aboutsummaryrefslogtreecommitdiffstats
path: root/tools/flask/policy/policy/modules/xen/xen.if
diff options
context:
space:
mode:
Diffstat (limited to 'tools/flask/policy/policy/modules/xen/xen.if')
-rw-r--r--tools/flask/policy/policy/modules/xen/xen.if7
1 files changed, 7 insertions, 0 deletions
diff --git a/tools/flask/policy/policy/modules/xen/xen.if b/tools/flask/policy/policy/modules/xen/xen.if
index cd240d8f7d..3065718927 100644
--- a/tools/flask/policy/policy/modules/xen/xen.if
+++ b/tools/flask/policy/policy/modules/xen/xen.if
@@ -29,6 +29,13 @@ define(`create_domain', `
allow $1 $2_$1_channel:event create;
')
+# manage_domain(priv, target)
+# Allow managing a running domain
+define(`manage_domain', `
+ allow $1 $2:domain { getdomaininfo getvcpuinfo getvcpuaffinity
+ getaddrsize pause unpause trigger shutdown destroy
+ setvcpuaffinity setdomainmaxmem };
+')
################################################################################
#
# Inter-domain communication
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-02 14:07:19 +0000