Re: [PATCH v2 6/8] secdrivers: Relabel firmware config files

Tuesday, 9 June 2020

On Thu, Jun 04, 2020 at 08:44:07PM +0200, Michal Privoznik wrote:
...
 For the case where -fw_cfg uses a file, we need to set the
 seclabels on it to allow QEMU the access. While QEMU allows
 writing into the file (if specified on the command line), so far
 we are enabling reading only and thus we can use read only label
 (in case of SELinux).

 Signed-off-by: Michal Privoznik <mprivozn(a)redhat.com&gt;
 ---
  src/security/security_dac.c     | 50 +++++++++++++++++++++++++++++++++
  src/security/security_selinux.c | 50 +++++++++++++++++++++++++++++++++
  src/security/virt-aa-helper.c   | 12 ++++++++
  3 files changed, 112 insertions(+) 
Reviewed-by: Daniel P. Berrangé <berrange(a)redhat.com&gt;

Regards,
Daniel
-- 
|: https://berrange.com      -o-    https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org         -o-            https://fstop138.berrange.com :|
|: https://entangle-photo.org    -o-    https://www.instagram.com/dberrange :|

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

Re: [PATCH v2 6/8] secdrivers: Relabel firmware config files