projects / xen.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 4b73f65) | patch
xsm/flask: Add checks on the domain performing the set_target operation
authorDaniel De Graaf <dgdegra@tycho.nsa.gov>
Fri, 11 Jan 2013 10:37:10 +0000 (10:37 +0000)
committerDaniel De Graaf <dgdegra@tycho.nsa.gov>
Fri, 11 Jan 2013 10:37:10 +0000 (10:37 +0000)
commit2b7a98eed8069cb6fe1b967236d80d0a8cf2913e
tree4e40b8f3e430d34c96c42eea5a38db7a4360ed8dtree | snapshot
parent4b73f651d09d7e566ec3b6f0df16af7b5b1dd8becommit | diff
xsm/flask: Add checks on the domain performing the set_target operation

The existing domain__set_target check only verifies that the source
and target domains can be associated. We also need to check that the
privileged domain making this association is allowed to do so.

Signed-off-by: Daniel De Graaf <dgdegra@tycho.nsa.gov>
Committed-by: Keir Fraser <keir@xen.org>
xen/xsm/flask/hooks.c diff | blob | history
xen/xsm/flask/policy/access_vectors diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.