mirror of
https://gitlab.com/libvirt/libvirt.git
synced 2024-07-11 12:25:52 +00:00
a15bab0c68
The base vfio has not much functionality but to provide a custom container by opening this path. See https://www.kernel.org/doc/Documentation/vfio.txt for more. Systems with static hostdevs will get /dev/vfio/vfio by virt-aa-hotplug right from the beginning. But if the guest initially had no hostdev at all it will run into the following deny before the security module labelling callbacks will make the actual vfio device (like /dev/vfio/93) known. Example of such a deny: [ 2652.756712] audit: type=1400 audit(1491303691.719:25): apparmor="DENIED" operation="open" profile="libvirt-17a61b87-5132-497c-b928-421ac2ee0c8a" name="/dev/vfio/vfio" pid=8486 comm="qemu-system-x86" requested_mask="wr" denied_mask="wr" fsuid=64055 ouid=0 Bug-Ubuntu: https://bugs.launchpad.net/bugs/1678322 Bug-Ubuntu: https://bugs.launchpad.net/bugs/1775777 Signed-off-by: Christian Ehrhardt <christian.ehrhardt@canonical.com> Signed-off-by: Stefan Bader <stefan.bader@canonical.com> Acked-by: Jamie Strandboge <jamie@canonical.com> Reviewed-by: Erik Skultety <eskultet@redhat.com> |
||
|---|---|---|
| .. | ||
| admin | ||
| apparmor | ||
| dominfo | ||
| dommigrate | ||
| domsuspend | ||
| domtop | ||
| hellolibvirt | ||
| lxcconvert | ||
| object-events | ||
| openauth | ||
| polkit | ||
| rename | ||
| systemtap | ||
| xml | ||
| Makefile.am | ||