1. 27 3月, 2017 2 次提交
    • E
      security: Enable labeling of vfio mediated devices · 606afafb
      Erik Skultety 提交于
      This patch updates all of our security driver to start labeling the
      VFIO IOMMU devices under /dev/vfio/ as well.
      Signed-off-by: NErik Skultety <eskultet@redhat.com>
      606afafb
    • E
      conf: Introduce new hostdev device type mdev · ec783d7c
      Erik Skultety 提交于
      A mediated device will be identified by a UUID (with 'model' now being
      a mandatory <hostdev> attribute to represent the mediated device API) of
      the user pre-created mediated device. We also need to make sure that if
      user explicitly provides a guest address for a mdev device, the address
      type will be matching the device API supported on that specific mediated
      device and error out with an incorrect XML message.
      
      The resulting device XML:
      <devices>
        <hostdev mode='subsystem' type='mdev' model='vfio-pci'>
          <source>
            <address uuid='c2177883-f1bb-47f0-914d-32a22e3a8804'>
          </source>
        </hostdev>
      </devices>
      Signed-off-by: NErik Skultety <eskultet@redhat.com>
      ec783d7c
  2. 15 3月, 2017 2 次提交
  3. 17 1月, 2017 1 次提交
  4. 10 1月, 2017 2 次提交
  5. 25 11月, 2016 2 次提交
  6. 22 10月, 2016 1 次提交
  7. 25 5月, 2016 1 次提交
  8. 19 4月, 2016 1 次提交
  9. 15 1月, 2016 2 次提交
  10. 15 12月, 2015 1 次提交
    • J
      security_dac: remove extra Security from function names · be33e965
      Ján Tomko 提交于
      Many of the functions follow the pattern:
      virSecurity.*Security.*Label
      
      Remove the second 'Security' from the names, it should be obvious
      that the virSecurity* functions deal with security labels even
      without it.
      be33e965
  11. 09 12月, 2015 1 次提交
  12. 30 11月, 2015 1 次提交
  13. 12 11月, 2015 1 次提交
  14. 16 10月, 2015 6 次提交
  15. 24 8月, 2015 2 次提交
  16. 11 12月, 2014 2 次提交
  17. 25 9月, 2014 1 次提交
  18. 10 9月, 2014 1 次提交
    • M
      qemu: Implement extended loader and nvram · 54289916
      Michal Privoznik 提交于
      QEMU now supports UEFI with the following command line:
      
        -drive file=/usr/share/OVMF/OVMF_CODE.fd,if=pflash,format=raw,unit=0,readonly=on \
        -drive file=/usr/share/OVMF/OVMF_VARS.fd,if=pflash,format=raw,unit=1 \
      
      where the first line reflects <loader> and the second one <nvram>.
      Moreover, these two lines obsolete the -bios argument.
      
      Note that UEFI is unusable without ACPI. This is handled properly now.
      Among with this extension, the variable file is expected to be
      writable and hence we need security drivers to label it.
      Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
      Acked-by: NLaszlo Ersek <lersek@redhat.com>
      54289916
  19. 24 7月, 2014 8 次提交
  20. 11 7月, 2014 2 次提交