diff options
author | Daniel De Graaf <dgdegra@tycho.nsa.gov> | 2011-12-02 13:48:31 -0800 |
---|---|---|
committer | Daniel De Graaf <dgdegra@tycho.nsa.gov> | 2011-12-02 13:48:31 -0800 |
commit | 38804f14f8dfbe8f3eb6b57edc631ea04f4d0670 (patch) | |
tree | e5d04922d1d87bc09f43d37581628e9b0812632a /xen/xsm | |
parent | 9e3bff9fa50dc62da89576492e63083961862a63 (diff) | |
download | xen-38804f14f8dfbe8f3eb6b57edc631ea04f4d0670.tar.gz xen-38804f14f8dfbe8f3eb6b57edc631ea04f4d0670.tar.bz2 xen-38804f14f8dfbe8f3eb6b57edc631ea04f4d0670.zip |
xsm: clean up initial SIDs
The domU SID is never used before a policy load, and so does not
belong in the initial_sids list.
The PIRQ SID is now incorrectly named; it should simply be called IRQ.
Signed-off-by: Daniel De Graaf <dgdegra@tycho.nsa.gov>
Committed-by: Keir Fraser <keir@xen.org>
Diffstat (limited to 'xen/xsm')
-rw-r--r-- | xen/xsm/flask/include/flask.h | 19 | ||||
-rw-r--r-- | xen/xsm/flask/include/initial_sid_to_string.h | 3 | ||||
-rw-r--r-- | xen/xsm/flask/ss/services.c | 2 |
3 files changed, 11 insertions, 13 deletions
diff --git a/xen/xsm/flask/include/flask.h b/xen/xsm/flask/include/flask.h index 333edcde7e..6d29c5a0ef 100644 --- a/xen/xsm/flask/include/flask.h +++ b/xen/xsm/flask/include/flask.h @@ -20,16 +20,15 @@ */ #define SECINITSID_XEN 1 #define SECINITSID_DOM0 2 -#define SECINITSID_DOMU 3 -#define SECINITSID_DOMIO 4 -#define SECINITSID_DOMXEN 5 -#define SECINITSID_UNLABELED 6 -#define SECINITSID_SECURITY 7 -#define SECINITSID_IOPORT 8 -#define SECINITSID_IOMEM 9 -#define SECINITSID_PIRQ 10 -#define SECINITSID_DEVICE 11 +#define SECINITSID_DOMIO 3 +#define SECINITSID_DOMXEN 4 +#define SECINITSID_UNLABELED 5 +#define SECINITSID_SECURITY 6 +#define SECINITSID_IOPORT 7 +#define SECINITSID_IOMEM 8 +#define SECINITSID_IRQ 9 +#define SECINITSID_DEVICE 10 -#define SECINITSID_NUM 11 +#define SECINITSID_NUM 10 #endif diff --git a/xen/xsm/flask/include/initial_sid_to_string.h b/xen/xsm/flask/include/initial_sid_to_string.h index 3bf8ff2731..814f4bf057 100644 --- a/xen/xsm/flask/include/initial_sid_to_string.h +++ b/xen/xsm/flask/include/initial_sid_to_string.h @@ -4,14 +4,13 @@ static char *initial_sid_to_string[] = "null", "xen", "dom0", - "domU", "domio", "domxen", "unlabeled", "security", "ioport", "iomem", - "pirq", + "irq", "device", }; diff --git a/xen/xsm/flask/ss/services.c b/xen/xsm/flask/ss/services.c index 1eb8e4ce1e..c810e9b387 100644 --- a/xen/xsm/flask/ss/services.c +++ b/xen/xsm/flask/ss/services.c @@ -1546,7 +1546,7 @@ int security_irq_sid(int pirq, u32 *out_sid) } else { - *out_sid = SECINITSID_PIRQ; + *out_sid = SECINITSID_IRQ; } out: |