|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [Xen-devel] [SPAM] [PATCH] tools/flask/policy: Updates to policy and policy build infrastructure
The original xen policy infrastructure was based off of an early version of refpolicy. Because of this there was a lot of cruft that does not apply to building a policy for xen. This patch does several things. First it cleans up the makefile as to remove many unnecessary build targets. Second it fixes an issue that the policy build process wasn't handling interface files properly. Third it pulls in the MLS suppport functions from current ref policy and makes use of them. Finally it updates the xen policy with new rules to address changes in xen since the policy was last worked on, and provides several new abstractions for creating domains. tools/flask/policy/Makefile | 245 ++++++++-------- tools/flask/policy/Rules.modular | 166 ----------- tools/flask/policy/Rules.monolithic | 196 ------------- tools/flask/policy/policy/mcs | 324 --------------------- tools/flask/policy/policy/mls | 325 +--------------------- tools/flask/policy/policy/modules.conf | 12 tools/flask/policy/policy/modules/xen/xen.if | 61 ++++ tools/flask/policy/policy/modules/xen/xen.te | 76 +---- tools/flask/policy/policy/support/misc_macros.spt | 42 ++ tools/flask/policy/policy/support/mls_macros.spt | 55 +++ tools/flask/policy/policy/systemuser | 19 - tools/flask/policy/policy/users | 36 -- Signed-off-by: David P. Quigley <dpquigl@xxxxxxxxxxxxx> Attachment:
xen-policy.diff _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |