On 08/11/2018 02:10 AM, Stefan Berger wrote:
On 08/10/2018 06:21 PM, Paul Moore wrote:
> On Thu, Aug 9, 2018 at 3:00 PM Stefan Berger
> <stefanb(a)linux.vnet.ibm.com> wrote:
>> Hello!
>>
>> I am the maintainer of 'swtpm', which is a TPM 1.2 & 2 emulator
for
>> QEMU. 'swtpm' is started by libvirt as part of starting a QEMU VM with
>> an attached TPM.
>>
>> The plan is to have swtpm packaged and made available as part of
>> Fedora. I am wondering how to go about having the Fedora SELinux policy,
>> particularly sVirt, extended for support of swtpm? I have played around
>> with SELinux support for sVirt myself. I had to adapt it depending on
>> the version of Fedora I was using.
>>
>> Here are some of the files I have used:
>>
>>
https://github.com/stefanberger/swtpm/tree/tpm2-preview.v2/src/selinux
>>
>> Particularly this one here may be of interest:
>>
https://github.com/stefanberger/swtpm/blob/tpm2-preview.v2/src/selinux/sw...
>>
> A quick note for the mailing list archives, and to let everyone know
> that Stefan isn't being ignored :) ... Lukas and Stefan have been in
> touch and they are working on how to best support swtpm in Fedora; I'm
> sure they will have it sorted out in a few weeks.
Lukas is out, I will be out, so this can rest for a while.
Hi,
I'm back from my PTO, feel free to contact me when you'll be back.
THanks,
Lukas.
Thanks,
Stefan
>
--
Lukas Vrabec
Software Engineer, Security Technologies
Red Hat, Inc.