From: Michal Privoznik <mprivozn@redhat.com>
Date: Wed, 26 Jul 2023 10:36:08 +0000 (+0200)
Subject: virt-aa-helper: Set label on VIRTIO_PMEM device too
X-Git-Tag: v9.7.0-rc1~52
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=f9dcf98bbddaf8921afd5f0bc804d231cfc1b80c;p=thirdparty%2Flibvirt.git

virt-aa-helper: Set label on VIRTIO_PMEM device too

Conceptually, from host POV there's no difference between NVDIMM
and VIRTIO_PMEM. Both expose a file to the guest (which is used
as a permanent storage). Other secdriver treat NVDIMM and
VIRTIO_PMEM the same. Thus, modify virt-aa-helper so that is
appends virtio-pmem backing path into the domain profile too.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
---

diff --git a/src/security/virt-aa-helper.c b/src/security/virt-aa-helper.c
index a0c76d24a8..23e3dba7f5 100644
--- a/src/security/virt-aa-helper.c
+++ b/src/security/virt-aa-helper.c
@@ -1151,11 +1151,11 @@ get_files(vahControl * ctl)
 
         switch (mem->model) {
         case VIR_DOMAIN_MEMORY_MODEL_NVDIMM:
+        case VIR_DOMAIN_MEMORY_MODEL_VIRTIO_PMEM:
             if (vah_add_file(&buf, mem->nvdimmPath, "rw") != 0)
                 goto cleanup;
             break;
         case VIR_DOMAIN_MEMORY_MODEL_DIMM:
-        case VIR_DOMAIN_MEMORY_MODEL_VIRTIO_PMEM:
         case VIR_DOMAIN_MEMORY_MODEL_VIRTIO_MEM:
         case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC:
         case VIR_DOMAIN_MEMORY_MODEL_NONE: