[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [Xen-changelog] [xen-unstable] Merge with ia64 tree.
# HG changeset patch # User Keir Fraser <keir@xxxxxxxxxxxxx> # Date 1191416850 -3600 # Node ID b1f6e77b69a5f1b459f7269a9b278fa86970408f # Parent 3165e43ce73421bf6308844a3d0d4f27dab47639 # Parent aa8944bc4987ee181ca2539bb10112f6b6d1bccb Merge with ia64 tree. --- docs/xen-api/xenapi-datamodel.tex | 74 +++++++++++++ tools/libxen/include/xen/api/xen_acmpolicy.h | 17 ++- tools/libxen/src/xen_acmpolicy.c | 35 ++++++ tools/python/xen/lowlevel/acm/acm.c | 37 ++++++ tools/python/xen/util/acmpolicy.py | 8 + tools/python/xen/util/xsm/acm/acm.py | 47 +++++++- tools/python/xen/xend/XendXSPolicy.py | 31 +++++ tools/python/xen/xend/XendXSPolicyAdmin.py | 5 tools/python/xen/xm/dumppolicy.py | 31 +++++ tools/python/xen/xm/labels.py | 6 - tools/security/secpol_tool.c | 150 +++++++++++++++++++-------- 11 files changed, 387 insertions(+), 54 deletions(-) diff -r 3165e43ce734 -r b1f6e77b69a5 docs/xen-api/xenapi-datamodel.tex --- a/docs/xen-api/xenapi-datamodel.tex Tue Oct 02 11:31:55 2007 -0600 +++ b/docs/xen-api/xenapi-datamodel.tex Wed Oct 03 14:07:30 2007 +0100 @@ -15057,7 +15057,7 @@ Get the binary policy representation of Get the binary policy representation of the referenced policy. \noindent {\bf Signature:} -\begin{verbatim} string get_map (session_id s, xs ref self)\end{verbatim} +\begin{verbatim} string get_binary (session_id s, xs ref self)\end{verbatim} \noindent{\bf Arguments:} @@ -15080,6 +15080,78 @@ string Base64-encoded representation of the binary policy. +\vspace{0.3cm} +\vspace{0.3cm} +\vspace{0.3cm} +\subsubsection{RPC name:~get\_enforced\_binary} + +{\bf Overview:} +Get the binary policy representation of the currently enforced ACM policy. +In case the default policy is loaded in the hypervisor, a policy may be +managed by xend that is not yet loaded into the hypervisor. + + \noindent {\bf Signature:} +\begin{verbatim} string get_enforced_binary (session_id s, xs ref self)\end{verbatim} + + +\noindent{\bf Arguments:} + + +\vspace{0.3cm} +\begin{tabular}{|c|c|p{7cm}|} + \hline +{\bf type} & {\bf name} & {\bf description} \\ \hline +{\tt xs ref } & self & reference to the object \\ \hline + +\end{tabular} + +\vspace{0.3cm} + + \noindent {\bf Return Type:} +{\tt +string +} + + +Base64-encoded representation of the binary policy. +\vspace{0.3cm} +\vspace{0.3cm} +\vspace{0.3cm} +\subsubsection{RPC name:~get\_VM\_ssidref} + +{\bf Overview:} +Get the ACM ssidref of the given virtual machine. + + \noindent {\bf Signature:} +\begin{verbatim} string get_VM_ssidref (session_id s, vm ref vm)\end{verbatim} + + +\noindent{\bf Arguments:} + + +\vspace{0.3cm} +\begin{tabular}{|c|c|p{7cm}|} + \hline +{\bf type} & {\bf name} & {\bf description} \\ \hline +{\tt vm ref } & vm & reference to a valid VM \\ \hline + +\end{tabular} + +\vspace{0.3cm} + + \noindent {\bf Return Type:} +{\tt +int +} + + +The ssidref of the given virtual machine. + +\vspace{0.3cm} + +\noindent{\bf Possible Error Codes:} + {\tt HANDLE\_INVALID, VM\_BAD\_POWER\_STATE, SECURITY\_ERROR} + \vspace{0.3cm} \vspace{0.3cm} \vspace{0.3cm} diff -r 3165e43ce734 -r b1f6e77b69a5 tools/libxen/include/xen/api/xen_acmpolicy.h --- a/tools/libxen/include/xen/api/xen_acmpolicy.h Tue Oct 02 11:31:55 2007 -0600 +++ b/tools/libxen/include/xen/api/xen_acmpolicy.h Wed Oct 03 14:07:30 2007 +0100 @@ -108,7 +108,22 @@ xen_acmpolicy_get_binary(xen_session *se xen_xspolicy xspolicy); /** - * Get the UUID filed of the given policy. + * Get the binary representation (base64-encoded) of the currently + * enforced policy. + */ +extern bool +xen_acmpolicy_get_enforced_binary(xen_session *session, char **binary, + xen_xspolicy xspolicy); + +/** + * Get the ACM ssidref of the given VM. + */ +bool +xen_acmpolicy_get_VM_ssidref(xen_session *session, int64_t *result, + xen_vm vm); + +/** + * Get the UUID field of the given policy. */ bool xen_acmpolicy_get_uuid(xen_session *session, char **result, diff -r 3165e43ce734 -r b1f6e77b69a5 tools/libxen/src/xen_acmpolicy.c --- a/tools/libxen/src/xen_acmpolicy.c Tue Oct 02 11:31:55 2007 -0600 +++ b/tools/libxen/src/xen_acmpolicy.c Wed Oct 03 14:07:30 2007 +0100 @@ -217,6 +217,41 @@ xen_acmpolicy_get_binary(xen_session *se bool +xen_acmpolicy_get_enforced_binary(xen_session *session, char **result, + xen_xspolicy xspolicy) +{ + abstract_value param_values[] = + { + { .type = &abstract_type_string, + .u.string_val = xspolicy }, + }; + + abstract_type result_type = abstract_type_string; + + *result = NULL; + XEN_CALL_("ACMPolicy.get_enforced_binary"); + return session->ok; +} + + +bool +xen_acmpolicy_get_VM_ssidref(xen_session *session, + int64_t *result, xen_vm vm) +{ + abstract_value param_values[] = + { + { .type = &abstract_type_string, + .u.string_val = vm } + }; + + abstract_type result_type = abstract_type_int; + + XEN_CALL_("ACMPolicy.get_VM_ssidref"); + return session->ok; +} + + +bool xen_acmpolicy_get_uuid(xen_session *session, char **result, xen_xspolicy xspolicy) { diff -r 3165e43ce734 -r b1f6e77b69a5 tools/python/xen/lowlevel/acm/acm.c --- a/tools/python/xen/lowlevel/acm/acm.c Tue Oct 02 11:31:55 2007 -0600 +++ b/tools/python/xen/lowlevel/acm/acm.c Wed Oct 03 14:07:30 2007 +0100 @@ -26,6 +26,7 @@ #include <sys/mman.h> #include <sys/types.h> #include <stdlib.h> +#include <arpa/inet.h> #include <sys/ioctl.h> #include <netinet/in.h> #include <xen/xsm/acm.h> @@ -258,6 +259,41 @@ static PyObject *chgpolicy(PyObject *sel } +static PyObject *getpolicy(PyObject *self, PyObject *args) +{ + struct acm_getpolicy getpolicy; + int xc_handle, rc; + uint8_t pull_buffer[8192]; + PyObject *result; + uint32_t len = sizeof(pull_buffer); + + memset(&getpolicy, 0x0, sizeof(getpolicy)); + set_xen_guest_handle(getpolicy.pullcache, pull_buffer); + getpolicy.pullcache_size = sizeof(pull_buffer); + + if ((xc_handle = xc_interface_open()) <= 0) { + PyErr_SetString(PyExc_IOError, ctrlif_op); + return NULL; + } + + rc = xc_acm_op(xc_handle, ACMOP_getpolicy, &getpolicy, sizeof(getpolicy)); + + xc_interface_close(xc_handle); + + if (rc == 0) { + struct acm_policy_buffer *header = + (struct acm_policy_buffer *)pull_buffer; + if (ntohl(header->len) < sizeof(pull_buffer)) + len = ntohl(header->len); + } else { + len = 0; + } + + result = Py_BuildValue("is#", rc, pull_buffer, len); + return result; +} + + static PyObject *relabel_domains(PyObject *self, PyObject *args) { struct acm_relabel_doms reldoms; @@ -313,6 +349,7 @@ static PyMethodDef acmMethods[] = { {"getssid", getssid, METH_VARARGS, "Retrieve label information and ssidref for a domain"}, {"getdecision", getdecision, METH_VARARGS, "Retrieve ACM access control decision"}, {"chgpolicy", chgpolicy, METH_VARARGS, "Change the policy in one step"}, + {"getpolicy", getpolicy, METH_NOARGS , "Get the binary policy from the hypervisor"}, {"relabel_domains", relabel_domains, METH_VARARGS, "Relabel domains"}, /* end of list (extend list above this line) */ {NULL, NULL, 0, NULL} diff -r 3165e43ce734 -r b1f6e77b69a5 tools/python/xen/util/acmpolicy.py --- a/tools/python/xen/util/acmpolicy.py Tue Oct 02 11:31:55 2007 -0600 +++ b/tools/python/xen/util/acmpolicy.py Wed Oct 03 14:07:30 2007 +0100 @@ -1264,3 +1264,11 @@ class ACMPolicy(XSPolicy): log.info("The following Ch. Wall types in labels were unknown:" \ " %s" % list(unknown_chw)) return rc, mapfile, all_bin.tostring() + + def get_enforced_binary(self): + rc, binpol = security.hv_get_policy() + if rc != 0: + raise SecurityError(-xsconstants.XSERR_HV_OP_FAILED) + return binpol + + get_enforced_binary = classmethod(get_enforced_binary) diff -r 3165e43ce734 -r b1f6e77b69a5 tools/python/xen/util/xsm/acm/acm.py --- a/tools/python/xen/util/xsm/acm/acm.py Tue Oct 02 11:31:55 2007 -0600 +++ b/tools/python/xen/util/xsm/acm/acm.py Wed Oct 03 14:07:30 2007 +0100 @@ -109,10 +109,12 @@ def refresh_security_policy(): """ global active_policy - try: - active_policy = acm.policy() - except: - active_policy = "INACTIVE" + active_policy = 'INACCESSIBLE' + if os.access("/proc/xen/privcmd", os.R_OK|os.W_OK): + try: + active_policy = acm.policy() + except: + active_policy = "INACTIVE" # now set active_policy refresh_security_policy() @@ -295,7 +297,7 @@ def label2ssidref(labelname, policyname, maps current policy to default directory to find mapping file """ - if policyname in ['NULL', 'INACTIVE', 'DEFAULT']: + if policyname in ['NULL', 'INACTIVE', 'DEFAULT', 'INACCESSIBLE' ]: err("Cannot translate labels for \'" + policyname + "\' policy.") allowed_types = ['ANY'] @@ -507,6 +509,22 @@ def hv_chg_policy(bin_pol, del_array, ch rc = -xsconstants.XSERR_HV_OP_FAILED return rc, errors +def hv_get_policy(): + """ + Gte the binary policy enforced in the hypervisor + """ + rc = -xsconstants.XSERR_GENERAL_FAILURE + bin_pol = "" + if not on(): + err("No policy active.") + try: + rc, bin_pol = acm.getpolicy() + except Exception, e: + pass + if len(bin_pol) == 0: + bin_pol = None + return rc, bin_pol + def make_policy(policy_name): policy_file = string.join(string.split(policy_name, "."), "/") @@ -541,18 +559,31 @@ def load_policy(policy_name): def dump_policy(): - if active_policy in ['NULL', 'INACTIVE']: + if active_policy in ['NULL', 'INACTIVE', 'INACCESSIBLE' ]: err("\'" + active_policy + "\' policy. Nothing to dump.") (ret, output) = commands.getstatusoutput(xensec_tool + " getpolicy") if ret: - err("Dumping hypervisor policy failed:\n" + output) + err("Dumping hypervisor policy failed:\n" + output) + print output +def dump_policy_file(filename, ssidref=None): + ssid = "" + if ssidref: + ssid = " " + str(ssidref) + (ret, output) = commands.getstatusoutput(xensec_tool + " dumppolicy " + + filename + ssid) + if ret: + err("Dumping policy failed:\n" + output) + + print output + def list_labels(policy_name, condition): - if (not policy_name) and (active_policy) in ["NULL", "INACTIVE", "DEFAULT"]: + if (not policy_name) and active_policy in \ + [ 'NULL', 'INACTIVE', 'DEFAULT', 'INACCESSIBLE' ]: err("Current policy \'" + active_policy + "\' has no labels defined.\n") (primary, secondary, f, pol_exists) = getmapfile(policy_name) diff -r 3165e43ce734 -r b1f6e77b69a5 tools/python/xen/xend/XendXSPolicy.py --- a/tools/python/xen/xend/XendXSPolicy.py Tue Oct 02 11:31:55 2007 -0600 +++ b/tools/python/xen/xend/XendXSPolicy.py Wed Oct 03 14:07:30 2007 +0100 @@ -16,13 +16,15 @@ # Copyright (c) 2006 Xensource #============================================================================ +import base64 import logging +from xen.xend import XendDomain from xen.xend.XendBase import XendBase from xen.xend.XendError import * +from xen.xend.XendAPIConstants import * from xen.xend.XendXSPolicyAdmin import XSPolicyAdminInstance from xen.util import xsconstants import xen.util.xsm.xsm as security -import base64 log = logging.getLogger("xend.XendXSPolicy") log.setLevel(logging.TRACE) @@ -184,8 +186,13 @@ class XendACMPolicy(XendXSPolicy): 'header' ] return XendXSPolicy.getAttrRO() + attrRO + def getFuncs(self): + funcs = [ 'get_enforced_binary', 'get_VM_ssidref' ] + return XendBase.getFuncs() + funcs + getClass = classmethod(getClass) getAttrRO = classmethod(getAttrRO) + getFuncs = classmethod(getFuncs) def __init__(self, acmpol, record, uuid): """ acmpol = actual ACMPolicy object """ @@ -221,3 +228,25 @@ class XendACMPolicy(XendXSPolicy): def get_binary(self): polbin = self.acmpol.get_bin() return base64.b64encode(polbin) + + def get_VM_ssidref(self, vm_ref): + dom = XendDomain.instance().get_vm_by_uuid(vm_ref) + if not dom: + raise InvalidHandleError("VM", vm_ref) + if dom._stateGet() not in [ XEN_API_VM_POWER_STATE_RUNNING, \ + XEN_API_VM_POWER_STATE_PAUSED ]: + raise VMBadState("Domain is not running or paused.") + ssid = security.get_ssid(dom.getDomid()) + if not ssid: + raise SecurityError(-xsconstants.XSERR_GENERAL_FAILURE) + return ssid[3] + + def get_enforced_binary(self): + polbin = XSPolicyAdminInstance(). \ + get_enforced_binary(xsconstants.XS_POLICY_ACM) + if polbin: + return base64.b64encode(polbin) + return None + + get_enforced_binary = classmethod(get_enforced_binary) + get_VM_ssidref = classmethod(get_VM_ssidref) diff -r 3165e43ce734 -r b1f6e77b69a5 tools/python/xen/xend/XendXSPolicyAdmin.py --- a/tools/python/xen/xend/XendXSPolicyAdmin.py Tue Oct 02 11:31:55 2007 -0600 +++ b/tools/python/xen/xend/XendXSPolicyAdmin.py Wed Oct 03 14:07:30 2007 +0100 @@ -324,6 +324,11 @@ class XSPolicyAdmin: stes = loadedpol.policy_get_stes_of_vmlabel(tmp[2]) return stes + def get_enforced_binary(self, xstype): + res = None + if xstype == xsconstants.XS_POLICY_ACM: + res = ACMPolicy.get_enforced_binary() + return res poladmin = None diff -r 3165e43ce734 -r b1f6e77b69a5 tools/python/xen/xm/dumppolicy.py --- a/tools/python/xen/xm/dumppolicy.py Tue Oct 02 11:31:55 2007 -0600 +++ b/tools/python/xen/xm/dumppolicy.py Wed Oct 03 14:07:30 2007 +0100 @@ -17,9 +17,18 @@ #============================================================================ """Display currently enforced policy (low-level hypervisor representation). """ +import os import sys -from xen.util.xsm.xsm import XSMError, err, dump_policy +import base64 +import tempfile +import commands +from xen.util.xsm.xsm import XSMError, err, dump_policy, dump_policy_file from xen.xm.opts import OptionError +from xen.xm import main as xm_main +from xen.xm.main import server +from xen.util import xsconstants + +DOM0_UUID = "00000000-0000-0000-0000-000000000000" def help(): return """ @@ -30,7 +39,25 @@ def main(argv): if len(argv) != 1: raise OptionError("No arguments expected.") - dump_policy() + if xm_main.serverType == xm_main.SERVER_XEN_API: + try: + bin_pol = server.xenapi.ACMPolicy.get_enforced_binary() + if bin_pol: + dom0_ssid = server.xenapi.ACMPolicy.get_VM_ssidref(DOM0_UUID) + bin = base64.b64decode(bin_pol) + try: + fd, filename = tempfile.mkstemp(suffix=".bin") + os.write(fd, bin) + os.close(fd) + dump_policy_file(filename, dom0_ssid) + finally: + os.unlink(filename) + else: + err("No policy is installed.") + except Exception, e: + err("An error occurred getting the running policy: %s" % str(e)) + else: + dump_policy() if __name__ == '__main__': try: diff -r 3165e43ce734 -r b1f6e77b69a5 tools/python/xen/xm/labels.py --- a/tools/python/xen/xm/labels.py Tue Oct 02 11:31:55 2007 -0600 +++ b/tools/python/xen/xm/labels.py Wed Oct 03 14:07:30 2007 +0100 @@ -62,6 +62,8 @@ def labels(policy, ptype): policy = active_policy if active_policy in ['NULL', 'INACTIVE', 'DEFAULT']: raise OptionError('No policy active, you must specify a <policy>') + if active_policy in ['INACCESSIBLE']: + raise OptionError('Cannot access the policy. Try as root.') if not ptype or ptype == 'dom': condition = vm_label_re @@ -104,9 +106,9 @@ def labels_xapi(policy, ptype): for n in names: print n elif int(policystate['type']) == 0: - print "No policy installed on the system." + err("No policy installed on the system.") else: - print "Unsupported type of policy installed on the system." + err("Unsupported type of policy installed on the system.") if __name__ == '__main__': main(sys.argv) diff -r 3165e43ce734 -r b1f6e77b69a5 tools/security/secpol_tool.c --- a/tools/security/secpol_tool.c Tue Oct 02 11:31:55 2007 -0600 +++ b/tools/security/secpol_tool.c Wed Oct 03 14:07:30 2007 +0100 @@ -49,7 +49,9 @@ void usage(char *progname) "ACTION is one of:\n" "\t getpolicy\n" "\t dumpstats\n" - "\t loadpolicy <binary policy file>\n", progname); + "\t loadpolicy <binary policy file>\n" + "\t dumppolicy <binary policy file> [Dom-0 ssidref]\n", + progname); exit(-1); } @@ -288,53 +290,93 @@ int acm_domain_getpolicy(int xc_handle) return ret; } -/************************ load binary policy ******************************/ - -int acm_domain_loadpolicy(int xc_handle, const char *filename) +/************************ dump binary policy ******************************/ + +static int load_file(const char *filename, + uint8_t **buffer, off_t *len) { struct stat mystat; - int ret, fd; - off_t len; - uint8_t *buffer; - uint16_t chwall_ssidref, ste_ssidref; - - if ((ret = stat(filename, &mystat))) { + int ret = 0; + int fd; + + if ((ret = stat(filename, &mystat)) != 0) { printf("File %s not found.\n", filename); + ret = errno; goto out; } - len = mystat.st_size; - if ((buffer = malloc(len)) == NULL) { + *len = mystat.st_size; + + if ((*buffer = malloc(*len)) == NULL) { ret = -ENOMEM; goto out; } + if ((fd = open(filename, O_RDONLY)) <= 0) { ret = -ENOENT; printf("File %s not found.\n", filename); goto free_out; } - ret =acm_get_ssidref(xc_handle, 0, &chwall_ssidref, &ste_ssidref); - if (ret < 0) { + + if (*len == read(fd, *buffer, *len)) + return 0; + +free_out: + free(*buffer); + *buffer = NULL; + *len = 0; +out: + return ret; +} + +static int acm_domain_dumppolicy(const char *filename, uint32_t ssidref) +{ + uint8_t *buffer = NULL; + off_t len; + int ret = 0; + uint16_t chwall_ssidref, ste_ssidref; + + chwall_ssidref = (ssidref ) & 0xffff; + ste_ssidref = (ssidref >> 16) & 0xffff; + + if ((ret = load_file(filename, &buffer, &len)) == 0) { + acm_dump_policy_buffer(buffer, len, chwall_ssidref, ste_ssidref); + free(buffer); + } + + return ret; +} + +/************************ load binary policy ******************************/ + +int acm_domain_loadpolicy(int xc_handle, const char *filename) +{ + int ret; + off_t len; + uint8_t *buffer; + uint16_t chwall_ssidref, ste_ssidref; + struct acm_setpolicy setpolicy; + + ret = load_file(filename, &buffer, &len); + if (ret != 0) + goto out; + + ret = acm_get_ssidref(xc_handle, 0, &chwall_ssidref, &ste_ssidref); + if (ret < 0) goto free_out; - } - if (len == read(fd, buffer, len)) { - struct acm_setpolicy setpolicy; - /* dump it and then push it down into xen/acm */ - acm_dump_policy_buffer(buffer, len, chwall_ssidref, ste_ssidref); - set_xen_guest_handle(setpolicy.pushcache, buffer); - setpolicy.pushcache_size = len; - ret = xc_acm_op(xc_handle, ACMOP_setpolicy, &setpolicy, sizeof(setpolicy)); - - if (ret) - printf - ("ERROR setting policy.\n"); - else - printf("Successfully changed policy.\n"); - + + /* dump it and then push it down into xen/acm */ + acm_dump_policy_buffer(buffer, len, chwall_ssidref, ste_ssidref); + set_xen_guest_handle(setpolicy.pushcache, buffer); + setpolicy.pushcache_size = len; + ret = xc_acm_op(xc_handle, ACMOP_setpolicy, &setpolicy, sizeof(setpolicy)); + + if (ret) { + printf("ERROR setting policy.\n"); } else { - ret = -1; - } - close(fd); + printf("Successfully changed policy.\n"); + } + free_out: free(buffer); out: @@ -435,26 +477,56 @@ int main(int argc, char **argv) if (argc < 2) usage(argv[0]); - if ((xc_handle = xc_interface_open()) <= 0) { - printf("ERROR: Could not open xen privcmd device!\n"); - exit(-1); - } if (!strcmp(argv[1], "getpolicy")) { if (argc != 2) usage(argv[0]); + + if ((xc_handle = xc_interface_open()) <= 0) { + printf("ERROR: Could not open xen privcmd device!\n"); + exit(-1); + } + ret = acm_domain_getpolicy(xc_handle); + + xc_interface_close(xc_handle); } else if (!strcmp(argv[1], "loadpolicy")) { if (argc != 3) usage(argv[0]); + + if ((xc_handle = xc_interface_open()) <= 0) { + printf("ERROR: Could not open xen privcmd device!\n"); + exit(-1); + } + ret = acm_domain_loadpolicy(xc_handle, argv[2]); + + xc_interface_close(xc_handle); } else if (!strcmp(argv[1], "dumpstats")) { if (argc != 2) usage(argv[0]); + + if ((xc_handle = xc_interface_open()) <= 0) { + printf("ERROR: Could not open xen privcmd device!\n"); + exit(-1); + } + ret = acm_domain_dumpstats(xc_handle); + + xc_interface_close(xc_handle); + } else if (!strcmp(argv[1], "dumppolicy")) { + uint32_t ssidref = 0xffffffff; + if (argc < 3 || argc > 4) + usage(argv[0]); + if (argc == 4) { + if (!sscanf(argv[3], "%i", &ssidref)) { + printf("Error: Could not parse ssidref.\n"); + exit(-1); + } + } + ret = acm_domain_dumppolicy(argv[2], ssidref); } else usage(argv[0]); - xc_interface_close(xc_handle); - return ret; -} + return ret; +} _______________________________________________ Xen-changelog mailing list Xen-changelog@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-changelog
|
Lists.xenproject.org is hosted with RackSpace, monitoring our |