On Thu, Jul 04, 2024 at 01:13:36PM GMT, Michal Privoznik wrote: > When binary version of edk2 is distributed, the files reside > under /usr/share/edk2-ovmf as can be seen from Gentoo's ebuild > [1]. Allow virt-aa-helper to generate paths under that dir. > > 1: > https://gitweb.gentoo.org/repo/gentoo.git/tree/sys-firmware/edk2-ovmf-bin/edk2-ovmf-bin-202202.ebuild > Resolves: https://bugs.gentoo.org/911786 > Signed-off-by: Michal Privoznik <[email protected]> > --- > src/security/virt-aa-helper.c | 1 + > 1 file changed, 1 insertion(+) > > diff --git a/src/security/virt-aa-helper.c b/src/security/virt-aa-helper.c > index 402cbd9602..076b98a1d7 100644 > --- a/src/security/virt-aa-helper.c > +++ b/src/security/virt-aa-helper.c > @@ -475,6 +475,7 @@ valid_path(const char *path, const bool readonly) > "/initrd", > "/initrd.img", > "/usr/share/edk2/", > + "/usr/share/edk2-ovmf/", > "/usr/share/OVMF/", /* for OVMF images */ > "/usr/share/ovmf/", /* for OVMF images */ > "/usr/share/AAVMF/", /* for AAVMF images */
For consistency with existing entries, you could add a /* for OVMF images */ comment to the right. Either way, Reviewed-by: Andrea Bolognani <[email protected]> -- Andrea Bolognani / Red Hat / Virtualization
