On 6/20/16 9:04 AM, Daniel De Graaf wrote: > This adds a Kconfig option and support for including the XSM policy from > tools/flask/policy in the hypervisor so that the bootloader does not > need to provide a policy to get sane behavior from an XSM-enabled > hypervisor. The policy provided by the bootloader, if present, will > override the built-in policy. > > Enabling this option only builds the policy if checkpolicy is available > during compilation of the hypervisor; otherwise, it does nothing. The > XSM policy is not moved out of tools because that remains the primary > location for installing and configuring the policy. > > Signed-off-by: Daniel De Graaf <dgde...@tycho.nsa.gov> > Reviewed-by: Konrad Rzeszutek Wilk <konrad.w...@oracle.com>
Reviewed-by: Doug Goldstein <car...@cardoe.com> -- Doug Goldstein
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Xen-devel mailing list Xen-devel@lists.xen.org http://lists.xen.org/xen-devel
