[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] [PATCH 09/11] xen: Add DOMCTL to limit the number of event channels a domain may use
On 02/10/13 17:35, David Vrabel wrote: > > --- a/xen/xsm/flask/hooks.c > +++ b/xen/xsm/flask/hooks.c > @@ -727,6 +727,9 @@ static int flask_domctl(struct domain *d, int cmd) > case XEN_DOMCTL_audit_p2m: > return current_has_perm(d, SECCLASS_HVM, HVM__AUDIT_P2M); > > + case XEN_DOMCTL_set_max_evtchn: > + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__SET_MAX_EVTCHN);# Sorry, I forgot to try a build with XSM and FLASK enabled. This should have been SECCLASS_DOMAIN2 and DOMAIN2__SET_MAX_EVTCHN. > + > default: > printk("flask_domctl: Unknown op %d\n", cmd); > return -EPERM; > diff --git a/xen/xsm/flask/policy/access_vectors > b/xen/xsm/flask/policy/access_vectors > index 5dfe13b..1fbe241 100644 > --- a/xen/xsm/flask/policy/access_vectors > +++ b/xen/xsm/flask/policy/access_vectors > @@ -194,6 +194,8 @@ class domain2 > setscheduler > # XENMEM_claim_pages > setclaim > +# XEN_DOMCTL_set_max_evtchn > + set_max_evtchn > } > > # Similar to class domain, but primarily contains domctls related to HVM > domains David _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx http://lists.xen.org/xen-devel
|
Lists.xenproject.org is hosted with RackSpace, monitoring our |