On Thu, Nov 22, 2018 at 11:27 AM Christian Ehrhardt < christian.ehrhardt@canonical.com> wrote:
For vfio MDEVs we need to allow qemu the vfio access in apparmor.
This is extending the older fix 74e86b6b: "Fix apparmor profile to make vfio pci passthrough work" which was for VFIO PCI passthrough on static hostdevs to now also cover vfio MDEVs. It is having the same limitations of the lifecycle at that time being unable to detect the actual vfio device and therefore adds a wildcars.
obviously wildcards - not afraid of bad traffic, but not worth a V2. Fixed locally already as well as the first line which had the word "access" twice.
Waiting for feedback to make a V2 with actual (not just commit words) changes as needed. Since the code changes except for vfio-ccw seem to be in line with the
On 11/22/18 11:32 AM, Christian Ehrhardt wrote: ppa I tested already Reviewed-by: Boris Fiuczynski <fiuczy@linux.ibm.com>
P.S. @Boris as I know you are affected by missing this I you to CC on the thread as well. Enjoy my typos :-/
I sure am! :)
-- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
-- Mit freundlichen Grüßen/Kind regards Boris Fiuczynski IBM Deutschland Research & Development GmbH Vorsitzender des Aufsichtsrats: Martina Köderitz Geschäftsführung: Dirk Wittkopp Sitz der Gesellschaft: Böblingen Registergericht: Amtsgericht Stuttgart, HRB 243294