On Tue, Nov 25, 2014 at 6:05 PM, Daniel De Graaf <dgde...@tycho.nsa.gov> wrote:
> When an unknown domctl, sysctl, or other operation is encountered in the
> FLASK security server, use the allow_unknown bit in the security policy
> (set by running checkpolicy -U allow) to decide if the permission should
> be allowed or denied. This allows new operations to be tested without
> needing to immediately add security checks; however, it is not flexible
> enough to avoid adding the actual permission checks. An error message
> is printed to the hypervisor console when this fallback is encountered.
Thanks -- I do think as Konrad said however, that when building with
debug=y, we want the failure to be more obvious. A crash is probably
the best thing.
I guess we want something like the following after the printk in
avc_unknown_permission()?
#ifndef NDEBUG
BUG();
#endif
-George
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel
