Re: [PATCH] flask: change default state to enforcing

[Daniel De Graaf <dgdegra@tycho.nsa.gov>]

On 03/10/2016 02:12 PM, Konrad Rzeszutek Wilk wrote:
> On Thu, Mar 10, 2016 at 01:30:29PM -0500, Daniel De Graaf wrote:
>
> I've added Ian and Jan on the email as scripts/get_maintainer.pl spits out
> their names (Oddly not yours?)
>> The previous default of "permissive" is meant for developing or
>> debugging a disaggregated system.  However, this default makes it too
>> easy to accidentally boot a machine in this state, which does not place
>> any restrictions on guests.  This is not suitable for normal systems
>> because any guest can perform any operation (including operations like
>> rebooting the machine, kexec, and reading or writing another domain's
>> memory).
>>
>> This change will cause the boot to fail if you do not specify an XSM
>> policy during boot; if you need to load a policy from dom0, use the
>> "flask=late" boot parameter.
>>
>> Originally by Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>; modified
>> to also change the default value of flask_enforcing so that the policy
>> is not still in permissive mode.  This also removes the (no longer
>> documented) command line argument directly changing that variable since
>> it has been superseded by the flask= parameter.
>>
>
> Reviwed-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
> .. however:
>
[...]
>
> Since you set that to the default value should the parse_flask_param
> 'flask_enforcing = 1' for the 'enforcing' and 'late' be removed?
>
> (If you agree, the committer could do it).

Sure.  I left them in so that a command line such as
"flask=permissive flask=enforcing" would do the right thing, but I
haven't checked that that is even possible.


_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel