[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-changelog] [xen-unstable] acm, xend: Fix resetting policy.

To: xen-changelog@xxxxxxxxxxxxxxxxxxx
From: Xen patchbot-unstable <patchbot-unstable@xxxxxxxxxxxxxxxxxxx>
Date: Wed, 30 Jan 2008 06:30:10 -0800
Delivery-date: Wed, 30 Jan 2008 07:28:40 -0800
List-id: BK change log <xen-changelog.lists.xensource.com>

# HG changeset patch
# User Keir Fraser <keir.fraser@xxxxxxxxxx>
# Date 1201702997 0
# Node ID 87ab3222640c44cd0eee674f8841a823196500f3
# Parent  087caea46be763cab3b28ed1b614cd29cf15fce2
acm, xend: Fix resetting policy.

Fix a problem when resetting the policy and the label of Domain-0
needs to be renamed.

Signed-off-by: Stefan Berger <stefanb@xxxxxxxxxx>
---
 tools/python/xen/util/acmpolicy.py   |    3 ++-
 tools/python/xen/util/xsm/acm/acm.py |   10 +++++++---
 2 files changed, 9 insertions(+), 4 deletions(-)

diff -r 087caea46be7 -r 87ab3222640c tools/python/xen/util/acmpolicy.py
--- a/tools/python/xen/util/acmpolicy.py        Wed Jan 30 11:17:14 2008 +0000
+++ b/tools/python/xen/util/acmpolicy.py        Wed Jan 30 14:23:17 2008 +0000
@@ -337,7 +337,8 @@ class ACMPolicy(XSPolicy):
             rc, errors = security.change_acm_policy(bin_pol,
                                         del_array, chg_array,
                                         vmlabel_map, reslabel_map,
-                                        self, acmpol_new)
+                                        self, acmpol_new,
+                                        acmpol_new.is_default_policy())
 
             if rc == 0:
                 # Replace the old DOM with the new one and save it
diff -r 087caea46be7 -r 87ab3222640c tools/python/xen/util/xsm/acm/acm.py
--- a/tools/python/xen/util/xsm/acm/acm.py      Wed Jan 30 11:17:14 2008 +0000
+++ b/tools/python/xen/util/xsm/acm/acm.py      Wed Jan 30 14:23:17 2008 +0000
@@ -1342,7 +1342,8 @@ def relabel_domains(relabel_list):
 
 
 def change_acm_policy(bin_pol, del_array, chg_array,
-                      vmlabel_map, reslabel_map, cur_acmpol, new_acmpol):
+                      vmlabel_map, reslabel_map, cur_acmpol, new_acmpol,
+                      is_reset):
     """
        Change the ACM policy of the system by relabeling
        domains and resources first and doing some access checks.
@@ -1451,8 +1452,11 @@ def change_acm_policy(bin_pol, del_array
                 continue
 
             new_vmlabel = vmlabel
-            if vmlabel_map.has_key(vmlabel):
-                # renaming of the label
+            if vmlabel_map.has_key(vmlabel) and \
+               (not is_reset or name == "Domain-0") :
+                # renaming of the label; this is only allowed if it's
+                # not a reset of the policy or if it is a reset, then
+                # only for Domain-0
                 new_vmlabel = vmlabel_map[vmlabel]
                 polname = new_policyname
             elif new_vmlabel not in polnew_vmlabels and \

_______________________________________________
Xen-changelog mailing list
Xen-changelog@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-changelog

Prev by Date: [Xen-changelog] [xen-unstable] xend: fix external-device-migrate step 0
Next by Date: [Xen-changelog] [xen-unstable] ioemu: strip tap subtype prefix from image name
Previous by thread: [Xen-changelog] [xen-unstable] xend: fix external-device-migrate step 0
Next by thread: [Xen-changelog] [xen-unstable] ioemu: strip tap subtype prefix from image name
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.