--- xen-unstable.hg/tools/xm-test/lib/XmTestLib/acm.py | 8 xen-unstable.hg/tools/xm-test/tests/security-acm/10_security-acm_pol_update.py | 350 ++++++++++ xen-unstable.hg/tools/xm-test/tests/security-acm/Makefile.am | 8 xen-unstable.hg/tools/xm-test/tests/security-acm/xm-test-update-security_policy.xml | 117 +++ 4 files changed, 479 insertions(+), 4 deletions(-) Index: root/xen-unstable.hg/tools/xm-test/tests/security-acm/10_security-acm_pol_update.py =================================================================== --- /dev/null +++ root/xen-unstable.hg/tools/xm-test/tests/security-acm/10_security-acm_pol_update.py @@ -0,0 +1,350 @@ +#!/usr/bin/python + +# Copyright (C) International Business Machines Corp., 2006 +# Author: Stefan Berger +# + +import os +import re +import commands +from XmTestLib import * +import xen.util.xsm.xsm as security +from xen.util import xsconstants + +def checkLabel(labeldata, expected, domname): + if labeldata[0] != expected[0]: + FAIL("Policy type of %s is bad: %s" % (domname, labeldata[0])) + if labeldata[1] != expected[1]: + FAIL("Unexpected policy indicated in %s label '%s', expected '%s'." % + (domname, labeldata[1], expected[1])) + if labeldata[2] != expected[2]: + FAIL("%s does not have '%s' label but '%s'." % + (domname, expected[2], labeldata[2])) + +testpolicy = "xm-test" +testlabel1 = "blue" +testlabel2 = "red" +testlabel3 = "green" + +s, o = traceCommand('xm resources | grep -E "^[phy|file|vlan]" ') +resnames = [] +if o: + resnames = o.split('\n') + + for res in resnames: + s, o = traceCommand('xm rmlabel res %s' % res) + +#Unlabeled domain must not start under xm-test policy +domain_ul = XmTestDomain(name='domain-unlabeled', + extraConfig=None) +del domain_ul.config.opts['access_control'] +try: + domain_ul.start(noConsole=True) + FAIL("Could start unlabeled domain.") +except DomainError, e: + pass + + +config = {"access_control":"policy=%s,label=%s" % (testpolicy,testlabel1)} + +domain_blue = XmTestDomain(name='domain-%s' % testlabel1, + extraConfig=config) + +config = {"access_control":"policy=%s,label=%s" % (testpolicy,testlabel3)} + +domain_green = XmTestDomain(name='domain-%s' % testlabel3, + extraConfig=config) + + +try: + domain_blue.start(noConsole=True) +except DomainError, e: + if verbose: + print e.extra + FAIL("Unable to start blue labeled test domain") + +s, o = traceCommand('xm list Domain-0 --label | grep -E "Domain-0"') +if s: + FAIL("Could not get the label of Domain-0") + +info = o.strip().split(' ') +labeldata = info[-1].split(':') +if len(labeldata) != 3: + FAIL("Label of Domain-0 is bad: '%s'" % info[-1]) +checkLabel(labeldata, + [xsconstants.ACM_POLICY_ID, "xm-test", "SystemManagement"], + "Domain-0") + +# Should be able to set the Domain-0 label to blue +s, o = traceCommand('xm addlabel blue mgt Domain-0') +if s: + FAIL("Could not set the label of Domain-0 to 'blue'.") +s,o = traceCommand('xm list Domain-0 --label | grep -E "Domain-0"') +if s: + FAIL("Could not get the label of Domain-0") + +info = o.strip().split() +labeldata = info[-1].split(':') +if len(labeldata) != 3: + FAIL("Label of Domain-0 is bad: '%s'" % info[-1]) +checkLabel(labeldata, + [xsconstants.ACM_POLICY_ID, "xm-test", "blue"], + "Domain-0") + +#Should not be able to set the label of Domain-0 to 'red' +s, o = traceCommand('xm addlabel red mgt Domain-0') +if not s: + FAIL("Could set the label of Domain-0 to 'red'.") +s,o = traceCommand('xm list Domain-0 --label | grep -E "Domain-0"') +if s: + FAIL("Could not get the label of Domain-0") + +info = o.strip().split() +labeldata = info[-1].split(':') +if len(labeldata) != 3: + FAIL("Label of Domain-0 is bad: '%s'" % info[-1]) +checkLabel(labeldata, + [xsconstants.ACM_POLICY_ID, "xm-test", "blue"], + "Domain-0") + +# Should be able to set the label of Domain-0 to 'SystemManagement' +s, o = traceCommand('xm addlabel SystemManagement mgt Domain-0') +if s: + FAIL("Could not set the label of Domain-0 to 'SystemManagement'.") +s,o = traceCommand('xm list Domain-0 --label | grep -E "Domain-0"') +if s: + FAIL("Could not get the label of Domain-0") + +info = o.strip().split() +labeldata = info[-1].split(':') +if len(labeldata) != 3: + FAIL("Label of Domain-0 is bad: '%s'" % info[-1]) +checkLabel(labeldata, + [xsconstants.ACM_POLICY_ID, "xm-test", "SystemManagement"], + "Domain-0") + +#Label some resource green +#Label some resource red +#Label some resource blue + +s, o = traceCommand('xm addlabel green res file:/tmp/green') +if s: + FAIL("Could not label resource 'green'.") +s, o = traceCommand('xm addlabel red res file:/tmp/red') +if s: + FAIL("Could not label resource 'red'.") +s, o = traceCommand('xm addlabel blue res file:/tmp/blue') +if s: + FAIL("Could not label resrouce 'blue'") + +# Start a green domain +try: + domain_green.start(noConsole=True) +except DomainError, e: + if verbose: + print e.extra + FAIL("Unable to start green labeled test domain") + +# Update the system's policy. Should not work, since blue Domain is running +s, o = traceCommand('xm setpolicy ACM xm-test-update') +if not s: + FAIL("Could set the new policy even though blue domain is running.") + +s, o = traceCommand('xm getpolicy | grep "Policy name"') +info = o.split(':') +poldata = [i.strip() for i in info] + +if poldata[1] != 'xm-test': + FAIL("Policy should be 'xm-test' but is now '%s'." % poldata[1]) + +# Check that no labels have changed +s, o = traceCommand('xm getlabel res file:/tmp/green') +if s: + FAIL("Could not get label for green resource.") +label=o.strip() +if label != 'ACM:xm-test:green': + FAIL("Label for green resource has changed to '%s', but should not have," + % label) + +s, o = traceCommand('xm getlabel res file:/tmp/red') +if s: + FAIL("Could not get label for red resource.") +label=o.strip() +if label != 'ACM:xm-test:red': + FAIL("Label for red resource has changed to '%s', but should not have," + % label) + +s, o = traceCommand('xm getlabel res file:/tmp/blue') +if s: + FAIL("Could not get label for blue resource.") +label=o.strip() +if label != 'ACM:xm-test:blue': + FAIL("Label for blue resource has changed to '%s', but should not have," + % label) + +# Terminate blue domain +domain_blue.stop() + +# Update the system's policy. Should work and rename the green domain to GREEN +s, o = traceCommand('xm setpolicy ACM xm-test-update') +if s: + FAIL("Could not set the new policy.") + +acm.setCurrentPolicy('xm-test-update') + +s, o = traceCommand('xm getpolicy | grep "Policy name"') +info = o.split(':') +poldata = [i.strip() for i in info] + +if poldata[1] != 'xm-test-update': + FAIL("Policy should be 'xm-test-update' but is now '%s'." % poldata[1]) + +# check previously labeled resources +# - green should be GREEN now +# - blue should have been invalidated +# - red should be the same +s, o = traceCommand('xm getlabel res file:/tmp/green') +if s: + FAIL("Could not get label for GREEN resource.") +label=o.strip() +if label != 'ACM:xm-test-update:GREEN': + FAIL("Label for green resource has changed to '%s', but should not have," + % label) + +s, o = traceCommand('xm getlabel res file:/tmp/red') +if s: + FAIL("Could not get label for RED resource.") +label=o.strip() +if label != 'ACM:xm-test-update:RED': + FAIL("Label for RED resource has changed to '%s', expected is '%s'," + % (label,'ACM:xm-test-update:RED')) + +s, o = traceCommand('xm getlabel res file:/tmp/blue') +if s: + FAIL("Could not get label for blue resource.") +label=o.strip() +if label != 'INV_ACM:xm-test:blue': + FAIL("Label for blue resource has changed to '%s', expected is '%s'," + % (label,'INV_ACM:xm-test:blue')) + +config = {"access_control":"policy=%s,label=%s" % ('xm-test-update',testlabel2)} + +domain_red = XmTestDomain(name='domain-%s' % testlabel2, + extraConfig=config) + +# Start the red domain - should not work due to conflict set +try: + domain_red.start(noConsole=True) + FAIL("Could start 'red' domain.") +except DomainError, e: + pass + +# Terminate GREEN domain +domain_green.destroy() + +# Start the red domain - should work now +try: + domain_red.start() +except DomainError, e: + FAIL("Could not start 'red' domain.") + +# Stop the red domain. +domain_red.destroy() + +# Make Domain-0 GREEN +s, o = traceCommand('xm addlabel GREEN mgt Domain-0') +if s: + FAIL("Could not set Domain-0's label to 'GREEN'.") +s,o = traceCommand('xm list Domain-0 --label | grep -E "Domain-0"') +if s: + FAIL("Could not get the label of Domain-0") + +info = o.strip().split() +labeldata = info[-1].split(':') +if len(labeldata) != 3: + FAIL("Label of Domain-0 is bad: '%s'" % info[-1]) +checkLabel(labeldata, + [xsconstants.ACM_POLICY_ID, "xm-test-update", "GREEN"], + "Domain-0") + +# Start the red domain - should not work due to conflict set +try: + domain_red.start() + FAIL("Could start 'red' domain.") +except DomainError, e: + pass + +# Set Domain-0's domain to SystemManagement +s, o = traceCommand('xm addlabel SystemManagement mgt Domain-0') +if s: + FAIL("Could not set Domain-0's label to SystemManagement.") + +# Start unlabeled domain - should work +try: + domain_ul.start(noConsole=True) +except DomainError, e: + FAIL("Could not start unlabeled domain.") + +# Stop red domain +domain_red.destroy() + +# reset the policy - should not work +s, o = traceCommand('xm resetpolicy') +if not s: + FAIL("Could reset the policy.") + +# Stop unlabeled domain +domain_ul.destroy() + + +# Mark Domain-0 as red. This must not have any effect on the later reset +s, o = traceCommand('xm addlabel red mgt Domain-0') +if s: + FAIL("Could not set Domain-0's label to 'red'.") +s,o = traceCommand('xm list Domain-0 --label | grep -E "Domain-0"') +if s: + FAIL("Could not get the label of Domain-0") + +info = o.strip().split() +labeldata = info[-1].split(':') +if len(labeldata) != 3: + FAIL("Label of Domain-0 is bad: '%s'" % info[-1]) +checkLabel(labeldata, + [xsconstants.ACM_POLICY_ID, "xm-test-update", "red"], + "Domain-0") + +# reset the policy - should work +s, o = traceCommand('xm resetpolicy') +if s: + FAIL("Could not reset the policy.") + +# check previously labeled resources +# - GREEN should be invalid +# - red should be invalid +# - blue should be invalid +s, o = traceCommand('xm getlabel res file:/tmp/green') +if s: + FAIL("Could not get label for GREEN resource.") +label=o.strip() +exp='INV_ACM:xm-test-update:GREEN' +if label != exp: + FAIL("Label for green resource has changed to '%s', but should be '%s'," + % (label, exp)) + +s, o = traceCommand('xm getlabel res file:/tmp/red') +if s: + FAIL("Could not get label for RED resource.") +label=o.strip() +exp='INV_ACM:xm-test-update:RED' +if label != exp: + FAIL("Label for RED resource has changed to '%s', but should be '%s'.," + % (label, exp)) + +s, o = traceCommand('xm getlabel res file:/tmp/blue') +if s: + FAIL("Could not get label for blue resource.") +label=o.strip() +exp='INV_ACM:xm-test:blue' +if label != exp: + FAIL("Label for blue resource has changed to '%s', but should be '%s'," + % (label, exp)) Index: root/xen-unstable.hg/tools/xm-test/tests/security-acm/Makefile.am =================================================================== --- root.orig/xen-unstable.hg/tools/xm-test/tests/security-acm/Makefile.am +++ root/xen-unstable.hg/tools/xm-test/tests/security-acm/Makefile.am @@ -8,7 +8,8 @@ TESTS = 01_security-acm_basic.test \ 06_security-acm_dom_block_attach.test \ 07_security-acm_pol_update.test \ 08_security-acm_xapi.test \ - 09_security-acm_pol_update.test + 09_security-acm_pol_update.test \ + 10_security-acm_pol_update.test XFAIL_TESTS = @@ -19,8 +20,9 @@ TESTS_ENVIRONMENT=@TENV@ cp $< $@ chmod +x $@ @if [ -d /etc/xen/acm-security/policies ]; then \ - cp -f xm-test-security_policy.xml \ - /etc/xen/acm-security/policies; \ + cp -f xm-test-security_policy.xml \ + xm-test-update-security_policy.xml\ + /etc/xen/acm-security/policies; \ fi; clean-local: am_config_clean-local Index: root/xen-unstable.hg/tools/xm-test/tests/security-acm/xm-test-update-security_policy.xml =================================================================== --- /dev/null +++ root/xen-unstable.hg/tools/xm-test/tests/security-acm/xm-test-update-security_policy.xml @@ -0,0 +1,117 @@ + + + + + xm-test-update + Fri Sep 29 14:44:38 2006 + 1.1 + + xm-test + 1.0 + + + + + + SystemManagement + GREEN + red + __UNLABELED__ + + + + + + SystemManagement + GREEN + red + __UNLABELED__ + + + + + GREEN + red + + + + + + + + SystemManagement + + SystemManagement + GREEN + red + __UNLABELED__ + + + SystemManagement + + + + + GREEN + + GREEN + + + GREEN + + + + + red + + red + + + red + + + + + __UNLABELED__ + + __UNLABELED__ + + + __UNLABELED__ + + + + + + + + SystemManagement + + SystemManagement + + + + + GREEN + + GREEN + + + + + RED + + red + + + + + __UNLABELED__ + + __UNLABELED__ + + + + + + Index: root/xen-unstable.hg/tools/xm-test/lib/XmTestLib/acm.py =================================================================== --- root.orig/xen-unstable.hg/tools/xm-test/lib/XmTestLib/acm.py +++ root/xen-unstable.hg/tools/xm-test/lib/XmTestLib/acm.py @@ -30,11 +30,17 @@ except: labeled_resources = {} acm_verbose = False +policy='xm-test' + def isACMEnabled(): return security.on() -def ACMSetPolicy(policy='xm-test'): +def setCurrentPolicy(plcy): + global policy + policy = plcy + +def ACMSetPolicy(): cmd='xm dumppolicy | grep -E "^POLICY REFERENCE = ' + policy + '.$"' s, o = traceCommand(cmd) if o != "":