From 67faa7c1f92cca1eab5d78c410c310378ae8dc52 Mon Sep 17 00:00:00 2001
From: herypt <70331266+herypt@users.noreply.github.com>
Date: Wed, 2 Sep 2020 15:09:13 +0200
Subject: [PATCH] Add apparmor=1 security=apparmor to kernelopts if apparmor
 feature is set

---
 templates/libvirt/xen.xml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/templates/libvirt/xen.xml b/templates/libvirt/xen.xml
index cd3f1e6c..09d4d69d 100644
--- a/templates/libvirt/xen.xml
+++ b/templates/libvirt/xen.xml
@@ -49,6 +49,8 @@
             {% if vm.kernel %}
                 {% if vm.features.check_with_template('no-default-kernelopts', False) -%}
                 <cmdline>{{ vm.kernelopts }}</cmdline>
+                {% elif vm.features.check_with_template('apparmor', '0') == '1' -%}
+                <cmdline>{{ vm.kernelopts_common }}{{ vm.kernelopts }} apparmor=1 security=apparmor</cmdline>
                 {% else -%}
                 <cmdline>{{ vm.kernelopts_common }}{{ vm.kernelopts }}</cmdline>
                 {% endif -%}