Xen devel - May 2007 - [Xense-devel][PATCH][0/4] Xen Security Modules

The following four e-mails in this series contain a series of patches to
xen-unstable and provide the Xen Security Modules Framework (XSM) and
associated security modules.

These patches have been updated to the tip and to account for
discussions at the Xen summit and on the mailing list about these same
patches.  Updates include:

XSM
    - adaptation to new create secure interface for domain_create
    - cleanup of xsm enable/disable framework through xsm_call macro 
    - ifdef architecture/config specific hooks

FLASK
    - reintroduction of rcu locking support in security cache
    - track xsm changes

TOOLS
    - track changes introduced by Xen-API (no Xen-API support, yet)

ACM
    - track xsm changes

The patches apply cleanly to xen-unstable changeset 15011:e370c94bd6fd
in the following order:

    [1] xsm-050707-xen-15011.diff
    [2] flask-xsm-050707-xen-15011.diff
    [3] tools-xsm-050707-xen-15011.diff
    [4] acm-xsm-050707-xen-15011.diff

Signed-off-by: George Coker <gscoker@alpha.ncsc.mil>


_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xensource.com
http://lists.xensource.com/xen-devel

The following four e-mails in this series contain a series of patches to
xen-unstable and provide the Xen Security Modules Framework (XSM) and
associated security modules.

These patches have been updated to the tip and to account for
discussions at the Xen summit and on the mailing list about these same
patches.  Updates include:

XSM
    - coding style cleanups
    - adjustment of interface for xsm_update_va_mapping
      (enables direct use of xen macros for pte/pfn/mfn translations)
    - implement event channel security_alloc/dealloc to operate on a
      single event channel
    - remove patch cruft

FLASK
    - coding style cleanups
    - track xsm changes
    - remove patch cruft

TOOLS
    - coding style cleanups
    - new xsm module management for python tool chain:
        - a module is not required to implement a "core" set of funcs
        - modules may transparently implement additional funcs
        - load time registration and validation of xsm funcs
        - stub methods are substituted for unimplemented xsm funcs
    - remove patch cruft

ACM
    - coding style cleanups (xsm module bits only)
    - track xsm changes
    - remove patch cruft

The patches apply cleanly to xen-unstable changeset 15200:bd3d6b4c52ec
in the following order:

    [1] xsm-060407-xen-15200.diff
    [2] flask-xsm-060407-xen-15200.diff
    [3] tools-xsm-060407-xen-15200.diff
    [4] acm-xsm-060407-xen-15200.diff

Signed-off-by: George Coker <gscoker@alpha.ncsc.mil>


_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xensource.com
http://lists.xensource.com/xen-devel