Re: [Xen-devel] unable to create domain after enabling XSM

Thanks very much, it turns out to be the problem of modules.conf. I turn the xen module off for mistake, I'm very sorry for the time you spend. ___ Xen-devel mailing list Xen-devel@lists.xen.org http://lists.xen.org/xen-devel

Re: [Xen-devel] unable to create domain after enabling XSM

On Tue, May 17, 2016 at 04:58:03PM +0800, Big Strong wrote: > I should add the xsm=policy option to the end of the xen.cfg instead of as > an option. Sorry for the fault. > > However, another problem is that when I modified the policy and reload it > using '*xl loadpolicy*', the policy seemed not

Re: [Xen-devel] unable to create domain after enabling XSM

I should add the xsm=policy option to the end of the xen.cfg instead of as an option. Sorry for the fault. However, another problem is that when I modified the policy and reload it using '*xl loadpolicy*', the policy seemed not working. The policy I add is *'allow domU_t security_t:security

Re: [Xen-devel] unable to create domain after enabling XSM

>>> On 16.05.16 at 17:00, wrote: > Actually I did that, but the policy is not loaded at all. 'xl list -Z' show > no lable on guests. It seems like that the option 'xsm=xen-policy-4.6.0' is > ingnored during booting. (the policy file is moved to the same directory as >

Re: [Xen-devel] unable to create domain after enabling XSM

Actually I did that, but the policy is not loaded at all. 'xl list -Z' show no lable on guests. It seems like that the option 'xsm=xen-policy-4.6.0' is ingnored during booting. (the policy file is moved to the same directory as xen.cfg) 2016-05-16 21:43 GMT+08:00 Konrad Rzeszutek Wilk

Re: [Xen-devel] unable to create domain after enabling XSM

On Mon, May 16, 2016 at 10:43:49AM +0100, Andrew Cooper wrote: > On 16/05/16 09:54, Big Strong wrote: > > Problem solved by booting xen with grub instead of efi. The deep > > reason is unknown. > > Ah - that is very useful to know, and now obvious. EFI has no concept > of modules, which probably

Re: [Xen-devel] unable to create domain after enabling XSM

On 16/05/16 09:54, Big Strong wrote: > Problem solved by booting xen with grub instead of efi. The deep > reason is unknown. Ah - that is very useful to know, and now obvious. EFI has no concept of modules, which probably means the XSM policy doesn't get loaded. FWIW, there is a plan to change

Re: [Xen-devel] unable to create domain after enabling XSM

Problem solved by booting xen with grub instead of efi. The deep reason is unknown. 2016-05-16 11:08 GMT+08:00 Big Strong : > As you suggested, I used xen 4.7.0-rc2 to test it again and the problem > still exists. > > $ sudo xl create xen-config/win7 >> Parsing config from

Re: [Xen-devel] unable to create domain after enabling XSM

As you suggested, I used xen 4.7.0-rc2 to test it again and the problem still exists. $ sudo xl create xen-config/win7 > Parsing config from xen-config/win7 > libxl: error: libxl_device.c:1033:device_backend_callback: unable to add > device with path /local/domain/0/backend/vbd/1/51712 > libxl:

Re: [Xen-devel] unable to create domain after enabling XSM

On 15/05/16 15:25, Big Strong wrote: > Hi, > > I've configured xen 4.6.0 with xsm enabled and use the default flask > policy to boot the dom0. For issues like this, please always use the latest stable branch, in this case making that Xen 4.6.1+. It is entirely possible that bugfixes have been

[Xen-devel] unable to create domain after enabling XSM

Hi, I've configured xen 4.6.0 with xsm enabled and use the default flask policy to boot the dom0. However, when I tried to create a domU, it will fail for following reasons: > > (XEN) avc: denied { send } for domid=0 scontext=system_u:system_r:dom0_t > tcontext=system_u:system_r:dom0_t