[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [Xen-devel] [Patch 2 / 8][ACM] - xen policy name support
This patch adds support in the hypervisor for the policy name attribute introduced into security policies. It also fixes a minor problem related to handling unsupported boot policies. Signed-off by: Reiner Sailer <sailer@xxxxxxxxxx> --- xen/acm/acm_core.c | 49 +++++++++++++++++++++++++++++++++++-------- xen/acm/acm_policy.c | 27 +++++++++++++++++++++-- xen/include/acm/acm_core.h | 4 ++- xen/include/public/acm.h | 18 ++++++++++----- xen/include/public/acm_ops.h | 2 - 5 files changed, 82 insertions(+), 18 deletions(-) Index: xen-unstable.hg-shype/xen/acm/acm_core.c =================================================================== --- xen-unstable.hg-shype.orig/xen/acm/acm_core.c +++ xen-unstable.hg-shype/xen/acm/acm_core.c @@ -70,17 +70,46 @@ acm_set_endian(void) u32 test = 1; if (*((u8 *)&test) == 1) { - printk("ACM module running in LITTLE ENDIAN.\n"); + printkd("ACM module running in LITTLE ENDIAN.\n"); little_endian = 1; } else { - printk("ACM module running in BIG ENDIAN.\n"); + printkd("ACM module running in BIG ENDIAN.\n"); little_endian = 0; } } int +acm_set_policy_reference(u8 * buf, u32 buf_size) +{ + struct acm_policy_reference_buffer *pr = (struct acm_policy_reference_buffer *)buf; + acm_bin_pol.policy_reference_name = (char *)xmalloc_array(u8, ntohl(pr->len)); + + if (!acm_bin_pol.policy_reference_name) + return -ENOMEM; + + strcpy(acm_bin_pol.policy_reference_name, (char *)(buf + sizeof(struct acm_policy_reference_buffer))); + printk("%s: Activating policy %s\n", __func__, acm_bin_pol.policy_reference_name); + return 0; +} + +int +acm_dump_policy_reference(u8 *buf, u32 buf_size) +{ + struct acm_policy_reference_buffer *pr_buf = (struct acm_policy_reference_buffer *)buf; + int ret = sizeof(struct acm_policy_reference_buffer) + strlen(acm_bin_pol.policy_reference_name) + 1; + + if (buf_size < ret) + return -EINVAL; + + pr_buf->len = htonl(strlen(acm_bin_pol.policy_reference_name) + 1); /* including stringend '\0' */ + strcpy((char *)(buf + sizeof(struct acm_policy_reference_buffer)), + acm_bin_pol.policy_reference_name); + return ret; +} + +int acm_init_binary_policy(u32 policy_code) { int ret = ACM_OK; @@ -198,7 +227,7 @@ acm_setup(unsigned int *initrdidx, 0); if (rc == ACM_OK) { - printf("Policy len 0x%lx, start at %p.\n",_policy_len,_policy_start); + printkd("Policy len 0x%lx, start at %p.\n",_policy_len,_policy_start); if (i == 1) { if (mbi->mods_count > 2) @@ -218,6 +247,8 @@ acm_setup(unsigned int *initrdidx, else { printk("Invalid policy. %d.th module line.\n", i+1); + /* load default policy later */ + acm_active_security_policy = ACM_POLICY_UNDEFINED; } } /* end if a binary policy definition, i.e., (ntohl(pol->magic) == ACM_MAGIC ) */ } @@ -239,10 +270,8 @@ acm_init(unsigned int *initrdidx, if (acm_active_security_policy != ACM_POLICY_UNDEFINED) { - printk("%s: Boot-Policy. Enforcing %s: Primary %s, Secondary %s.\n", __func__, - ACM_POLICY_NAME(acm_active_security_policy), - ACM_POLICY_NAME(acm_bin_pol.primary_policy_code), - ACM_POLICY_NAME(acm_bin_pol.secondary_policy_code)); + printk("%s: Enforcing %s boot policy.\n", __func__, + ACM_POLICY_NAME(acm_active_security_policy)); goto out; } /* else continue with the minimal hardcoded default startup policy */ @@ -254,6 +283,10 @@ acm_init(unsigned int *initrdidx, goto out; } acm_active_security_policy = ACM_DEFAULT_SECURITY_POLICY; + if (acm_active_security_policy != ACM_NULL_POLICY) + acm_bin_pol.policy_reference_name = "DEFAULT"; + else + acm_bin_pol.policy_reference_name = "NULL"; out: if (ret != ACM_OK) @@ -314,7 +347,7 @@ acm_init_domain_ssid(domid_t id, ssidref put_domain(subj); return ACM_INIT_SSID_ERROR; } - printk("%s: assigned domain %x the ssidref=%x.\n", + printkd("%s: assigned domain %x the ssidref=%x.\n", __func__, id, ssid->ssidref); put_domain(subj); return ACM_OK; Index: xen-unstable.hg-shype/xen/acm/acm_policy.c =================================================================== --- xen-unstable.hg-shype.orig/xen/acm/acm_policy.c +++ xen-unstable.hg-shype/xen/acm/acm_policy.c @@ -85,13 +85,19 @@ acm_set_policy(void *buf, u32 buf_size, /* get bin_policy lock and rewrite policy (release old one) */ write_lock(&acm_bin_pol_rwlock); - /* 3. set primary policy data */ + /* 3. set label reference name */ + if (acm_set_policy_reference(buf + ntohl(pol->policy_reference_offset), + ntohl(pol->primary_buffer_offset) - + ntohl(pol->policy_reference_offset))) + goto error_lock_free; + + /* 4. set primary policy data */ if (acm_primary_ops->set_binary_policy(buf + ntohl(pol->primary_buffer_offset), ntohl(pol->secondary_buffer_offset) - ntohl(pol->primary_buffer_offset))) goto error_lock_free; - /* 4. set secondary policy data */ + /* 5. set secondary policy data */ if (acm_secondary_ops->set_binary_policy(buf + ntohl(pol->secondary_buffer_offset), ntohl(pol->len) - ntohl(pol->secondary_buffer_offset))) @@ -130,9 +136,18 @@ acm_get_policy(void *buf, u32 buf_size) bin_pol->secondary_policy_code = htonl(acm_bin_pol.secondary_policy_code); bin_pol->len = htonl(sizeof(struct acm_policy_buffer)); + bin_pol->policy_reference_offset = htonl(ntohl(bin_pol->len)); bin_pol->primary_buffer_offset = htonl(ntohl(bin_pol->len)); bin_pol->secondary_buffer_offset = htonl(ntohl(bin_pol->len)); + ret = acm_dump_policy_reference(policy_buffer + ntohl(bin_pol->policy_reference_offset), + buf_size - ntohl(bin_pol->policy_reference_offset)); + if (ret < 0) + goto error_free_unlock; + + bin_pol->len = htonl(ntohl(bin_pol->len) + ret); + bin_pol->primary_buffer_offset = htonl(ntohl(bin_pol->len)); + ret = acm_primary_ops->dump_binary_policy (policy_buffer + ntohl(bin_pol->primary_buffer_offset), buf_size - ntohl(bin_pol->primary_buffer_offset)); if (ret < 0) @@ -227,6 +242,14 @@ acm_get_ssid(ssidref_t ssidref, u8 *buf, acm_ssid->ssidref = ssidref; acm_ssid->primary_policy_code = acm_bin_pol.primary_policy_code; acm_ssid->secondary_policy_code = acm_bin_pol.secondary_policy_code; + + acm_ssid->policy_reference_offset = acm_ssid->len; + ret = acm_dump_policy_reference(ssid_buffer + acm_ssid->policy_reference_offset, + buf_size - acm_ssid->policy_reference_offset); + if (ret < 0) + goto error_free_unlock; + + acm_ssid->len += ret; acm_ssid->primary_types_offset = acm_ssid->len; /* ret >= 0 --> ret == max_types */ Index: xen-unstable.hg-shype/xen/include/acm/acm_core.h =================================================================== --- xen-unstable.hg-shype.orig/xen/include/acm/acm_core.h +++ xen-unstable.hg-shype/xen/include/acm/acm_core.h @@ -26,6 +26,7 @@ /* Xen-internal representation of the binary policy */ struct acm_binary_policy { + char *policy_reference_name; u16 primary_policy_code; u16 secondary_policy_code; }; @@ -124,7 +125,8 @@ int acm_get_policy(void *buf, u32 buf_si int acm_dump_statistics(void *buf, u16 buf_size); int acm_get_ssid(ssidref_t ssidref, u8 *buf, u16 buf_size); int acm_get_decision(ssidref_t ssidref1, ssidref_t ssidref2, enum acm_hook_type hook); - +int acm_set_policy_reference(u8 * buf, u32 buf_size); +int acm_dump_policy_reference(u8 *buf, u32 buf_size); #endif /* Index: xen-unstable.hg-shype/xen/include/public/acm.h =================================================================== --- xen-unstable.hg-shype.orig/xen/include/public/acm.h +++ xen-unstable.hg-shype/xen/include/public/acm.h @@ -51,17 +51,17 @@ /* policy: */ #define ACM_POLICY_NAME(X) \ - ((X) == (ACM_NULL_POLICY)) ? "NULL policy" : \ - ((X) == (ACM_CHINESE_WALL_POLICY)) ? "CHINESE WALL policy" : \ - ((X) == (ACM_SIMPLE_TYPE_ENFORCEMENT_POLICY)) ? "SIMPLE TYPE ENFORCEMENT policy" : \ - ((X) == (ACM_CHINESE_WALL_AND_SIMPLE_TYPE_ENFORCEMENT_POLICY)) ? "CHINESE WALL AND SIMPLE TYPE ENFORCEMENT policy" : \ - "UNDEFINED policy" + ((X) == (ACM_NULL_POLICY)) ? "NULL" : \ + ((X) == (ACM_CHINESE_WALL_POLICY)) ? "CHINESE WALL" : \ + ((X) == (ACM_SIMPLE_TYPE_ENFORCEMENT_POLICY)) ? "SIMPLE TYPE ENFORCEMENT" : \ + ((X) == (ACM_CHINESE_WALL_AND_SIMPLE_TYPE_ENFORCEMENT_POLICY)) ? "CHINESE WALL AND SIMPLE TYPE ENFORCEMENT" : \ + "UNDEFINED" /* the following policy versions must be increased * whenever the interpretation of the related * policy's data structure changes */ -#define ACM_POLICY_VERSION 1 +#define ACM_POLICY_VERSION 2 #define ACM_CHWALL_VERSION 1 #define ACM_STE_VERSION 1 @@ -113,12 +113,17 @@ struct acm_policy_buffer { uint32_t policy_version; /* ACM_POLICY_VERSION */ uint32_t magic; uint32_t len; + uint32_t policy_reference_offset; uint32_t primary_policy_code; uint32_t primary_buffer_offset; uint32_t secondary_policy_code; uint32_t secondary_buffer_offset; }; +struct acm_policy_reference_buffer { + uint32_t len; +}; + struct acm_chwall_policy_buffer { uint32_t policy_version; /* ACM_CHWALL_VERSION */ uint32_t policy_code; @@ -160,6 +165,7 @@ struct acm_ste_stats_buffer { struct acm_ssid_buffer { uint32_t len; ssidref_t ssidref; + uint32_t policy_reference_offset; uint32_t primary_policy_code; uint32_t primary_max_types; uint32_t primary_types_offset; Index: xen-unstable.hg-shype/xen/include/public/acm_ops.h =================================================================== --- xen-unstable.hg-shype.orig/xen/include/public/acm_ops.h +++ xen-unstable.hg-shype/xen/include/public/acm_ops.h @@ -17,7 +17,7 @@ * This makes sure that old versions of acm tools will stop working in a * well-defined way (rather than crashing the machine, for instance). */ -#define ACM_INTERFACE_VERSION 0xAAAA0005 +#define ACM_INTERFACE_VERSION 0xAAAA0006 /************************************************************************/ _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-devel
|
Lists.xenproject.org is hosted with RackSpace, monitoring our |