AppArmor

Merge lp:~osomon/apparmor/newer-nvidia-abstraction-trunk into lp:apparmor/2.12

  1. newer-nvidia-abstraction-trunk
  2. Merge into master
Proposed by Olivier Tilloy
Status: Merged
Approved by: Tyler Hicks
Approved revision: 3646
Merged at revision: 3645
Proposed branch: lp:~osomon/apparmor/newer-nvidia-abstraction-trunk
Merge into: lp:apparmor/2.12
Diff against target: 21 lines (+5/-2)
1 file modified
profiles/apparmor.d/abstractions/nvidia (+5/-2)
To merge this branch: bzr merge lp:~osomon/apparmor/newer-nvidia-abstraction-trunk
Reviewer Review Type Date Requested Status
Tyler Hicks Approve
Jamie Strandboge Approve
Review via email: mp+319120@code.launchpad.net

Commit message

Update nvidia abstraction for newer nvidia drivers.

To post a comment you must log in.
Revision history for this message
Jamie Strandboge (jdstrand) wrote :

Some inline questions.

review: Needs Information
Revision history for this message
Tyler Hicks (tyhicks) wrote :

I'm just chiming in to say that I agree with Jamie here.

lp:~osomon/apparmor/newer-nvidia-abstraction-trunk updated
3646. By Olivier Tilloy

Specify device nodes instead of being too permissive.

Revision history for this message
Olivier Tilloy (osomon) wrote :

Thanks for the feedback! Replied inline.

Revision history for this message
Jamie Strandboge (jdstrand) wrote :

I mentioned '@{PROC}/driver/nvidia/params r,' but it is already included (sorry). Approve updated MP.

review: Approve
Revision history for this message
Tyler Hicks (tyhicks) wrote :

Looks good to me!

review: Approve

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1=== modified file 'profiles/apparmor.d/abstractions/nvidia'
2--- profiles/apparmor.d/abstractions/nvidia 2014-06-06 18:50:58 +0000
3+++ profiles/apparmor.d/abstractions/nvidia 2017-03-06 18:59:56 +0000
4@@ -8,8 +8,9 @@
5 /etc/vdpau_wrapper.cfg r,
6
7 # device files
8- /dev/nvidia0 rw,
9- /dev/nvidiactl rw,
10+ /dev/nvidiactl rw,
11+ /dev/nvidia-modeset rw,
12+ /dev/nvidia[0-9]* rw,
13
14 @{PROC}/interrupts r,
15 @{PROC}/sys/vm/max_map_count r,
16@@ -18,3 +19,5 @@
17
18 owner @{HOME}/.nv/GLCache/ r,
19 owner @{HOME}/.nv/GLCache/** rwk,
20+
21+ unix (send, receive) type=dgram peer=(addr="@nvidia[0-9a-f]*"),

Subscribers

People subscribed via source and target branches