[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-devel] [PATCH 1/6] Flask: Support for ARM xentrace



From: bensanda <ben.sanda@xxxxxxxxxxxxxxx>

Modified to provide support for xentrace on the ARM platform. Added flask 
credential to allow dom0 dom_xen mapping and write access for trace buffers.

Signed-off-by: Benjamin Sanda <ben.sanda@xxxxxxxxxxxxxxx>
---
 tools/flask/policy/policy/modules/xen/xen.te | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/tools/flask/policy/policy/modules/xen/xen.te 
b/tools/flask/policy/policy/modules/xen/xen.te
index d35ae22..41d276a 100644
--- a/tools/flask/policy/policy/modules/xen/xen.te
+++ b/tools/flask/policy/policy/modules/xen/xen.te
@@ -90,6 +90,8 @@ allow dom0_t dom0_t:domain2 {
 };
 allow dom0_t dom0_t:resource { add remove };
 
+allow dom0_t domxen_t:mmu { memorymap map_write };
+
 # These permissions allow using the FLASK security server to compute access
 # checks locally, which could be used by a domain or service (such as xenstore)
 # that does not have its own security server to make access decisions based on
-- 
2.7.2


_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel

 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.