On 6/20/16 10:07 AM, Daniel De Graaf wrote: > On 06/20/2016 10:35 AM, Doug Goldstein wrote: >> On 6/20/16 9:04 AM, Daniel De Graaf wrote: >>> This operation has no known users, and is primarily useful when an MLS >>> policy is in use (which has never been shipped with Xen). In addition, >>> the information it provides does not actually depend on hypervisor >>> state (only on the XSM policy), so an application that needs it could >>> compute the results without needing to involve the hypervisor. >>> >> >> So if I read this language correctly. Removing this does not affect >> someone being able to build a MLS policy at a later date right? > > Correct; that support is still there. This hypercall was used to > compute a list of reachable security contexts for a given user, which > is trivial in a non-MLS policy but more complex when one is being > used. This computation makes more sense on Linux (where creating > new contexts via "exec" is common) than on Xen (where normally a > domain cannot create another). > Makes sense. Thanks for clarifying. Reviewed-by: Doug Goldstein -- Doug Goldstein