Re: [Xen-devel] [PATCH v3 11/15] xsm, argo: XSM control for argo register

> From: Christopher Clark > Subject: [PATCH v3 11/15] xsm, argo: XSM control for argo register > > XSM controls for argo ring registration with two distinct cases, where > the ring being registered is: > > 1) Single source: registering a ring for communication to receive messages >

Re: [Xen-devel] [PATCH v3 14/15] xsm, argo: notify: don't describe rings that cannot be sent to

> From: Christopher Clark > Subject: [PATCH v3 14/15] xsm, argo: notify: don't describe rings that cannot > be sent to > > Signed-off-by: Christopher Clark I have not checked to see how commonly this function is called, but it looks like it may have the potential for producing excessive AVC

Re: [Xen-devel] [PATCH v3 12/15] xsm, argo: XSM control for argo message send operation

> From: Christopher Clark > Subject: [PATCH v3 12/15] xsm, argo: XSM control for argo message send > operation > > Default policy: allow. > > Signed-off-by: Christopher Clark Acked-by: Daniel De Graaf Comment to #11 applies here (adding an AVC vector, should also change default policy).

Re: [Xen-devel] [PATCH v3 13/15] xsm, argo: XSM control for any access to argo by a domain

> From: Christopher Clark > Subject: [PATCH v3 13/15] xsm, argo: XSM control for any access to argo by a > domain > > Will inhibit initialization of the domain's argo data structure to > prevent receiving any messages or notifications and access to any of > the argo hypercall operations. > >

Re: [Xen-devel] [PATCH v5 4/4] xen/xsm: Remove printing from set_to_dummy_if_null()

> From: Xin Li > > Filling dummy module's hook to null value of xsm_operations structure > will generate debug message. This becomes boot time spew for module > like silo, which only sets a few hooks of itself. So remove the printing > to avoid boot time spew. > > Signed-off-by: Xin Li

Re: [Xen-devel] [PATCH v3 5/5] x86/domctl: Implement XEN_DOMCTL_get_cpu_policy

> From: Sergey Dyasli > > This finally (after literally years of work!) marks the point where the > toolstack can ask the hypervisor for the current CPUID configuration of a > specific domain. > > Introduce a new flask access vector and update the default policies. > > Also extend xen-cpuid's

Re: [Xen-devel] [PATCH v3 4/5] x86/sysctl: Implement XEN_SYSCTL_get_cpu_policy

> From: Sergey Dyasli > > Provide a SYSCTL for the toolstack to obtain complete system CPUID and MSR > policy information. > > For the flask side of things, this subop is closely related to > {phys,cputopo,numa}info, so shares the physinfo access vector. Acked-by: Daniel De Graaf

Re: [Xen-devel] Ping: Re: Flask default policy mismatch vs dummy

> -Original Message- > From: Jan Beulich > Sent: Friday, October 26, 2018 7:16 AM > To: Daniel de Graaf > Cc: Andrew Cooper ; xen-de...@lists.xen.org > Subject: [Non-DoD Source] Ping: Re: Flask default policy mismatch vs dummy > > >>> On 11.10.18 at 13:40, wrote: > On 11.10.18 at

Re: [Xen-devel] [PATCH] flask: Add check for io{port, mem}con sorting

> From: Jan Beulich > >>> On 28.09.18 at 21:13, wrote: > > These entries are not always sorted by checkpolicy. Enforce the sorting > > (which can be done manually if using an unpatched checkpolicy) when > > loading the policy so that later uses by the security server do not > > incorrectly use

Re: [Xen-devel] [Non-DoD Source] [PATCH 2/2] xen/xsm: Add new SILO mode for XSM

> > When SILO is enabled, there would be no page-sharing or event notifications > between unprivileged VMs (no grant tables or event channels). > > Signed-off-by: Xin Li > Acked-by: Daniel De Graaf ___ Xen-devel mailing list

Re: [Xen-devel] [Non-DoD Source] [PATCH 1/2] xen/xsm: Introduce new boot parameter xsm

> > Introduce new boot parameter xsm to choose which xsm module is enabled, > and set default to dummy. > > Signed-off-by: Xin Li Acked-by: Daniel De Graaf It might be useful for the commit message to also reference the new Kconfig option; thanks for adding it.

Re: [Xen-devel] [Non-DoD Source] [PATCH] xsm: fix clang build

> -Original Message- > From: Roger Pau Monne > Sent: Wednesday, September 5, 2018 10:46 AM > To: xen-devel@lists.xenproject.org > Cc: Roger Pau Monne ; Daniel De Graaf > > Subject: [Non-DoD Source] [PATCH] xsm: fix clang build > > ebitmap.c:244:32: error: invalid conversion specifier

Re: [Xen-devel] [Non-DoD Source] [PATCH 4/5] xen/domain: Fold xsm_free_security_domain() paths together

> From: Andrew Cooper > Sent: Monday, September 3, 2018 10:47 AM > To: Xen-devel > Cc: Andrew Cooper ; Jan Beulich > ; Wei Liu ; Roger Pau > Monné ; Stefano Stabellini ; > Julien Grall ; Daniel De Graaf > > Subject: [Non-DoD Source] [PATCH 4/5] xen/domain: Fold > xsm_free_security_domain()

Re: [Xen-devel] [PATCH v1 6/6] xsm: add tee access policy support

> From: Volodymyr Babchuk > Sent: Wednesday, August 22, 2018 10:12 AM > > As we don't want any guest to access limited resources of TEE, we need a way > to control who can work with it. > > Thus, new access vector class "tee" is added with only ony operation "call" > so far. tee framework

Re: [Xen-devel] [PATCH RFC 01/15] xen: allow console_io hypercalls from DomUs on ARM

-Original Message- > On 13/06/18 23:15, Stefano Stabellini wrote: > > This is very useful when starting multiple domains from Xen without > > xenstore access. It will allow them to print out to the Xen console. > > > > Signed-off-by: Stefano Stabellini > > CC: andrew.coop...@citrix.com >