On 05.08.2021 16:06, Daniel P. Smith wrote: > On Linux when SELinux is put into permissive mode the descretionary access > controls are still in place. Whereas for Xen when the enforcing state of flask > is set to permissive, all operations for all domains would succeed, i.e. it > does not fall back to the default access controls. To provide a means to mimic > a similar but not equivalent behavior, a flask op is present to allow a > one-time switch back to the default access controls, aka the "dummy policy". > > This patch removes this flask op to enforce a consistent XSM usage model that > a > reboot of Xen is required to change the XSM policy module in use. > > Signed-off-by: Daniel P. Smith <dpsm...@apertussolutions.com>
The primary reason you remove this is - aiui - that with alternatives patching there's technically not really a way back (would need to re- patch every patched location, or every hook would need to check whether state changed to disabled and if so chain on to the dummy function). This became sufficiently clear to me only when looking at the next patch. It would be nice if description also said why the change is needed. As it stands to me the description reads at best like something that people could have different views on (and initially I didn't mean to reply here, for not being convinced of the removal of functionality in the common case). Jan
