diff options
| author | Daniel De Graaf <dgdegra@tycho.nsa.gov> | 2012-02-09 18:25:49 +0000 |
|---|---|---|
| committer | Daniel De Graaf <dgdegra@tycho.nsa.gov> | 2012-02-09 18:25:49 +0000 |
| commit | da41740d00b89d4141398600869e4a656da2501b (patch) | |
| tree | b5c847d0a7292af42b3e87f58e43eefc2bce0ae0 /tools/flask | |
| parent | 0e19f276cf127ec118ef122d4934c845c5fc99a7 (diff) | |
| download | xen-da41740d00b89d4141398600869e4a656da2501b.tar.gz xen-da41740d00b89d4141398600869e4a656da2501b.tar.bz2 xen-da41740d00b89d4141398600869e4a656da2501b.zip | |
flask/policy: add device model types to example policy
This adds an example user for device_model_stubdomain_seclabel.
Signed-off-by: Daniel De Graaf <dgdegra@tycho.nsa.gov>
Committed-by: Ian Jackson <ian.jackson@eu.citrix.com>
Diffstat (limited to 'tools/flask')
| -rw-r--r-- | tools/flask/policy/policy/modules/xen/xen.if | 11 | ||||
| -rw-r--r-- | tools/flask/policy/policy/modules/xen/xen.te | 13 |
2 files changed, 23 insertions, 1 deletions
diff --git a/tools/flask/policy/policy/modules/xen/xen.if b/tools/flask/policy/policy/modules/xen/xen.if index dde7f90e44..87ef1654f5 100644 --- a/tools/flask/policy/policy/modules/xen/xen.if +++ b/tools/flask/policy/policy/modules/xen/xen.if @@ -25,7 +25,7 @@ define(`create_domain', ` allow $1 $2:shadow enable; allow $1 $2:mmu {map_read map_write adjust memorymap physmap pinpage}; allow $1 $2:grant setup; - allow $1 $2:hvm { cacheattr getparam hvmctl irqlevel pciroute setparam }; + allow $1 $2:hvm { cacheattr getparam hvmctl irqlevel pciroute setparam pcilevel trackdirtyvram }; allow $1 $2_$1_channel:event create; ') @@ -36,6 +36,7 @@ define(`manage_domain', ` getaddrsize pause unpause trigger shutdown destroy setvcpuaffinity setdomainmaxmem }; ') + ################################################################################ # # Inter-domain communication @@ -75,6 +76,14 @@ define(`domain_self_comms', ` allow $1 $1:grant { map_read map_write copy unmap }; ') +# device_model(dm_dom, hvm_dom) +# Define how a device model domain interacts with its target +define(`device_model', ` + domain_comms($1, $2) + allow $1 $2:domain { set_target shutdown }; + allow $1 $2:mmu { map_read map_write adjust physmap }; + allow $1 $2:hvm { getparam setparam trackdirtyvram hvmctl irqlevel pciroute }; +') ################################################################################ # # Device types and delegation (PCI passthrough) diff --git a/tools/flask/policy/policy/modules/xen/xen.te b/tools/flask/policy/policy/modules/xen/xen.te index f7343a2dd6..29885c4a38 100644 --- a/tools/flask/policy/policy/modules/xen/xen.te +++ b/tools/flask/policy/policy/modules/xen/xen.te @@ -100,6 +100,19 @@ if (!prot_doms_locked) { domain_comms(dom0_t, prot_domU_t) domain_comms(domU_t, prot_domU_t) +# domHVM_t is meant to be paired with a qemu-dm stub domain of type dm_dom_t +declare_domain(domHVM_t) +create_domain(dom0_t, domHVM_t) +manage_domain(dom0_t, domHVM_t) +domain_comms(dom0_t, domHVM_t) +domain_self_comms(domHVM_t) + +declare_domain(dm_dom_t) +create_domain(dom0_t, dm_dom_t) +manage_domain(dom0_t, dm_dom_t) +domain_comms(dom0_t, dm_dom_t) +device_model(dm_dom_t, domHVM_t) + ############################################################################### # # Device delegation |