WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 		  
Home Products Support Community News
 
   
 

xen-devel

[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[Xen-devel] [PATCH] [Xen] [ACM] (revised) Updating a policy on a running

from [Stefan Berger] [Permanent Link][Original]
To: xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxx>
Subject: [Xen-devel] [PATCH] [Xen] [ACM] (revised) Updating a policy on a running system
From: Stefan Berger <stefanb@xxxxxxxxxx>
Date: Tue, 24 Apr 2007 23:53:37 -0400
Cc: Keir Fraser <keir@xxxxxxxxxxxxx>
Delivery-date: Tue, 24 Apr 2007 20:11:52 -0700
Envelope-to: www-data@xxxxxxxxxxxxxxxxxx
List-help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id: Xen developer discussion <xen-devel.lists.xensource.com>
List-post: <mailto:xen-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
Sender: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx 
This is a revised version of the previously posted patch that adds
functionality to allow a policy to be updated on a running system and
domains to be relabeled. The updating of a policy is happening in
several steps: relabeling the domains, testing whether the system would
be in a valid state after the relabeling (according to the policy),
committing the changes if state is determined to be valid.

I have followed Keir's suggestion of building a 2nd linked list parallel
to the domain list. That 2nd list holds security information related to
the running domains. Each entry is pointed to by its domain structure.
The list is protected by its own read/write-lock. I have moved nearly
all ACM-related code that was traversing the domain list previously to
traverse this list instead and not hold onto the domain list lock.

Signed-off-by: Stefan Berger <stefanb@xxxxxxxxxx>

Attachment: xen_acm_policy_update.diff
Description: Text Data

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
  • [Xen-devel] [PATCH] [Xen] [ACM] (revised) Updating a policy on a running system, Stefan Berger <=
Previous by Date:  [Xen-devel] xc_translate_foreign_address, Chris Morrow
Next by Date:  Re: [Xen-devel] looking for Xen Summit 2007 presentations, Mark Ryden
Previous by Thread:  [Xen-devel] xc_translate_foreign_address, Chris Morrow
Next by Thread:  [Xen-devel] c/s 14921, Jan Beulich
Indexes:  [Date] [Thread] [Top] [All Lists]
 
   

Copyright , Citrix Systems Inc. All rights reserved. Legal and Privacy