Xen project Mailing List

Re: [Xen-devel] [PATCH] flask: fix build after the introduction of DMOP

To: Wei Liu <wei.liu2@xxxxxxxxxx>, Xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>

From: Paul Durrant <Paul.Durrant@xxxxxxxxxx>

Date: Wed, 25 Jan 2017 10:44:57 +0000

Accept-language: en-GB, en-US

Cc: Ian Jackson <Ian.Jackson@xxxxxxxxxx>, Daniel De Graaf <dgdegra@xxxxxxxxxxxxx>, Wei Liu <wei.liu2@xxxxxxxxxx>

Delivery-date: Wed, 25 Jan 2017 10:45:15 +0000

List-id: Xen developer discussion <xen-devel.lists.xen.org>

Thread-index: AQHSdvfUW6kHgdCxQ0G2S3zDHus7dKFJAfNg

Thread-topic: [PATCH] flask: fix build after the introduction of DMOP

> -----Original Message----- > From: Wei Liu [mailto:wei.liu2@xxxxxxxxxx] > Sent: 25 January 2017 10:43 > To: Xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx> > Cc: Wei Liu <wei.liu2@xxxxxxxxxx>; Daniel De Graaf > <dgdegra@xxxxxxxxxxxxx>; Paul Durrant <Paul.Durrant@xxxxxxxxxx>; Ian > Jackson <Ian.Jackson@xxxxxxxxxx> > Subject: [PATCH] flask: fix build after the introduction of DMOP > > In 58cbc034 send_irq permission was removed but there was still > reference to it in policy file. Remove the stale reference. > > And now we also need dm permission. Add that. > > Signed-off-by: Wei Liu <wei.liu2@xxxxxxxxxx> > --- > Cc: Daniel De Graaf <dgdegra@xxxxxxxxxxxxx> > Cc: Paul Durrant <paul.durrant@xxxxxxxxxx> > Cc: Ian Jackson <ian.jackson@xxxxxxxxxxxxx> > > Staging is currently broken. Sorry about that. Reviewed-by: Paul Durrant <paul.durrant@xxxxxxxxxx> > --- > tools/flask/policy/modules/xen.if | 2 +- > xen/xsm/flask/policy/access_vectors | 2 ++ > 2 files changed, 3 insertions(+), 1 deletion(-) > > diff --git a/tools/flask/policy/modules/xen.if > b/tools/flask/policy/modules/xen.if > index 45e5cea04f..f5d254f053 100644 > --- a/tools/flask/policy/modules/xen.if > +++ b/tools/flask/policy/modules/xen.if > @@ -58,7 +58,7 @@ define(`create_domain_common', ` > allow $1 $2:mmu { map_read map_write adjust memorymap > physmap pinpage mmuext_op updatemp }; > allow $1 $2:grant setup; > allow $1 $2:hvm { cacheattr getparam hvmctl sethvmc > - setparam nested altp2mhvm altp2mhvm_op > send_irq }; > + setparam nested altp2mhvm altp2mhvm_op }; > ') > > # create_domain(priv, target) > diff --git a/xen/xsm/flask/policy/access_vectors > b/xen/xsm/flask/policy/access_vectors > index 36a7df9394..1f7eb35fc8 100644 > --- a/xen/xsm/flask/policy/access_vectors > +++ b/xen/xsm/flask/policy/access_vectors > @@ -284,6 +284,8 @@ class hvm > # HVMOP_altp2m_destroy_p2m HVMOP_altp2m_switch_p2m > # HVMOP_altp2m_set_mem_access HVMOP_altp2m_change_gfn > altp2mhvm_op > +# DMOP > + dm > } > > # Class event describes event channels. Interdomain event channels have > their > -- > 2.11.0 _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx https://lists.xen.org/xen-devel

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.