]> git.ipfire.org Git - thirdparty/libvirt.git/commitdiff
projects / thirdparty / libvirt.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 8d160b7)
apparmor: Allow locking AAVMF firmware
authorAndrea Bolognani <abologna@redhat.com>
Mon, 23 May 2022 08:31:02 +0000 (10:31 +0200)
committerAndrea Bolognani <abologna@redhat.com>
Mon, 23 May 2022 12:01:21 +0000 (14:01 +0200)
We already allow this for OVMF.

Closes: https://gitlab.com/libvirt/libvirt/-/issues/312
Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Martin Kletzander <mkletzan@redhat.com>
src/security/apparmor/libvirt-qemu patch | blob | blame | history

diff --git a/src/security/apparmor/libvirt-qemu b/src/security/apparmor/libvirt-qemu
index c29168da27e7347a2f0157f12b98386bbac7437b..02ee273e7e1eb84914bad1e168a4b3bed7ee0320 100644 (file)
--- a/src/security/apparmor/libvirt-qemu
+++ b/src/security/apparmor/libvirt-qemu
@@ -78,7 +78,7 @@
   /var/lib/dbus/machine-id r,
 
   # access to firmware's etc
-  /usr/share/AAVMF/** r,
+  /usr/share/AAVMF/** rk,
   /usr/share/bochs/** r,
   /usr/share/edk2-ovmf/** rk,
   /usr/share/kvm/** r,
Mirror of https://github.com/libvirt/libvirt.git