Xen project Mailing List

[Xen-changelog] [xen-unstable] XSM:FLASK support for domain management under Xen-API

From: Xen patchbot-unstable <patchbot-unstable@xxxxxxxxxxxxxxxxxxx>

Date: Wed, 26 Sep 2007 03:41:13 -0700

Delivery-date: Wed, 26 Sep 2007 04:29:25 -0700

List-id: BK change log <xen-changelog.lists.xensource.com>

# HG changeset patch # User Keir Fraser <keir@xxxxxxxxxxxxx> # Date 1190547907 -3600 # Node ID 40d88481cd3f4abc01053508b9c9290e5aa9662e # Parent 5957d62f72901859327506629a8c7a78e7417c4f XSM:FLASK support for domain management under Xen-API Signed-off-by: George Coker <gscoker@xxxxxxxxxxxxxx> --- tools/python/xen/util/xsm/acm/acm.py | 25 +++++++++++++++++++++++-- tools/python/xen/util/xsm/dummy/dummy.py | 3 +++ tools/python/xen/util/xsm/flask/flask.py | 4 ++++ tools/python/xen/xend/XendDomainInfo.py | 21 ++------------------- tools/python/xen/xm/xenapi_create.py | 9 +++------ 5 files changed, 35 insertions(+), 27 deletions(-) diff -r 5957d62f7290 -r 40d88481cd3f tools/python/xen/util/xsm/acm/acm.py --- a/tools/python/xen/util/xsm/acm/acm.py Sun Sep 23 12:18:36 2007 +0100 +++ b/tools/python/xen/util/xsm/acm/acm.py Sun Sep 23 12:45:07 2007 +0100 @@ -1308,12 +1308,33 @@ def parse_security_label(security_label) return security_label def set_security_label(policy, label): - policytype = xsconstants.ACM_POLICY_ID if label != "" and policy != "": - return "%s:%s:%s" % (policytype, policy, label) + return "%s:%s:%s" % (xsconstants.ACM_POLICY_ID, policy, label) else: return "" def ssidref2security_label(ssidref): from xen.xend.XendXSPolicyAdmin import XSPolicyAdminInstance return XSPolicyAdminInstance().ssidref_to_vmlabel(ssidref) + +def get_security_label(self, xspol=None): + """ + Get the security label of a domain + @param xspol The policy to use when converting the ssid into + a label; only to be passed during the updating + of the policy + """ + domid = self.getDomid() + + if not xspol: + from xen.xend.XendXSPolicyAdmin import XSPolicyAdminInstance + xspol = XSPolicyAdminInstance().get_loaded_policy() + + if domid == 0: + if xspol: + label = xspol.policy_get_domain_label_formatted(domid) + else: + label = "" + else: + label = self.info.get('security_label', '') + return label diff -r 5957d62f7290 -r 40d88481cd3f tools/python/xen/util/xsm/dummy/dummy.py --- a/tools/python/xen/util/xsm/dummy/dummy.py Sun Sep 23 12:18:36 2007 +0100 +++ b/tools/python/xen/util/xsm/dummy/dummy.py Sun Sep 23 12:45:07 2007 +0100 @@ -51,3 +51,6 @@ def ssidref2security_label(ssidref): def has_authorization(ssidref): return True + +def get_security_label(self, xspol=None): + return "" diff -r 5957d62f7290 -r 40d88481cd3f tools/python/xen/util/xsm/flask/flask.py --- a/tools/python/xen/util/xsm/flask/flask.py Sun Sep 23 12:18:36 2007 +0100 +++ b/tools/python/xen/util/xsm/flask/flask.py Sun Sep 23 12:45:07 2007 +0100 @@ -35,3 +35,7 @@ def set_security_label(policy, label): def ssidref2security_label(ssidref): return ssidref2label(ssidref) + +def get_security_label(self, xspol=None): + label = self.info.get('security_label', '') + return label diff -r 5957d62f7290 -r 40d88481cd3f tools/python/xen/xend/XendDomainInfo.py --- a/tools/python/xen/xend/XendDomainInfo.py Sun Sep 23 12:18:36 2007 +0100 +++ b/tools/python/xen/xend/XendDomainInfo.py Sun Sep 23 12:45:07 2007 +0100 @@ -2275,25 +2275,8 @@ class XendDomainInfo: def get_security_label(self, xspol=None): - """ - Get the security label of a domain - @param xspol The policy to use when converting the ssid into - a label; only to be passed during the updating - of the policy - """ - domid = self.getDomid() - - if not xspol: - from xen.xend.XendXSPolicyAdmin import XSPolicyAdminInstance - xspol = XSPolicyAdminInstance().get_loaded_policy() - - if domid == 0: - if xspol: - label = xspol.policy_get_domain_label_formatted(domid) - else: - label = "" - else: - label = self.info.get('security_label', '') + import xen.util.xsm.xsm as security + label = security.get_security_label(self, xspol) return label def set_security_label(self, seclab, old_seclab, xspol=None, diff -r 5957d62f7290 -r 40d88481cd3f tools/python/xen/xm/xenapi_create.py --- a/tools/python/xen/xm/xenapi_create.py Sun Sep 23 12:18:36 2007 +0100 +++ b/tools/python/xen/xm/xenapi_create.py Sun Sep 23 12:45:07 2007 +0100 @@ -26,6 +26,7 @@ from xen.xend.XendAPIConstants import XE XEN_API_ON_CRASH_BEHAVIOUR from xen.xm.opts import OptionError from xen.util import xsconstants +import xen.util.xsm.xsm as security import sys import os @@ -569,7 +570,7 @@ class sxp2xml: if sec_data: try : vm.attributes['security_label'] = \ - "%s:%s:%s" % (xsconstants.ACM_POLICY_ID, sec_data[0][1][1],sec_data[0][2][1]) + security.set_security_label(sec_data[0][1][1],sec_data[0][2][1]) except Exception, e: raise "Invalid security data format: %s" % str(sec_data) @@ -753,11 +754,7 @@ class sxp2xml: policy = get_child_by_name(vif_sxp, "policy") label = get_child_by_name(vif_sxp, "label") - if label and policy: - vif.attributes["security_label"] \ - = "%s:%s:%s" % (xsconstants.ACM_POLICY_ID, policy, label) - else: - vif.attributes["security_label"] = "" + vif.attributes["security_label"] = security.set_security_label(policy, label) if get_child_by_name(vif_sxp, "bridge") is not None: vif.attributes["network"] \ _______________________________________________ Xen-changelog mailing list Xen-changelog@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-changelog

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.