[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] xsm_op() polymorphism
On Dec 10, 2007 2:41 PM, John Levon <levon@xxxxxxxxxxxxxxxxx> wrote: > > If I'm reading the code right, then the xsm_op() hypercall is "untyped" > in the sense that you have to know why XSM is loaded before you can > interpret any of the contents (that is, the first argument points > directly to a flask op or acm op structure). This seems less than ideal > - can't we work out a way to make the struct self-identifying? > It depends on what you are concerned about. There are the magic numbers that are used right now to identify policy modules on boot but could become embedded as the first word of the xsm op structure. This would help the hypervisor be consistent with user-space - if that's what you are concerned about. It was not the intent to make the hypervisor runtime agile wrt a given security module except to not prevent a security module from runtime disablement - for obvious reasons more flexibility here is fraught with consistency problems. _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-devel
|
Lists.xenproject.org is hosted with RackSpace, monitoring our |