k.
Signed-off-by: Konrad Rzeszutek Wilk
Acked-by: Daniel De Graaf
___
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel
Acked-by: Daniel De Graaf
___
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel
d a local variable block.
Signed-off-by: Konrad Rzeszutek Wilk
Acked-by: Jan Beulich
Replied to the wrong email before; this one is actually:
Acked-by: Daniel De Graaf
___
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel
On 03/16/2016 03:18 PM, Doug Goldstein wrote:
Rather than have XSM_MAGIC set in the global xen/config.h and set in
xsm.h if it's unset, just set it once in xsm.h since its only used in
files that already include xsm.h
Signed-off-by: Doug Goldstein
Acked-by: Daniel De
buffer.
Signed-off-by: Konrad Rzeszutek Wilk
Acked-by: Daniel De Graaf
___
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel
done that for a while,
and the original reason (older versions of checkpolicy didn't support
creating xen-type policy) is no longer an issue.
--
Daniel De Graaf
National Security Agency
___
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel
) ||
+strncmp(buff + sizeof(u32), (char *) &target_len, sizeof(u32)) ||
+strncmp(buff + sizeof(u32) * 2, "XenFlask", target_len))
+return 0;
+
memcmp() is more correct than strncmp() here, especially since target_len will
have embedded NULLs. It also assumes little
n superseded by the flask= parameter.
Signed-off-by: Daniel De Graaf
---
Changes from v1: move the setting of flask_enforcing to flask_init
instead of needing to set and reset it in parse_flask_param.
docs/misc/xen-command-line.markdown | 2 +-
docs/misc/xsm-flask.txt | 12 ++--
future patches, which will introduce detection and switching
logic, after which the interface will report hardware capabilities correctly.
Signed-off-by: Andrew Cooper
Acked-by: Jan Beulich
Acked-by: Daniel De Graaf
___
Xen-devel mailing list
Xen-devel
On 04/07/2016 07:57 AM, Andrew Cooper wrote:
And provide stubs for toolstack use.
Signed-off-by: Andrew Cooper
Acked-by: Wei Liu
Acked-by: David Scott
Acked-by: Jan Beulich
Acked-by: Daniel De Graaf
___
Xen-devel mailing list
Xen-devel
nown.
We also detect the XSM Magic for the following unknowns, then set its kind
according to the return value of has_xsm_magic.
By this way, arm64 behavior can be compatible to x86 and can simplify
multi-arch bootloader such as GRUB.
Signed-off-by: Fu Wei
Acked
-off-by: Konrad Rzeszutek Wilk
Acked-by: Daniel De Graaf
___
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel
: Keir Fraser
CC: Tim Deegan
CC: Konrad Rzeszutek Wilk
CC: Daniel De Graaf
Daniel,
any chance we could get your ack (or otherwise) on this?
Thanks, Jan
Sure, I didn't realize you were waiting on it. The patch looks good.
Acked-by: Daniel De
er modules
that would be available to turn on/off.
The process of assembling the modules into a single XSM policy is done
in userspace, not the hypervisor, so "xl loadpolicy" would not change.
--
Daniel De Graaf
National Security Agency
___
Xen-de
nd I think using
"xl devd" probably qualifies for that), then they probably need
dontaudit rules.
--
Daniel De Graaf
National Security Agency
___
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel
Reported-by: Doug Goldstein
Signed-off-by: Daniel De Graaf
---
tools/flask/policy/policy/modules/xen/xen.te | 10 ++
1 file changed, 10 insertions(+)
diff --git a/tools/flask/policy/policy/modules/xen/xen.te
b/tools/flask/policy/policy/modules/xen/xen.te
index bef33b0..fed09a9 100644
On 05/13/2016 11:09 AM, Jan Beulich wrote:
On 13.05.16 at 16:50, wrote:
[...]
@@ -1468,6 +1505,69 @@ int
mem_sharing_memop(XEN_GUEST_HANDLE_PARAM(xen_mem_sharing_op_t) arg)
}
break;
+case XENMEM_sharing_op_bulk_share:
+{
+unsigned long max_sgfn
particular domain.
Drop XSM's test_assign_{,dt}device hooks as no longer being
individually useful.
Signed-off-by: Jan Beulich
Acked-by: Daniel De Graaf
___
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel
interrupt remapping is ok
* Active but interrupt remapping is not available
* Not active
This patch also updates the reference XSM policy to use the new
primitives, with policy entries that do not require an active IOMMU.
Signed-off-by: Christopher Clark
Acked-by: Daniel De Graaf
One additiona
Signed-off-by: Christopher Clark
Acked-by: Daniel De Graaf
To be honest, for this kind of a change I would have hoped for
a Reviewed-by (by you or someone else), not just an Acked-by.
Hence I'm hesitant to put the patch in right away.
Jan
I'll keep that in mind for the future. I
lists.xenproject.org/archives/html/xen-devel/2017-07/msg03047.html
Signed-off-by: Zhongze Liu
Cc: Stefano Stabellini
Cc: Julien Grall
Cc: George Dunlap
Cc: Jan Beulich
Cc: Andrew Cooper
Cc: Daniel De Graaf
Cc: xen-devel@lists.xen.org
---
xen/arch/arm/mm.c | 2 +-
xen/arch/x86/mm/
On 08/24/2017 08:39 AM, Jan Beulich wrote:
On 24.08.17 at 13:33, wrote:
Hi Jan,
2017-08-24 14:37 GMT+08:00 Jan Beulich :
On 24.08.17 at 02:51, wrote:
2017-08-23 17:55 GMT+08:00 Jan Beulich :
On 22.08.17 at 20:08, wrote:
--- a/xen/include/xsm/dummy.h
+++ b/xen/include/xsm/dummy.h
@@ -525,
iewed-by: Paul Durrant
Reviewed-by: Wei Liu
Acked-by: Daniel De Graaf
___
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel
On 09/07/2017 09:47 AM, Juergen Gross wrote:
Add a domctl hypercall to set the domain's resource limits regarding
grant tables. It is accepted only as long as neither
gnttab_setup_table() has been called for the domain, nor the domain
has started to run.
Signed-off-by: Juergen Gross
Reviewed-by
T_L3_CBM
5. XEN_SYSCTL_PSR_CAT_get_l3_info -> XEN_SYSCTL_PSR_get_l3_info
Signed-off-by: Yi Sun
Reviewed-by: Wei Liu
Reviewed-by: Roger Pau Monné
Acked-by: Jan Beulich
Acked-by: Daniel De Graaf
___
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel
new op is not intrinsicly specific to the x86 architecture,
I have no means to test it on an ARM platform and so cannot verify
that it functions correctly.
Signed-off-by: Paul Durrant
Acked-by: Daniel De Graaf
___
Xen-devel mailing
for normal domains that allow grant mapping/event
channels.
This is for the proposal "Allow setting up shared memory areas between VMs
from xl config file" (see [1]).
[1] https://lists.xen.org/archives/html/xen-devel/2017-08/msg03242.html
Signed-off-by: Zhongze Liu
Cc: Daniel De Graaf
On 10/19/2017 07:58 AM, Jan Beulich wrote:
On 19.10.17 at 04:36, wrote:
--- a/xen/include/xsm/dummy.h
+++ b/xen/include/xsm/dummy.h
@@ -516,7 +516,8 @@ static XSM_INLINE int
xsm_remove_from_physmap(XSM_DEFAULT_ARG struct domain *d1,
static XSM_INLINE int xsm_map_gmfn_foreign(XSM_DEFAULT_ARG
On 10/19/2017 08:55 PM, Zhongze Liu wrote:
2017-10-20 8:34 GMT+08:00 Zhongze Liu :
Hi Daniel,
2017-10-20 1:36 GMT+08:00 Daniel De Graaf :
On 10/18/2017 10:36 PM, Zhongze Liu wrote:
The original dummy xsm_map_gmfn_foregin checks if source domain has the
proper
privileges over the target
On 10/20/2017 02:14 AM, Jan Beulich wrote:
On 19.10.17 at 19:36, wrote:
On 10/19/2017 07:58 AM, Jan Beulich wrote:
On 19.10.17 at 04:36, wrote:
--- a/xen/include/xsm/dummy.h
+++ b/xen/include/xsm/dummy.h
@@ -516,7 +516,8 @@ static XSM_INLINE int
xsm_remove_from_physmap(XSM_DEFAULT_ARG struc
production, introduce
__xsm_action_mismatch_detected for llvm coverage builds.
Signed-off-by: Roger Pau Monné
Acked-by: Daniel De Graaf
___
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel
T_L3_CBM
5. XEN_SYSCTL_PSR_CAT_get_l3_info -> XEN_SYSCTL_PSR_get_l3_info
Acked-by: Daniel De Graaf
___
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel
On 08/09/2017 03:06 AM, Juergen Gross wrote:
Modify the custom parameter parsing routines in:
xen/xsm/flask/flask_op.c
to indicate whether the parameter value was parsed successfully.
Acked-by: Daniel De Graaf
___
Xen-devel mailing list
Xen-devel
On 08/09/2017 03:07 AM, Juergen Gross wrote:
Add a sysctl hypercall to support setting parameters similar to
command line parameters, but at runtime. The parameters to set are
specified as a string, just like the boot parameters.
Looks good, except for one thing:
+case XEN_SYSCTL_set_para
x27;t result in a security issue there.
Signed-off-by: Daniel De Graaf
---
xen/xsm/flask/hooks.c | 6 --
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/xen/xsm/flask/hooks.c b/xen/xsm/flask/hooks.c
index 819e25d3af..57be18d6d4 100644
--- a/xen/xsm/flask/hooks.c
+++ b/xen/xsm/
: Daniel De Graaf
___
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel
On 06/28/2017 07:16 AM, Andrew Cooper wrote:
Signed-off-by: Andrew Cooper
Acked-by: Daniel De Graaf
___
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel
On 08/14/2017 03:08 AM, Juergen Gross wrote:
Modify the custom parameter parsing routines in:
xen/xsm/flask/flask_op.c
to indicate whether the parameter value was parsed successfully.
Acked-by: Daniel De Graaf
___
Xen-devel mailing list
Xen-devel
On 08/14/2017 03:08 AM, Juergen Gross wrote:
Add a sysctl hypercall to support setting parameters similar to
command line parameters, but at runtime. The parameters to set are
specified as a string, just like the boot parameters.
Acked-by: Daniel De Graaf
to 'alloc'. E.g.:
1. psr_cat_op -> psr_alloc_op
2. XEN_DOMCTL_psr_cat_op -> XEN_DOMCTL_psr_alloc_op
3. XEN_SYSCTL_psr_cat_op -> XEN_SYSCTL_psr_alloc_op
The sysctl/domctl version numbers are bumped.
Signed-off-by: Yi Sun
Acked-by: Daniel De Graaf
heck the XSM permissions
for them, which would require adding test_io{port,mem,q}_permission
functions too.
Alternatively, you could assume that the PCI device and its associated
resources all have the same label (which will be almost always be true in a
properly configured system) and just use this as an early bail out to avoid
user mistakes.
--
Daniel De Graaf
National Security Agency
___
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel
On 06/23/2017 11:00 AM, Jan Beulich wrote:
So far callers of the libxc interface passed in a domain ID which was
then ignored in the hypervisor. Instead, make the hypervisor honor it
(accepting DOMID_INVALID to obtain original behavior), allowing to
query whether a device can be assigned to a par
ed-by: Daniel De Graaf
___
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel
to "mixed", and "limited" is impossible to use with XSM.
--
Daniel De Graaf
National Security Agency
___
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel
: Tamas K Lengyel
Signed-off-by: Sergej Proskurin
Acked-by: Wei Liu
Acked-by: Daniel De Graaf
___
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel
same functionality.
Signed-off-by: Roger Pau Monné
Acked-by: Daniel De Graaf
___
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel
d as long as it's done on
occasional builds. Alternatively, it could be done by a static analysis tool,
but I've not looked into how to do that with Coverity.
--
Daniel De Graaf
National Security Agency
___
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel
Ostrovsky
Acked-by: Daniel De Graaf
___
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel
On 11/10/2016 04:23 AM, Cédric Bosdonnat wrote:
Gcc6 build reports misleading indentation as warnings. Fix a few
warnings in stubdom.
Signed-off-by: Cédric Bosdonnat
Acked-by: Daniel De Graaf
___
Xen-devel mailing list
Xen-devel@lists.xen.org
Hypervisor Makefile will use Makefile.common to build xsm
policy.
Signed-off-by: Wei Liu
Acked-by: Daniel De Graaf
Thanks for fixing this; I intended the build to remain separate but
never actually de-configured a build tree to test.
Using git-send-email -C would make the
o determine what to do, especially in this case where it changes
what permissions are actually being enforced (in the non-FLASK case).
--
Daniel De Graaf
National Security Agency
___
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel
t once avoids a for_each_domain() loop when the ID of an
existing domain gets passed in.
Reported-by: Marek Marczykowski-Górecki
Signed-off-by: Jan Beulich
Acked-by: Daniel De Graaf
[...]
I know there had been an alternative patch suggestion, but that one
doesn't seem have seen a formal submission s
all ops.
Signed-off-by: Tamas K Lengyel
Signed-off-by: Sergej Proskurin
Acked-by: Daniel De Graaf
___
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel
On 08/24/2016 04:06 AM, Jan Beulich wrote:
Non-debugging message text should be (and is in the cases here)
distinguishable without also logging function names.
Signed-off-by: Jan Beulich
Acked-by: Daniel De Graaf
___
Xen-devel mailing list
Xen
efore likely already compromised)."
See that file for further information.
This patch simply adds the boilerplate for the hypercall.
Signed-off-by: Paul Durrant
Suggested-by: Ian Jackson
Suggested-by: Jennifer Herbert
Acked-by: Daniel De Graaf
_
On 01/17/2017 12:29 PM, Paul Durrant wrote:
The definitions of HVM_IOREQSRV_BUFIOREQ_* have to persist as they are
already in use by callers of the libxc interface.
Suggested-by: Jan Beulich
Signed-off-by: Paul Durrant
Acked-by: Daniel De Graaf
__XEN_INTERFACE_VERSION__ less than that value.
NOTE: This patch also widens the 'domain' parameter of
xc_hvm_set_pci_intx_level() from a uint8_t to a uint16_t.
Suggested-by: Jan Beulich
Signed-off-by: Paul Durrant
---
Reviewed-by: Jan Beulich
Cc: Daniel De Graaf
Cc: Ian Jackson
to 32 bits.
Suggested-by: Jan Beulich
Signed-off-by: Paul Durrant
Acked-by: Daniel De Graaf
___
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel
ts.
Suggested-by: Jan Beulich
Signed-off-by: Paul Durrant
Acked-by: Daniel De Graaf
___
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel
passed was always truncated to 32 bits.
Suggested-by: Jan Beulich
Signed-off-by: Paul Durrant
Acked-by: Daniel De Graaf
___
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel
o uint32_t. In practice
the value passed was always truncated to 32 bits.
Suggested-by: Jan Beulich
Signed-off-by: Paul Durrant
Acked-by: Daniel De Graaf
___
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel
On 01/25/2017 09:24 AM, Andrew Cooper wrote:
Signed-off-by: Andrew Cooper
---
CC: Jan Beulich
CC: Daniel De Graaf
CC: Paul Durrant
CC: Ian Jackson
Might be better to merge into one single patch when committed?
Either way (combined with prior patch, original series, or alone):
Acked-by
On 01/25/2017 05:43 AM, Wei Liu wrote:
In 58cbc034 send_irq permission was removed but there was still
reference to it in policy file. Remove the stale reference.
And now we also need dm permission. Add that.
Signed-off-by: Wei Liu
Acked-by: Daniel De Graaf
have not compiled & looked
at the resulting manpages.
--
Daniel De Graaf
National Security Agency
___
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel
=system_u:system_r:domU_t tclass=domain
GPU passthrough for hvm guest:
avc: denied { send_irq } for domid=0 target=10
scontext=system_u:system_r:dom0_t
tcontext=system_u:system_r:domU_t tclass=hvm
Signed-off-by: Anshul Makkar
Acked-by: Daniel De Graaf
On 01/03/2017 09:04 AM, Boris Ostrovsky wrote:
This domctl will allow toolstack to read and write some
ACPI registers. It will be available to both x86 and ARM
but will be implemented first only for x86
Signed-off-by: Boris Ostrovsky
Acked-by: Daniel De Graaf
--
Daniel De Graaf
National
On 12/19/2016 11:03 PM, Doug Goldstein wrote:
On 12/19/16 10:02 AM, Doug Goldstein wrote:
On 12/14/16 3:09 PM, Daniel De Graaf wrote:
On 12/12/2016 09:00 AM, Anshul Makkar wrote:
During guest migrate allow permission to prevent
spurious page faults.
Prevents these errors:
d73: Non-privileged
On 10/13/2016 10:37 AM, Wei Liu wrote:
Signed-off-by: Wei Liu
Acked-by: Daniel De Graaf
___
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel
output file names with FLASK_BUILD_DIR. Hypervisor and tools
build will set that variable to different directories, so that we can
be safe from races.
Adjust other bits of the build system as needed.
Signed-off-by: Wei Liu
Acked-by: Daniel De Graaf
Pulling the definition of POLICY_FILENAME
(which results in an XSM check with the source xen_t). It does not make
sense to deny these permissions; no domain should be using xen_t, and
forbidding the hypervisor from performing cleanup is not useful.
Signed-off-by: Daniel De Graaf
Cc: Andrew Cooper
---
tools/flask/policy/modules/xen.if | 2
RIV check into the default case in xsm_pmu_op. This also fixes
the behavior of do_xenpmu_op, which will now return -EINVAL for unknown
XENPMU_* operations, instead of -EPERM when called by a privileged domain.
Signed-off-by: Roger Pau Monné
Acked-by: Daniel De Graaf
This also looks like a good
On 09/11/15 12:32, sstabell...@kernel.org wrote:
From: Stefano Stabellini
Call update_domain_wallclock_time at domain initialization, specifically
in arch_set_info_guest for vcpu0, like we do on x86.
Set time_offset_seconds to the number of seconds between phisical boot
and domain initializatio
version_use in domain2.
--
Daniel De Graaf
National Security Agency
___
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel
On 11/11/15 11:49, Doug Goldstein wrote:
Use the Kconfig generated HAS_PASSTHROUGH defines for the code base.
Signed-off-by: Doug Goldstein
CC: Ian Campbell
CC: Stefano Stabellini
CC: Keir Fraser
CC: Jan Beulich
CC: Andrew Cooper
CC: Daniel De Graaf
Signed-off-by: Doug Goldstein
De Graaf
Signed-off-by: Doug Goldstein
Acked-by: Daniel De Graaf
___
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel
On 11/11/15 11:50, Doug Goldstein wrote:
Use the Kconfig generated CONFIG_HAS_MEM_PAGING defines in the code base.
Signed-off-by: Doug Goldstein
CC: Keir Fraser
CC: Jan Beulich
CC: Andrew Cooper
CC: Razvan Cojocaru
CC: Tamas K Lengyel
CC: Daniel De Graaf
Signed-off-by: Doug Goldstein
On 11/11/15 11:50, Doug Goldstein wrote:
Use the Kconfig generated CONFIG_HAS_MEM_SHARING defines in the code base.
Signed-off-by: Doug Goldstein
CC: Keir Fraser
CC: Jan Beulich
CC: Andrew Cooper
CC: Razvan Cojocaru
CC: Tamas K Lengyel
CC: Daniel De Graaf
Signed-off-by: Doug Goldstein
On 11/11/15 11:49, Doug Goldstein wrote:
Use the Kconfig generated CONFIG_HAS_DEVICE_TREE defines in the code
base.
Signed-off-by: Doug Goldstein
CC: Ian Campbell
CC: Stefano Stabellini
CC: Jan Beulich
CC: Daniel De Graaf
Signed-off-by: Doug Goldstein
Acked-by: Daniel De Graaf
On 11/11/15 11:49, Doug Goldstein wrote:
Use the Kconfig generated CONFIG_HAS_PCI defines in the code base.
Signed-off-by: Doug Goldstein
CC: Keir Fraser
CC: Jan Beulich
CC: Andrew Cooper
CC: Daniel De Graaf
Signed-off-by: Doug Goldstein
Acked-by: Daniel De Graaf
when before calling do_settime,
so that system_time actually accounts for all the time in nsec between
machine boot and when the wallclock was set.
Expose xsm_platform_op to ARM.
Signed-off-by: Stefano Stabellini
CC: dgde...@tycho.nsa.gov
Acked-by: Daniel De Graaf
start_address,
uint32_t count);
What effect does this have on the peer ?
Daniel?
If this removes the (final copy of the) mapping and a notify offset/port
is set, that processing happens. Otherwise, the peer cannot tell when
this is called.
--
Daniel De Graaf
National Security Agency
__
payloads,
- check*1, apply*1, replace*1, and unload payloads.
*1: Which of course in this patch are nops.
Signed-off-by: Konrad Rzeszutek Wilk
Signed-off-by: Ross Lagerwall
Acked-by: Daniel De Graaf
___
Xen-devel mailing list
Xen-devel@lists.xen.org
On 16/11/15 07:30, Ian Campbell wrote:
On Fri, 2015-11-13 at 15:38 -0500, Daniel De Graaf wrote:
On 13/11/15 10:02, Ian Campbell wrote:
On Wed, 2015-11-11 at 15:03 +, Ian Jackson wrote:
Ian Campbell writes ("[PATCH XEN v5 07/23] tools: Refactor
/dev/xen/gnt{dev,shr} wrappers
On 24/11/15 09:42, Jan Beulich wrote:
Now that we intercept them all, there's no reason not to also uniformly
hand them to XSM. Reads (which are expected to be of less interest) get
handled as before (MMCFG accesses un-audited).
Signed-off-by: Jan Beulich
Acked-by: Daniel De
itched?
The #ifdef is there mostly as a failsafe reminder to ensure that the
implementation for other architectures actually calls the same XSM hooks
that the x86 version does.
--
Daniel De Graaf
National Security Agency
___
Xen-devel mailing l
On 06/22/2015 02:37 PM, Konrad Rzeszutek Wilk wrote:
On Mon, Jun 22, 2015 at 08:13:35PM +0200, Marek Marczykowski-Górecki wrote:
On Mon, Jun 22, 2015 at 01:46:27PM -0400, Konrad Rzeszutek Wilk wrote:
On Wed, Jun 17, 2015 at 09:42:11PM +0200, Marek Marczykowski-Górecki wrote:
On Thu, May 28, 20
have not tested) speed up
the security server by avoiding the __get_cpu_var call and increment. The
corresponding SELinux knob is a Kconfig option in Linux.
Acked-by: Daniel De Graaf
___
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.or
On 03/07/2016 01:42 PM, Doug Goldstein wrote:
Let Kconfig set the XSM_MAGIC value for us.
Signed-off-by: Doug Goldstein
This is not the best place to define this constant: it doesn't
make sense for it to be user-configurable. If you want to move it
out of config.h, I think the best solution
hat: I saw the --help-- line and assumed it was the prompt.
Either way, this #define is a configuration-like knob that doesn't need to
be hard-coded in a header as it currently is.
The
corresponding SELinux knob is a Kconfig option in Linux.
Acked-by: Daniel De Graaf
... if you're
-NULL. The same would
be true for event channels, but inlining the field to save space makes
that a non-issue.
Or whether one can FLASK_LOAD if the ops are dummy_ops instead
of flask_ops.
Right, the flask_op hypercall is also disconnected in the dummy module.
I w
d by the flask= parameter.
Signed-off-by: Daniel De Graaf
---
docs/misc/xen-command-line.markdown | 2 +-
docs/misc/xsm-flask.txt | 12 ++--
xen/xsm/flask/flask_op.c| 8 +---
3 files changed, 12 insertions(+), 10 deletions(-)
diff --git a/docs/misc/xen-comm
On 03/10/2016 02:12 PM, Konrad Rzeszutek Wilk wrote:
On Thu, Mar 10, 2016 at 01:30:29PM -0500, Daniel De Graaf wrote:
I've added Ian and Jan on the email as scripts/get_maintainer.pl spits out
their names (Oddly not yours?)
The previous default of "permissive" is meant fo
only takes effect then. With flask=late,
userspace code can also adjust the value (xl setenforce) before loading
the policy.
--
Daniel De Graaf
National Security Agency
___
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel
g the creation of domains without a policy loaded to avoid making
this mistake, but since this is no longer the default, I don't think that
type of guard isnecessary.
--
Daniel De Graaf
National Security Agency
___
Xen-devel mailing list
Xen-devel@lists.xe
licy is done
in userspace, not the hypervisor, so "xl loadpolicy" would not change.
/me nods
Thank you!
--
Daniel De Graaf
National Security Agency
___
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel
This includes the policy in tools/flask/policy in the hypervisor so that
the bootloader does not need to load a policy to get sane behavior from
an XSM-enabled hypervisor.
RFC because this adds a binding between xen's build and the tools build.
The inclusion of policy.o could be made conditional o
This also renames the example users created by vm_role.
Signed-off-by: Daniel De Graaf
---
docs/misc/xsm-flask.txt| 34 +++---
tools/flask/policy/Makefile| 9 --
tools/flask/policy/modules/default_role.te | 5
Signed-off-by: Daniel De Graaf
---
.../policy/policy/support/loadable_module.spt | 166 -
tools/flask/policy/policy/support/misc_macros.spt | 2 +
2 files changed, 2 insertions(+), 166 deletions(-)
delete mode 100644 tools/flask/policy/policy/support
This adds the xenstore_t type to the example policy for use by a
xenstore stub domain.
Signed-off-by: Daniel De Graaf
---
tools/flask/policy/modules/modules.conf | 3 +++
tools/flask/policy/modules/xenstore.te | 21 +
2 files changed, 24 insertions(+)
create mode 100644
Signed-off-by: Daniel De Graaf
---
tools/flask/policy/policy/access_vectors | 32 +++---
tools/flask/policy/policy/security_classes | 2 +-
2 files changed, 17 insertions(+), 17 deletions(-)
diff --git a/tools/flask/policy/policy/access_vectors
b/tools/flask/policy
1 - 100 of 334 matches
Mail list logo
