projects / xen.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: e04b562) | patch
xsm: add a default policy to .init.data
authorDaniel De Graaf <dgdegra@tycho.nsa.gov>
Thu, 14 Jul 2016 14:18:47 +0000 (10:18 -0400)
committerAndrew Cooper <andrew.cooper3@citrix.com>
Thu, 14 Jul 2016 14:32:38 +0000 (15:32 +0100)
commit41b61be1c244b27985f92061aa9670088340a37f
treea68ba4824ae5cc6874e35fb85d9cdfe1a906a76etree | snapshot
parente04b562377b3a50e48eb691145c3b95c19a78658commit | diff
xsm: add a default policy to .init.data

This adds a Kconfig option and support for including the XSM policy from
tools/flask/policy in the hypervisor so that the bootloader does not
need to provide a policy to get sane behavior from an XSM-enabled
hypervisor.  The policy provided by the bootloader, if present, will
override the built-in policy.

The XSM policy is not moved out of tools because that remains the
primary location for installing and configuring the policy.

Signed-off-by: Daniel De Graaf <dgdegra@tycho.nsa.gov>
Reviewed-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Reviewed-by: Jan Beulich <jbeulich@suse.com>
Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com>
Config.mk diff | blob | history
INSTALL diff | blob | history
docs/misc/xen-command-line.markdown diff | blob | history
docs/misc/xsm-flask.txt diff | blob | history
xen/common/Kconfig diff | blob | history
xen/include/xsm/xsm.h diff | blob | history
xen/xsm/flask/.gitignore [new file with mode: 0644] blob
xen/xsm/flask/Makefile diff | blob | history
xen/xsm/flask/gen-policy.py [new file with mode: 0644] blob
xen/xsm/xsm_core.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.