This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
Home Products Support Community News


[Xen-changelog] [xen-unstable] Add 2 more permissions to the XSM/Flask d

To: xen-changelog@xxxxxxxxxxxxxxxxxxx
Subject: [Xen-changelog] [xen-unstable] Add 2 more permissions to the XSM/Flask default policy.
From: Xen patchbot-unstable <patchbot-unstable@xxxxxxxxxxxxxxxxxxx>
Date: Wed, 05 Nov 2008 07:00:16 -0800
Delivery-date: Wed, 05 Nov 2008 07:00:20 -0800
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
List-help: <mailto:xen-changelog-request@lists.xensource.com?subject=help>
List-id: BK change log <xen-changelog.lists.xensource.com>
List-post: <mailto:xen-changelog@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-changelog>, <mailto:xen-changelog-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-changelog>, <mailto:xen-changelog-request@lists.xensource.com?subject=unsubscribe>
Reply-to: xen-devel@xxxxxxxxxxxxxxxxxxx
Sender: xen-changelog-bounces@xxxxxxxxxxxxxxxxxxx
# HG changeset patch
# User Keir Fraser <keir.fraser@xxxxxxxxxx>
# Date 1225103379 0
# Node ID b99ab7f88a8205f4ecfc6c1c002d6256e1115c17
# Parent  3ff349c7aeb77a0a66a53dd409751e3574a4742b
Add 2 more permissions to the XSM/Flask default policy.

Signed-off-by: Stefan Berger <stefanb@xxxxxxxxxx>
 tools/flask/policy/policy/modules/xen/xen.te |    3 ++-
 1 files changed, 2 insertions(+), 1 deletion(-)

diff -r 3ff349c7aeb7 -r b99ab7f88a82 
--- a/tools/flask/policy/policy/modules/xen/xen.te      Mon Oct 27 10:08:48 
2008 +0000
+++ b/tools/flask/policy/policy/modules/xen/xen.te      Mon Oct 27 10:29:39 
2008 +0000
@@ -74,7 +74,7 @@ allow dom0_t pirq_t:event {vector};
 allow dom0_t pirq_t:event {vector};
 allow dom0_t xen_t:mmu {memorymap};
-allow dom0_t dom0_t:mmu {pinpage map_read map_write adjust};
+allow dom0_t dom0_t:mmu {pinpage map_read map_write adjust updatemp};
 allow dom0_t dom0_t:grant {query setup};
 allow dom0_t dom0_t:domain {scheduler getdomaininfo getvcpuinfo 
@@ -112,6 +112,7 @@ allow domU_t evchnU-0_t:event {send};
 allow dom0_t dom0_t:event {send};
 allow dom0_t domU_t:grant {copy};
+allow domU_t domU_t:grant {copy};
 manage_domain(dom0_t, domU_t)

Xen-changelog mailing list

<Prev in Thread] Current Thread [Next in Thread>
  • [Xen-changelog] [xen-unstable] Add 2 more permissions to the XSM/Flask default policy., Xen patchbot-unstable <=