the data can be an important security feature that
users of the vtpmmgr rely on.
For the other patches in this series (1-5,7-8,10):
Acked-by: Daniel De Graaf dgde...@tycho.nsa.gov
With patch #14 documenting the lack of TPM2 sealing, #11-13 are also Acked.
- Daniel
Thanks
Quan
-Original
the Config.mk ENABLE_XSM option to 'y'.
Thanks.
Is the hypervisor build allowed to depend on having run ./configure
now? I think this was the reason why config.mk is being used.
--
Daniel De Graaf
National Security Agency
___
Xen-devel mailing list
Xen-devel
On 01/12/2015 03:21 AM, Jan Beulich wrote:
XENMEM_{in,de}crease_reservation as well as XENMEM_populate_physmap
return the extent at which failure was detected, not error indicators.
Signed-off-by: Jan Beulich jbeul...@suse.com
Acked-by: Daniel De Graaf dgde...@tycho.nsa.gov
(though I don't
was set.
From my current inspection, this workaround may no longer be needed. In
any case, I think it is better to expose the error and force the caller
to explicitly request a dummy event channel (or just postpone creation).
Acked-by: Daniel De Graaf dgde...@tycho.nsa.gov
--
Daniel De Graaf
list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel
--
Daniel De Graaf
National Security Agency
___
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel
On 01/08/2015 03:20 AM, Xu, Quan wrote:
-Original Message-
From: Daniel De Graaf [mailto:dgde...@tycho.nsa.gov]
Sent: Wednesday, January 07, 2015 3:47 AM
To: Xu, Quan; xen-devel@lists.xen.org
Cc: samuel.thiba...@ens-lyon.org; stefano.stabell...@eu.citrix.com
Subject: Re: [PATCH v2 1/5
On 01/06/2015 11:46 AM, Xu, Quan wrote:
-Original Message-
From: Daniel De Graaf [mailto:dgde...@tycho.nsa.gov]
On 12/30/2014 11:44 PM, Quan Xu wrote:[...]
diff --git a/extras/mini-os/tpmback.c b/extras/mini-os/tpmback.c
[...]
+ domid = (domtype == T_DOMAIN_TYPE_HVM) ? 0 : tpmif
...@oracle.com
Reviewed-by: Dietmar Hahn dietmar.h...@ts.fujitsu.com
Tested-by: Dietmar Hahn dietmar.h...@ts.fujitsu.com
Acked-by: Daniel De Graaf dgde...@tycho.nsa.gov
___
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel
it will not work if a stub domain
is used for qemu.
--
Daniel De Graaf
National Security Agency
___
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel
functionality. If only SHA1 PCRs are used, they should be able
to be drop-in replacements, but supporting other hash algorithms may be
a feature that users who have a TPM2 will want.
--
Daniel De Graaf
National Security Agency
___
Xen-devel mailing list
will not be able to review further patches until January.
--
Daniel De Graaf
National Security Agency
___
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel
changes that fixed up the IRQ permissions rangesets), it may make sense
to either add a check here or move the check in order to catch the error
earlier.
--
Daniel De Graaf
National Security Agency
___
Xen-devel mailing list
Xen-devel@lists.xen.org
http
access is probably the best option.
If a guest who has control of a passthrough device can cause these
reserved ranges to change, then there may be reason to prevent others
from querying them, but that doesn't appear to be the case here.
--
Daniel De Graaf
National Security Agency
The example XSM policy was missing permission for dom0_t to migrate
domains; add these permissions.
Reported-by: Wei Liu wei.l...@citrix.com
Signed-off-by: Daniel De Graaf dgde...@tycho.nsa.gov
---
This has been tested with xl save/restore on a PV domain, which now
succeeds without producing AVC
On 11/27/2014 10:33 AM, Andrew Cooper wrote:
On 27/11/14 15:23, George Dunlap wrote:
On Tue, Nov 25, 2014 at 6:05 PM, Daniel De Graaf dgde...@tycho.nsa.gov wrote:
When an unknown domctl, sysctl, or other operation is encountered in the
FLASK security server, use the allow_unknown bit
On 11/25/2014 05:07 AM, George Dunlap wrote:
On Mon, Nov 24, 2014 at 10:05 PM, Daniel De Graaf dgde...@tycho.nsa.gov wrote:
I do. The error is
(XEN) flask_domctl: Unknown op 72
Incidentally, Flask is running in permissive mode.
Michael Young
This means that the new domctl needs
Reported-by: Michael Young m.a.yo...@durham.ac.uk
Signed-off-by: Daniel De Graaf dgde...@tycho.nsa.gov
---
xen/xsm/flask/hooks.c | 2 ++
xen/xsm/flask/policy/access_vectors | 2 ++
2 files changed, 4 insertions(+)
diff --git a/xen/xsm/flask/hooks.c b/xen/xsm/flask/hooks.c
index
to immediately add security checks; however, it is not flexible
enough to avoid adding the actual permission checks. An error message
is printed to the hypervisor console when this fallback is encountered.
Signed-off-by: Daniel De Graaf dgde...@tycho.nsa.gov
---
xen/xsm/flask/hooks.c
domctl not in the list of handled domctls (see
the large switch statement in xsm/flask/hooks.c) will return -EPERM and
will print an error to the hypervisor console, as Andrew pointed out.
--
Daniel De Graaf
National Security Agency
___
Xen-devel mailing
to add these since you introduced
the ops?
Unless you can think of a reason why there would be a reason to split the
access, I think it makes sense to reuse the permissions that are used for
XEN_DOMCTL_{get,set}_ext_vcpucontext.
--
Daniel De Graaf
National Security Agency
On 11/10/2014 07:01 AM, Ian Campbell wrote:
On Thu, 2014-11-06 at 17:01 -0500, Daniel De Graaf wrote:
On 11/04/2014 05:15 AM, Ian Campbell wrote:
On Thu, 2014-10-30 at 15:48 +0200, Emil Condrea wrote:
Of course we can use max, but I thought that it might be useful to
have a prink to inform
301 - 321 of 321 matches
Mail list logo