On Mon, 2014-12-08 at 11:07 -0500, Konrad Rzeszutek Wilk wrote:
> On Mon, Dec 08, 2014 at 03:54:06PM +, Ian Campbell wrote:
> > On Mon, 2014-12-08 at 10:52 -0500, Konrad Rzeszutek Wilk wrote:
> > > On Mon, Dec 08, 2014 at 09:48:07AM +, Ian Campbell wrote:
> > > > On Fri, 2014-12-05 at 12:03
On Mon, Dec 08, 2014 at 03:54:06PM +, Ian Campbell wrote:
> On Mon, 2014-12-08 at 10:52 -0500, Konrad Rzeszutek Wilk wrote:
> > On Mon, Dec 08, 2014 at 09:48:07AM +, Ian Campbell wrote:
> > > On Fri, 2014-12-05 at 12:03 -0500, Daniel De Graaf wrote:
> > > > The example XSM policy was missin
On Mon, 2014-12-08 at 10:52 -0500, Konrad Rzeszutek Wilk wrote:
> On Mon, Dec 08, 2014 at 09:48:07AM +, Ian Campbell wrote:
> > On Fri, 2014-12-05 at 12:03 -0500, Daniel De Graaf wrote:
> > > The example XSM policy was missing permission for dom0_t to migrate
> > > domains; add these permission
On Mon, Dec 08, 2014 at 09:48:07AM +, Ian Campbell wrote:
> On Fri, 2014-12-05 at 12:03 -0500, Daniel De Graaf wrote:
> > The example XSM policy was missing permission for dom0_t to migrate
> > domains; add these permissions.
> >
> > Reported-by: Wei Liu
> > Signed-off-by: Daniel De Graaf
>
On Fri, 2014-12-05 at 12:03 -0500, Daniel De Graaf wrote:
> The example XSM policy was missing permission for dom0_t to migrate
> domains; add these permissions.
>
> Reported-by: Wei Liu
> Signed-off-by: Daniel De Graaf
Acked-by: Ian Campbell
Konrad, we should take this for 4.5, in order to h
The example XSM policy was missing permission for dom0_t to migrate
domains; add these permissions.
Reported-by: Wei Liu
Signed-off-by: Daniel De Graaf
---
This has been tested with xl save/restore on a PV domain, which now
succeeds without producing AVC denials.
tools/flask/policy/policy/mod
