|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [Xen-changelog] [xen staging] xen/xsm: Rename CONFIG_XSM_POLICY to CONFIG_XSM_FLASK_POLICY
commit 4991a46130dca276757d88e77ce7aec7e3e017e5
Author: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
AuthorDate: Tue Jun 26 10:59:10 2018 +0100
Commit: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
CommitDate: Tue Aug 28 14:17:11 2018 +0100
xen/xsm: Rename CONFIG_XSM_POLICY to CONFIG_XSM_FLASK_POLICY
The embedded policy is specifically a flask policy, so update the
infrastructure to reflect this.
Signed-off-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
Reviewed-by: Doug Goldstein <cardoe@xxxxxxxxxx>
Acked-by: Daniel De Graaf <dgdegra@xxxxxxxxxxxxx>
---
xen/common/Kconfig | 6 +++---
xen/include/xsm/xsm.h | 6 +++---
xen/xsm/flask/Makefile | 2 +-
xen/xsm/flask/gen-policy.py | 4 ++--
xen/xsm/xsm_core.c | 6 +++---
5 files changed, 12 insertions(+), 12 deletions(-)
diff --git a/xen/common/Kconfig b/xen/common/Kconfig
index 3a7c752e93..1a6d6281c1 100644
--- a/xen/common/Kconfig
+++ b/xen/common/Kconfig
@@ -138,10 +138,10 @@ config XSM_FLASK_AVC_STATS
If unsure, say Y.
-config XSM_POLICY
- bool "Compile Xen with a built-in security policy"
+config XSM_FLASK_POLICY
+ bool "Compile Xen with a built-in FLASK security policy"
default y if HAS_CHECKPOLICY = "y"
- depends on XSM
+ depends on XSM_FLASK
---help---
This includes a default XSM policy in the hypervisor so that the
bootloader does not need to load a policy to get sane behavior from an
diff --git a/xen/include/xsm/xsm.h b/xen/include/xsm/xsm.h
index b692aece71..3d67962493 100644
--- a/xen/include/xsm/xsm.h
+++ b/xen/include/xsm/xsm.h
@@ -728,9 +728,9 @@ static inline void flask_init(const void *policy_buffer,
size_t policy_size)
}
#endif
-#ifdef CONFIG_XSM_POLICY
-extern const unsigned char xsm_init_policy[];
-extern const unsigned int xsm_init_policy_size;
+#ifdef CONFIG_XSM_FLASK_POLICY
+extern const unsigned char xsm_flask_init_policy[];
+extern const unsigned int xsm_flask_init_policy_size;
#endif
#else /* CONFIG_XSM */
diff --git a/xen/xsm/flask/Makefile b/xen/xsm/flask/Makefile
index e22ed7c03f..f5ffab1226 100644
--- a/xen/xsm/flask/Makefile
+++ b/xen/xsm/flask/Makefile
@@ -27,7 +27,7 @@ $(FLASK_H_FILES): $(FLASK_H_DEPEND)
$(AV_H_FILES): $(AV_H_DEPEND)
$(CONFIG_SHELL) policy/mkaccess_vector.sh $(AWK) $(AV_H_DEPEND)
-obj-$(CONFIG_XSM_POLICY) += policy.o
+obj-$(CONFIG_XSM_FLASK_POLICY) += policy.o
FLASK_BUILD_DIR := $(CURDIR)
POLICY_SRC := $(FLASK_BUILD_DIR)/xenpolicy-$(XEN_FULLVERSION)
diff --git a/xen/xsm/flask/gen-policy.py b/xen/xsm/flask/gen-policy.py
index 5168d6ed1d..c7501e4614 100644
--- a/xen/xsm/flask/gen-policy.py
+++ b/xen/xsm/flask/gen-policy.py
@@ -8,7 +8,7 @@ sys.stdout.write("""
#include <xen/init.h>
#include <xsm/xsm.h>
-const unsigned char xsm_init_policy[] __initconst = {
+const unsigned char xsm_flask_init_policy[] __initconst = {
""")
for char in sys.stdin.read():
@@ -19,5 +19,5 @@ for char in sys.stdin.read():
sys.stdout.write("""
};
-const unsigned int __initconst xsm_init_policy_size = %d;
+const unsigned int __initconst xsm_flask_init_policy_size = %d;
""" % policy_size)
diff --git a/xen/xsm/xsm_core.c b/xen/xsm/xsm_core.c
index 949dfcff75..9645e244c3 100644
--- a/xen/xsm/xsm_core.c
+++ b/xen/xsm/xsm_core.c
@@ -42,11 +42,11 @@ static inline int verify(struct xsm_operations *ops)
static int __init xsm_core_init(const void *policy_buffer, size_t policy_size)
{
-#ifdef CONFIG_XSM_POLICY
+#ifdef CONFIG_XSM_FLASK_POLICY
if ( policy_size == 0 )
{
- policy_buffer = xsm_init_policy;
- policy_size = xsm_init_policy_size;
+ policy_buffer = xsm_flask_init_policy;
+ policy_size = xsm_flask_init_policy_size;
}
#endif
--
generated by git-patchbot for /home/xen/git/xen.git#staging
_______________________________________________
Xen-changelog mailing list
Xen-changelog@xxxxxxxxxxxxxxxxxxxx
https://lists.xenproject.org/xen-changelog
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |