xen: Revoke kernel module loading permissions.

This domain also calls kernel_request_load_module(), which should be
sufficient.

Signed-off-by: Chris PeBenito <chpebeni@linux.microsoft.com>
This commit is contained in:
Chris PeBenito 2024-02-29 10:14:01 -05:00
parent 1c20c002cd
commit 5b02b44e51
1 changed files with 0 additions and 1 deletions

View File

@ -500,7 +500,6 @@ xen_stream_connect_xenstore(xm_t)
can_exec(xm_t, xm_exec_t) can_exec(xm_t, xm_exec_t)
kernel_load_module(xm_t)
kernel_request_load_module(xm_t) kernel_request_load_module(xm_t)
kernel_read_system_state(xm_t) kernel_read_system_state(xm_t)
kernel_read_network_state(xm_t) kernel_read_network_state(xm_t)