thr3ads.net - Xen users - Having some doubt in XSM policies. [Jul 2014]

If this information is useful, please help other people find it:
Share via:
cool dharma06
2014-Jul-07 11:48 UTC
Having some doubt in XSM policies.

hi,

i am using xen-4.4 with XSM policies enabled.

i loaded the default policy of XEN to create VM. And it is in Enforcing
mode.

I created VM (HVM) with isolated_domU_t and i am facing the following
errors.


*While creation:*
*xl create  /home/Documents/boss64_xen4.3.cfg*
Parsing config from /home/Documents/boss64_xen4.3.cfg
WARNING: ignoring "kernel" directive for HVM guest. Use
"firmware_override"
instead if you really want a non-default firmware
WARNING: ignoring device_model directive.
WARNING: Use "device_model_override" instead if you really want a
non-default device_model
libxl: error: libxl_device.c:934:device_backend_callback: unable to add
device with path /local/domain/0/backend/vif/18/0
libxl: error: libxl_create.c:1226:domcreate_attach_vtpms: unable to add nic
devices
libxl: error: libxl_device.c:934:device_backend_callback: unable to remove
device with path /local/domain/0/backend/vif/18/0
libxl: error: libxl.c:1457:devices_destroy_cb: libxl__devices_destroy
failed for 18


*xl dmesg - log:*
(XEN) avc:  denied  { settime } for domid=0 target=4
scontext=system_u:system_r:dom0_t tcontext=customer_1:vm_r:isolated_domU_t
tclass=domain
(XEN) avc:  denied  { cacheflush } for domid=0 target=4
scontext=system_u:system_r:dom0_t tcontext=customer_1:vm_r:isolated_domU_t
tclass=domain2
(XEN) avc:  denied  { cacheflush } for domid=0 target=4
scontext=system_u:system_r:dom0_t tcontext=customer_1:vm_r:isolated_domU_t
tclass=domain2
(XEN) avc:  denied  { cacheflush } for domid=0 target=4
scontext=system_u:system_r:dom0_t tcontext=customer_1:vm_r:isolated_domU_t
tclass=domain2
(XEN) avc:  denied  { cacheflush } for domid=0 target=4
scontext=system_u:system_r:dom0_t tcontext=customer_1:vm_r:isolated_domU_t
tclass=domain2
(XEN) avc:  denied  { cacheflush } for domid=0 target=4
scontext=system_u:system_r:dom0_t tcontext=customer_1:vm_r:isolated_domU_t
tclass=domain2
(XEN) avc:  denied  { cacheflush } for domid=0 target=4
scontext=system_u:system_r:dom0_t tcontext=customer_1:vm_r:isolated_domU_t
tclass=domain2
(XEN) avc:  denied  { cacheflush } for domid=0 target=4
scontext=system_u:system_r:dom0_t tcontext=customer_1:vm_r:isolated_domU_t
tclass=domain2
(XEN) avc:  denied  { cacheflush } for domid=0 target=4
scontext=system_u:system_r:dom0_t tcontext=customer_1:vm_r:isolated_domU_t
tclass=domain2
(XEN) avc:  denied  { stat } for domid=0 target=4
scontext=system_u:system_r:dom0_t tcontext=customer_1:vm_r:isolated_domU_t
tclass=mmu
(XEN) avc:  denied  { cacheflush } for domid=0 target=4
scontext=system_u:system_r:dom0_t tcontext=customer_1:vm_r:isolated_domU_t
tclass=domain2


2. How to unload the xen policy which is loaded in XEN. Because i am
restarting my whole machine to unload the XSM policy. Is any other ways to
unload the XSM policy.?


kindly suggest some solution for the above things.


Thanks & Regards,
cooldharma06..:)


_______________________________________________
Xen-users mailing list
Xen-users@lists.xen.org
http://lists.xen.org/xen-users
Xen users - Jul 2014 - Having some doubt in XSM policies.

Having some doubt in XSM policies.
