Lines Matching refs:domains
8 controls over Xen domains, allowing the policy writer to define what
9 interactions between domains, devices, and the hypervisor are permitted.
12 - Prevent two domains from communicating via event channels or grants
13 - Control which domains can use device passthrough (and which devices)
14 - Restrict or audit operations performed by privileged domains
15 - Prevent a privileged domain from arbitrarily mapping pages from other domains
24 functions into their own domains, via the XSM mechanisms described in
30 supposedly-only-semi-privileged disaggregated management domains. But
31 such management domains are (in such a design) to be seen as
45 other-than-fully-trusted domains.
48 driver domains, or stub xenstored - even if those bugs do no worse
105 system_r for all domains.
133 HVM domains with stubdomain device models also need a type for the stub domain.
138 type is needed for each group of domains. The user field can be used to address
151 current domain or on other domains; however, this significantly increases the
179 The default user and role used for domains is system_u and system_r. Users are
180 visible in the labels of domains and associated objects (event channels); when
205 default types for domains (domU_t), the example policy shipped with Xen should
206 allow the same operations on or between domains as when not using FLASK.