1. Patchew
  2. Xen
  3. View series

[PATCH 0/2] Adds starting the idle domain privileged

Daniel P. Smith posted 2 patches 2 years ago
Test gitlab-ci passed
Patches applied successfully (tree, apply log)
git fetch https://gitlab.com/xen-project/patchew/xen tags/patchew/20220420210407.18060-1-dpsmith@apertussolutions.com
There is a newer version of this series
tools/flask/policy/modules/xen.if      |  6 ++++++
tools/flask/policy/modules/xen.te      |  1 +
tools/flask/policy/policy/initial_sids |  1 +
xen/arch/arm/setup.c                   |  6 ++++++
xen/arch/x86/setup.c                   |  6 ++++++
xen/common/sched/core.c                |  7 ++++++-
xen/include/xsm/dummy.h                | 12 ++++++++++++
xen/include/xsm/xsm.h                  |  6 ++++++
xen/xsm/dummy.c                        |  1 +
xen/xsm/flask/hooks.c                  | 21 ++++++++++++++++++++-
xen/xsm/flask/policy/initial_sids      |  1 +
11 files changed, 66 insertions(+), 2 deletions(-)
[PATCH 0/2] Adds starting the idle domain privileged
Posted by Daniel P. Smith 2 years ago 
This series makes it so that the idle domain is started privileged under the
default policy, which the SILO policy inherits, and under the flask policy. It
then introduces a new one-way XSM hook, xsm_transition_running, that is hooked
by an XSM policy to transition the idle domain to its running privilege level.

Daniel P. Smith (2):
  xsm: create idle domain privieged and demote after setup
  flask: implement xsm_transtion_running

 tools/flask/policy/modules/xen.if      |  6 ++++++
 tools/flask/policy/modules/xen.te      |  1 +
 tools/flask/policy/policy/initial_sids |  1 +
 xen/arch/arm/setup.c                   |  6 ++++++
 xen/arch/x86/setup.c                   |  6 ++++++
 xen/common/sched/core.c                |  7 ++++++-
 xen/include/xsm/dummy.h                | 12 ++++++++++++
 xen/include/xsm/xsm.h                  |  6 ++++++
 xen/xsm/dummy.c                        |  1 +
 xen/xsm/flask/hooks.c                  | 21 ++++++++++++++++++++-
 xen/xsm/flask/policy/initial_sids      |  1 +
 11 files changed, 66 insertions(+), 2 deletions(-)

-- 
2.20.1

Patchew 2.1-devel-0870f84

© 2016 - 2024 Red Hat, Inc.