projects / xen.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: f26bb28) | patch
xsm: remove the ability to disable flask
authorDaniel P. Smith <dpsmith@apertussolutions.com>
Fri, 10 Sep 2021 20:12:57 +0000 (16:12 -0400)
committerAndrew Cooper <andrew.cooper3@citrix.com>
Fri, 10 Sep 2021 19:30:26 +0000 (20:30 +0100)
commit4624912c0b5505387e53a12ef3417d001431a29d
tree9ea802d65cacc69e2a3dd47a401ff60b0c8f90dctree | snapshot
parentf26bb285949b8c233816c4c6a87237ee14a06ebccommit | diff
xsm: remove the ability to disable flask

On Linux when SELinux is put into permissive mode the discretionary access
controls are still in place. Whereas for Xen when the enforcing state of flask
is set to permissive, all operations for all domains would succeed, i.e. it
does not fall back to the default access controls. To provide a means to mimic
a similar but not equivalent behaviour, a flask op is present to allow a
one-time switch back to the default access controls, aka the "dummy policy".

While this may be desirable for an OS, Xen is a hypervisor and should not
allow the switching of which security policy framework is being enforced after
boot.  This patch removes the flask op to enforce the desired XSM usage model
requiring a reboot of Xen to change the XSM policy module in use.

Signed-off-by: Daniel P. Smith <dpsmith@apertussolutions.com>
Acked-by: Andrew Cooper <andrew.cooper3@citrix.com>
xen/include/public/xsm/flask_op.h diff | blob | history
xen/xsm/flask/flask_op.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.