[libvirt] [PATCH 0/4] apparmor fixes triggered by multi disk snapshots

Christian Ehrhardt posted 4 patches 4 years, 5 months ago
Test syntax-check passed
Patches applied successfully (tree, apply log)
git fetch https://github.com/patchew-project/libvirt tags/patchew/20191016142710.1217-1-christian.ehrhardt@canonical.com
src/security/security_apparmor.c | 52 +++++++-------------------------
src/security/virt-aa-helper.c    | 14 +++++----
2 files changed, 19 insertions(+), 47 deletions(-)
[libvirt] [PATCH 0/4] apparmor fixes triggered by multi disk snapshots
Posted by Christian Ehrhardt 4 years, 5 months ago
Hi,
the bugs [1][2] that made me debug into this actually only need the
last patch (one line), but while coming along I found several
opportunities for minor improvements of the apparmor code in libvirt.
But that way it became a 4 patch series around apparmor.

[1]: https://bugzilla.redhat.com/show_bug.cgi?id=1746684
[2]: https://bugs.launchpad.net/libvirt/+bug/1845506

Christian Ehrhardt (4):
  virt-aa-helper: clarify command line options
  apparmor: drop useless call to get_profile_name
  apparmor: refactor AppArmorSetSecurityImageLabel
  apparmor: let AppArmorSetSecurityImageLabel append rules

 src/security/security_apparmor.c | 52 +++++++-------------------------
 src/security/virt-aa-helper.c    | 14 +++++----
 2 files changed, 19 insertions(+), 47 deletions(-)

-- 
2.23.0

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH 0/4] apparmor fixes triggered by multi disk snapshots
Posted by Cole Robinson 4 years, 4 months ago
On 10/16/19 10:27 AM, Christian Ehrhardt wrote:
> Hi,
> the bugs [1][2] that made me debug into this actually only need the
> last patch (one line), but while coming along I found several
> opportunities for minor improvements of the apparmor code in libvirt.
> But that way it became a 4 patch series around apparmor.
> 
> [1]: https://bugzilla.redhat.com/show_bug.cgi?id=1746684
> [2]: https://bugs.launchpad.net/libvirt/+bug/1845506
> 
> Christian Ehrhardt (4):
>   virt-aa-helper: clarify command line options
>   apparmor: drop useless call to get_profile_name
>   apparmor: refactor AppArmorSetSecurityImageLabel
>   apparmor: let AppArmorSetSecurityImageLabel append rules
> 
>  src/security/security_apparmor.c | 52 +++++++-------------------------
>  src/security/virt-aa-helper.c    | 14 +++++----
>  2 files changed, 19 insertions(+), 47 deletions(-)
> 

Not runtime tested, but:

Reviewed-by: Cole Robinson <crobinso@redhat.com>

- Cole

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

Re: [libvirt] [PATCH 0/4] apparmor fixes triggered by multi disk snapshots
Posted by Christian Ehrhardt 4 years, 4 months ago
On Thu, Nov 14, 2019 at 1:23 AM Cole Robinson <crobinso@redhat.com> wrote:
>
> On 10/16/19 10:27 AM, Christian Ehrhardt wrote:
> > Hi,
> > the bugs [1][2] that made me debug into this actually only need the
> > last patch (one line), but while coming along I found several
> > opportunities for minor improvements of the apparmor code in libvirt.
> > But that way it became a 4 patch series around apparmor.
> >
> > [1]: https://bugzilla.redhat.com/show_bug.cgi?id=1746684
> > [2]: https://bugs.launchpad.net/libvirt/+bug/1845506
> >
> > Christian Ehrhardt (4):
> >   virt-aa-helper: clarify command line options
> >   apparmor: drop useless call to get_profile_name
> >   apparmor: refactor AppArmorSetSecurityImageLabel
> >   apparmor: let AppArmorSetSecurityImageLabel append rules
> >
> >  src/security/security_apparmor.c | 52 +++++++-------------------------
> >  src/security/virt-aa-helper.c    | 14 +++++----
> >  2 files changed, 19 insertions(+), 47 deletions(-)
> >
>
> Not runtime tested, but:
>
> Reviewed-by: Cole Robinson <crobinso@redhat.com>

Thank you,
I added the tag in my local series, but that is not worth a v2 submission.
Before pushing I'm still waiting for someone with apparmor experience
to take a look, just to be somewhat on the safe side.

> - Cole
>


--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

Re: [libvirt] [PATCH 0/4] apparmor fixes triggered by multi disk snapshots
Posted by Christian Ehrhardt 4 years, 4 months ago
On Thu, Nov 14, 2019 at 12:23 PM Christian Ehrhardt
<christian.ehrhardt@canonical.com> wrote:
>
> On Thu, Nov 14, 2019 at 1:23 AM Cole Robinson <crobinso@redhat.com> wrote:
> >
> > On 10/16/19 10:27 AM, Christian Ehrhardt wrote:
> > > Hi,
> > > the bugs [1][2] that made me debug into this actually only need the
> > > last patch (one line), but while coming along I found several
> > > opportunities for minor improvements of the apparmor code in libvirt.
> > > But that way it became a 4 patch series around apparmor.
> > >
> > > [1]: https://bugzilla.redhat.com/show_bug.cgi?id=1746684
> > > [2]: https://bugs.launchpad.net/libvirt/+bug/1845506
> > >
> > > Christian Ehrhardt (4):
> > >   virt-aa-helper: clarify command line options
> > >   apparmor: drop useless call to get_profile_name
> > >   apparmor: refactor AppArmorSetSecurityImageLabel
> > >   apparmor: let AppArmorSetSecurityImageLabel append rules
> > >
> > >  src/security/security_apparmor.c | 52 +++++++-------------------------
> > >  src/security/virt-aa-helper.c    | 14 +++++----
> > >  2 files changed, 19 insertions(+), 47 deletions(-)
> > >
> >
> > Not runtime tested, but:
> >
> > Reviewed-by: Cole Robinson <crobinso@redhat.com>
>
> Thank you,
> I added the tag in my local series, but that is not worth a v2 submission.
> Before pushing I'm still waiting for someone with apparmor experience
> to take a look, just to be somewhat on the safe side.

Thanks Jamie for also adding Review and Discusions.
Pushing this with your Ack/Review tags after a final build/check

> > - Cole
> >




--
Christian Ehrhardt
Staff Engineer, Ubuntu Server
Canonical Ltd


--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list