[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[xen staging-4.18] SUPPORT.md: split XSM from Flask



commit 37fcb4c206a47e6923f49207dabcde9829d1eb2e
Author:     Jan Beulich <jbeulich@xxxxxxxx>
AuthorDate: Tue Sep 24 14:58:45 2024 +0200
Commit:     Jan Beulich <jbeulich@xxxxxxxx>
CommitDate: Tue Sep 24 14:58:45 2024 +0200

    SUPPORT.md: split XSM from Flask
    
    XSM is a generic framework, which in particular is also used by SILO.
    With this it can't really be experimental: Arm mandates SILO for having
    a security supported configuration.
    
    Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx>
    Reviewed-by: Roger Pau Monné <roger.pau@xxxxxxxxxx>
    Reviewed-by: Daniel P. Smith <dpsmith@xxxxxxxxxxxxxxxxxxxx>
    master commit: d7c18b8720824d7efc39ffa7296751e1812865a9
    master date: 2024-09-04 16:05:03 +0200
---
 SUPPORT.md | 19 +++++++++++++++++--
 1 file changed, 17 insertions(+), 2 deletions(-)

diff --git a/SUPPORT.md b/SUPPORT.md
index b4715a65b5..24157088d2 100644
--- a/SUPPORT.md
+++ b/SUPPORT.md
@@ -731,13 +731,21 @@ Compile time disabled for ARM by default.
 
     Status, x86: Supported, not security supported
 
-### XSM & FLASK
+### XSM (Xen Security Module) Framework
+
+XSM is a security policy framework.  The dummy implementation is covered by 
this
+statement, and implements a policy whereby dom0 is all powerful.  See below for
+alternative modules (FLASK, SILO).
+
+    Status: Supported
+
+### FLASK XSM Module
 
     Status: Experimental
 
 Compile time disabled by default.
 
-Also note that using XSM
+Also note that using FLASK
 to delegate various domain control hypercalls
 to particular other domains, rather than only permitting use by dom0,
 is also specifically excluded from security support for many hypercalls.
@@ -750,6 +758,13 @@ Please see XSA-77 for more details.
 The default policy includes FLASK labels and roles for a "typical" Xen-based 
system
 with dom0, driver domains, stub domains, domUs, and so on.
 
+### SILO XSM Module
+
+SILO extends the dummy policy by enforcing that DomU-s can only communicate
+with Dom0, yet not with each other.
+
+    Status: Supported
+
 ## Virtual Hardware, Hypervisor
 
 ### x86/Nested PV
--
generated by git-patchbot for /home/xen/git/xen.git#staging-4.18



 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.