 Home |
Products |
Support |
Community |
News |
xen-devel
[Xen-devel] Re: [PATCH] [Flask] Fix to default policy to get simple VM r
|
"George S. Coker, II" <gscoker@xxxxxxxxxxxxxx> wrote on 10/07/2008 03:57:54 PM: > Subject > > Re: [PATCH] [Flask] Fix to default policy to get simple VM running > > > Would you send me your config file for this guest? Here it is: kernel = "/boot/vmlinuz-2.6.18.8-xen" ramdisk = "/xen/initrd_domU/U1_ramdisk.img" memory = 256 name = "UserDomain0" root = "/dev/ram0 xencons=tty ro" vif = ['backend=0'] access_control = ['policy=,label=system_u:object_r:domU_t'] Stefan > > On 10/7/08 3:33 PM, "Stefan Berger" <stefanb@xxxxxxxxxx> wrote: > > "George S. Coker, II" <gscoker@xxxxxxxxxxxxxx> wrote on 10/07/2008 > 03:28:05 PM: > > > > I've been looking into this issue as a result of your earlier post and I > > have only been able to reproduce your error when manipulating the memory > > reservations for a domU. The sample flask policy is a basic policy that > > only supports pv guests, so its not surprising that you've uncovered a > > limitation of this policy. Nonetheless, your patch should go in. > > > > It's a little unclear how many guests you are running or what resources are > > committed against the domUs. How many domUs are you trying to supporting? > > Do you only get the error with more than a few domUs? > > Just starting a single domU required me to add this rule. 2 more > rules are needed to start a domU with networking enabled - see 2nd patch. > > Stefan > > > > > On 10/7/08 3:03 PM, "Stefan Berger" <stefanb@xxxxxxxxxx> wrote: > > > > > This fix gets to the default Flask/XSM policy gets a simple guest VM > > > (Ramdisk only, no VIF) running. > > > > > > Signed-off-by: Stefan Berger <stefanb@xxxxxxxxxx> > > > > > > > -- > > George S. Coker, II <gscoker@xxxxxxxxxxxxxx> > > > > > > -- > George S. Coker, II <gscoker@xxxxxxxxxxxxxx> _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-devel |
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| ||
| Previous by Date: | [Xen-devel] Re: [PATCH] [Flask] Fix to default policy to get simple VM running, George S. Coker, II |
|---|---|
| Next by Date: | Re: [Xen-devel] Mapping hvm guest pages in Dom0, Satya |
| Previous by Thread: | [Xen-devel] Re: [PATCH] [Flask] Fix to default policy to get simple VM running, George S. Coker, II |
| Next by Thread: | [Xen-devel] [PATCH] [Flask] Add 2 permissions to the default flask policy to get a VIF-enabled guest to work, Stefan Berger |
| Indexes: | [Date] [Thread] [Top] [All Lists] |
