[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Network driver domain broken
- To: Jason Andryuk <jandryuk@xxxxxxxxx>
- From: Andrea Stevanato <andrea.stevanato@xxxxxxxxxxxxxxx>
- Date: Mon, 7 Mar 2022 17:10:24 +0100
- Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=santannapisa.it; dmarc=pass action=none header.from=santannapisa.it; dkim=pass header.d=santannapisa.it; arc=none
- Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=8m03gDCF/6FQNc1o72rGkzNTVqWIpKBWRPbyHs9zZPE=; b=U+1bsMlGwF9ndk0IkBf7vM+zZofwWfqDS1jEc4S2CKsYVIK45ub8qa55zxMr3hLr7GlrUj5dZOwblrpXmqK7GTyF2hPr0zOwxDezJQJe3hapfNoHtNB5a8S1JNBDyhkIA2RFU6QJ/2sNtevmPiLSxHVEk9qIiGeceT3PN2wIx00LDuO2EYUre5a12uKxqp74HSx25r8tjk5/ShNaIThkvj6N7I5C0gsRT7R9LZQA0rNFRIjDV5mBgduvYDX6ZWoQIojn7/Mb3vbjVEdMGd9Fcr9MT5rOnTP9HPsl+d+3Bp04Yb9Mk/3aCxVqva+QrzORx68D6H7FS0PqMyEdhMiffw==
- Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Zs8uw8kM5ORnHS49qUl3LAy4moHccT5yjIu6lOQozahGq/a8doZPgQFkjaD6qio3UwXBzgkEb5UGzcM9OQgKaJ4MTHXbtq6/ZIvMwAruiHeAe1+xJYkc8/LCgIpzT+cv4LvCcTVoIxs9rPEIwxC3pMw9FjKR09/5Llrv3AqGjT6o/TYX72Yc6vS8t3B9E8zQU+rAvEWrxGCCiicYbWLt8km51Yie9G7Cjj3bDHgYfOnnU238xc0tLyZsuH0HF11WoQ1QGkZIXNGzhxfuOq41V7UaGTTpXmT+FEb7HqyZMYwKDi6zD2vO1/QUn+TAK62kY6W8fDgjoc26N23C0hwfiw==
- Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=santannapisa.it;
- Cc: Andrew Cooper <Andrew.Cooper3@xxxxxxxxxx>, Jan Beulich <jbeulich@xxxxxxxx>, Roger Pau Monne <roger.pau@xxxxxxxxxx>, "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>, "wl@xxxxxxx" <wl@xxxxxxx>, Anthony Perard <anthony.perard@xxxxxxxxxx>
- Delivery-date: Mon, 07 Mar 2022 16:10:31 +0000
- List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
On 3/7/2022 5:07 PM, Jason Andryuk wrote:
> On Mon, Mar 7, 2022 at 10:00 AM Andrea Stevanato
> <andrea.stevanato@xxxxxxxxxxxxxxx> wrote:
>> (XEN) XSM Framework v1.0.0 initialized
>> (XEN) Initialising XSM SILO mode
>
> Yes, SILO mode is running.
>
>> # cat /boot/xen-4.14.3-pre.config | grep XSM
>> CONFIG_XSM=y
>> CONFIG_XSM_FLASK=y
>> CONFIG_XSM_FLASK_AVC_STATS=y
>> # CONFIG_XSM_FLASK_POLICY is not set
>> CONFIG_XSM_SILO=y
>> # CONFIG_XSM_DUMMY_DEFAULT is not set
>> # CONFIG_XSM_FLASK_DEFAULT is not set
>> CONFIG_XSM_SILO_DEFAULT=y
>>
>> This is the default configuration shipped with petalinux. From the
>> help menuconfig, it seems that this XSM SILO deny communication
>> between unprivileged VMs.
>
> You could try adding xsm=dummy to your hypervisor command line to turn
> off SILO and allow the guests to communicate.
I changed it to FLASK adding flask=late to hypervisor the command line.
Which one should I choose? SILO + xsm=dummy or FLASK + flask=late/disabled?
What are the differences?
Cheers,
Andrea
|
