Displaying 6 results from an estimated 6 matches for "domu_t".
Did you mean:
domu_i
2008 Sep 12
3
[XSM][Patch] Minor XSM tools patch to dummy module - implement missing stub
- This minor patch implements the missing stub function
security_label_to_details in the dummy module. This stub function is
necessary to create domains with network interfaces for modules that do not
implement the security_label_to_details function.
Signed-off-by: George Coker <gscoker@alpha.ncsc.mil>
_______________________________________________
Xen-devel mailing list
2006 Dec 20
0
[Xense-devel] [PATCH] [3/4] Flask XSM tools
...o refactors the ACM toolchain so that a common
security API (based on the existing ACM toolchain) is exported to xm and
xend.
To create a domain with the Flask module, add the following (for
example) to a domain''s configuration file
access_control = ["policy=,label=system_u:object_r:domU_t"]
This will cause a domain to be created with the label
"system_u:object_r:domU_t". Flask does not use the policy value in the
access_control structure.
Signed-off-by: George Coker <gscoker@alpha.ncsc.mil>
_______________________________________________
Xen-devel mailing l...
2013 Aug 06
1
LIbvirt seclabel.
hi all,
i am new to the libvirt. Via libvirt i am converting my xen.com.sfg.
In xen i added xsm label as, seclabel:system_u:domU_t.
but after creating vm using xen or by convertdom-to-xml also does not
contain any label or text with xen-4.2.1.
in the documentation also you mentioned selinux label (sVirt) only. Can u
clear me the following things:
1. How to use XSM label in libvirt.?
2. What are the procedures(syntax and tag...
2012 Jan 31
26
[PATCH 00/10] FLASK updates: MSI interrupts, cleanups
This patch set adds XSM security labels to useful debugging output
locations, and fixes some assumptions that all interrupts behaved like
GSI interrupts (which had useful non-dynamic IDs). It also cleans up the
policy build process and adds an example of how to use the user field in
the security context.
Debug output:
[PATCH 01/10] xsm: Add security labels to event-channel dump
[PATCH 02/10] xsm:
2011 Feb 07
0
[xen-unstable test] 5665: regressions - FAIL
...updating the corresponding
policy configuration or the other related table. The end result is
that we can get uninterpretable AVC messages like this:
# xl dmesg | grep avc
(XEN) avc: denied { 0x4000000 } for domid=0
scontext=system_u:system_r:dom0_t tcontext=system_u:system_r:domU_t
tclass=domain
Fix this by updating the flask config and regenerating the headers
from it. In the future, this can be further improved by integrating
the automatic generation of the headers into the build process as is
presently done in SELinux.
Signed-off-by: Step...
2012 Jan 25
26
[PATCH v4 00/23] Xenstore stub domain
...aring event channels
- dummy XSM module restricts getdomaininfo similar to no-XSM case
- formatting/type fixups
- partial ioctl compatibility with legacy IOCTL_XENBUS_ALLOC
To start xenstored, run:
tools/xenstore/init-xenstore-domain stubdom/mini-os-x86_64-xenstore/mini-os 20 system_u:system_r:domU_t
This will populate the xenstore domid key /tool/xenstore/domid
Other notes:
The console for xenstored is not currently set up by
init-xenstore-domain. If the hypervisor is compiled with VERBOSE or
debug=y, output from xenstored will be visible on the hypervisor serial
console (or ring buffer if...