|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] how to label a pci device step by step?
On 07/09/2012 02:01 AM, Allan Chen wrote: > hi,all > i follow the instruction in file xsm-flask.txt(in xen-4.1.2/docs/misc) > to label a NIC, > if i uncomment policy in file xen.te > pirqcon 33 system_u:object_r:nicP_t > then: > make polily > > I got an error: pirqcon not supported for target > > where do i find a tutorial about labelling a NIC in XEN flask? > > thank you very mouch! > > In order to use pirqcon or other static device labeling directives in the security policy, you need to tell checkpolicy (the compiler) to enable Xen policy features by adding "-t Xen" in tools/flask/policy/Makefile. The docs file mentions this under "Device Policy"; you may also want to look at 4.2's docs as they better explain the origin of pcidevicecon. If you are planning to switch to Xen 4.2 in the future, you may want to look at the flask-label-pci tool which will handle dynamic addresses/IRQs. -- Daniel De Graaf National Security Agency _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx http://lists.xen.org/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |