Lines Matching refs:domain
16 # Declare a domain type, along with associated _self and _channel types
17 # Allow the domain to perform basic operations on itself
21 type_transition $1 $1:domain $1_self;
28 # Declare a domain type and associated _channel types.
29 # Note: Because the domain can perform basic operations on itself and any
30 # other domain of the same type, this constructor should be used for types
31 # containing at most one domain. This is not enforced by policy.
41 # Declare a paired _building type for the given domain type
45 allow $1_building $1 : domain transition;
49 allow $1 $2:domain { create max_vcpus setdomainmaxmem setaddrsize
65 # Allow a domain to be created directly
72 # Allow a domain to be created via its domain build label
78 allow $2_building $2:domain transition;
82 # Allow managing a running domain
84 allow $1 $2:domain { getdomaininfo getvcpuinfo getaffinity
92 # Allow creation of a snapshot or migration image from a domain
93 # (inbound migration is the same as domain creation)
98 allow $1 $2:domain { getaddrsize getvcpucontext pause destroy };
105 # Inter-domain communication
118 # Allow two domain types to communicate using event channels
125 # Allow two domain types to communicate using grants and event channels
132 # domain_self_comms(domain)
133 # Allow a non-singleton domain type to communicate with itself using grants
141 # Define how a device model domain interacts with its target
144 type_transition $2 $1:domain $2_target;
145 allow $1 $2:domain set_target;
152 allow $1 $2_target:domain { getdomaininfo shutdown };
158 # Allow creation of a device model and HVM domain pair
170 # use_device_iommu(domain, device)
171 # Allow a device to be used by a domain
179 # use_device_iommu_nointremap(domain, device)
180 # Allow a device to be used by a domain
190 # use_device_noiommu(domain, device)
191 # Allow a device to be used by a domain
199 # admin_device(domain, device)
200 # Allow a device to be used and delegated by a domain
207 # delegate_devices(priv-domain, target-domain)