Index: root/xen-unstable.hg/xen/acm/Makefile =================================================================== --- root.orig/xen-unstable.hg/xen/acm/Makefile +++ root/xen-unstable.hg/xen/acm/Makefile @@ -3,3 +3,5 @@ obj-y += acm_policy.o obj-y += acm_simple_type_enforcement_hooks.o obj-y += acm_chinesewall_hooks.o obj-y += acm_null_hooks.o +obj-$(x86_32) += acm_multiboot.o +obj-$(x86_64) += acm_multiboot.o Index: root/xen-unstable.hg/xen/acm/acm_multiboot.c =================================================================== --- /dev/null +++ root/xen-unstable.hg/xen/acm/acm_multiboot.c @@ -0,0 +1,54 @@ +#include +#include + +/* Fetch acm policy module from multiboot modules. */ +void +extract_acm_policy(multiboot_info_t *mbi, + unsigned int *initrdidx, + unsigned long initial_images_start, + char **_policy_start, unsigned long *_policy_len) +{ + int i; + module_t *mod = (module_t *)__va(mbi->mods_addr); + + if ( mbi->mods_count > 1 ) + *initrdidx = 1; + + /* + * Try all modules and see whichever could be the binary policy. + * Adjust the initrdidx if module[1] is the binary policy. + */ + for ( i = mbi->mods_count-1; i >= 1; i-- ) + { + unsigned long start; + char *policy_start; + unsigned long policy_len; + + start = initial_images_start + (mod[i].mod_start-mod[0].mod_start); +#if defined(__i386__) + policy_start = (char *)start; +#elif defined(__x86_64__) + policy_start = __va(start); +#else +#error Architecture unsupported by sHype +#endif + policy_len = mod[i].mod_end - mod[i].mod_start; + if ( acm_is_policy(policy_start, policy_len) ) + { + printf("Policy len 0x%lx, start at %p - module %d.\n", + policy_len, policy_start, i); + *_policy_start = policy_start; + *_policy_len = policy_len; + if ( i == 1 ) + { + if (mbi->mods_count > 2) + *initrdidx = 2; + else + *initrdidx = 0; + } + else + *initrdidx = 1; + break; + } + } +} Index: root/xen-unstable.hg/xen/include/asm-x86/acm.h =================================================================== --- /dev/null +++ root/xen-unstable.hg/xen/include/asm-x86/acm.h @@ -0,0 +1,41 @@ +#ifndef _XEN_ASM_ACM_H +#define _XEN_ASM_ACM_H + +#include +#include + +#ifdef ACM_SECURITY + +static inline +int acm_x86_init(multiboot_info_t *mbi, + unsigned int *initrdidx, + unsigned long initial_images_start) +{ + char *_policy_start = NULL; + unsigned long _policy_len = 0; + /* Extract policy from multiboot. */ + extract_acm_policy(mbi, + initrdidx, + initial_images_start, + &_policy_start, &_policy_len); + + /* + * Initialize access control security module no matter whether + * a policy has been found or not. + */ + return acm_init(_policy_start, _policy_len); +} + +#else + +static inline +int acm_x86_init(multiboot_info_t *mbi, + unsigned int *initrdidx, + unsigned long initial_images_start) +{ + return 0; +} + +#endif + +#endif Index: root/xen-unstable.hg/xen/acm/acm_chinesewall_hooks.c =================================================================== --- root.orig/xen-unstable.hg/xen/acm/acm_chinesewall_hooks.c +++ root/xen-unstable.hg/xen/acm/acm_chinesewall_hooks.c @@ -154,6 +154,8 @@ static int chwall_dump_policy(u8 * buf, ret = ntohl(chwall_buf->chwall_conflict_aggregate_offset) + sizeof(domaintype_t) * chwall_bin_pol.max_types; + ret = (ret + 7) & ~7; + if (buf_size < ret) return -EINVAL; Index: root/xen-unstable.hg/xen/acm/acm_simple_type_enforcement_hooks.c =================================================================== --- root.orig/xen-unstable.hg/xen/acm/acm_simple_type_enforcement_hooks.c +++ root/xen-unstable.hg/xen/acm/acm_simple_type_enforcement_hooks.c @@ -150,6 +150,8 @@ ste_dump_policy(u8 *buf, u32 buf_size) { ret = ntohl(ste_buf->ste_ssid_offset) + sizeof(domaintype_t)*ste_bin_pol.max_ssidrefs*ste_bin_pol.max_types; + ret = (ret + 7) & ~7; + if (buf_size < ret) return -EINVAL; Index: root/xen-unstable.hg/xen/arch/x86/setup.c =================================================================== --- root.orig/xen-unstable.hg/xen/arch/x86/setup.c +++ root/xen-unstable.hg/xen/arch/x86/setup.c @@ -25,6 +25,7 @@ #include #include #include +#include #include extern void dmi_scan_machine(void); @@ -202,55 +203,6 @@ static void __init percpu_free_unused_ar #endif } -/* Fecth acm policy module from multiboot modules. */ -static void -extract_acm_policy(multiboot_info_t *mbi, - unsigned int *initrdidx, - char **_policy_start, unsigned long *_policy_len) -{ - int i; - module_t *mod = (module_t *)__va(mbi->mods_addr); - - if ( mbi->mods_count > 1 ) - *initrdidx = 1; - - /* - * Try all modules and see whichever could be the binary policy. - * Adjust the initrdidx if module[1] is the binary policy. - */ - for ( i = mbi->mods_count-1; i >= 1; i-- ) - { - unsigned long start; - char *policy_start; - unsigned long policy_len; - - start = initial_images_start + (mod[i].mod_start-mod[0].mod_start); -#if defined(__i386__) - policy_start = (char *)start; -#elif defined(__x86_64__) - policy_start = __va(start); -#endif - policy_len = mod[i].mod_end - mod[i].mod_start; - if ( acm_is_policy(policy_start, policy_len) ) - { - printf("Policy len 0x%lx, start at %p - module %d.\n", - policy_len, policy_start, i); - *_policy_start = policy_start; - *_policy_len = policy_len; - if ( i == 1 ) - { - if (mbi->mods_count > 2) - *initrdidx = 2; - else - *initrdidx = 0; - } - else - *initrdidx = 1; - break; - } - } -} - static void __init init_idle_domain(void) { struct domain *idle_domain; @@ -273,8 +225,6 @@ void __init __start_xen(multiboot_info_t char __cmdline[] = "", *cmdline = __cmdline; unsigned long _initrd_start = 0, _initrd_len = 0; unsigned int initrdidx = 1; - char *_policy_start = NULL; - unsigned long _policy_len = 0; module_t *mod = (module_t *)__va(mbi->mods_addr); unsigned long nr_pages, modules_length; paddr_t s, e; @@ -616,11 +566,8 @@ void __init __start_xen(multiboot_info_t if ( opt_watchdog ) watchdog_enable(); - /* Extract policy from multiboot. */ - extract_acm_policy(mbi, &initrdidx, &_policy_start, &_policy_len); - /* initialize access control security module */ - acm_init(_policy_start, _policy_len); + acm_x86_init(mbi, &initrdidx, initial_images_start); /* Create initial domain 0. */ dom0 = domain_create(0); Index: root/xen-unstable.hg/xen/include/acm/acm_hooks.h =================================================================== --- root.orig/xen-unstable.hg/xen/include/acm/acm_hooks.h +++ root/xen-unstable.hg/xen/include/acm/acm_hooks.h @@ -143,15 +143,10 @@ static inline int acm_pre_grant_map_ref( { return 0; } static inline int acm_pre_grant_setup(domid_t id) { return 0; } -static inline int acm_init(unsigned int *initrdidx, - const multiboot_info_t *mbi, - unsigned long start) -{ return 0; } static inline void acm_post_domain0_create(domid_t domid) { return; } static inline int acm_sharing(ssidref_t ssidref1, ssidref_t ssidref2) { return 0; } - #else static inline int acm_pre_domain_create(void *subject_ssid, ssidref_t ssidref) @@ -375,6 +370,11 @@ extern int acm_init(char *policy_start, /* Return true iff buffer has an acm policy magic number. */ extern int acm_is_policy(char *buf, unsigned long len); +void extract_acm_policy(multiboot_info_t *mbi, + unsigned int *initrdidx, + unsigned long initial_images_start, + char **_policy_start, unsigned long *_policy_len); + #endif #endif