On Wed, Mar 21, 2018 at 10:22 PM, Christian Ehrhardt < [email protected]> wrote:
> So far users added manual rules for most of these uncommon devices, > but recent changes made some of the callbacks mandatory for hotplug > so we should take shot at implementing them as those callbacks as well > as for the initial start of a guest via virt-aa-helper. > > *Updates since v1* > - Set(Memory|Input)Label: remove seclabel check already done in > reload_profile > - virt-aa-helper: check pointers before accessing them > - add tests for new virt-aa-helper supported xml elements > - extend tests to check for expected content (new patch in series) > > *Updates since v2* > - Restore(Memory|Input)Label: drop secdef/relabel check > - Set(Memory|Input)Label: check more pointers to be valid before using > them > > *Updates since v3* > - added the Acked-by of Jamie Strandboge on patches 1-4 > - reuse the already existing tmpdir in virt-aa-helper-test for better > cleanup > > Christian Ehrhardt (5): > security, apparmor: add (Set|Restore)MemoryLabel > security, apparmor: add (Set|Restore)InputLabel > virt-aa-helper: generate rules for passthrough input devices > virt-aa-helper: generate rules for nvdimm memory > Rebased (no change), retested and pushed patches 1-4 being up a few days and having acks. > virt-aa-helper: test: check for expected profile content > Keeping this last one up for more review to either push or reiterate on it after more review. src/security/security_apparmor.c | 94 ++++++++++++++++++++++++++++++ > ++++++++++ > src/security/virt-aa-helper.c | 16 +++++++ > tests/virt-aa-helper-test | 87 ++++++++++++++++++++++-------- > ------- > 3 files changed, 163 insertions(+), 34 deletions(-) > > -- > 2.7.4 > > -- Christian Ehrhardt Software Engineer, Ubuntu Server Canonical Ltd
-- libvir-list mailing list [email protected] https://www.redhat.com/mailman/listinfo/libvir-list
