xend, acm: Extend Xen-API with function to reset the policy

This patch extends the Xen-API and the legacy XML-RPC interface with a
function to reset the policy on the system (through an update with the
default policy). I adapted the code in 'xm resetpolicy' to use this
now.

This patch also extends libxen and the documentation to reflect the
new function.

Signed-off-by: Stefan Berger <stefanb@us.ibm.com>

9 files changed, 152 insertions, 61 deletions

diff --git a/docs/xen-api/xenapi-datamodel.tex b/docs/xen-api/xenapi-datamodel.tex
index 29a2c30b99..c6a95883a5 100644
--- a/docs/xen-api/xenapi-datamodel.tex
+++ b/docs/xen-api/xenapi-datamodel.tex
@@ -14735,6 +14735,45 @@ xs\_policystate
 State information about the policy. In case an error occurred, the 'xs\_err'
 field contains the error code. The 'errors' may contain further information
 about the error.
+ \vspace{0.3cm}
+\vspace{0.3cm}
+\vspace{0.3cm}
+\subsubsection{RPC name:~reset\_xspolicy}
+
+{\bf Overview:}
+Attempt to reset the system's policy by installing the default policy.
+Since this function is implemented as an update to the current policy, it
+underlies the same restrictions. This function may fail if for example
+other domains than Domain-0 are running and use a different label than
+Domain-0
+
+\noindent {\bf Signature:}
+\begin{verbatim} xs_policystate reset_xspolicy (session_id s, xs_type type)
+\end{verbatim}
+
+\noindent{\bf Arguments:}
+
+\vspace{0.3cm}
+
+\begin{tabular}{|c|c|p{7cm}|}
+ \hline
+{\bf type} & {\bf name} & {\bf description} \\ \hline
+{\tt xs\_type } & type & the type of policy \\ \hline
+
+\end{tabular}
+
+\vspace{0.3cm}
+
+
+ \noindent {\bf Return Type:}
+{\tt
+xs\_policystate
+}
+
+
+State information about the policy. In case an error occurred, the 'xs\_err'
+field contains the error code. The 'errors' may contain further information
+about the error.
 \vspace{0.3cm}
 \vspace{0.3cm}
 \vspace{0.3cm}
diff --git a/tools/libxen/include/xen/api/xen_xspolicy.h b/tools/libxen/include/xen/api/xen_xspolicy.h
index 3ecdc4b54d..b0808f4d57 100644
--- a/tools/libxen/include/xen/api/xen_xspolicy.h
+++ b/tools/libxen/include/xen/api/xen_xspolicy.h
@@ -240,6 +240,19 @@ xen_xspolicy_set_xspolicy(xen_session *session, xen_xs_policystate **result,
                           bool overwrite);
 
 
+
+/**
+ * Attempt to reset the system's policy to the DEFAULT policy for the
+ * respective policy type. This is done by updating the system and therefore
+ * underlies the same restrictions of a policy update. This operation may
+ * for example fail if other domains than Domain-0 are running and have
+ * different labels than Domain-0.
+ */
+bool
+xen_xspolicy_reset_xspolicy(xen_session *session, xen_xs_policystate **result,
+                            xs_type type);
+
+
 /**
  * Remove any policy from having the system booted with.
  */
diff --git a/tools/libxen/src/xen_xspolicy.c b/tools/libxen/src/xen_xspolicy.c
index ccafe1f4e8..e5f290c1a1 100644
--- a/tools/libxen/src/xen_xspolicy.c
+++ b/tools/libxen/src/xen_xspolicy.c
@@ -225,6 +225,24 @@ xen_xspolicy_set_xspolicy(xen_session *session, xen_xs_policystate **result,
 
 
 bool
+xen_xspolicy_reset_xspolicy(xen_session *session, xen_xs_policystate **result,
+                            xs_type type)
+{
+    abstract_value param_values[] =
+        {
+            { .type = &abstract_type_int,
+              .u.int_val = type },
+        };
+
+    abstract_type result_type = xen_xs_policystate_abstract_type_;
+
+    *result = NULL;
+    XEN_CALL_("XSPolicy.reset_xspolicy");
+    return session->ok;
+}
+
+
+bool
 xen_xspolicy_get_xspolicy(xen_session *session, xen_xs_policystate **result)
 {
     abstract_value param_values[] =
diff --git a/tools/python/xen/util/acmpolicy.py b/tools/python/xen/util/acmpolicy.py
index a89acb34dd..48e044d318 100644
--- a/tools/python/xen/util/acmpolicy.py
+++ b/tools/python/xen/util/acmpolicy.py
@@ -86,7 +86,7 @@ DEFAULT_policy = \
 "  <SecurityLabelTemplate>\n" +\
 "    <SubjectLabels bootstrap=\"SystemManagement\">\n" +\
 "      <VirtualMachineLabel>\n" +\
-"        <Name>SystemManagement</Name>\n" +\
+"        <Name%s>SystemManagement</Name>\n" +\
 "        <SimpleTypeEnforcementTypes>\n" +\
 "          <Type>SystemManagement</Type>\n" +\
 "        </SimpleTypeEnforcementTypes>\n" +\
@@ -99,8 +99,11 @@ DEFAULT_policy = \
 "</SecurityPolicyDefinition>\n"
 
 
-def get_DEFAULT_policy():
-    return DEFAULT_policy
+def get_DEFAULT_policy(dom0label=""):
+    fromnode = ""
+    if dom0label != "":
+        fromnode = " from=\"%s\"" % dom0label
+    return DEFAULT_policy % fromnode
 
 def initialize():
     xoptions = XendOptions.instance()
@@ -375,6 +378,12 @@ class ACMPolicy(XSPolicy):
 
     force_default_policy = classmethod(force_default_policy)
 
+    def get_reset_policy_xml(klass):
+        dom0_label = security.get_ssid(0)[1]
+        return get_DEFAULT_policy(dom0_label)
+
+    get_reset_policy_xml = classmethod(get_reset_policy_xml)
+
     def __do_update_version_check(self, acmpol_new):
         acmpol_old = self
 
diff --git a/tools/python/xen/util/xsm/acm/acm.py b/tools/python/xen/util/xsm/acm/acm.py
index ebaddbb922..7973a5b704 100644
--- a/tools/python/xen/util/xsm/acm/acm.py
+++ b/tools/python/xen/util/xsm/acm/acm.py
@@ -86,6 +86,7 @@ xmlrpc_exports = [
   'list_labels',
   'get_labeled_resources',
   'set_policy',
+  'reset_policy',
   'get_policy',
   'activate_policy',
   'rm_bootpolicy',
@@ -567,6 +568,20 @@ def set_policy(xs_type, xml, flags, overwrite):
         err(str(e))
 
 
+def reset_policy():
+    """
+       Xend exports this function via XML-RPC
+    """
+    from xen.xend import XendXSPolicyAdmin
+    xspoladmin = XendXSPolicyAdmin.XSPolicyAdminInstance()
+    try:
+        acmpol, rc, errors = \
+             xspoladmin.reset_acmpolicy()
+        return rc, base64.b64encode(errors)
+    except Exception, e:
+        err(str(e))
+
+
 def get_policy():
     """
         Xend exports this function via XML-RPC
diff --git a/tools/python/xen/util/xsm/dummy/dummy.py b/tools/python/xen/util/xsm/dummy/dummy.py
index 7a07e906d0..66fc8c2bd2 100644
--- a/tools/python/xen/util/xsm/dummy/dummy.py
+++ b/tools/python/xen/util/xsm/dummy/dummy.py
@@ -21,6 +21,7 @@ xmlrpc_exports = [
   'list_labels',
   'get_labeled_resources',
   'set_policy',
+  'reset_policy',
   'get_policy',
   'activate_policy',
   'rm_bootpolicy',
@@ -102,6 +103,9 @@ def get_labeled_resources():
 def set_policy(xs_type, xml, flags, overwrite):
     err("Command not supported under xsm 'dummy' module.")
 
+def reset_policy():
+    err("Command not supported under xsm 'dummy' module.")
+
 def get_policy():
     return "", 0
 
diff --git a/tools/python/xen/xend/XendXSPolicy.py b/tools/python/xen/xend/XendXSPolicy.py
index 834857e40f..dff029ddde 100644
--- a/tools/python/xen/xend/XendXSPolicy.py
+++ b/tools/python/xen/xend/XendXSPolicy.py
@@ -43,6 +43,7 @@ class XendXSPolicy(XendBase):
     def getFuncs(self):
         funcs = [ 'get_xstype',
                   'set_xspolicy',
+                  'reset_xspolicy',
                   'get_xspolicy',
                   'rm_xsbootpolicy',
                   'get_resource_label',
@@ -104,6 +105,36 @@ class XendXSPolicy(XendBase):
             raise SecurityError(-xsconstants.XSERR_POLICY_TYPE_UNSUPPORTED)
         return polstate
 
+
+    def reset_xspolicy(self, xstype):
+        xstype = int(xstype)
+        polstate = { 'xs_ref': "", 'repr'   : "", 'type'   : 0,
+                     'flags' : 0 , 'version': 0 , 'errors' : "", 'xserr' : 0 }
+        if xstype == xsconstants.XS_POLICY_ACM:
+            poladmin = XSPolicyAdminInstance()
+            try:
+                (xspol, rc, errors) = poladmin.reset_acmpolicy()
+                if rc != 0:
+                    polstate.update( { 'xserr' : rc,
+                                       'errors': base64.b64encode(errors) } )
+                else:
+                    ref = xspol.get_ref()
+                    polstate = {
+                      'xs_ref' : ref,
+                      'flags'  : poladmin.get_policy_flags(xspol),
+                      'type'   : xstype,
+                      'repr'   : "",
+                      'version': xspol.get_version(),
+                      'errors' : base64.b64encode(errors),
+                      'xserr'  : rc,
+                    }
+            except Exception, e:
+                raise
+        else:
+            raise SecurityError(-xsconstants.XSERR_POLICY_TYPE_UNSUPPORTED)
+        return polstate
+
+
     def activate_xspolicy(self, flags):
         flags = int(flags)
         rc = -xsconstants.XSERR_GENERAL_FAILURE
@@ -162,6 +193,7 @@ class XendXSPolicy(XendBase):
     get_xstype      = classmethod(get_xstype)
     get_xspolicy    = classmethod(get_xspolicy)
     set_xspolicy    = classmethod(set_xspolicy)
+    reset_xspolicy  = classmethod(reset_xspolicy)
     rm_xsbootpolicy = classmethod(rm_xsbootpolicy)
     set_resource_label = classmethod(set_resource_label)
     get_resource_label = classmethod(get_resource_label)
diff --git a/tools/python/xen/xend/XendXSPolicyAdmin.py b/tools/python/xen/xend/XendXSPolicyAdmin.py
index cc861fda80..cf10ef2df4 100644
--- a/tools/python/xen/xend/XendXSPolicyAdmin.py
+++ b/tools/python/xen/xend/XendXSPolicyAdmin.py
@@ -179,6 +179,23 @@ class XSPolicyAdmin:
             self.xsobjs[ref]  = acmpol
         return (acmpol, xsconstants.XSERR_SUCCESS, errors)
 
+
+    def reset_acmpolicy(self):
+        """
+           Attempt to reset the system's policy by udating it with
+           the DEFAULT policy.
+        """
+        from xen.xend import XendDomain
+        domains = XendDomain.instance()
+        try:
+            domains.domains_lock.acquire()
+            xml = ACMPolicy.get_reset_policy_xml()
+            flags = xsconstants.XS_INST_BOOT | xsconstants.XS_INST_LOAD
+            return self.__add_acmpolicy_to_system(xml, flags, True)
+        finally:
+            domains.domains_lock.release()
+
+
     def make_boot_policy(self, acmpol):
         if acmpol.is_default_policy():
             return xsconstants.XSERR_SUCCESS
diff --git a/tools/python/xen/xm/resetpolicy.py b/tools/python/xen/xm/resetpolicy.py
index bc37760d2c..c88b427f2a 100644
--- a/tools/python/xen/xm/resetpolicy.py
+++ b/tools/python/xen/xm/resetpolicy.py
@@ -26,40 +26,6 @@ from xen.xm.main import server
 from xen.util import xsconstants
 from xen.util.acmpolicy import ACMPolicy
 
-DOM0_UUID = "00000000-0000-0000-0000-000000000000"
-
-DEFAULT_policy_template = \
-"<?xml version=\"1.0\" ?>" +\
-"<SecurityPolicyDefinition xmlns=\"http://www.ibm.com\" xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\" xsi:schemaLocation=\"http://www.ibm.com ../../security_policy.xsd\">" +\
-"  <PolicyHeader>" +\
-"    <PolicyName>DEFAULT</PolicyName>" +\
-"    <Version>1.0</Version>" +\
-"  </PolicyHeader>" +\
-"  <SimpleTypeEnforcement>" +\
-"    <SimpleTypeEnforcementTypes>" +\
-"      <Type>SystemManagement</Type>" +\
-"    </SimpleTypeEnforcementTypes>" +\
-"  </SimpleTypeEnforcement>" +\
-"  <ChineseWall>" +\
-"    <ChineseWallTypes>" +\
-"      <Type>SystemManagement</Type>" +\
-"    </ChineseWallTypes>" +\
-"  </ChineseWall>" +\
-"  <SecurityLabelTemplate>" +\
-"    <SubjectLabels bootstrap=\"SystemManagement\">" +\
-"      <VirtualMachineLabel>" +\
-"        <Name%s>SystemManagement</Name>" +\
-"        <SimpleTypeEnforcementTypes>" +\
-"          <Type>SystemManagement</Type>" +\
-"        </SimpleTypeEnforcementTypes>" +\
-"        <ChineseWallTypes>" +\
-"          <Type/>" +\
-"        </ChineseWallTypes>" +\
-"      </VirtualMachineLabel>" +\
-"    </SubjectLabels>" +\
-"  </SecurityLabelTemplate>" +\
-"</SecurityPolicyDefinition>"
-
 
 def help():
     return """
@@ -69,16 +35,6 @@ def help():
     since otherwise this operation will fail.
     """
 
-def get_reset_policy_xml(dom0_seclab):
-    if dom0_seclab == "":
-        return DEFAULT_policy_template % ""
-    else:
-        poltyp, policy, label = dom0_seclab.split(":")
-        if label != "SystemManagement":
-            return DEFAULT_policy_template % \
-                   (" from=\"%s\"" % label)
-        else:
-            return DEFAULT_policy_template % ""
 
 def resetpolicy():
     msg = None
@@ -99,13 +55,8 @@ def resetpolicy():
            not acmpol.is_default_policy():
             msg = "Old policy not found in bootloader file."
 
-        seclab = server.xenapi.VM.get_security_label(DOM0_UUID)
-        xml = get_reset_policy_xml(seclab)
         try:
-            policystate = server.xenapi.XSPolicy.set_xspolicy(xs_type,
-                                                              xml,
-                                                              flags,
-                                                              True)
+            policystate = server.xenapi.XSPolicy.reset_xspolicy(xs_type)
         except Exception, e:
             raise security.XSMError("An error occurred resetting the "
                                     "policy: %s" % str(e))
@@ -130,14 +81,7 @@ def resetpolicy():
            not acmpol.is_default_policy():
             msg = "Old policy not found in bootloader file."
 
-        seclab = server.xend.security.get_domain_label(0)
-        if seclab[0] == '\'':
-            seclab =  seclab[1:]
-        xml = get_reset_policy_xml(seclab)
-        rc, errors = server.xend.security.set_policy(xs_type,
-                                                     xml,
-                                                     flags,
-                                                     True)
+        rc, errors = server.xend.security.reset_policy()
         if rc != xsconstants.XSERR_SUCCESS:
             raise security.XSMError("Could not reset the system's policy. "
                                     "Try to halt all guests.")