WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 		  
Home Products Support Community News
 
   
 

xen-devel

[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Xen-devel] [XSM:ACM] When cw is used, dom0 reboots.

from [Syunsuke HAYASHI] [Permanent Link][Original]
To: xen-devel@xxxxxxxxxxxxxxxxxxx
Subject: Re: [Xen-devel] [XSM:ACM] When cw is used, dom0 reboots.
From: Syunsuke HAYASHI <syunsuke@xxxxxxxxxxxxxx>
Date: Wed, 26 Sep 2007 11:12:41 +0900
Delivery-date: Tue, 25 Sep 2007 19:13:37 -0700
Envelope-to: www-data@xxxxxxxxxxxxxxxxxx
In-reply-to: <OF7F486963.45914431-ON85257362.00001746-85257362.00003F8D@xxxxxxxxxx>
List-help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id: Xen developer discussion <xen-devel.lists.xensource.com>
List-post: <mailto:xen-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
References: <OF7F486963.45914431-ON85257362.00001746-85257362.00003F8D@xxxxxxxxxx>
Sender: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx
User-agent: Thunderbird 2.0.0.5 (Windows/20070716) 
Hi, Stefan.

I am trying XSM/ACM on CS 15880.
It is big information that XSM/ACM works fine on CS15661.
Thank you.

Then, is my setting only bad?
Please teach your setting.
(Config.mk, xm-config.xml,xend-config.sxp,guest.conf,.....etc)


The setting to use XSM/ACM is as follows.

1:Config.mk(Setting when installing xen)
81 # Enable XSM security module.  Enabling XSM requires selection of an
82 # XSM security module (FLASK_ENABLE or ACM_SECURITY).
83 XSM_ENABLE ?= y   <---- I wrote like this.
                ~~~~
84 FLASK_ENABLE ?= n
85 ACM_SECURITY ?= y <---- I wrote like this.
                 ~~~~
86
87  # Optional components
88  XENSTAT_XENTOP     ?= y
89  VTPM_TOOLS         ?= n
90  LIBXENAPI_BINDINGS ?= n
91  XENFB_TOOLS        ?= n
92  PYTHON_TOOLS       ?= y

2:xend-config-xenapi.sxp
54  # Default:
55  #   (xen-api-server ((unix)))
56  (xen-api-server ((9363 none))) <---- I wrote like this.

3:xm-config.xml
43    <server type='Xen-API'
44            uri='http://localhost:9363/'
45            username='me'
46            password='mypassword' />
47
48
49
50  </xm>


Syunsuke HAYASHI.



Hello!
Which changeset of Xen are you trying this on? I just tried this on a version before XSM was added and it worked fine (CS 15661). 

   Stefan



xen-devel-bounces@xxxxxxxxxxxxxxxxxxx wrote on 09/24/2007 11:02:11 PM:

 > Hi ,
 >
 > When cw is used, dom0 reboots.
 > Though I set quest memory size.
 >
 > I want to study into the cause.
 > Please teach how to examine it.
 >
 >
 >
 >
 > #xm create vm1.conf <--  OK
 > #xm create vm4.conf <--  NO
 > ................... <--  system boot
 >
 > #last
 > root     pts/1          myPC     Tue Sep 25 11:25 - crash (09:01)
 > reboot   system boot  2.6.18-xen Tue Sep 25 20:06         (-8:-16)
 >          ~~~~~~~~~~~
 >
 >
 > ---------------about my setting--------------------
 > Xen-api is effective.
 >
 >
 > #cat vm1.conf
 > kernel = "/boot/vmlinuz-2.6.18-xen"
 > ramdisk = "/boot/initrd-2.6.18-xenU.img"
 > memory = "128"
 >           ~~~~
 > name = "vm1"
 > disk = [ 'file:/xen/vm1.img,sda1,w' ]
 > vif = [ '' ]
 > root = "/dev/sda1 ro"
 > on_xend_stop = "suspend"
 > extra = "3 xencons=tty"
 > access_control = ['policy=example.client_v1,label=dom_HomeBanking']
 >
 > #cat vm4.conf
 > kernel = "/boot/vmlinuz-2.6.18-xen"
 > ramdisk = "/boot/initrd-2.6.18-xenU.img"
 > memory = "128"
 >          ~~~~~
 > name = "vm4"
 > disk = [ 'file:/xen/vm4.img,sda1,w']
 > vif = [ '' ]
 > root = "/dev/sda1 ro"
 > on_xend_stop = "suspend"
 > extra = "3"
 > access_control = ['policy=example.client_v1,label=dom_Fun']
 >
 >
 > #xm dumppolicy
 > Policy dump:
 > ============
 > POLICY REFERENCE = example.client_v1.
 > PolicyVer = 0.
 > XML Vers. = 1.0
 > Magic     = 1debc.
 > Len       = 198.
 > Primary   = CHINESE WALL (c=1, off=40).
 > Secondary = SIMPLE TYPE ENFORCEMENT (c=2, off=b8).
 >
 >
 > Chinese Wall policy:
 > ====================
 > Policy version= 0.
 > Max Types     = 4.
 > Max Ssidrefs  = 7.
 > Max ConfSets  = 1.
 > Ssidrefs Off  = 24.
 > Conflicts Off = 5c.
 > Runing T. Off = 64.
 > C. Agg. Off   = 6c.
 >
 > SSID To CHWALL-Type matrix:
 >
 >    ssidref 0:  00 00 00 00
 >    ssidref 1:  00 00 00 01  <-- Domain-0
 >    ssidref 2:  00 01 00 00
 >    ssidref 3:  01 00 00 00
 >    ssidref 4:  00 00 01 00
 >    ssidref 5:  00 00 00 01
 >    ssidref 6:  00 00 00 01
 >
 > Confict Sets:
 >
 >    c-set 0:    01 00 01 00
 >
 > Running
 > Types:         00 00 00 01
 >
 > Conflict
 > Aggregate Set: 00 00 00 00
 >
 >
 > Simple Type Enforcement policy:
 > ===============================
 > Policy version= 0.
 > Max Types     = 6.
 > Max Ssidrefs  = 11.
 > Ssidrefs Off  = 14.
 >
 > SSID To STE-Type matrix:
 >
 >    ssidref 0: 00 00 00 00 00 00
 >    ssidref 1: 01 01 01 01 01 01  <-- Domain-0
 >    ssidref 2: 01 00 00 00 00 00
 >    ssidref 3: 00 01 00 00 00 00
 >    ssidref 4: 00 00 00 00 01 00
 >    ssidref 5: 01 01 01 00 01 00
 >    ssidref 6: 00 01 00 01 01 00
 >    ssidref 7: 00 00 01 00 00 00
 >    ssidref 8: 00 00 00 00 00 01
 >    ssidref 9: 00 00 00 01 00 00
 >    ssidref a: 00 00 00 00 01 00
 >    ssidref b: 00 01 00 00 00 00
 >    ssidref c: 00 00 00 00 01 00
 >    ssidref d: 00 00 00 00 01 00
 >    ssidref e: 00 01 00 00 00 00
 >    ssidref f: 00 00 00 00 00 01
 >    ssidref10: 00 00 00 00 01 00
 >
 > Thanks,
 >
 > Syunsuke Hayashi.
 >
 >
 > _______________________________________________
 > Xen-devel mailing list
 > Xen-devel@xxxxxxxxxxxxxxxxxxx
 > http://lists.xensource.com/xen-devel


------------------------------------------------------------------------

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel



_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Xen-devel] [XSM:ACM] When cw is used, dom0 reboots., Stefan Berger
Next by Date:  Re: FW: [Xen-devel] Xen Kernel Debug Tools, Goswin von Brederlow
Previous by Thread:  Re: [Xen-devel] [XSM:ACM] When cw is used, dom0 reboots., Stefan Berger
Next by Thread:  Re: [Xen-devel] [XSM:ACM] When cw is used, dom0 reboots., George S. Coker, II
Indexes:  [Date] [Thread] [Top] [All Lists]
 
   

Copyright , Citrix Systems Inc. All rights reserved. Legal and Privacy