On 04.09.2024 11:21, Roger Pau Monné wrote: > On Wed, Aug 14, 2024 at 09:44:11AM +0200, Jan Beulich wrote: >> XSM is a generic framework, which in particular is also used by SILO. >> With this it can't really be experimental: Arm mandates SILO for having >> a security supported configuration. >> >> Signed-off-by: Jan Beulich <jbeul...@suse.com> > > Reviewed-by: Roger Pau Monné <roger....@citrix.com>
Thanks. >> @@ -788,6 +796,13 @@ Please see XSA-77 for more details. >> The default policy includes FLASK labels and roles for a "typical" >> Xen-based system >> with dom0, driver domains, stub domains, domUs, and so on. >> >> +### SILO XSM Module >> + >> +SILO implements a policy whereby DomU-s can only communicate with Dom0, yet >> not >> +with each other. > > Might be good to clarify SILO is just like the dummy XSM > implementation without allowing inter-domain communication, ie: > > "SILO extends the dummy XSM policy by enforcing that DomU-s can only > communicate with Dom0, yet not with each other." > > Or similar. Fine with me - adjusted. Jan
