libvirt/src/security
Christian Ehrhardt ac254f342f
virt-aa-helper: generate rules for nvdimm memory
nvdimm memory is backed by a path on the host. This currently works only via
hotplug where the AppArmor label is created via the domain label callbacks.

This adds the virt-aa-helper support for nvdimm memory devices to generate
rules for the needed paths from the initial guest definition as well.

Example in domain xml:
  <memory model='nvdimm'>
    <source>
      <path>/tmp/nvdimm-base</path>
    </source>
    <target>
     <size unit='KiB'>524288</size>
     <node>0</node>
    </target>
  </memory>
Works to start now and creates:
  "/tmp/nvdimm-base" rw,

Fixes: https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1757085

Acked-by: Jamie Strandboge <jamie@canonical.com>
Signed-off-by: Christian Ehrhardt <christian.ehrhardt@canonical.com>
2018-03-22 09:42:01 +01:00
..
Makefile.inc.am make: split security driver build rules into security/Makefile.inc.am 2018-03-05 17:12:01 +00:00
security_apparmor.c security, apparmor: add (Set|Restore)InputLabel 2018-03-22 09:42:01 +01:00
security_apparmor.h maint: fix up copyright notice inconsistencies 2012-09-20 16:30:55 -06:00
security_dac.c virSecurityDACChownListFree: Don't leak list->items array 2018-03-13 15:38:17 +01:00
security_dac.h security: add MANAGER_MOUNT_NAMESPACE flag 2017-09-12 12:27:42 -04:00
security_driver.c security: handle missing switch enum cases 2018-02-21 16:59:34 +00:00
security_driver.h security: full path option for DomainSetPathLabel 2018-01-09 17:29:52 +01:00
security_manager.c security: full path option for DomainSetPathLabel 2018-01-09 17:29:52 +01:00
security_manager.h security: full path option for DomainSetPathLabel 2018-01-09 17:29:52 +01:00
security_nop.c security: introduce virSecurityManager(Set|Restore)ChardevLabel 2017-12-05 13:54:48 +01:00
security_nop.h maint: fix up copyright notice inconsistencies 2012-09-20 16:30:55 -06:00
security_selinux.c security: full path option for DomainSetPathLabel 2018-01-09 17:29:52 +01:00
security_selinux.h maint: fix up copyright notice inconsistencies 2012-09-20 16:30:55 -06:00
security_stack.c security: full path option for DomainSetPathLabel 2018-01-09 17:29:52 +01:00
security_stack.h security: fix #endif comment in security_stack.h 2012-12-20 19:55:54 +01:00
virt-aa-helper.c virt-aa-helper: generate rules for nvdimm memory 2018-03-22 09:42:01 +01:00