projects / xen.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 5a9b83a) | patch
[ACM] Support for running unlabeled domains alongside labeled ones
authorkfraser@localhost.localdomain <kfraser@localhost.localdomain>
Mon, 6 Aug 2007 09:10:34 +0000 (10:10 +0100)
committerkfraser@localhost.localdomain <kfraser@localhost.localdomain>
Mon, 6 Aug 2007 09:10:34 +0000 (10:10 +0100)
commitb163ba1607b51ff361dc7c61e15bbd7277dcb359
tree9d2f3bf5a3531c95c977e37d50de03f48bb3e9catree | snapshot
parent5a9b83aea8ae7cf8a1b7ecb9a37d361ae25c02a2commit | diff
[ACM] Support for running unlabeled domains alongside labeled ones

Add support for running unlabeled domains alongside labeled ones, if
the policy contains a VM label with name '__UNLABELED__' and an STE
type with the same name. The ezpolicy tool has been modified to
automatically suggest a policy under which unlabeled domains can
run. The user may delete this, if this is not desired.

Signed-off-by: Stefan Berger <stefanb@us.ibm.com>
tools/python/xen/util/acmpolicy.py diff | blob | history
tools/python/xen/util/security.py diff | blob | history
tools/python/xen/xend/XendDomainInfo.py diff | blob | history
tools/python/xen/xend/server/blkif.py diff | blob | history
tools/python/xen/xm/main.py diff | blob | history
tools/security/xensec_ezpolicy diff | blob | history
xen/acm/acm_chinesewall_hooks.c diff | blob | history
xen/acm/acm_simple_type_enforcement_hooks.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.