[libvirt] [PATCH 0/2] Apparmor PCI passthrough fixes - Devel - libvirt List Archives

newer
[libvirt] [PATCH] rng: fix port...

[libvirt] [PATCH 0/2] Apparmor PCI passthrough fixes

older
[libvirt] [PATCH] util: string:...

Cédric Bosdonnat

23 Apr 2015 23 Apr '15

9:38 a.m.

Hi all, These two simple patches intend to fix apparmor profiles for PCI passthrough with the qemu driver. Cédric Bosdonnat (2): Allow access to vendor and device file for PCI device passthrough Apparmor: allow reading block-rbd.so examples/apparmor/libvirt-qemu | 1 + src/util/virpci.c | 4 +++- 2 files changed, 4 insertions(+), 1 deletion(-) -- 2.1.4

Reply

Sign in to reply online Use email software

Show replies by date

Cédric Bosdonnat

23 Apr 23 Apr

9:38 a.m.

New subject: [libvirt] [PATCH 1/2] Allow access to vendor and device file for PCI device passthrough

For some devices, the $PCIDIR/vendor and $PCIDIR/device need to be read. Iterate over them to get them as well in the the generated apparmor profile. --- src/util/virpci.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/src/util/virpci.c b/src/util/virpci.c index 512e839..cf2a253 100644 --- a/src/util/virpci.c +++ b/src/util/virpci.c @@ -1955,11 +1955,13 @@ int virPCIDeviceFileIterate(virPCIDevicePtr dev, while ((direrr = virDirRead(dir, &ent, pcidir)) > 0) { /* Device assignment requires: * $PCIDIR/config, $PCIDIR/resource, $PCIDIR/resourceNNN, - * $PCIDIR/rom, $PCIDIR/reset + * $PCIDIR/rom, $PCIDIR/reset, $PCIDIR/vendor, $PCIDIR/device */ if (STREQ(ent->d_name, "config") || STRPREFIX(ent->d_name, "resource") || STREQ(ent->d_name, "rom") || + STREQ(ent->d_name, "vendor") || + STREQ(ent->d_name, "device") || STREQ(ent->d_name, "reset")) { if (virAsprintf(&file, "%s/%s", pcidir, ent->d_name) < 0) goto cleanup; -- 2.1.4

Reply

Sign in to reply online Use email software

Cédric Bosdonnat

9:38 a.m.

New subject: [libvirt] [PATCH 2/2] Apparmor: allow reading block-rbd.so

--- examples/apparmor/libvirt-qemu | 1 + 1 file changed, 1 insertion(+) diff --git a/examples/apparmor/libvirt-qemu b/examples/apparmor/libvirt-qemu index 4f0bb1b..c80ece7 100644 --- a/examples/apparmor/libvirt-qemu +++ b/examples/apparmor/libvirt-qemu @@ -114,6 +114,7 @@ /usr/bin/qemu-sparc64 rmix, /usr/bin/qemu-x86_64 rmix, /usr/{lib,lib64}/qemu/block-curl.so mr, + /usr/{lib,lib64}/qemu/block-rbd.so mr, # for save and resume /bin/dash rmix, -- 2.1.4

Reply

Sign in to reply online Use email software

Michal Privoznik

11:28 a.m.

On 23.04.2015 09:38, Cédric Bosdonnat wrote:

Hi all,

These two simple patches intend to fix apparmor profiles for PCI passthrough with the qemu driver.

Cédric Bosdonnat (2): Allow access to vendor and device file for PCI device passthrough Apparmor: allow reading block-rbd.so

examples/apparmor/libvirt-qemu | 1 + src/util/virpci.c | 4 +++- 2 files changed, 4 insertions(+), 1 deletion(-)

ACK to both. Michal

Reply

Sign in to reply online Use email software

3796

Age (days ago)

3796

Last active (days ago)

Download

3 comments

2 participants

tags

participants (2)

Cédric Bosdonnat
Michal Privoznik