* [Patch 2 / 8][ACM] - xen policy name support
@ 2006-04-12 2:27 Reiner Sailer
0 siblings, 0 replies; only message in thread
From: Reiner Sailer @ 2006-04-12 2:27 UTC (permalink / raw)
To: xen-devel; +Cc: sailer
[-- Attachment #1: Type: text/plain, Size: 237 bytes --]
This patch adds support in the hypervisor for the policy name attribute
introduced into security policies. It also fixes a minor problem related
to handling unsupported boot policies.
Signed-off by: Reiner Sailer <sailer@us.ibm.com>
[-- Attachment #2: patch2_acm_xen.diff --]
[-- Type: text/plain, Size: 10694 bytes --]
---
xen/acm/acm_core.c | 49 +++++++++++++++++++++++++++++++++++--------
xen/acm/acm_policy.c | 27 +++++++++++++++++++++--
xen/include/acm/acm_core.h | 4 ++-
xen/include/public/acm.h | 18 ++++++++++-----
xen/include/public/acm_ops.h | 2 -
5 files changed, 82 insertions(+), 18 deletions(-)
Index: xen-unstable.hg-shype/xen/acm/acm_core.c
===================================================================
--- xen-unstable.hg-shype.orig/xen/acm/acm_core.c
+++ xen-unstable.hg-shype/xen/acm/acm_core.c
@@ -70,17 +70,46 @@ acm_set_endian(void)
u32 test = 1;
if (*((u8 *)&test) == 1)
{
- printk("ACM module running in LITTLE ENDIAN.\n");
+ printkd("ACM module running in LITTLE ENDIAN.\n");
little_endian = 1;
}
else
{
- printk("ACM module running in BIG ENDIAN.\n");
+ printkd("ACM module running in BIG ENDIAN.\n");
little_endian = 0;
}
}
int
+acm_set_policy_reference(u8 * buf, u32 buf_size)
+{
+ struct acm_policy_reference_buffer *pr = (struct acm_policy_reference_buffer *)buf;
+ acm_bin_pol.policy_reference_name = (char *)xmalloc_array(u8, ntohl(pr->len));
+
+ if (!acm_bin_pol.policy_reference_name)
+ return -ENOMEM;
+
+ strcpy(acm_bin_pol.policy_reference_name, (char *)(buf + sizeof(struct acm_policy_reference_buffer)));
+ printk("%s: Activating policy %s\n", __func__, acm_bin_pol.policy_reference_name);
+ return 0;
+}
+
+int
+acm_dump_policy_reference(u8 *buf, u32 buf_size)
+{
+ struct acm_policy_reference_buffer *pr_buf = (struct acm_policy_reference_buffer *)buf;
+ int ret = sizeof(struct acm_policy_reference_buffer) + strlen(acm_bin_pol.policy_reference_name) + 1;
+
+ if (buf_size < ret)
+ return -EINVAL;
+
+ pr_buf->len = htonl(strlen(acm_bin_pol.policy_reference_name) + 1); /* including stringend '\0' */
+ strcpy((char *)(buf + sizeof(struct acm_policy_reference_buffer)),
+ acm_bin_pol.policy_reference_name);
+ return ret;
+}
+
+int
acm_init_binary_policy(u32 policy_code)
{
int ret = ACM_OK;
@@ -198,7 +227,7 @@ acm_setup(unsigned int *initrdidx,
0);
if (rc == ACM_OK)
{
- printf("Policy len 0x%lx, start at %p.\n",_policy_len,_policy_start);
+ printkd("Policy len 0x%lx, start at %p.\n",_policy_len,_policy_start);
if (i == 1)
{
if (mbi->mods_count > 2)
@@ -218,6 +247,8 @@ acm_setup(unsigned int *initrdidx,
else
{
printk("Invalid policy. %d.th module line.\n", i+1);
+ /* load default policy later */
+ acm_active_security_policy = ACM_POLICY_UNDEFINED;
}
} /* end if a binary policy definition, i.e., (ntohl(pol->magic) == ACM_MAGIC ) */
}
@@ -239,10 +270,8 @@ acm_init(unsigned int *initrdidx,
if (acm_active_security_policy != ACM_POLICY_UNDEFINED)
{
- printk("%s: Boot-Policy. Enforcing %s: Primary %s, Secondary %s.\n", __func__,
- ACM_POLICY_NAME(acm_active_security_policy),
- ACM_POLICY_NAME(acm_bin_pol.primary_policy_code),
- ACM_POLICY_NAME(acm_bin_pol.secondary_policy_code));
+ printk("%s: Enforcing %s boot policy.\n", __func__,
+ ACM_POLICY_NAME(acm_active_security_policy));
goto out;
}
/* else continue with the minimal hardcoded default startup policy */
@@ -254,6 +283,10 @@ acm_init(unsigned int *initrdidx,
goto out;
}
acm_active_security_policy = ACM_DEFAULT_SECURITY_POLICY;
+ if (acm_active_security_policy != ACM_NULL_POLICY)
+ acm_bin_pol.policy_reference_name = "DEFAULT";
+ else
+ acm_bin_pol.policy_reference_name = "NULL";
out:
if (ret != ACM_OK)
@@ -314,7 +347,7 @@ acm_init_domain_ssid(domid_t id, ssidref
put_domain(subj);
return ACM_INIT_SSID_ERROR;
}
- printk("%s: assigned domain %x the ssidref=%x.\n",
+ printkd("%s: assigned domain %x the ssidref=%x.\n",
__func__, id, ssid->ssidref);
put_domain(subj);
return ACM_OK;
Index: xen-unstable.hg-shype/xen/acm/acm_policy.c
===================================================================
--- xen-unstable.hg-shype.orig/xen/acm/acm_policy.c
+++ xen-unstable.hg-shype/xen/acm/acm_policy.c
@@ -85,13 +85,19 @@ acm_set_policy(void *buf, u32 buf_size,
/* get bin_policy lock and rewrite policy (release old one) */
write_lock(&acm_bin_pol_rwlock);
- /* 3. set primary policy data */
+ /* 3. set label reference name */
+ if (acm_set_policy_reference(buf + ntohl(pol->policy_reference_offset),
+ ntohl(pol->primary_buffer_offset) -
+ ntohl(pol->policy_reference_offset)))
+ goto error_lock_free;
+
+ /* 4. set primary policy data */
if (acm_primary_ops->set_binary_policy(buf + ntohl(pol->primary_buffer_offset),
ntohl(pol->secondary_buffer_offset) -
ntohl(pol->primary_buffer_offset)))
goto error_lock_free;
- /* 4. set secondary policy data */
+ /* 5. set secondary policy data */
if (acm_secondary_ops->set_binary_policy(buf + ntohl(pol->secondary_buffer_offset),
ntohl(pol->len) -
ntohl(pol->secondary_buffer_offset)))
@@ -130,9 +136,18 @@ acm_get_policy(void *buf, u32 buf_size)
bin_pol->secondary_policy_code = htonl(acm_bin_pol.secondary_policy_code);
bin_pol->len = htonl(sizeof(struct acm_policy_buffer));
+ bin_pol->policy_reference_offset = htonl(ntohl(bin_pol->len));
bin_pol->primary_buffer_offset = htonl(ntohl(bin_pol->len));
bin_pol->secondary_buffer_offset = htonl(ntohl(bin_pol->len));
+ ret = acm_dump_policy_reference(policy_buffer + ntohl(bin_pol->policy_reference_offset),
+ buf_size - ntohl(bin_pol->policy_reference_offset));
+ if (ret < 0)
+ goto error_free_unlock;
+
+ bin_pol->len = htonl(ntohl(bin_pol->len) + ret);
+ bin_pol->primary_buffer_offset = htonl(ntohl(bin_pol->len));
+
ret = acm_primary_ops->dump_binary_policy (policy_buffer + ntohl(bin_pol->primary_buffer_offset),
buf_size - ntohl(bin_pol->primary_buffer_offset));
if (ret < 0)
@@ -227,6 +242,14 @@ acm_get_ssid(ssidref_t ssidref, u8 *buf,
acm_ssid->ssidref = ssidref;
acm_ssid->primary_policy_code = acm_bin_pol.primary_policy_code;
acm_ssid->secondary_policy_code = acm_bin_pol.secondary_policy_code;
+
+ acm_ssid->policy_reference_offset = acm_ssid->len;
+ ret = acm_dump_policy_reference(ssid_buffer + acm_ssid->policy_reference_offset,
+ buf_size - acm_ssid->policy_reference_offset);
+ if (ret < 0)
+ goto error_free_unlock;
+
+ acm_ssid->len += ret;
acm_ssid->primary_types_offset = acm_ssid->len;
/* ret >= 0 --> ret == max_types */
Index: xen-unstable.hg-shype/xen/include/acm/acm_core.h
===================================================================
--- xen-unstable.hg-shype.orig/xen/include/acm/acm_core.h
+++ xen-unstable.hg-shype/xen/include/acm/acm_core.h
@@ -26,6 +26,7 @@
/* Xen-internal representation of the binary policy */
struct acm_binary_policy {
+ char *policy_reference_name;
u16 primary_policy_code;
u16 secondary_policy_code;
};
@@ -124,7 +125,8 @@ int acm_get_policy(void *buf, u32 buf_si
int acm_dump_statistics(void *buf, u16 buf_size);
int acm_get_ssid(ssidref_t ssidref, u8 *buf, u16 buf_size);
int acm_get_decision(ssidref_t ssidref1, ssidref_t ssidref2, enum acm_hook_type hook);
-
+int acm_set_policy_reference(u8 * buf, u32 buf_size);
+int acm_dump_policy_reference(u8 *buf, u32 buf_size);
#endif
/*
Index: xen-unstable.hg-shype/xen/include/public/acm.h
===================================================================
--- xen-unstable.hg-shype.orig/xen/include/public/acm.h
+++ xen-unstable.hg-shype/xen/include/public/acm.h
@@ -51,17 +51,17 @@
/* policy: */
#define ACM_POLICY_NAME(X) \
- ((X) == (ACM_NULL_POLICY)) ? "NULL policy" : \
- ((X) == (ACM_CHINESE_WALL_POLICY)) ? "CHINESE WALL policy" : \
- ((X) == (ACM_SIMPLE_TYPE_ENFORCEMENT_POLICY)) ? "SIMPLE TYPE ENFORCEMENT policy" : \
- ((X) == (ACM_CHINESE_WALL_AND_SIMPLE_TYPE_ENFORCEMENT_POLICY)) ? "CHINESE WALL AND SIMPLE TYPE ENFORCEMENT policy" : \
- "UNDEFINED policy"
+ ((X) == (ACM_NULL_POLICY)) ? "NULL" : \
+ ((X) == (ACM_CHINESE_WALL_POLICY)) ? "CHINESE WALL" : \
+ ((X) == (ACM_SIMPLE_TYPE_ENFORCEMENT_POLICY)) ? "SIMPLE TYPE ENFORCEMENT" : \
+ ((X) == (ACM_CHINESE_WALL_AND_SIMPLE_TYPE_ENFORCEMENT_POLICY)) ? "CHINESE WALL AND SIMPLE TYPE ENFORCEMENT" : \
+ "UNDEFINED"
/* the following policy versions must be increased
* whenever the interpretation of the related
* policy's data structure changes
*/
-#define ACM_POLICY_VERSION 1
+#define ACM_POLICY_VERSION 2
#define ACM_CHWALL_VERSION 1
#define ACM_STE_VERSION 1
@@ -113,12 +113,17 @@ struct acm_policy_buffer {
uint32_t policy_version; /* ACM_POLICY_VERSION */
uint32_t magic;
uint32_t len;
+ uint32_t policy_reference_offset;
uint32_t primary_policy_code;
uint32_t primary_buffer_offset;
uint32_t secondary_policy_code;
uint32_t secondary_buffer_offset;
};
+struct acm_policy_reference_buffer {
+ uint32_t len;
+};
+
struct acm_chwall_policy_buffer {
uint32_t policy_version; /* ACM_CHWALL_VERSION */
uint32_t policy_code;
@@ -160,6 +165,7 @@ struct acm_ste_stats_buffer {
struct acm_ssid_buffer {
uint32_t len;
ssidref_t ssidref;
+ uint32_t policy_reference_offset;
uint32_t primary_policy_code;
uint32_t primary_max_types;
uint32_t primary_types_offset;
Index: xen-unstable.hg-shype/xen/include/public/acm_ops.h
===================================================================
--- xen-unstable.hg-shype.orig/xen/include/public/acm_ops.h
+++ xen-unstable.hg-shype/xen/include/public/acm_ops.h
@@ -17,7 +17,7 @@
* This makes sure that old versions of acm tools will stop working in a
* well-defined way (rather than crashing the machine, for instance).
*/
-#define ACM_INTERFACE_VERSION 0xAAAA0005
+#define ACM_INTERFACE_VERSION 0xAAAA0006
/************************************************************************/
[-- Attachment #3: Type: text/plain, Size: 138 bytes --]
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xensource.com
http://lists.xensource.com/xen-devel
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2006-04-12 2:27 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2006-04-12 2:27 [Patch 2 / 8][ACM] - xen policy name support Reiner Sailer
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.