[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH] xsm/flask: Handle policy load failures properly



On Fri, 2015-02-27 at 14:03 +0000, Julien Grall wrote:
> Hi Daniel,
> 
> On 24/02/15 15:53, Daniel De Graaf wrote:
> > This seems a reasonable solution if we don't want to change how the boot
> > parameters are set up.
> > 
> > Another alternative would be to change flask_enforcing/flask_enabled to
> > a single "flask=" parameter with options:
> >  disabled - revert to dummy (no XSM) policy, same as flask_enabled=0
> >  develop/permissive - a missing or broken policy does not panic
> >  enforce/enforcing/force - require policy to be loaded at boot time
> >  late/load - bootloader policy is not used; later loadpolicy is enforcing
> > 
> > The default would be "permissive" as in the existing hypervisor.  This
> > would be more flexible, but I'm not sure it is worth breaking existing
> > command lines and changing documentation to implement.
> 
> This look a good solution, having flask_enforcing without flask_enable
> doesn't make much sense.
> 
> Although I don't know what is the policy about xen parameters. Maybe Ian
> or Jan have an idea about it.

I don't think we generally shy away from making such changes where we
have a good reason.

It might be nice to keep the old options as aliases for the equivalent
new behaviour, I don't know if that should be mandatory thoguh.

Ian.


_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel


 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.