[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH v4 02/11] xsm: remove the ability to disable flask
- To: "Daniel P. Smith" <dpsmith@xxxxxxxxxxxxxxxxxxxx>, <xen-devel@xxxxxxxxxxxxxxxxxxxx>
- From: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
- Date: Mon, 6 Sep 2021 18:56:00 +0100
- Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=citrix.com; dmarc=pass action=none header.from=citrix.com; dkim=pass header.d=citrix.com; arc=none
- Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=nUUgfuP/5TszjZLkwkCThXs/nKbossEJ3ZFdbxVQy/4=; b=MpLN5pe95YsLzzPIYsAX7svDgN/b3sg0GnV9xye/8v6D7M8RyunHwTSWxYFkWXCn+Fte0dlIyvMdswYArko722r2gDElDFf4WdbdP88sxDJ4DiSiGaYAay6PfYZ30VKbl9jRhaqR2TbY1UyR8XMeysVrzlWWTwi2fOhM08swALeb7IpzPyJEq+pPpsn8UMXGNJNgmb67z2ZEB/mVgzlc75pqwoZW/Ks/F5Oc5hKO51HnCq7GBIT0HhfqeTXavkvfXpEZKUffneQ4+ByOv09B2do+05qFB+hm9cgcyXD37i+mruoYAiALWzJE2K2vo/afjO+IE1gnAjfxeqrbZ2UnXA==
- Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=JB6JAMJ/Pj8vs7eF5ZcC9l8HXHzELkpIKv51WtTu3KsdoJpGSOP4M7Ay1b4euGIXes/QJFSItg9E4r8/wM9zCu3DS75EH8tEiOpFDOaUn6MsnYNf+g+yQZxeLrbBWynXOnRWngo0qj5zZl1Lhp4vMv0V9Ym5iEPUhGnlWlIUGUeJijRAG8uZgerxLlI5KyXO8cLB02hhPNkqyJYuyaRP30VTS5ZjpPIisZCa5UVXiuaMgr7hGj+sm6C5RjNNQzo5eIyA++cHaXg/jmRggeOsHXzjrkVR9YJUViyi0djsye2h3KQRpQVLExFI1mYBy5HfP7T5/bxwWG8RKor85GpO3A==
- Authentication-results: esa6.hc3370-68.iphmx.com; dkim=pass (signature verified) header.i=@citrix.onmicrosoft.com
- Cc: George Dunlap <george.dunlap@xxxxxxxxxx>, Ian Jackson <iwj@xxxxxxxxxxxxxx>, Jan Beulich <jbeulich@xxxxxxxx>, Julien Grall <julien@xxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, Daniel De Graaf <dgdegra@xxxxxxxxxxxxx>
- Delivery-date: Mon, 06 Sep 2021 17:56:18 +0000
- Ironport-hdrordr: A9a23:+OsgBaHFsgLfSlk/pLqFf5HXdLJyesId70hD6qkvc3Nom52j+/ xGws536faVslcssHFJo6HlBEDyewKiyXcT2/hsAV7CZniahILMFu9fBOTZskXd8kHFh4hgPO JbAtJD4b7LfChHZKTBkXCF+r8bqbHtmsDY5pas854ud3AMV0gJ1XYJNu/xKDwVeOApP+tdKH PR3Ls9m9L2Ek5nEPhTS0N1E9TrlpnurtbLcBQGDxko5E2nii6p0qfzF1y90g0FWz1C7L8++S yd+jaJqJmLgrWe8FvxxmXT55NZlJ/IzcZCPtWFjowwJi/3ggilSYx9U/mpvSwzosuo9FE2+e O87CsIDoBW0Tf8b2u1qRzi103J1ysv0WbrzRuijX7qsaXCNXkHIvsEobgcXgrS6kImst05+r lMxXilu51eCg6FtDjh5vDTPisa1XackD4Hq6o+nnZfWYwRZPt6tooE5n5YF58GAWbT9J0nKu 9zF8vRjcwmMW9yV0qp+1WH/ebcGkjaRny9Mw8/U42uonlrdUlCvgklLJd1pAZHyHo/I6M0r9 gsfJ4YzY2n46ctHNVA7dw6ML6K41r2MFvx2VKpUCba/Z48SgbwQr7Mkf8IDbKRCdE1JKVbou W2bLofjx9rR37T
- Ironport-sdr: VTba+8dEPt6A6J6iaSKByEmEkw0aMFkoYtidQv1hRx0YxY5+EnAN7UpcUB5kDVL2JHjW2+26lO XpO/mMUdodxRiegRNk0BDKY0GGZ/Rw6Y+FSuWwSYxAODA8ZGYcraUOiUjW/qkyeqiBLSlnkLlu xO5m7LWenx1qQQX/KWO9CDAV/D8OUFUqzsGavDv8zjCl+FSxj8jVGjxhk3DlFz+OzNJP+33JHK mnAEUzQjty6ag8jF4nhFQPEYNGwR75bVVh5XProTc5HcYuJHrJtl1UK9EJp+oqavx4C3xescs6 ivsGM41ChjMZAGDb4BJj09g9
- List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
On 03/09/2021 20:06, Daniel P. Smith wrote:
> On Linux when SELinux is put into permissive mode the descretionary access
> controls are still in place. Whereas for Xen when the enforcing state of flask
> is set to permissive, all operations for all domains would succeed, i.e. it
> does not fall back to the default access controls. To provide a means to mimic
> a similar but not equivalent behavior, a flask op is present to allow a
> one-time switch back to the default access controls, aka the "dummy policy".
>
> While this may be desirable for an OS, Xen is a hypervisor and should not
> allow
> the switching of which security policy framework is being enforced after boot.
> This patch removes the flask op to enforce the desired XSM usage model
> requiring a reboot of Xen to change the XSM policy module in use.
>
> Signed-off-by: Daniel P. Smith <dpsmith@xxxxxxxxxxxxxxxxxxxx>
Acked-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
|
