[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH v2 00/17] XSM/FLASK updates for 4.8

On 21/06/16 16:24, Andrew Cooper wrote:
> On 20/06/16 15:04, Daniel De Graaf wrote:
>> Changes from v1:
>>  - Change c->context and c->sid from arrays to fields when shrinking
>>  - Keep struct xen_flask_userlist in headers, but guard it with #ifs
>>  - Split off Kconfig changes into their own patches
>>  - Add patch 16 (AVC_STATS in Kconfig)
>>  - Prevent free() of static data in xsm_dt_init
>>
>> FLASK policy updates:
>>  [PATCH 01/17] flask/policy: split into modules
>>  [PATCH 02/17] flask/policy: split out rules for system_r
>>  [PATCH 03/17] flask/policy: move user definitions and constraints
>>  [PATCH 04/17] flask/policy: remove unused support for binary modules
>>  [PATCH 05/17] flask/policy: xenstore stubdom policy
>>  [PATCH 06/17] flask/policy: remove unused example
>>
>> Hypervisor updates to the FLASK security server:
>>  [PATCH 07/17] flask: unify {get,set}vcpucontext permissions
>>  [PATCH 08/17] flask: remove unused secondary context in ocontext
>>  [PATCH 09/17] flask: remove unused AVC callback functions
>>  [PATCH 10/17] flask: remove xen_flask_userlist operation
>>  [PATCH 11/17] flask: improve unknown permission handling
>>
>> Hypervisor updates to the XSM framework (and its config):
>>  [PATCH 12/17] xen/xsm: remove .xsm_initcall.init section
>>  [PATCH 13/17] xen: fix FLASK dependency in Kconfig
>>  [PATCH 14/17] xsm: annotate setup functions with __init
>>  [PATCH 15/17] xsm: clean up unregistration
>>  [PATCH 16/17] xen: Make FLASK_AVC_STATS kconfig option visible
>>  [PATCH 17/17] xsm: add a default policy to .init.data
> I have committed the first two sections.  Patch 12 requires an ARM ack,
> and patch 13 has some outstanding discussion.

In the interest of getting this work more widely tested, I have pushed
the remaining patches, now that acks have appeared.

~Andrew

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.