Re: [RESEND PATCH 1/1] vfio/nvlink: Remove exec permission to avoid SELinux AVCs

On Tue, May 26, 2020 at 02:43:43PM -0600, Alex Williamson wrote: > On Mon, 18 May 2020 12:05:24 -0300 > Leonardo Bras wrote: > > > If SELinux is setup without 'execmem' permission for qemu, all mmap > > with (PROT_WRITE | PROT_EXEC) will fail and print a warning in > > SELinux log. > > > > If "n

Re: [RESEND PATCH 1/1] vfio/nvlink: Remove exec permission to avoid SELinux AVCs

On Mon, 18 May 2020 12:05:24 -0300 Leonardo Bras wrote: > If SELinux is setup without 'execmem' permission for qemu, all mmap > with (PROT_WRITE | PROT_EXEC) will fail and print a warning in > SELinux log. > > If "nvlink2-mr" memory allocation fails (fist diff), it will cause > guest NUMA nodes

[RESEND PATCH 1/1] vfio/nvlink: Remove exec permission to avoid SELinux AVCs

If SELinux is setup without 'execmem' permission for qemu, all mmap with (PROT_WRITE | PROT_EXEC) will fail and print a warning in SELinux log. If "nvlink2-mr" memory allocation fails (fist diff), it will cause guest NUMA nodes to not be correctly configured (V100 memory will not be visible for gu

[RESEND PATCH 1/1] vfio/nvlink: Remove exec permission to avoid SELinux AVCs

If SELinux is setup without 'execmem' permission for qemu, all mmap with (PROT_WRITE | PROT_EXEC) will fail and print a warning in SELinux log. If "nvlink2-mr" memory allocation fails (fist diff), it will cause guest NUMA nodes to not be correctly configured (V100 memory will not be visible for gu