[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [XSM:ACM] When cw is used, dom0 reboots.

Hi, Stefan.

I am trying XSM/ACM on CS 15880.
It is big information that XSM/ACM works fine on CS15661.
Thank you.

Then, is my setting only bad?
Please teach your setting.
(Config.mk, xm-config.xml,xend-config.sxp,guest.conf,.....etc)


The setting to use XSM/ACM is as follows.

1:Config.mk(Setting when installing xen)
81 # Enable XSM security module.  Enabling XSM requires selection of an
82 # XSM security module (FLASK_ENABLE or ACM_SECURITY).
83 XSM_ENABLE ?= y   <---- I wrote like this.
                ~~~~
84 FLASK_ENABLE ?= n
85 ACM_SECURITY ?= y <---- I wrote like this.
                 ~~~~
86
87  # Optional components
88  XENSTAT_XENTOP     ?= y
89  VTPM_TOOLS         ?= n
90  LIBXENAPI_BINDINGS ?= n
91  XENFB_TOOLS        ?= n
92  PYTHON_TOOLS       ?= y

2:xend-config-xenapi.sxp
54  # Default:
55  #   (xen-api-server ((unix)))
56  (xen-api-server ((9363 none))) <---- I wrote like this.

3:xm-config.xml
43    <server type='Xen-API'
44            uri='http://localhost:9363/'
45            username='me'
46            password='mypassword' />
47
48
49
50  </xm>


Syunsuke HAYASHI.



Hello!
Which changeset of Xen are you trying this on? I just tried this on a version before XSM was added and it worked fine (CS 15661). 

   Stefan



xen-devel-bounces@xxxxxxxxxxxxxxxxxxx wrote on 09/24/2007 11:02:11 PM:

 > Hi ,
 >
 > When cw is used, dom0 reboots.
 > Though I set quest memory size.
 >
 > I want to study into the cause.
 > Please teach how to examine it.
 >
 >
 >
 >
 > #xm create vm1.conf <--  OK
 > #xm create vm4.conf <--  NO
 > ................... <--  system boot
 >
 > #last
 > root     pts/1          myPC     Tue Sep 25 11:25 - crash (09:01)
 > reboot   system boot  2.6.18-xen Tue Sep 25 20:06         (-8:-16)
 >          ~~~~~~~~~~~
 >
 >
 > ---------------about my setting--------------------
 > Xen-api is effective.
 >
 >
 > #cat vm1.conf
 > kernel = "/boot/vmlinuz-2.6.18-xen"
 > ramdisk = "/boot/initrd-2.6.18-xenU.img"
 > memory = "128"
 >           ~~~~
 > name = "vm1"
 > disk = [ 'file:/xen/vm1.img,sda1,w' ]
 > vif = [ '' ]
 > root = "/dev/sda1 ro"
 > on_xend_stop = "suspend"
 > extra = "3 xencons=tty"
 > access_control = ['policy=example.client_v1,label=dom_HomeBanking']
 >
 > #cat vm4.conf
 > kernel = "/boot/vmlinuz-2.6.18-xen"
 > ramdisk = "/boot/initrd-2.6.18-xenU.img"
 > memory = "128"
 >          ~~~~~
 > name = "vm4"
 > disk = [ 'file:/xen/vm4.img,sda1,w']
 > vif = [ '' ]
 > root = "/dev/sda1 ro"
 > on_xend_stop = "suspend"
 > extra = "3"
 > access_control = ['policy=example.client_v1,label=dom_Fun']
 >
 >
 > #xm dumppolicy
 > Policy dump:
 > ============
 > POLICY REFERENCE = example.client_v1.
 > PolicyVer = 0.
 > XML Vers. = 1.0
 > Magic     = 1debc.
 > Len       = 198.
 > Primary   = CHINESE WALL (c=1, off=40).
 > Secondary = SIMPLE TYPE ENFORCEMENT (c=2, off=b8).
 >
 >
 > Chinese Wall policy:
 > ====================
 > Policy version= 0.
 > Max Types     = 4.
 > Max Ssidrefs  = 7.
 > Max ConfSets  = 1.
 > Ssidrefs Off  = 24.
 > Conflicts Off = 5c.
 > Runing T. Off = 64.
 > C. Agg. Off   = 6c.
 >
 > SSID To CHWALL-Type matrix:
 >
 >    ssidref 0:  00 00 00 00
 >    ssidref 1:  00 00 00 01  <-- Domain-0
 >    ssidref 2:  00 01 00 00
 >    ssidref 3:  01 00 00 00
 >    ssidref 4:  00 00 01 00
 >    ssidref 5:  00 00 00 01
 >    ssidref 6:  00 00 00 01
 >
 > Confict Sets:
 >
 >    c-set 0:    01 00 01 00
 >
 > Running
 > Types:         00 00 00 01
 >
 > Conflict
 > Aggregate Set: 00 00 00 00
 >
 >
 > Simple Type Enforcement policy:
 > ===============================
 > Policy version= 0.
 > Max Types     = 6.
 > Max Ssidrefs  = 11.
 > Ssidrefs Off  = 14.
 >
 > SSID To STE-Type matrix:
 >
 >    ssidref 0: 00 00 00 00 00 00
 >    ssidref 1: 01 01 01 01 01 01  <-- Domain-0
 >    ssidref 2: 01 00 00 00 00 00
 >    ssidref 3: 00 01 00 00 00 00
 >    ssidref 4: 00 00 00 00 01 00
 >    ssidref 5: 01 01 01 00 01 00
 >    ssidref 6: 00 01 00 01 01 00
 >    ssidref 7: 00 00 01 00 00 00
 >    ssidref 8: 00 00 00 00 00 01
 >    ssidref 9: 00 00 00 01 00 00
 >    ssidref a: 00 00 00 00 01 00
 >    ssidref b: 00 01 00 00 00 00
 >    ssidref c: 00 00 00 00 01 00
 >    ssidref d: 00 00 00 00 01 00
 >    ssidref e: 00 01 00 00 00 00
 >    ssidref f: 00 00 00 00 00 01
 >    ssidref10: 00 00 00 00 01 00
 >
 > Thanks,
 >
 > Syunsuke Hayashi.
 >
 >
 > _______________________________________________
 > Xen-devel mailing list
 > Xen-devel@xxxxxxxxxxxxxxxxxxx
 > http://lists.xensource.com/xen-devel


------------------------------------------------------------------------

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel



_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.