- Construct_node now creates capabilities on all nodes.
- Construct_node also grants capabilities to other domains that create nodes. - Hacked get_perms API in xenstore. Now I can see the capabilities set on different nodes via "xenstore-ls -p". - caps_for_conn returns error by default. This implies that when a new domain/driver reads a node and if it does not have the necessary capabilities then it'll get an error. Note that in ACL xenstore, they have a default permission. - caps_for_conn also checks caps for priviliged domains which is simply granted access in ACL xenstored. This change is for us to see if the priviliged domains are getting the right capabilities and not more. - I still need to see if we need a default capability concept at all.
Showing with 123 additions and 117 deletions