Commit Graph

24 Commits

Author SHA1 Message Date
Chris PeBenito e6394e5f0e Pull in devices changes from Fedora. 2011-03-07 10:47:09 -05:00
Stephen Smalley 14d23ee979 Refine xen policy
Various changes to the Xen userspace policy, including:
- Add gntdev and gntalloc device node labeling.
- Create separate domains for blktap and qemu-dm rather than leaving them in xend_t.
- No need to allow xen userspace to create its own device nodes anymore;
this is handled automatically by the kernel/udev.
- No need to allow xen userspace access to generic raw storage; even if
using dedicated partitions/LVs for disk images, you can just label them
with xen_image_t.

The blktap and qemu-dm domains are stubs and will likely need to be
further expanded, but they should definitely not be left in xend_t.  Not
sure if I should try to use qemu_domain_template() instead for qemu-dm,
but I don't see any current users of that template (qemu_t uses
virt_domain_template instead), and qemu-dm has specific interactions
with Xen.

Signed-off-by:  Stephen Smalley <sds@tycho.nsa.gov>
2011-02-15 12:59:13 -05:00
Chris PeBenito fb7caddb4f Devices patch from Dan Walsh.
vhost_device_t added for libvirt/qemu

/dev/usbmon device added

lots of new interfaces.
2010-06-07 09:20:18 -04:00
Chris PeBenito 05351730cc Devices patch from Dan Walsh. 2010-03-04 15:30:22 -05:00
Chris PeBenito b51e8e0b42 Add devices patch from Dan Walsh. 2009-11-19 09:44:19 -05:00
Chris PeBenito 731008ad85 trunk: 2 patches from dan. 2009-06-08 17:18:26 +00:00
Chris PeBenito 11c944faf1 trunk: fix typo in devices file contexts. 2009-03-05 17:46:22 +00:00
Chris PeBenito 7b76207e37 trunk: devices patch from dan. 2009-03-05 15:36:41 +00:00
Chris PeBenito 02d968c581 trunk: several fc updates from dan. 2007-12-12 15:55:21 +00:00
Chris PeBenito 2999cea1f2 trunk: remove duplicate specifiction for /usr/lib/devices on debian. 2007-11-14 20:12:44 +00:00
Chris PeBenito 495df41602 trunk: 11 patches from dan. 2007-10-29 18:35:32 +00:00
Chris PeBenito 8241b538af trunk: udev update and brctl module from dan. 2007-09-05 17:55:57 +00:00
Chris PeBenito d534d35a7e trunk: 5 patches from dan 2007-06-11 15:01:10 +00:00
Chris PeBenito ecc98e19e3 patches for file contexts in networkmanager, miscfiles, corecommands, devices, and java from Dan Walsh. 2007-03-01 15:43:39 +00:00
Chris PeBenito d6d16b9796 patch from dan Wed, 29 Nov 2006 17:06:40 -0500 2006-12-04 20:10:56 +00:00
Chris PeBenito d9845ae92a patch from dan Tue, 24 Oct 2006 11:00:28 -0400 2006-10-31 21:01:48 +00:00
Chris PeBenito e070dd2df0 - Move range transitions to modules.
- Make number of MLS sensitivities, and number of MLS and MCS
  categories configurable as build options.
2006-10-04 17:25:34 +00:00
Chris PeBenito 8708d9bef2 patch from dan Wed, 20 Sep 2006 12:12:49 -0400 2006-09-22 17:14:35 +00:00
Chris PeBenito 13d7cec671 patch from erich Sat, 02 Sep 2006 03:37:44 +0200 2006-09-04 18:22:12 +00:00
Chris PeBenito eac818f040 patch from dan Thu, 31 Aug 2006 15:16:30 -0400 2006-09-01 15:52:05 +00:00
Chris PeBenito a5e2133bc8 patch from dan Wed, 23 Aug 2006 14:03:49 -0400 2006-08-29 02:41:00 +00:00
Chris PeBenito e9b9e45214 testing fixes 2006-08-18 18:20:22 +00:00
Chris PeBenito 46551033aa patch from dan Wed, 26 Jul 2006 14:42:46 -0400 2006-07-28 15:13:58 +00:00
Chris PeBenito 17de1b790b remove extra level of directory 2006-07-12 20:32:27 +00:00