 Home |
Products |
Support |
Community |
News |
xen-devel
Re: [Xen-devel][XSM][Patch] Minor XSM tools patch to dummy module - impl
| To: | "George S. Coker, II" <gscoker@xxxxxxxxxxxxxx> |
|---|---|
| Subject: | Re: [Xen-devel][XSM][Patch] Minor XSM tools patch to dummy module - implement missing stub |
| From: | Stefan Berger <stefanb@xxxxxxxxxx> |
| Date: | Mon, 6 Oct 2008 12:21:01 -0400 |
| Cc: | xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxx> |
| Delivery-date: | Mon, 06 Oct 2008 09:21:45 -0700 |
| Envelope-to: | www-data@xxxxxxxxxxxxxxxxxxx |
| In-reply-to: | <C4F04DFC.1FB40%gscoker@xxxxxxxxxxxxxx> |
| List-help: | <mailto:xen-devel-request@lists.xensource.com?subject=help> |
| List-id: | Xen developer discussion <xen-devel.lists.xensource.com> |
| List-post: | <mailto:xen-devel@lists.xensource.com> |
| List-subscribe: | <http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe> |
| List-unsubscribe: | <http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe> |
| References: | <C4F04DFC.1FB40%gscoker@xxxxxxxxxxxxxx> |
| Sender: | xen-devel-bounces@xxxxxxxxxxxxxxxxxxx |
|
George, is XSM/Flask known to work with a domU with an attached VIF? I find that this patch here seems necessary, but want to confirm... diff -r 782599274bf9 tools/python/xen/util/xsm/flask/flask.py --- a/tools/python/xen/util/xsm/flask/flask.py Tue Sep 30 10:14:54 2008 +0100 +++ b/tools/python/xen/util/xsm/flask/flask.py Mon Oct 06 12:10:31 2008 -0400 @@ -35,7 +35,10 @@ return ssidref def set_security_label(policy, label): - return label + if label: + return label + else: + return "" def ssidref2security_label(ssidref): label = ssidref2label(ssidref) Is the default policy you have provided allowing a DomU in the cases with a VIF or without a VIF to start? Also, is the following line from the VM configuration file correct to start a VM while the default policy is enforced? access_control=['policy=,label=system_u:object_r:domU_t'] Thanks. Stefan xen-devel-bounces@xxxxxxxxxxxxxxxxxxx wrote on 09/12/2008 04:48:58 PM: > "George S. Coker, II" <gscoker@xxxxxxxxxxxxxx> > Sent by: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx > > 09/12/2008 04:48 PM > > To > > xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxx> > > cc > > Subject > > [Xen-devel][XSM][Patch] Minor XSM tools patch to dummy module - > implement missing stub > > > - This minor patch implements the missing stub function > security_label_to_details in the dummy module. This stub function is > necessary to create domains with network interfaces for modules that do not > implement the security_label_to_details function. > > Signed-off-by: George Coker <gscoker@xxxxxxxxxxxxxx> > > [attachment "xsm-tools-dummy-update-091208.diff" deleted by Stefan > Berger/Watson/IBM] _______________________________________________ > Xen-devel mailing list > Xen-devel@xxxxxxxxxxxxxxxxxxx > http://lists.xensource.com/xen-devel _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-devel |
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| ||
| Previous by Date: | [Xen-devel] [PATCH] qemu-xen: Fix open_disk for blktap disks, Kevin Wolf |
|---|---|
| Next by Date: | [Xen-devel] live migration can fail due to XENMEM_maximum_gpfn, John Levon |
| Previous by Thread: | [Xen-devel] [PATCH] qemu-xen: Fix open_disk for blktap disks, Kevin Wolf |
| Next by Thread: | Re: [Xen-devel][XSM][Patch] Minor XSM tools patch to dummy module - implement missing stub, George S. Coker, II |
| Indexes: | [Date] [Thread] [Top] [All Lists] |
