[Xen-devel] [Xense-devel][RFC][PATCH][1/4] Xen Security Modules:

The attached patch implements the Xen Security Modules (XSM) framework.
This patch should apply cleanly to changeset 9694:d82a4c4d04d4 Xen
3.0.2-3.

The framework is configured as default-enable in this patch set.
Configuration of XSM is made in Config.mk.  The only configuration
option is XSM_ENABLE = y/n.  XSM_ENABLE must be y to compile an XSM
module.  

XSM provides a generalized hook infrastructure allowing third-party
security modules to interpose on the Xen code path.  A default or dummy
module provides basic call/return functionality for hooks not
implemented by a given module.  During module initialization, a module
registers its security hooks and the equivalent dummy hooks are
unregistered.  If a module does not implement a hook, the equivalent
dummy hook remains in place.  Modules also may define and register at
boot time a module specific hypercall through the XSM hook
infrastructure.

Modules may also define at Xen compile time a magic number XSM_MAGIC to
indicate that a policy should be discovered from the images loaded at
boot.  The policy file should then be listed in grub as one of the
multi-boot modules after the dom0 kernel.

xsm-xen-3.0.2-3.diff
Description: Text Data

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel

<Prev in Thread]

Current Thread

[Next in Thread>

Previous by Date:

[Xen-devel] [Xense-devel][RFC][PATCH][0/4] Xen Security Modules: Intro, George S. Coker, II

Next by Date:

[Xen-devel] [Xense-devel][RFC][PATCH][2/4] Xen Security Modules: ACM (sHype) module, George S. Coker, II

Previous by Thread:

[Xen-devel] [Xense-devel][RFC][PATCH][0/4] Xen Security Modules: Intro, George S. Coker, II

Next by Thread:

Re: [Xen-devel] [Xense-devel][RFC][PATCH][1/4] Xen Security Modules: XSM, James Morris

Indexes:

[Date] [Thread] [Top] [All Lists]