|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [Xen-devel] Re: [PATCH] [ACM/Xen] Fix policy buffer layout changed with XSM
"George S. Coker, II" <gscoker@xxxxxxxxxxxxxx> wrote on 09/04/2007 02:44:51 PM: > On Tue, 2007-09-04 at 14:37 -0400, Stefan Berger wrote: > > > > "George S. Coker, II" <gscoker@xxxxxxxxxxxxxx> wrote on 09/04/2007 > > 02:29:10 PM: > > > > > On Tue, 2007-09-04 at 10:57 -0400, Stefan Berger wrote: > > > > This fixes a regression due to changes in the policy buffer layout > > > > submitted by the XSM module. > > > > > > > > > > Hi Stefan, > > > > > > This was done to make the ACM magic number the first word in the > > policy > > > file. This seemed to be the logical choice to afford ACM the > > greatest > > > flexibility for loading policies under XSM. In principal, under > > XSM, a > > > security module could be capable of loading and parsing policies > > over a > > > range of policy versions. > > > > Did you adapt the tools to generate a binary policy in that form? > > Yes, I did, so actually there would be more changes required should we > go forward. I apologize for the confusion. > > > > > > > > > Your patch reverts the ACM module to the original form where the > > first > > > word of the policy file is the policy version - which could change > > over > > > time. This is the general problem of magic numbers. > > > > Yes, I changed it back because it was broken, at least it did not > > accept the policy I tried to load. > > > If you recompile your policy everything *should* work fine. If not, let > me know and I'll make it right. > The problem is just that nothing triggers previously compiled policies to be recompiled and now those policies don't work anymore. Stefan _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |