|
|
|
|
|
|
|
|
|
|
xen-devel
[Xen-devel] [Xense-devel][RFC][PATCH][1/4] Xen Security Modules: XSM
The attached patch implements the Xen Security Modules (XSM) framework.
This patch should apply cleanly to changeset 9694:d82a4c4d04d4 Xen
3.0.2-3.
The framework is configured as default-enable in this patch set.
Configuration of XSM is made in Config.mk. The only configuration
option is XSM_ENABLE = y/n. XSM_ENABLE must be y to compile an XSM
module.
XSM provides a generalized hook infrastructure allowing third-party
security modules to interpose on the Xen code path. A default or dummy
module provides basic call/return functionality for hooks not
implemented by a given module. During module initialization, a module
registers its security hooks and the equivalent dummy hooks are
unregistered. If a module does not implement a hook, the equivalent
dummy hook remains in place. Modules also may define and register at
boot time a module specific hypercall through the XSM hook
infrastructure.
Modules may also define at Xen compile time a magic number XSM_MAGIC to
indicate that a policy should be discovered from the images loaded at
boot. The policy file should then be listed in grub as one of the
multi-boot modules after the dom0 kernel.
xsm-xen-3.0.2-3.diff
Description: Text Data
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel
|
|
|
|
|