Xen project Mailing List

[Xen-changelog] [xen-unstable] xen: XSPolicy.can_run hypervisor support

From: Xen patchbot-unstable <patchbot-unstable@xxxxxxxxxxxxxxxxxxx>

Date: Tue, 01 Apr 2008 09:20:09 -0700

Delivery-date: Tue, 01 Apr 2008 09:20:05 -0700

List-id: BK change log <xen-changelog.lists.xensource.com>

# HG changeset patch # User Keir Fraser <keir.fraser@xxxxxxxxxx> # Date 1207040818 -3600 # Node ID 05ac689a947393892f54d82b0dbe180840a80ad2 # Parent 76c4af29842f3f1f39aeae2d58873311fa83728e xen: XSPolicy.can_run hypervisor support Add functionality for checking whether a domain is in a conflict set with existing domains. Signed-off-by: Stefan Berger <stefanb@xxxxxxxxxx> --- xen/include/public/xsm/acm.h | 1 xen/include/xsm/acm/acm_hooks.h | 14 +++++++++ xen/xsm/acm/acm_chinesewall_hooks.c | 36 ++++++++++++++++++++++++ xen/xsm/acm/acm_policy.c | 3 ++ xen/xsm/acm/acm_simple_type_enforcement_hooks.c | 2 + 5 files changed, 56 insertions(+) diff -r 76c4af29842f -r 05ac689a9473 xen/include/public/xsm/acm.h --- a/xen/include/public/xsm/acm.h Tue Apr 01 10:05:52 2008 +0100 +++ b/xen/include/public/xsm/acm.h Tue Apr 01 10:06:58 2008 +0100 @@ -102,6 +102,7 @@ typedef uint32_t ssidref_t; #define ACMHOOK_none 0 #define ACMHOOK_sharing 1 #define ACMHOOK_authorization 2 +#define ACMHOOK_conflictset 3 /* -------security policy relevant type definitions-------- */ diff -r 76c4af29842f -r 05ac689a9473 xen/include/xsm/acm/acm_hooks.h --- a/xen/include/xsm/acm/acm_hooks.h Tue Apr 01 10:05:52 2008 +0100 +++ b/xen/include/xsm/acm/acm_hooks.h Tue Apr 01 10:06:58 2008 +0100 @@ -116,6 +116,7 @@ struct acm_operations { ssidref_t ssidref2); int (*authorization) (ssidref_t ssidref1, ssidref_t ssidref2); + int (*conflictset) (ssidref_t ssidref1); /* determine whether the default policy is installed */ int (*is_default_policy) (void); }; @@ -150,6 +151,8 @@ static inline int acm_sharing(ssidref_t static inline int acm_sharing(ssidref_t ssidref1, ssidref_t ssidref2) { return 0; } static inline int acm_authorization(ssidref_t ssidref1, ssidref_t ssidref2) +{ return 0; } +static inline int acm_conflictset(ssidref_t ssidref1) { return 0; } static inline int acm_domain_create(struct domain *d, ssidref_t ssidref) { return 0; } @@ -329,6 +332,17 @@ static inline int acm_authorization(ssid } +static inline int acm_conflictset(ssidref_t ssidref1) +{ + if ((acm_primary_ops->conflictset != NULL) && + acm_primary_ops->conflictset(ssidref1)) + return ACM_ACCESS_DENIED; + else if ((acm_secondary_ops->conflictset != NULL) && + acm_secondary_ops->conflictset(ssidref1)) + return ACM_ACCESS_DENIED; + return ACM_ACCESS_PERMITTED; +} + /* Return true iff buffer has an acm policy magic number. */ extern int acm_is_policy(char *buf, unsigned long len); diff -r 76c4af29842f -r 05ac689a9473 xen/xsm/acm/acm_chinesewall_hooks.c --- a/xen/xsm/acm/acm_chinesewall_hooks.c Tue Apr 01 10:05:52 2008 +0100 +++ b/xen/xsm/acm/acm_chinesewall_hooks.c Tue Apr 01 10:06:58 2008 +0100 @@ -641,6 +641,41 @@ static int chwall_is_default_policy(void (chwall_bin_pol.max_ssidrefs == 2 ) ); } + +static int chwall_is_in_conflictset(ssidref_t ssidref1) +{ + /* is ssidref1 in conflict with any running domains ? */ + int rc = 0; + int i, j; + ssidref_t ssid_chwall; + + read_lock(&acm_bin_pol_rwlock); + + ssid_chwall = GET_SSIDREF(ACM_CHINESE_WALL_POLICY, ssidref1); + + if ( ssid_chwall >= 0 && ssid_chwall < chwall_bin_pol.max_ssidrefs ) { + for ( i = 0; i < chwall_bin_pol.max_conflictsets && rc == 0; i++ ) { + for ( j = 0; j < chwall_bin_pol.max_types; j++ ) { + if ( chwall_bin_pol.conflict_aggregate_set + [i * chwall_bin_pol.max_types + j] && + chwall_bin_pol.ssidrefs + [ssid_chwall * chwall_bin_pol.max_types + j]) + { + rc = 1; + break; + } + } + } + } else { + rc = 1; + } + + read_unlock(&acm_bin_pol_rwlock); + + return rc; +} + + struct acm_operations acm_chinesewall_ops = { /* policy management services */ .init_domain_ssid = chwall_init_domain_ssid, @@ -666,6 +701,7 @@ struct acm_operations acm_chinesewall_op /* generic domain-requested decision hooks */ .sharing = NULL, .authorization = NULL, + .conflictset = chwall_is_in_conflictset, .is_default_policy = chwall_is_default_policy, }; diff -r 76c4af29842f -r 05ac689a9473 xen/xsm/acm/acm_policy.c --- a/xen/xsm/acm/acm_policy.c Tue Apr 01 10:05:52 2008 +0100 +++ b/xen/xsm/acm/acm_policy.c Tue Apr 01 10:06:58 2008 +0100 @@ -446,6 +446,9 @@ acm_get_decision(ssidref_t ssidref1, ssi ret = acm_authorization(ssidref1, ssidref2); break; + case ACMHOOK_conflictset: + ret = acm_conflictset(ssidref1); + default: /* deny */ break; diff -r 76c4af29842f -r 05ac689a9473 xen/xsm/acm/acm_simple_type_enforcement_hooks.c --- a/xen/xsm/acm/acm_simple_type_enforcement_hooks.c Tue Apr 01 10:05:52 2008 +0100 +++ b/xen/xsm/acm/acm_simple_type_enforcement_hooks.c Tue Apr 01 10:06:58 2008 +0100 @@ -899,8 +899,10 @@ struct acm_operations acm_simple_type_en .fail_grant_map_ref = NULL, .pre_grant_setup = ste_pre_grant_setup, .fail_grant_setup = NULL, + /* generic domain-requested decision hooks */ .sharing = ste_sharing, .authorization = ste_authorization, + .conflictset = NULL, .is_default_policy = ste_is_default_policy, }; _______________________________________________ Xen-changelog mailing list Xen-changelog@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-changelog

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.