>>> On 07.07.16 at 16:44, wrote:
> On 07/07/2016 06:30 AM, Jan Beulich wrote:
> On 05.07.16 at 19:44, wrote:
>>> +static inline void xsm_policy_init(void)
>>> +{
>>> +#ifdef CONFIG_XSM_POLICY
>>> +if ( policy_size == 0 )
>>> +{
>>> +policy_buffer = (char*)xsm_init_policy;
>>
>
On 07/07/2016 06:30 AM, Jan Beulich wrote:
On 05.07.16 at 19:44, wrote:
--- a/xen/include/xsm/xsm.h
+++ b/xen/include/xsm/xsm.h
@@ -762,6 +762,13 @@ static inline void flask_init(void)
}
#endif
+#ifdef CONFIG_XSM_POLICY
+extern const unsigned char xsm_init_policy[];
+extern const int xsm_ini
>>> On 05.07.16 at 19:44, wrote:
> --- a/xen/include/xsm/xsm.h
> +++ b/xen/include/xsm/xsm.h
> @@ -762,6 +762,13 @@ static inline void flask_init(void)
> }
> #endif
>
> +#ifdef CONFIG_XSM_POLICY
> +extern const unsigned char xsm_init_policy[];
> +extern const int xsm_init_policy_size;
unsigne
On Tue, Jul 05, 2016 at 01:44:43PM -0400, Daniel De Graaf wrote:
> This adds a Kconfig option and support for including the XSM policy from
> tools/flask/policy in the hypervisor so that the bootloader does not
> need to provide a policy to get sane behavior from an XSM-enabled
> hypervisor. The p
This adds a Kconfig option and support for including the XSM policy from
tools/flask/policy in the hypervisor so that the bootloader does not
need to provide a policy to get sane behavior from an XSM-enabled
hypervisor. The policy provided by the bootloader, if present, will
override the built-in
