projects / xen.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 688581c)
flask: Fix to default policy to get simple VM running
authorKeir Fraser <keir.fraser@citrix.com>
Wed, 8 Oct 2008 09:02:27 +0000 (10:02 +0100)
committerKeir Fraser <keir.fraser@citrix.com>
Wed, 8 Oct 2008 09:02:27 +0000 (10:02 +0100)
This fix gets to the default Flask/XSM policy gets a simple guest VM
(Ramdisk only, no VIF) running.

Signed-off-by: Stefan Berger <stefanb@us.ibm.com>
tools/flask/policy/policy/modules/xen/xen.te patch | blob | history

diff --git a/tools/flask/policy/policy/modules/xen/xen.te b/tools/flask/policy/policy/modules/xen/xen.te
index 70fbfc0774780500222f67edb71a0a86d5e213b6..dff345c7e969dec6045e97497a03f5a2e892feda 100644 (file)
--- a/tools/flask/policy/policy/modules/xen/xen.te
+++ b/tools/flask/policy/policy/modules/xen/xen.te
@@ -33,7 +33,7 @@ define(`create_domain', `
                                getvcpuinfo getaddrsize getvcpuaffinity};
        allow $1 $2:shadow {enable};
        allow $1 $2:mmu {map_read map_write memorymap adjust pinpage};
-       allow $2 $2:mmu {map_read map_write pinpage};
+       allow $2 $2:mmu {map_read map_write adjust pinpage};
        allow $2 domio_t:mmu {map_read};
        allow $2 $2:grant {query setup};
        allow $1 $2:grant {map_read unmap};
Unnamed repository; edit this file 'description' to name the repository.