1. Patchew
  2. Libvirt
  3. View series

[libvirt] [PATCH v2 0/4] apparmor: implement more domain callbacks

Christian Ehrhardt posted 4 patches 6 years, 3 months ago
Patches applied successfully (tree, apply log)
git fetch https://github.com/patchew-project/libvirt tags/patchew/1515510245-21171-1-git-send-email-christian.ehrhardt@canonical.com
src/qemu/qemu_domain.c           |  2 +-
src/qemu/qemu_process.c          |  4 +-
src/security/security_apparmor.c | 96 ++++++++++++++++++++++++++++++++++++++++
src/security/security_dac.c      |  3 +-
src/security/security_driver.h   |  3 +-
src/security/security_manager.c  |  5 ++-
src/security/security_manager.h  | 16 ++++++-
src/security/security_selinux.c  |  3 +-
src/security/security_stack.c    |  5 ++-
src/security/virt-aa-helper.c    |  2 -
10 files changed, 125 insertions(+), 14 deletions(-)
[libvirt] [PATCH v2 0/4] apparmor: implement more domain callbacks
Posted by Christian Ehrhardt 6 years, 3 months ago 
Based on a discussion in [1] I found that the AppArmor security
module lacked some callbacks. Implementing those not only fixes
the issue I had before but will also cover a few more cases I
didn't even run into so far.

[1]: https://www.redhat.com/archives/libvir-list/2017-December/msg00726.html

*Updates in V2 due to feedback on V1*
 - variable name changes and documentation for full path option
 - syntax improvement in (Set|Restore)ChardevLabel

Christian Ehrhardt (4):
  security, apparmor: implement domainSetPathLabel
  security: full path option for DomainSetPathLabel
  security, apparmor: add (Set|Restore)ChardevLabel
  apparmor, virt-aa-helper: drop static channel rule

 src/qemu/qemu_domain.c           |  2 +-
 src/qemu/qemu_process.c          |  4 +-
 src/security/security_apparmor.c | 96 ++++++++++++++++++++++++++++++++++++++++
 src/security/security_dac.c      |  3 +-
 src/security/security_driver.h   |  3 +-
 src/security/security_manager.c  |  5 ++-
 src/security/security_manager.h  | 16 ++++++-
 src/security/security_selinux.c  |  3 +-
 src/security/security_stack.c    |  5 ++-
 src/security/virt-aa-helper.c    |  2 -
 10 files changed, 125 insertions(+), 14 deletions(-)

-- 
2.7.4

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH v2 0/4] apparmor: implement more domain callbacks
Posted by Michal Privoznik 6 years, 3 months ago 
On 01/09/2018 04:04 PM, Christian Ehrhardt wrote:
> Based on a discussion in [1] I found that the AppArmor security
> module lacked some callbacks. Implementing those not only fixes
> the issue I had before but will also cover a few more cases I
> didn't even run into so far.
> 
> [1]: https://www.redhat.com/archives/libvir-list/2017-December/msg00726.html
> 
> *Updates in V2 due to feedback on V1*
>  - variable name changes and documentation for full path option
>  - syntax improvement in (Set|Restore)ChardevLabel
> 
> Christian Ehrhardt (4):
>   security, apparmor: implement domainSetPathLabel
>   security: full path option for DomainSetPathLabel
>   security, apparmor: add (Set|Restore)ChardevLabel
>   apparmor, virt-aa-helper: drop static channel rule
> 
>  src/qemu/qemu_domain.c           |  2 +-
>  src/qemu/qemu_process.c          |  4 +-
>  src/security/security_apparmor.c | 96 ++++++++++++++++++++++++++++++++++++++++
>  src/security/security_dac.c      |  3 +-
>  src/security/security_driver.h   |  3 +-
>  src/security/security_manager.c  |  5 ++-
>  src/security/security_manager.h  | 16 ++++++-
>  src/security/security_selinux.c  |  3 +-
>  src/security/security_stack.c    |  5 ++-
>  src/security/virt-aa-helper.c    |  2 -
>  10 files changed, 125 insertions(+), 14 deletions(-)
> 


Usually we send v2 as new patch set and not a reply to v1. It avoids
having long threads.

I've fixed 2/4, ACKed and pushed.

Michal

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

Patchew 2.1-devel-0870f84

© 2016 - 2024 Red Hat, Inc.