9 Jan
2023
9 Jan
'23
2:53 a.m.
On a Wednesday in 2023, Michal Privoznik wrote:
For SGX type of memory, QEMU needs to open and talk to /dev/sgx_vepc and /dev/sgx_provision files. But we do not set nor restore SELinux labels on these files when starting a guest.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com> --- src/security/security_dac.c | 3 --- src/security/security_manager.h | 4 ++++ src/security/security_selinux.c | 24 ++++++++++++++++++++++-- 3 files changed, 26 insertions(+), 5 deletions(-)
Reviewed-by: Ján Tomko <jtomko@redhat.com> Jano