[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-devel] [PATCH] ACM: adding get_ssid command and cleanup




This patch:

* adds a get_ssid ACM command that allows privileged domains to retrieve types for either a given ssid reference or a given domain id (of a running domain); this command can be used to extend access control into device domains, e.g., to control network traffic currently moving through Domain 0 uncontrolled by the ACM policy

* adds a script getlabel.sh that allows users inside Dom0 to retrieve the label for a given ssid reference or a given domain id (multiple labels might map onto a single ssid reference)

* cleans up label-related code in tools/security by merging common functions into labelfuncs.sh

* cleans up ACM code related to above changes (eventually approximating a common coding style)

Comments welcome.

Thanks
Reiner

Signed-off-by Reiner Sailer <sailer@xxxxxxxxxx>

Signed-off by Stefan Berger <stefanb@xxxxxxxxxx>



Attachment: get_ssid.diff
Description: Binary data

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel

 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.