flask/policy: add missing manage_domain rules

The updated example policy did not include rules to allow managing the
created domains (pause, unpause, destroy); allow these actions.

Signed-off-by: Daniel De Graaf <dgdegra@tycho.nsa.gov>
Committed-by: Ian Jackson <ian.jackson.citrix.com>

diff --git a/tools/flask/policy/policy/modules/xen/xen.if b/tools/flask/policy/policy/modules/xen/xen.if
index cd240d8f7d98059f8d6807b390f7183f58f78974..30657189270664b94763f4cf20ff18a8fd1f688e 100644 (file)
--- a/tools/flask/policy/policy/modules/xen/xen.if
+++ b/tools/flask/policy/policy/modules/xen/xen.if
@@ -29,6 +29,13 @@ define(`create_domain', `
        allow $1 $2_$1_channel:event create;
 ')
 
+# manage_domain(priv, target)
+#   Allow managing a running domain
+define(`manage_domain', `
+       allow $1 $2:domain { getdomaininfo getvcpuinfo getvcpuaffinity
+                       getaddrsize pause unpause trigger shutdown destroy
+                       setvcpuaffinity setdomainmaxmem };
+')
 ################################################################################
 #
 # Inter-domain communication

diff --git a/tools/flask/policy/policy/modules/xen/xen.te b/tools/flask/policy/policy/modules/xen/xen.te
index 0fc31b53fa4a601355585f50157f4f08628325b9..c5e0883e69f0da6fe4ac3fa98c01ff6b49f730fc 100644 (file)
--- a/tools/flask/policy/policy/modules/xen/xen.te
+++ b/tools/flask/policy/policy/modules/xen/xen.te
@@ -86,10 +86,12 @@ auditallow dom0_t security_t:security { load_policy setenforce };
 declare_domain(domU_t)
 domain_self_comms(domU_t)
 create_domain(dom0_t, domU_t)
+manage_domain(dom0_t, domU_t)
 domain_comms(dom0_t, domU_t)
 
 declare_domain(isolated_domU_t)
 create_domain(dom0_t, isolated_domU_t)
+manage_domain(dom0_t, isolated_domU_t)
 domain_comms(dom0_t, isolated_domU_t)
 
 ###############################################################################