[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [Xen-changelog] [xen master] xen/xsm: Rename CONFIG_XSM_POLICY to CONFIG_XSM_FLASK_POLICY
commit 4991a46130dca276757d88e77ce7aec7e3e017e5 Author: Andrew Cooper <andrew.cooper3@xxxxxxxxxx> AuthorDate: Tue Jun 26 10:59:10 2018 +0100 Commit: Andrew Cooper <andrew.cooper3@xxxxxxxxxx> CommitDate: Tue Aug 28 14:17:11 2018 +0100 xen/xsm: Rename CONFIG_XSM_POLICY to CONFIG_XSM_FLASK_POLICY The embedded policy is specifically a flask policy, so update the infrastructure to reflect this. Signed-off-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx> Reviewed-by: Doug Goldstein <cardoe@xxxxxxxxxx> Acked-by: Daniel De Graaf <dgdegra@xxxxxxxxxxxxx> --- xen/common/Kconfig | 6 +++--- xen/include/xsm/xsm.h | 6 +++--- xen/xsm/flask/Makefile | 2 +- xen/xsm/flask/gen-policy.py | 4 ++-- xen/xsm/xsm_core.c | 6 +++--- 5 files changed, 12 insertions(+), 12 deletions(-) diff --git a/xen/common/Kconfig b/xen/common/Kconfig index 3a7c752e93..1a6d6281c1 100644 --- a/xen/common/Kconfig +++ b/xen/common/Kconfig @@ -138,10 +138,10 @@ config XSM_FLASK_AVC_STATS If unsure, say Y. -config XSM_POLICY - bool "Compile Xen with a built-in security policy" +config XSM_FLASK_POLICY + bool "Compile Xen with a built-in FLASK security policy" default y if HAS_CHECKPOLICY = "y" - depends on XSM + depends on XSM_FLASK ---help--- This includes a default XSM policy in the hypervisor so that the bootloader does not need to load a policy to get sane behavior from an diff --git a/xen/include/xsm/xsm.h b/xen/include/xsm/xsm.h index b692aece71..3d67962493 100644 --- a/xen/include/xsm/xsm.h +++ b/xen/include/xsm/xsm.h @@ -728,9 +728,9 @@ static inline void flask_init(const void *policy_buffer, size_t policy_size) } #endif -#ifdef CONFIG_XSM_POLICY -extern const unsigned char xsm_init_policy[]; -extern const unsigned int xsm_init_policy_size; +#ifdef CONFIG_XSM_FLASK_POLICY +extern const unsigned char xsm_flask_init_policy[]; +extern const unsigned int xsm_flask_init_policy_size; #endif #else /* CONFIG_XSM */ diff --git a/xen/xsm/flask/Makefile b/xen/xsm/flask/Makefile index e22ed7c03f..f5ffab1226 100644 --- a/xen/xsm/flask/Makefile +++ b/xen/xsm/flask/Makefile @@ -27,7 +27,7 @@ $(FLASK_H_FILES): $(FLASK_H_DEPEND) $(AV_H_FILES): $(AV_H_DEPEND) $(CONFIG_SHELL) policy/mkaccess_vector.sh $(AWK) $(AV_H_DEPEND) -obj-$(CONFIG_XSM_POLICY) += policy.o +obj-$(CONFIG_XSM_FLASK_POLICY) += policy.o FLASK_BUILD_DIR := $(CURDIR) POLICY_SRC := $(FLASK_BUILD_DIR)/xenpolicy-$(XEN_FULLVERSION) diff --git a/xen/xsm/flask/gen-policy.py b/xen/xsm/flask/gen-policy.py index 5168d6ed1d..c7501e4614 100644 --- a/xen/xsm/flask/gen-policy.py +++ b/xen/xsm/flask/gen-policy.py @@ -8,7 +8,7 @@ sys.stdout.write(""" #include <xen/init.h> #include <xsm/xsm.h> -const unsigned char xsm_init_policy[] __initconst = { +const unsigned char xsm_flask_init_policy[] __initconst = { """) for char in sys.stdin.read(): @@ -19,5 +19,5 @@ for char in sys.stdin.read(): sys.stdout.write(""" }; -const unsigned int __initconst xsm_init_policy_size = %d; +const unsigned int __initconst xsm_flask_init_policy_size = %d; """ % policy_size) diff --git a/xen/xsm/xsm_core.c b/xen/xsm/xsm_core.c index 949dfcff75..9645e244c3 100644 --- a/xen/xsm/xsm_core.c +++ b/xen/xsm/xsm_core.c @@ -42,11 +42,11 @@ static inline int verify(struct xsm_operations *ops) static int __init xsm_core_init(const void *policy_buffer, size_t policy_size) { -#ifdef CONFIG_XSM_POLICY +#ifdef CONFIG_XSM_FLASK_POLICY if ( policy_size == 0 ) { - policy_buffer = xsm_init_policy; - policy_size = xsm_init_policy_size; + policy_buffer = xsm_flask_init_policy; + policy_size = xsm_flask_init_policy_size; } #endif -- generated by git-patchbot for /home/xen/git/xen.git#master _______________________________________________ Xen-changelog mailing list Xen-changelog@xxxxxxxxxxxxxxxxxxxx https://lists.xenproject.org/xen-changelog
|
Lists.xenproject.org is hosted with RackSpace, monitoring our |