[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-devel] [PATCH][acm] Cleanup and support for policy decision command

  • To: <xen-devel@xxxxxxxxxxxxxxxxxxx>
  • From: Reiner Sailer <sailer@xxxxxxxxxx>
  • Date: Thu, 20 Oct 2005 14:15:23 -0400
  • Delivery-date: Thu, 20 Oct 2005 18:12:44 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xensource.com>
  • Sensitivity:

This patch to the Xen access control module (ACM) and tools:

  1. adapts ACM hooks to the slightly changed event channel structure
  2. introduces an ACM_GETDECISION command, which enables authorized domains to retrieve policy decisions regarding the sharing of resources (STE policy) from the Xen hypervisor
  3. includes cleanup (warnings I found when applying  analysis tools such as beam or flawfinder to the ACM code)

 The get_decision function is useful to enforce:
   *  the security policy on network traffic  in the network backends in domain 0; currently there is no enforcement in Dom0 and all packets flow freely
   *  the security policy in block device backends to control which domains can access which vdisk resources

I have added a small test program that shows how to use the get_decision ACM interface call, it is in tools/security/get_decision.c and will be compiled together with the policy tools. As usual, the ACM is unconfigured until you switch on a security policy on in Config.mk.


Signed-off: Reiner Sailer <sailer@xxxxxxxxxx>

Reiner Sailer, Research Staff Member, Secure Systems Department
IBM T J Watson Research Ctr, 19 Skyline Drive, Hawthorne NY 10532
Phone: 914 784 6280  (t/l 863)  Fax: 914 784 6205, sailer@xxxxxxxxxx  

Attachment: acm_get_decision.diff
Description: Binary data

Xen-devel mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.