Xen project Mailing List

Re: [Xen-devel] [PATCH v2] xsm/flask: Handle policy load failures properly

From: Daniel De Graaf <dgdegra@xxxxxxxxxxxxx>

Date: Tue, 24 Feb 2015 10:53:55 -0500

Cc: andrew.cooper3@xxxxxxxxxx, julien.grall@xxxxxxxxxx, wei.liu2@xxxxxxxxxx, xen-devel@xxxxxxxxxxxxxxxxxxxx

Delivery-date: Tue, 24 Feb 2015 15:54:46 +0000

List-id: Xen developer discussion <xen-devel.lists.xen.org>

On 02/24/2015 05:11 AM, Jan Beulich wrote:

On 23.02.15 at 20:00, <dgdegra@xxxxxxxxxxxxx> wrote:

--- a/xen/xsm/flask/flask_op.c
+++ b/xen/xsm/flask/flask_op.c
@@ -506,6 +506,7 @@ static int flask_security_load(struct xen_flask_load *load)
  {
      int ret;
      void *buf = NULL;
+    int is_reload = ss_initialized;


I realize ss_initialized is int, but both it and the variable here are
really supposed to be bool_t.

OK, I will change the definition I added.

@@ -530,6 +531,10 @@ static int flask_security_load(struct xen_flask_load *load)
      if ( ret )
          goto out;

+    if ( !is_reload )
+        printk("Flask: Starting in %s mode.\n",
+            flask_enforcing ? "enforcing" : "permissive");


Do you really need this message here and ...

This one is only shown if you are doing a late policy load, and...

@@ -1643,14 +1641,17 @@ static __init int flask_init(void)
      if ( register_xsm(&flask_ops) )
          panic("Flask: Unable to register with XSM");

-    ret = security_load_policy(policy_buffer, policy_size);
+    if ( policy_size == 0 )
+    {
+        printk("Flask: Access controls disabled until policy is loaded.\n");
+        return;
+    }

-    if ( flask_enforcing )
-        printk("Flask:  Starting in enforcing mode.\n");
-    else
-        printk("Flask:  Starting in permissive mode.\n");
+    if ( security_load_policy(policy_buffer, policy_size) )
+        panic("Flask: Unable to load XSM policy");

-    return ret;
+    printk("Flask: Starting in %s mode.\n",
+        flask_enforcing ? "enforcing" : "permissive");


... here again?

This one is only shown if doing a policy load via the bootloader.

Also I'd appreciate if the printk()-s here could get proper XENLOG_*
attached.

Will do. I think I will also send a cleanup patch to remove the rather useless marker messages "Flask: Initializing." and "AVC INITIALIZED"; they convey no useful information. -- Daniel De Graaf National Security Agency _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx http://lists.xen.org/xen-devel

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.