|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] [PATCH v2 00/17] XSM/FLASK updates for 4.8
On 20/06/16 15:04, Daniel De Graaf wrote:
> Changes from v1:
> - Change c->context and c->sid from arrays to fields when shrinking
> - Keep struct xen_flask_userlist in headers, but guard it with #ifs
> - Split off Kconfig changes into their own patches
> - Add patch 16 (AVC_STATS in Kconfig)
> - Prevent free() of static data in xsm_dt_init
>
> FLASK policy updates:
> [PATCH 01/17] flask/policy: split into modules
> [PATCH 02/17] flask/policy: split out rules for system_r
> [PATCH 03/17] flask/policy: move user definitions and constraints
> [PATCH 04/17] flask/policy: remove unused support for binary modules
> [PATCH 05/17] flask/policy: xenstore stubdom policy
> [PATCH 06/17] flask/policy: remove unused example
>
> Hypervisor updates to the FLASK security server:
> [PATCH 07/17] flask: unify {get,set}vcpucontext permissions
> [PATCH 08/17] flask: remove unused secondary context in ocontext
> [PATCH 09/17] flask: remove unused AVC callback functions
> [PATCH 10/17] flask: remove xen_flask_userlist operation
> [PATCH 11/17] flask: improve unknown permission handling
>
> Hypervisor updates to the XSM framework (and its config):
> [PATCH 12/17] xen/xsm: remove .xsm_initcall.init section
> [PATCH 13/17] xen: fix FLASK dependency in Kconfig
> [PATCH 14/17] xsm: annotate setup functions with __init
> [PATCH 15/17] xsm: clean up unregistration
> [PATCH 16/17] xen: Make FLASK_AVC_STATS kconfig option visible
> [PATCH 17/17] xsm: add a default policy to .init.data
I have committed the first two sections. Patch 12 requires an ARM ack,
and patch 13 has some outstanding discussion.
~Andrew
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |