From: Ian Campbell Date: Wed, 20 May 2015 14:39:00 +0000 (+0100) Subject: libxl: assign a default ssidref (XSM label) to guests X-Git-Tag: archive/raspbian/4.8.0-1+rpi1~1^2~3179 X-Git-Url: https://dgit.raspbian.org/%22http:/www.example.com/cgi/%22https:/%22bookmarks://%22Dat/%22http:/www.example.com/cgi/%22https:/%22bookmarks:/%22Dat?a=commitdiff_plain;h=b521422bd9c12719e6848c1be340df667ef41b52;p=xen.git libxl: assign a default ssidref (XSM label) to guests We have now arranged for SECINITSID_DOMU and SECINITSID_DOMDM to be defined (correspondng to system_u:system_r:domU_t and system_u:system_r:dm_dom_t respectively in the default policy). Use these as the default for the SSID of every (stub)domain. Signed-off-by: Ian Campbell Cc: Daniel De Graaf Cc: Wei.Liu2@citrix.com Acked-by: Wei Liu Acked-by: Daniel De Graaf --- diff --git a/tools/libxl/libxl_create.c b/tools/libxl/libxl_create.c index 0a2359ef50..86384d27cc 100644 --- a/tools/libxl/libxl_create.c +++ b/tools/libxl/libxl_create.c @@ -25,6 +25,8 @@ #include #include +#include + int libxl__domain_create_info_setdefault(libxl__gc *gc, libxl_domain_create_info *c_info) { @@ -42,6 +44,9 @@ int libxl__domain_create_info_setdefault(libxl__gc *gc, libxl_defbool_setdefault(&c_info->run_hotplug_scripts, true); libxl_defbool_setdefault(&c_info->driver_domain, false); + if (!c_info->ssidref) + c_info->ssidref = SECINITSID_DOMU; + return 0; } @@ -111,6 +116,10 @@ int libxl__domain_build_info_setdefault(libxl__gc *gc, libxl_defbool_setdefault(&b_info->device_model_stubdomain, false); + if (libxl_defbool_val(b_info->device_model_stubdomain) && + !b_info->device_model_ssidref) + b_info->device_model_ssidref = SECINITSID_DOMDM; + if (!b_info->device_model_version) { if (b_info->type == LIBXL_DOMAIN_TYPE_HVM) { if (libxl_defbool_val(b_info->device_model_stubdomain)) {