Re: [libvirt] [PATCH v2] Fix apparmor profile to make vfio pci passthrough work
On 03/25/2014 03:27 PM, Serge Hallyn wrote:
Quoting Cedric Bosdonnat (cbosdonnat(a)suse.com):
> On Tue, 2014-03-25 at 10:40 -0500, Serge Hallyn wrote:
>> Quoting Cédric Bosdonnat (cbosdonnat(a)suse.com):
>>> See lp#1276719 for the bug description. As virt-aa-helper doesn't know
>>> the VFIO groups to use for the guest, allow access to all
>>> /dev/vfio/[0-9]* and /dev/vfio/vfio files if there is a potential need
>>> for vfio
>>> ---
>>
>> Thanks, Cédric! Looks good to me. Still needs a signed-off-by from you
>> (I assume), but
>>
>> Acked-by: Serge E. Hallyn <serge.hallyn(a)ubuntu.com>
>
> I wasn't aware I needed to sign-off my patches, but I can resubmit with
> it ;)
Actually it looks like I'm wrong, libvirt doesn't require them:
http://libvirt.org/hacking.html (point 3)
I've pushed this patch to ppa:ubuntu-virt/candidate, which is meant to
go into trusty when qemu 2.0 is released.
+ if (needsVfio) {
+ virBufferAsprintf(&buf, " /dev/vfio/vfio rw,\n");
+ virBufferAsprintf(&buf, " /dev/vfio/[0-9]* rw,\n");
virBufferAsprintf should only be used with % format strings. This fails
'make syntax-check':
prohibit_virBufferAsprintf_with_string_literal
src/security/virt-aa-helper.c:1107: virBufferAsprintf(&buf, "
/dev/vfio/vfio rw,\n");
src/security/virt-aa-helper.c:1108: virBufferAsprintf(&buf, "
/dev/vfio/[0-9]* rw,\n");
maint.mk: use virBufferAddLit, not virBufferAsprintf, with a string literal
I made the obvious change, and pushed in time for 1.2.3.
--
Eric Blake eblake redhat com +1-919-301-3266
Libvirt virtualization library http://libvirt.org
Attachments:
- signature.asc (application/pgp-signature — 604 bytes)