[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [Xen-devel] [PATCH v2 0/3] Xen/FLASK policy updates for device contexts
In order to support assigning security lables to ARM device tree nodes in Xen's XSM policy, a new ocontext type is needed in the security policy. In addition to adding the new ocontext, the existing I/O memory range ocontext is expanded to 64 bits in order to support hardware with more than 44 bits of physical address space (32-bit count of 4K pages). Changes from v1: - Use policy version 30 instead of forking the version numbers for Xen; this removes the need for v1's patch 3. - Report an error when attempting to use an I/O memory range that requires a 64-bit representation with an old policy output version that cannot support this - Fix a few incorrect references to PCIDEVICECON - Reorder patches to clarify the allowed characterset of device tree paths [PATCH 1/3] checkpolicy: Expand allowed character set in paths [PATCH 2/3] libsepol, checkpolicy: widen Xen IOMEM ocontext entries [PATCH 3/3] libsepol, checkpolicy: add device tree ocontext nodes to _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx http://lists.xen.org/xen-devel
|
Lists.xenproject.org is hosted with RackSpace, monitoring our |