| |
|
 |
|
 |
|
|
|
| |
|
|
xen-devel
[Xen-devel] [Patch] Dynamic update to device ocontexts
Added the ability to add and delete ocontexts dynamically on a running
system. Two new commands have been added to the xsm hypercall, add and
delete ocontext. Twelve new library functions have been implemented
that use the hypercall commands to label and unlabel pirqs, PCI devices,
I/O ports and memory. The base policy has been updated so dom0 has the
ability to use the hypercall commands by default. Items added to the
list will not be present next time the system reloads. They will need
to be added to the static policy.
Signed-off-by : George Coker <gscoker@xxxxxxxxxxxxxx>
Signed-off-by : Paul Nuzzi <pjnuzzi@xxxxxxxxxxxxxx>
---
tools/flask/libflask/flask_op.c | 233
+++++++++++++++++++++
tools/flask/libflask/include/flask.h | 19 +
tools/flask/policy/policy/flask/access_vectors | 2
tools/flask/policy/policy/modules/xen/xen.te | 2
xen/include/public/xsm/flask_op.h | 4
xen/xsm/flask/flask_op.c | 103 +++++++++
xen/xsm/flask/include/av_perm_to_string.h | 2
xen/xsm/flask/include/av_permissions.h | 2
xen/xsm/flask/include/security.h | 4
xen/xsm/flask/ss/services.c | 274
+++++++++++++++++++++++++
10 files changed, 642 insertions(+), 3 deletions(-)
dynamic_ocontexts.patch
Description: Text Data
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel
|
| <Prev in Thread] |
Current Thread |
[Next in Thread>
|
- [Xen-devel] [Patch] Dynamic update to device ocontexts,
Paul Nuzzi <=
|
|
|
| |
|
Home