This series makes it so that the idle domain is started privileged under the
default policy, which the SILO policy inherits, and under the flask policy. It
then introduces a new one-way XSM hook, xsm_transition_running, that is hooked
by an XSM policy to transition the idle domain to its running privilege level.
Daniel P. Smith (2):
xsm: create idle domain privieged and demote after setup
flask: implement xsm_transtion_running
tools/flask/policy/modules/xen.if | 6 ++++++
tools/flask/policy/modules/xen.te | 1 +
tools/flask/policy/policy/initial_sids | 1 +
xen/arch/arm/setup.c | 6 ++++++
xen/arch/x86/setup.c | 6 ++++++
xen/common/sched/core.c | 7 ++++++-
xen/include/xsm/dummy.h | 12 ++++++++++++
xen/include/xsm/xsm.h | 6 ++++++
xen/xsm/dummy.c | 1 +
xen/xsm/flask/hooks.c | 21 ++++++++++++++++++++-
xen/xsm/flask/policy/initial_sids | 1 +
11 files changed, 66 insertions(+), 2 deletions(-)
--
2.20.1