Hi Daniel, > -----Original Message----- > Subject: [PATCH v9 3/3] xsm: refactor flask sid alloc and domain check > > The function flask_domain_alloc_security() is where a default sid should be > assigned to a domain under construction. For reasons unknown, the initial > domain would be assigned unlabeled_t and then fixed up under > flask_domain_create(). With the introduction of xenboot_t it is now possible > to distinguish when the hypervisor is in the boot state. > > This commit looks to correct this by using a check to see if the hypervisor is > under the xenboot_t context in flask_domain_alloc_security(). If it is, then > it > will inspect the domain's is_privileged field, and select the appropriate > default label, dom0_t or domU_t, for the domain. The logic for > flask_domain_create() was changed to allow the incoming sid to override the > default label. > > The base policy was adjusted to allow the idle domain under the xenboot_t > context to be able to construct domains of both types, dom0 and domU. > > Signed-off-by: Daniel P. Smith <dpsm...@apertussolutions.com>
Same as what Jan has said, I don't think I am qualified to properly review the series, but I did run a compile and runtime test on Arm64 platform with the xsm and flask enabled and it looks like everything is fine. Hence (also for the whole series): Tested-by: Henry Wang <henry.w...@arm.com> > --- > tools/flask/policy/modules/dom0.te | 3 +++ > tools/flask/policy/modules/domU.te | 3 +++ > xen/xsm/flask/hooks.c | 34 ++++++++++++++++++------------ > 3 files changed, 26 insertions(+), 14 deletions(-)
