On a Wednesday in 2023, Michal Privoznik wrote:
For SGX type of memory, QEMU needs to open and talk to /dev/sgx_vepc and /dev/sgx_provision files. But we do not set nor restore SELinux labels on these files when starting a guest.Signed-off-by: Michal Privoznik <[email protected]> --- src/security/security_dac.c | 3 --- src/security/security_manager.h | 4 ++++ src/security/security_selinux.c | 24 ++++++++++++++++++++++-- 3 files changed, 26 insertions(+), 5 deletions(-)
Reviewed-by: Ján Tomko <[email protected]> Jano
signature.asc
Description: PGP signature
