Re: [libvirt] [PATCH] security: Add swtpm paths to the domain's AppArmor profile

This patch extends the AppArmor domain profile with file paths the swtpm accesses for state, log, pid, and socket files. Both, QEMU and swtpm, use this AppArmor profile. Signed-off-by: Stefan Berger <stefanb(a)linux.vnet.ibm.com&gt; Cc: Christian Ehrhardt <christian.ehrhardt(a)canonical.com&gt; --- examples/apparmor/libvirt-qemu | 5 +++++ src/security/virt-aa-helper.c | 45 ++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 50 insertions(+)