* [PATCH] init-xenstore-domain: Add optional ramdisk argument.
@ 2014-07-07 21:52 James Bielman
2014-07-09 15:52 ` Ian Campbell
0 siblings, 1 reply; 4+ messages in thread
From: James Bielman @ 2014-07-07 21:52 UTC (permalink / raw)
To: xen-devel; +Cc: James Bielman, Ian Jackson, Ian Campbell, Stefano Stabellini
- Added an optional argument to allow passing a ramdisk
to the Xenstore domain built by init-xenstore-domain.
- This is needed for Xenstore/MAC to pass initial security
policy.
Signed-off-by: James Bielman <jamesjb@galois.com>
---
tools/xenstore/init-xenstore-domain.c | 14 ++++++++++----
1 file changed, 10 insertions(+), 4 deletions(-)
diff --git a/tools/xenstore/init-xenstore-domain.c b/tools/xenstore/init-xenstore-domain.c
index 56a3c72..0d12169 100644
--- a/tools/xenstore/init-xenstore-domain.c
+++ b/tools/xenstore/init-xenstore-domain.c
@@ -13,7 +13,7 @@
static uint32_t domid = -1;
-static int build(xc_interface *xch, char** argv)
+static int build(xc_interface *xch, int argc, char** argv)
{
char cmdline[512];
uint32_t ssid;
@@ -44,6 +44,12 @@ static int build(xc_interface *xch, char** argv)
dom = xc_dom_allocate(xch, cmdline, NULL);
rv = xc_dom_kernel_file(dom, argv[1]);
if (rv) goto err;
+
+ if (argc > 4) {
+ rv = xc_dom_ramdisk_file(dom, argv[4]);
+ if (rv) goto err;
+ }
+
rv = xc_dom_boot_xen_init(dom, xch, domid);
if (rv) goto err;
rv = xc_dom_parse_image(dom);
@@ -81,15 +87,15 @@ int main(int argc, char** argv)
char buf[16];
int rv, fd;
- if (argc != 4) {
- printf("Use: %s <xenstore-kernel> <memory_mb> <flask-label>\n", argv[0]);
+ if (argc < 4 || argc > 5) {
+ printf("Use: %s <xenstore-kernel> <memory_mb> <flask-label> [<ramdisk-file>]\n", argv[0]);
return 2;
}
xch = xc_interface_open(NULL, NULL, 0);
if (!xch) return 1;
- rv = build(xch, argv);
+ rv = build(xch, argc, argv);
xc_interface_close(xch);
--
1.9.1
^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: [PATCH] init-xenstore-domain: Add optional ramdisk argument.
2014-07-07 21:52 [PATCH] init-xenstore-domain: Add optional ramdisk argument James Bielman
@ 2014-07-09 15:52 ` Ian Campbell
2014-07-09 18:40 ` James Bielman
0 siblings, 1 reply; 4+ messages in thread
From: Ian Campbell @ 2014-07-09 15:52 UTC (permalink / raw)
To: James Bielman; +Cc: xen-devel, Ian Jackson, Stefano Stabellini
On Mon, 2014-07-07 at 14:52 -0700, James Bielman wrote:
> - Added an optional argument to allow passing a ramdisk
> to the Xenstore domain built by init-xenstore-domain.
> - This is needed for Xenstore/MAC to pass initial security
> policy.
Is this used to pass a filesystem containing a policy binary, or is the
policy binary passed raw as the "ramdisk" itself?
> Signed-off-by: James Bielman <jamesjb@galois.com>
Acked-by: Ian Campbell <ian.campbell@citrix.com>
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH] init-xenstore-domain: Add optional ramdisk argument.
2014-07-09 15:52 ` Ian Campbell
@ 2014-07-09 18:40 ` James Bielman
2014-07-10 15:23 ` Ian Campbell
0 siblings, 1 reply; 4+ messages in thread
From: James Bielman @ 2014-07-09 18:40 UTC (permalink / raw)
To: Ian Campbell; +Cc: xen-devel, Ian Jackson, Stefano Stabellini
[-- Attachment #1.1: Type: text/plain, Size: 621 bytes --]
On 07/09/2014 08:52 AM, Ian Campbell wrote:
> On Mon, 2014-07-07 at 14:52 -0700, James Bielman wrote:
>> - Added an optional argument to allow passing a ramdisk
>> to the Xenstore domain built by init-xenstore-domain.
>> - This is needed for Xenstore/MAC to pass initial security
>> policy.
>
> Is this used to pass a filesystem containing a policy binary, or is the
> policy binary passed raw as the "ramdisk" itself?
Hi Ian,
Our Xenstore security module needs a few support databases in addition
to the binary policy itself, so our ramdisk is an (uncompressed) CPIO
archive.
Thanks,
James
[-- Attachment #1.2: S/MIME Cryptographic Signature --]
[-- Type: application/pkcs7-signature, Size: 2310 bytes --]
[-- Attachment #2: Type: text/plain, Size: 126 bytes --]
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH] init-xenstore-domain: Add optional ramdisk argument.
2014-07-09 18:40 ` James Bielman
@ 2014-07-10 15:23 ` Ian Campbell
0 siblings, 0 replies; 4+ messages in thread
From: Ian Campbell @ 2014-07-10 15:23 UTC (permalink / raw)
To: James Bielman; +Cc: xen-devel, Ian Jackson, Stefano Stabellini
On Wed, 2014-07-09 at 11:40 -0700, James Bielman wrote:
> On 07/09/2014 08:52 AM, Ian Campbell wrote:
> > On Mon, 2014-07-07 at 14:52 -0700, James Bielman wrote:
> >> - Added an optional argument to allow passing a ramdisk
> >> to the Xenstore domain built by init-xenstore-domain.
> >> - This is needed for Xenstore/MAC to pass initial security
> >> policy.
> >
> > Is this used to pass a filesystem containing a policy binary, or is the
> > policy binary passed raw as the "ramdisk" itself?
>
> Hi Ian,
>
> Our Xenstore security module needs a few support databases in addition
> to the binary policy itself, so our ramdisk is an (uncompressed) CPIO
> archive.
Great. Applied, thanks!
Ian.
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2014-07-10 15:23 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2014-07-07 21:52 [PATCH] init-xenstore-domain: Add optional ramdisk argument James Bielman
2014-07-09 15:52 ` Ian Campbell
2014-07-09 18:40 ` James Bielman
2014-07-10 15:23 ` Ian Campbell
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.