Commit - virt-ark/libvirt - 999998a7920c11a3c8969bba6e32714ea810508c

virt-ark / libvirt

`999998a` security, apparmor: add (Set|Restore)MemoryLabel

Authored and Committed by Christian Ehrhardt 6 years ago

raw patch tree parent

1 file changed. 46 lines added. 0 lines removed.

    security, apparmor: add (Set|Restore)MemoryLabel
    
    Recent changes have made implementing this mandatory to hot add any
    memory.
    Implementing this in apparmor fixes this as well as allows hot-add of nvdimm
    tpye memory with an nvdimmPath set generating a AppArmor rule for that
    path.
    
    Example hot adding:
      <memory model='nvdimm'>
        <source>
          <path>/tmp/nvdimm-test</path>
        </source>
        <target>
          <size unit='KiB'>524288</size>
          <node>0</node>
        </target>
      </memory>
    Creates now:
      "/tmp/nvdimm-test" rwk,
    
    Fixes: https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1755153
    
    Acked-by: Jamie Strandboge <jamie@canonical.com>
    Signed-off-by: Christian Ehrhardt <christian.ehrhardt@canonical.com>

src/security/security_apparmor.c

file modified

+46 -0

virt-ark / libvirt

Source Code

999998a security, apparmor: add (Set|Restore)MemoryLabel

Authored and Committed by Christian Ehrhardt 6 years ago

`999998a` security, apparmor: add (Set|Restore)MemoryLabel