Add new soft_reset vector to domain2 class, add it to create_domain
in the default policy.
Signed-off-by: Vitaly Kuznetsov <vkuznets@redhat.com>
Acked-by: Daniel De Graaf <dgdegra@tycho.nsa.gov>
getaffinity setaffinity setvcpuextstate };
allow $1 $2:domain2 { set_cpuid settsc setscheduler setclaim
set_max_evtchn set_vnumainfo get_vnumainfo cacheflush
- psr_cmt_op psr_cat_op };
+ psr_cmt_op psr_cat_op soft_reset };
allow $1 $2:security check_context;
allow $1 $2:shadow enable;
allow $1 $2:mmu { map_read map_write adjust memorymap physmap pinpage mmuext_op updatemp };
case XEN_DOMCTL_psr_cat_op:
return current_has_perm(d, SECCLASS_DOMAIN2, DOMAIN2__PSR_CAT_OP);
+ case XEN_DOMCTL_soft_reset:
+ return current_has_perm(d, SECCLASS_DOMAIN2, DOMAIN2__SOFT_RESET);
+
default:
printk("flask_domctl: Unknown op %d\n", cmd);
return -EPERM;
# XEN_DOMCTL_monitor_op
# XEN_DOMCTL_vm_event_op
vm_event
+# XEN_DOMCTL_soft_reset
+ soft_reset
# XENMEM_access_op
mem_access
# XENMEM_paging_op
projects / xen.git / commitdiff