Discussion:
SELinux support for swtpm
Lukas Vrabec
2018-08-20 19:53:10 UTC
Permalink
On Thu, Aug 9, 2018 at 3:00 PM Stefan Berger
Hello!
    I am the maintainer of 'swtpm', which is a TPM 1.2 & 2 emulator for
QEMU. 'swtpm' is started by libvirt as part of starting a QEMU VM with
an attached TPM.
    The plan is to have swtpm packaged and made available as part of
Fedora. I am wondering how to go about having the Fedora SELinux policy,
particularly sVirt, extended for support of swtpm? I have played around
with SELinux support for sVirt myself. I had to adapt it depending on
the version of Fedora I was using.
https://github.com/stefanberger/swtpm/tree/tpm2-preview.v2/src/selinux
https://github.com/stefanberger/swtpm/blob/tpm2-preview.v2/src/selinux/swtpm_svirt.te
A quick note for the mailing list archives, and to let everyone know
that Stefan isn't being ignored :) ... Lukas and Stefan have been in
touch and they are working on how to best support swtpm in Fedora; I'm
sure they will have it sorted out in a few weeks.
Lukas is out, I will be out, so this can rest for a while.
Hi,

I'm back from my PTO, feel free to contact me when you'll be back.

THanks,
Lukas.
Thanks,
   Stefan
--
Lukas Vrabec
Software Engineer, Security Technologies
Red Hat, Inc.
justina colmena
2018-08-21 17:50:21 UTC
Permalink
Post by Lukas Vrabec
I'm back from my PTO, feel free to contact me when you'll be back.
Parent-Teacher Organization?
It's for the chillluns...
It sounds like some folks are working too hard
and others are unemployed...

Loading...