xen-devel.lists.xenproject.org archive mirror
 help / color / mirror / Atom feed
From: Daniel De Graaf <dgdegra@tycho.nsa.gov>
To: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>,
	ian.jackson@eu.citrix.com, jbeulich@suse.com
Cc: xen-devel@lists.xenproject.org, cardoe@cardoe.com,
Subject: Re: [PATCH] flask: change default state to enforcing
Date: Thu, 10 Mar 2016 14:37:43 -0500	[thread overview]
Message-ID: <56E1CD07.4020900@tycho.nsa.gov> (raw)
In-Reply-To: <20160310191225.GC18675@char.us.oracle.com>

On 03/10/2016 02:12 PM, Konrad Rzeszutek Wilk wrote:
> On Thu, Mar 10, 2016 at 01:30:29PM -0500, Daniel De Graaf wrote:
> I've added Ian and Jan on the email as scripts/get_maintainer.pl spits out
> their names (Oddly not yours?)
>> The previous default of "permissive" is meant for developing or
>> debugging a disaggregated system.  However, this default makes it too
>> easy to accidentally boot a machine in this state, which does not place
>> any restrictions on guests.  This is not suitable for normal systems
>> because any guest can perform any operation (including operations like
>> rebooting the machine, kexec, and reading or writing another domain's
>> memory).
>> This change will cause the boot to fail if you do not specify an XSM
>> policy during boot; if you need to load a policy from dom0, use the
>> "flask=late" boot parameter.
>> Originally by Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>; modified
>> to also change the default value of flask_enforcing so that the policy
>> is not still in permissive mode.  This also removes the (no longer
>> documented) command line argument directly changing that variable since
>> it has been superseded by the flask= parameter.
> Reviwed-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
> .. however:
> Since you set that to the default value should the parse_flask_param
> 'flask_enforcing = 1' for the 'enforcing' and 'late' be removed?
> (If you agree, the committer could do it).

Sure.  I left them in so that a command line such as
"flask=permissive flask=enforcing" would do the right thing, but I
haven't checked that that is even possible.

Xen-devel mailing list

  reply	other threads:[~2016-03-10 19:37 UTC|newest]

Thread overview: 20+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2016-03-09  1:51 XSM permissive by default Konrad Rzeszutek Wilk
2016-03-09  2:11 ` Doug Goldstein
2016-03-09 13:24 ` Andrew Cooper
2016-03-09 21:17   ` Konrad Rzeszutek Wilk
2016-03-09 22:09     ` Daniel De Graaf
2016-03-10  2:40       ` Doug Goldstein
2016-03-10 17:10         ` Konrad Rzeszutek Wilk
2016-03-10 17:34           ` Doug Goldstein
2016-03-10 17:44           ` Andrew Cooper
2016-03-10 18:30           ` [PATCH] flask: change default state to enforcing Daniel De Graaf
2016-03-10 19:12             ` Konrad Rzeszutek Wilk
2016-03-10 19:37               ` Daniel De Graaf [this message]
2016-03-15 14:48               ` Anshul Makkar
2016-03-11  9:07             ` Jan Beulich
2016-03-11 14:58               ` Konrad Rzeszutek Wilk
2016-03-11 15:39               ` Daniel De Graaf
2016-03-11 15:43                 ` Jan Beulich
2016-03-11 15:51                   ` Daniel De Graaf
2016-04-04 17:12           ` XSM permissive by default Ian Jackson
2016-04-05  8:03             ` Jan Beulich

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=56E1CD07.4020900@tycho.nsa.gov \
    --to=dgdegra@tycho.nsa.gov \
    --cc=andrew.cooper3@citrix.com \
    --cc=cardoe@cardoe.com \
    --cc=ian.jackson@eu.citrix.com \
    --cc=jbeulich@suse.com \
    --cc=konrad.wilk@oracle.com \
    --cc=xen-devel@lists.xenproject.org \


* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).