[0/2] Adds starting the idle domain privileged

Message

Daniel P. Smith April 20, 2022, 9:04 p.m. UTC

This series makes it so that the idle domain is started privileged under the
default policy, which the SILO policy inherits, and under the flask policy. It
then introduces a new one-way XSM hook, xsm_transition_running, that is hooked
by an XSM policy to transition the idle domain to its running privilege level.

Daniel P. Smith (2):
  xsm: create idle domain privieged and demote after setup
  flask: implement xsm_transtion_running

 tools/flask/policy/modules/xen.if      |  6 ++++++
 tools/flask/policy/modules/xen.te      |  1 +
 tools/flask/policy/policy/initial_sids |  1 +
 xen/arch/arm/setup.c                   |  6 ++++++
 xen/arch/x86/setup.c                   |  6 ++++++
 xen/common/sched/core.c                |  7 ++++++-
 xen/include/xsm/dummy.h                | 12 ++++++++++++
 xen/include/xsm/xsm.h                  |  6 ++++++
 xen/xsm/dummy.c                        |  1 +
 xen/xsm/flask/hooks.c                  | 21 ++++++++++++++++++++-
 xen/xsm/flask/policy/initial_sids      |  1 +
 11 files changed, 66 insertions(+), 2 deletions(-)