[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-devel] [PATCH] flask: fix build after the introduction of DMOP

To: Xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>
From: Wei Liu <wei.liu2@xxxxxxxxxx>
Date: Wed, 25 Jan 2017 10:43:11 +0000
Cc: Ian Jackson <ian.jackson@xxxxxxxxxxxxx>, Daniel De Graaf <dgdegra@xxxxxxxxxxxxx>, Paul Durrant <paul.durrant@xxxxxxxxxx>, Wei Liu <wei.liu2@xxxxxxxxxx>
Delivery-date: Wed, 25 Jan 2017 10:43:16 +0000
List-id: Xen developer discussion <xen-devel.lists.xen.org>

In 58cbc034 send_irq permission was removed but there was still
reference to it in policy file. Remove the stale reference.

And now we also need dm permission. Add that.

Signed-off-by: Wei Liu <wei.liu2@xxxxxxxxxx>
---
Cc: Daniel De Graaf <dgdegra@xxxxxxxxxxxxx>
Cc: Paul Durrant <paul.durrant@xxxxxxxxxx>
Cc: Ian Jackson <ian.jackson@xxxxxxxxxxxxx>

Staging is currently broken.
---
 tools/flask/policy/modules/xen.if   | 2 +-
 xen/xsm/flask/policy/access_vectors | 2 ++
 2 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/tools/flask/policy/modules/xen.if 
b/tools/flask/policy/modules/xen.if
index 45e5cea04f..f5d254f053 100644
--- a/tools/flask/policy/modules/xen.if
+++ b/tools/flask/policy/modules/xen.if
@@ -58,7 +58,7 @@ define(`create_domain_common', `
        allow $1 $2:mmu { map_read map_write adjust memorymap physmap pinpage 
mmuext_op updatemp };
        allow $1 $2:grant setup;
        allow $1 $2:hvm { cacheattr getparam hvmctl sethvmc
-                       setparam nested altp2mhvm altp2mhvm_op send_irq };
+                       setparam nested altp2mhvm altp2mhvm_op };
 ')
 
 # create_domain(priv, target)
diff --git a/xen/xsm/flask/policy/access_vectors 
b/xen/xsm/flask/policy/access_vectors
index 36a7df9394..1f7eb35fc8 100644
--- a/xen/xsm/flask/policy/access_vectors
+++ b/xen/xsm/flask/policy/access_vectors
@@ -284,6 +284,8 @@ class hvm
 # HVMOP_altp2m_destroy_p2m HVMOP_altp2m_switch_p2m
 # HVMOP_altp2m_set_mem_access HVMOP_altp2m_change_gfn
     altp2mhvm_op
+# DMOP
+    dm
 }
 
 # Class event describes event channels.  Interdomain event channels have their
-- 
2.11.0


_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
https://lists.xen.org/xen-devel

Follow-Ups:
- Re: [Xen-devel] [PATCH] flask: fix build after the introduction of DMOP
  - From: Daniel De Graaf
- Re: [Xen-devel] [PATCH] flask: fix build after the introduction of DMOP
  - From: Wei Liu
- [Xen-devel] [PATCH] [incremental] xsm/build: Further build fixes following the DMop series
  - From: Andrew Cooper
- Re: [Xen-devel] [PATCH] flask: fix build after the introduction of DMOP
  - From: Paul Durrant

Prev by Date: [Xen-devel] [PATCH] docs/misc: update the meaning of the 'disk unplug' flag
Next by Date: Re: [Xen-devel] [PATCH] docs/misc: update the meaning of the 'disk unplug' flag
Previous by thread: [Xen-devel] [PATCH] docs/misc: update the meaning of the 'disk unplug' flag
Next by thread: Re: [Xen-devel] [PATCH] flask: fix build after the introduction of DMOP
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.