projects / xen.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 3ebe9a1) | patch
xsm: add missing permissions discovered in testing
authorDaniel De Graaf <dgdegra@tycho.nsa.gov>
Fri, 4 Nov 2016 15:35:20 +0000 (11:35 -0400)
committerWei Liu <wei.liu2@citrix.com>
Mon, 7 Nov 2016 10:55:51 +0000 (10:55 +0000)
commit8ad651705cbd0ad192398c1513d12c02b3197fa1
treeccbab4ab37a2df5b5932dc90fee949e7f294b4bbtree | snapshot
parent3ebe9a1a826e8d569bef6045777cc01a5699933dcommit | diff
xsm: add missing permissions discovered in testing

Add two missing allow rules:

1. Device model domain construction uses getvcpucontext, discovered by
Andrew Cooper while chasing an unrelated issue.

2. When a domain is destroyed with a device passthrough active, the
calls to remove_{irq,ioport,iomem} can be made by the hypervisor itself
(which results in an XSM check with the source xen_t).  It does not make
sense to deny these permissions; no domain should be using xen_t, and
forbidding the hypervisor from performing cleanup is not useful.

Signed-off-by: Daniel De Graaf <dgdegra@tycho.nsa.gov>
Cc: Andrew Cooper <andrew.cooper3@citrix.com>
Acked-by: Wei Liu <wei.liu2@citrix.com>
Release-acked-by: Wei Liu <wei.liu2@citrix.com>
tools/flask/policy/modules/xen.if diff | blob | history
tools/flask/policy/modules/xen.te diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.