x_device
(WW) avc:  denied  null for request=X11:QueryPointer comm=qemu-kvm
xdevice="Virtual core keyboard"
scontext=unconfined_u:unconfined_r:qemu_t:s0-s0:c0.c1023
tcontext=system_u:system_r:xserver_t:s0-s0:c0.c1023 tclass=x_device
(WW) avc:  denied  null for request=X11:GetInputFocus comm=qemu-kvm
xdevice="Virtual core keyboard"
scontext=unconfined_u:unconfined_r:qemu_t:s0-s0:c0.c1023
tcontext=system_u:system_r:xserver_t:s0-s0:c0.c1023 tclass=x_device
(WW) avc:  denied  null for request=X11:GetInputFocus comm=qemu-kvm
xdevice="Virtual core keyboard"
scontext=unconfined_u:unconfined_r:qemu_t:s0-s0:c0.c1023
tcontext=system_u:system_r:xserver_t:s0-s0:c0.c1023 tclass=x_device
(WW) avc:  denied  null for request=X11:GetInputFocus comm=qemu-kvm
xdevice="Virtual core keyboard"
scontext=unconfined_u:unconfined_r:qemu_t:s0-s0:c0.c1023
tcontext=system_u:system_r:xserver_t:s0-s0:c0.c1023 tclass=x_device
(WW) avc:  denied  null for request=X11:GetInputFocus comm=qemu-kvm
xdevice="Virtual core keyboard"
scontext=unconfined_u:unconfined_r:qemu_t:s0-s0:c0.c1023
tcontext=system_u:system_r:xserver_t:s0-s0:c0.c1023 tclass=x_device
(WW) avc:  denied  null for request=X11:GetInputFocus comm=qemu-kvm
xdevice="Virtual core keyboard"
scontext=unconfined_u:unconfined_r:qemu_t:s0-s0:c0.c1023
tcontext=system_u:system_r:xserver_t:s0-s0:c0.c1023 tclass=x_device
(WW) avc:  denied  null for request=X11:GetInputFocus comm=qemu-kvm
xdevice="Virtual core keyboard"
scontext=unconfined_u:unconfined_r:qemu_t:s0-s0:c0.c1023
tcontext=system_u:system_r:xserver_t:s0-s0:c0.c1023 tclass=x_device
(WW) avc:  denied  null for request=X11:GetInputFocus comm=qemu-kvm
xdevice="Virtual core keyboard"
scontext=unconfined_u:unconfined_r:qemu_t:s0-s0:c0.c1023
tcontext=system_u:system_r:xserver_t:s0-s0:c0.c1023 tclass=x_device
(WW) avc:  denied  null for request=X11:GetInputFocus comm=qemu-kvm
xdevice="Virtual core keyboard"
scontext=unconfined_u:unconfined_r:qemu_t:s0-s0:c0.c1023
tcontext=system_u:system_r:xserver_t:s0-s0:c0.c1023 tclass=x_device
(WW) avc:  denied  null for request=X11:GetInputFocus comm=qemu-kvm
xdevice="Virtual core keyboard"
scontext=unconfined_u:unconfined_r:qemu_t:s0-s0:c0.c1023
tcontext=system_u:system_r:xserver_t:s0-s0:c0.c1023 tclass=x_device

Doesn't appear that they affect the running process (qemu-kvm, in this case).

What are they and does something need to be adjusted?

Thanks,
   tom
-- 
Tom London

--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with
the words "unsubscribe selinux" without quotes as the message.
[Index of Archives]     [Selinux Refpolicy]     [Linux SGX]     [Fedora Users]     [Fedora Desktop]     [Yosemite Photos]     [Yosemite Camping]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux