[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[PATCH v5 0/2] Adds starting the idle domain privileged

  • To: xen-devel@xxxxxxxxxxxxxxxxxxxx
  • From: "Daniel P. Smith" <dpsmith@xxxxxxxxxxxxxxxxxxxx>
  • Date: Mon, 2 May 2022 09:30:25 -0400
  • Arc-authentication-results: i=1; mx.zohomail.com; dkim=pass header.i=apertussolutions.com; spf=pass smtp.mailfrom=dpsmith@xxxxxxxxxxxxxxxxxxxx; dmarc=pass header.from=<dpsmith@xxxxxxxxxxxxxxxxxxxx>
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1651498243; h=Content-Transfer-Encoding:Cc:Date:From:MIME-Version:Message-ID:Subject:To; bh=2OapjgK/FWZM+gj7ggK7bPexCFnX17I6AnCRzh0bsHg=; b=YSJOqOGxr4w6fN0c2IysW/OTWCrUygc1pLyDaFZD7MvsNaJwWg7Myb9WZCiFyiJs0AeS7X2LKhhZgRB0pWgM2JVLXwYScgjisBdgRBwayfKgOWlXmf0FyA5LvTq1LOg6vtjUdOU1IFWh1unamxiWPY5NFgp8rbd+enivTkV9wDI=
  • Arc-seal: i=1; a=rsa-sha256; t=1651498243; cv=none; d=zohomail.com; s=zohoarc; b=A9SZyvTMQzXW6GpkH8UiD+8CzJ0tVf8HFnBxvpBVl8gicNA5L8L5/j4yL73sBDBhHspXBBJA18SoK+CUo0bjrYOLcOCqlIZBGtMHkj2FinnDOmo25HjRHk11F5WFFSVyWCuXSDmkUdVKvr+Ow/tfEJ7pwgPLfYc2KJ2F8dEWBDI=
  • Cc: "Daniel P. Smith" <dpsmith@xxxxxxxxxxxxxxxxxxxx>, scott.davis@xxxxxxxxxx, jandryuk@xxxxxxxxx, christopher.clark@xxxxxxxxxx
  • Delivery-date: Mon, 02 May 2022 13:30:50 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
This series makes it so that the idle domain is started privileged under the
default policy, which the SILO policy inherits, and under the flask policy. It
then introduces a new one-way XSM hook, xsm_transition_running, that is hooked
by an XSM policy to transition the idle domain to its running privilege level.

Changes in v5:
- dropped setting is_privileged in flask_set_system_active()
- added err code returned by xsm_set_system_active() to panic message

Changes in v4:
- reworded patch 1 commit messaged
- fixed whitespace to coding style
- fixed comment to coding style

Changes in v3:
- renamed *_transition_running() to *_set_system_active()
- changed the XSM hook set_system_active() from void to int return
- added ASSERT check for the expected privilege level each XSM policy expected
- replaced a check against is_privileged in each arch with checking the return
  value from the call to xsm_set_system_active()

Changes in v2:
- renamed flask_domain_runtime_security() to flask_transition_running()
- added the missed assignment of self_sid

Daniel P. Smith (2):
  xsm: create idle domain privileged and demote after setup
  flask: implement xsm_set_system_active

 tools/flask/policy/modules/xen.if      |  6 ++++++
 tools/flask/policy/modules/xen.te      |  1 +
 tools/flask/policy/policy/initial_sids |  1 +
 xen/arch/arm/setup.c                   |  4 ++++
 xen/arch/x86/setup.c                   |  5 +++++
 xen/common/sched/core.c                |  7 ++++++-
 xen/include/xsm/dummy.h                | 17 +++++++++++++++++
 xen/include/xsm/xsm.h                  |  6 ++++++
 xen/xsm/dummy.c                        |  1 +
 xen/xsm/flask/hooks.c                  | 22 +++++++++++++++++++++-
 xen/xsm/flask/policy/initial_sids      |  1 +
 11 files changed, 69 insertions(+), 2 deletions(-)

-- 
2.20.1

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.