This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
Home Products Support Community News


[Xen-devel][Xense-devel][PATCH][XSM][3/4] Xen Security Modules Tools

To: xen-devel@xxxxxxxxxxxxxxxxxxx, xense-devel@xxxxxxxxxxxxxxxxxxx
Subject: [Xen-devel][Xense-devel][PATCH][XSM][3/4] Xen Security Modules Tools
From: "George S. Coker, II" <gscoker@xxxxxxxxxxxxxx>
Date: Thu, 08 Mar 2007 10:28:50 -0500
Delivery-date: Thu, 08 Mar 2007 07:30:00 -0800
Envelope-to: www-data@xxxxxxxxxxxxxxxxxx
List-help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id: Xen developer discussion <xen-devel.lists.xensource.com>
List-post: <mailto:xen-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
Sender: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx
This patch implements an XSM-like framework for the xen control plane
(xm and xend) and associated tools for the Flask module.  The patch also
refactors the ACM toolchain so that a common security API (based on the
existing ACM toolchain) is exported to xm and xend.

To create a domain with the Flask module, add the following (for
example) to a domain's configuration file:

access_control = ["policy=,label=system_u:object_r:domU_t"]

This will cause a domain to be created with the label
"system_u:object_r:domU_t".  Flask does not use the policy value in the
access_control structure.

Signed-off-by: George Coker <gscoker@xxxxxxxxxxxxxx>

Attachment: tools-xsm-030707-xen-14282.diff
Description: Text Data

Xen-devel mailing list
<Prev in Thread] Current Thread [Next in Thread>