diff options
| author | Daniel De Graaf <dgdegra@tycho.nsa.gov> | 2012-02-06 05:03:32 -0800 |
|---|---|---|
| committer | Daniel De Graaf <dgdegra@tycho.nsa.gov> | 2012-02-06 05:03:32 -0800 |
| commit | de9eedb0d2fec5003e528c8d8b0f772a587c6049 (patch) | |
| tree | b3d9016db22e79d1df824a6318abbb4e819cd7b1 /tools/flask/libflask | |
| parent | 52ff92ec89ea79108bf3347b19eb5d35fac9d2e1 (diff) | |
| download | xen-de9eedb0d2fec5003e528c8d8b0f772a587c6049.tar.gz xen-de9eedb0d2fec5003e528c8d8b0f772a587c6049.tar.bz2 xen-de9eedb0d2fec5003e528c8d8b0f772a587c6049.zip | |
tools/flask: remove libflask
This library has been deprecated since July 2010; remove the in-tree
users and library.
Signed-off-by: Daniel De Graaf <dgdegra@tycho.nsa.gov>
Committed-by: Keir Fraser <keir@xen.org>
Diffstat (limited to 'tools/flask/libflask')
| -rw-r--r-- | tools/flask/libflask/Makefile | 58 | ||||
| -rw-r--r-- | tools/flask/libflask/flask_op.c | 559 | ||||
| -rw-r--r-- | tools/flask/libflask/include/libflask.h | 57 |
3 files changed, 0 insertions, 674 deletions
diff --git a/tools/flask/libflask/Makefile b/tools/flask/libflask/Makefile deleted file mode 100644 index 12c1c90770..0000000000 --- a/tools/flask/libflask/Makefile +++ /dev/null @@ -1,58 +0,0 @@ -MAJOR = 1.0 -MINOR = 0 - -XEN_ROOT = $(CURDIR)/../../.. -include $(XEN_ROOT)/tools/Rules.mk - -SRCS := -SRCS += flask_op.c - -CFLAGS += -Werror -CFLAGS += -fno-strict-aliasing -CFLAGS += -I./include $(CFLAGS_libxenctrl) $(CFLAGS_xeninclude) - -LIB_OBJS := $(patsubst %.c,%.o,$(SRCS)) -PIC_OBJS := $(patsubst %.c,%.opic,$(SRCS)) - -LIB := libflask.a -LIB += libflask.so libflask.so.$(MAJOR) libflask.so.$(MAJOR).$(MINOR) - -.PHONY: all -all: build - -.PHONY: build -build: - $(MAKE) $(LIB) - -.PHONY: install -install: build - $(INSTALL_DIR) $(DESTDIR)$(LIBDIR) - $(INSTALL_DIR) $(DESTDIR)$(INCLUDEDIR) - $(INSTALL_PROG) libflask.so.$(MAJOR).$(MINOR) $(DESTDIR)$(LIBDIR) - $(INSTALL_DATA) libflask.a $(DESTDIR)$(LIBDIR) - ln -sf libflask.so.$(MAJOR).$(MINOR) $(DESTDIR)$(LIBDIR)/libflask.so.$(MAJOR) - ln -sf libflask.so.$(MAJOR) $(DESTDIR)$(LIBDIR)/libflask.so - $(INSTALL_DATA) include/libflask.h $(DESTDIR)$(INCLUDEDIR)/xen/xsm - -.PHONY: TAGS -TAGS: - etags -t *.c *.h - -.PHONY: clean -clean: - rm -rf *.a *.so* *.o *.opic *.rpm $(LIB) *~ $(DEPS) xen - -# libflask - -libflask.a: $(LIB_OBJS) - $(AR) rc $@ $^ - -libflask.so: libflask.so.$(MAJOR) - ln -sf $< $@ -libflask.so.$(MAJOR): libflask.so.$(MAJOR).$(MINOR) - ln -sf $< $@ - -libflask.so.$(MAJOR).$(MINOR): $(PIC_OBJS) - $(CC) $(LDFLAGS) -Wl,$(SONAME_LDFLAG) -Wl,libflask.so.$(MAJOR) $(SHLIB_LDFLAGS) -o $@ $^ $(LDLIBS_libxenctrl) - --include $(DEPS) diff --git a/tools/flask/libflask/flask_op.c b/tools/flask/libflask/flask_op.c deleted file mode 100644 index 412a05d7c5..0000000000 --- a/tools/flask/libflask/flask_op.c +++ /dev/null @@ -1,559 +0,0 @@ -/* - * - * Authors: Michael LeMay, <mdlemay@epoch.ncsc.mil> - * George Coker, <gscoker@alpha.ncsc.mil> - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License version 2, - * as published by the Free Software Foundation. - */ - -#include <unistd.h> -#include <stdio.h> -#include <errno.h> -#include <fcntl.h> -#include <string.h> -#include <sys/mman.h> -#include <sys/types.h> -#include <sys/stat.h> -#include <stdlib.h> -#include <stdint.h> -#include <sys/ioctl.h> -#include <libflask.h> - -int flask_load(xc_interface *xc_handle, char *buf, uint32_t size) -{ - int err; - flask_op_t op; - - op.cmd = FLASK_LOAD; - op.buf = buf; - op.size = size; - - if ( (err = xc_flask_op(xc_handle, &op)) != 0 ) - return err; - - return 0; -} - -int flask_context_to_sid(xc_interface *xc_handle, char *buf, uint32_t size, uint32_t *sid) -{ - int err; - flask_op_t op; - - op.cmd = FLASK_CONTEXT_TO_SID; - op.buf = buf; - op.size = size; - - if ( (err = xc_flask_op(xc_handle, &op)) != 0 ) - return err; - - sscanf(buf, "%u", sid); - - return 0; -} - -int flask_sid_to_context(xc_interface *xc_handle, int sid, char *buf, uint32_t size) -{ - int err; - flask_op_t op; - - op.cmd = FLASK_SID_TO_CONTEXT; - op.buf = buf; - op.size = size; - - snprintf(buf, size, "%u", sid); - - if ( (err = xc_flask_op(xc_handle, &op)) != 0 ) - return err; - - return 0; -} - -int flask_getenforce(xc_interface *xc_handle) -{ - int err; - flask_op_t op; - char buf[20]; - int size = 20; - int mode; - - op.cmd = FLASK_GETENFORCE; - op.buf = buf; - op.size = size; - - if ( (err = xc_flask_op(xc_handle, &op)) != 0 ) - return err; - - sscanf(buf, "%i", &mode); - - return mode; -} - -int flask_setenforce(xc_interface *xc_handle, int mode) -{ - int err; - flask_op_t op; - char buf[20]; - int size = 20; - - op.cmd = FLASK_SETENFORCE; - op.buf = buf; - op.size = size; - - snprintf(buf, size, "%i", mode); - - if ( (err = xc_flask_op(xc_handle, &op)) != 0 ) - return err; - - return 0; -} - -int flask_getbool_byid(xc_interface *xc_handle, int id, char *name, int *curr, int *pend) -{ - flask_op_t op; - char buf[255]; - int rv; - - op.cmd = FLASK_GETBOOL2; - op.buf = buf; - op.size = 255; - - snprintf(buf, sizeof buf, "%i", id); - - rv = xc_flask_op(xc_handle, &op); - - if ( rv ) - return rv; - - sscanf(buf, "%i %i %s", curr, pend, name); - - return rv; -} - -int flask_getbool_byname(xc_interface *xc_handle, char *name, int *curr, int *pend) -{ - flask_op_t op; - char buf[255]; - int rv; - - op.cmd = FLASK_GETBOOL_NAMED; - op.buf = buf; - op.size = 255; - - strncpy(buf, name, op.size); - - rv = xc_flask_op(xc_handle, &op); - - if ( rv ) - return rv; - - sscanf(buf, "%i %i", curr, pend); - - return rv; -} - -int flask_setbool(xc_interface *xc_handle, char *name, int value, int commit) -{ - flask_op_t op; - char buf[255]; - int size = 255; - - op.cmd = FLASK_SETBOOL_NAMED; - op.buf = buf; - op.size = size; - - snprintf(buf, size, "%s %i %i", name, value, commit); - - return xc_flask_op(xc_handle, &op); -} - -int flask_add_pirq(xc_interface *xc_handle, unsigned int pirq, char *scontext) -{ - int err; - flask_op_t op; - char *buf; - char *pirq_s = OCON_PIRQ_STR; - int size = INITCONTEXTLEN + strlen(pirq_s) + (sizeof(unsigned int)) + - (sizeof(char) * 3); - - if ( (buf = (char *) malloc(size)) == NULL ) - return -ENOMEM; - memset(buf, 0, size); - - op.cmd = FLASK_ADD_OCONTEXT; - snprintf(buf, size, "%s %255s %u", pirq_s, scontext, pirq); - op.buf = buf; - op.size = size; - - if ( (err = xc_flask_op(xc_handle, &op)) != 0 ) - { - free(buf); - return err; - } - - free(buf); - return 0; - -} - -int flask_add_ioport(xc_interface *xc_handle, unsigned long low, unsigned long high, - char *scontext) -{ - int err; - flask_op_t op; - char *buf; - char *ioport = OCON_IOPORT_STR; - int size = INITCONTEXTLEN + strlen(ioport) + - (sizeof(unsigned long) * 2) + (sizeof(char) * 4); - - if ( (buf = (char *) malloc(size)) == NULL ) - return -ENOMEM; - memset(buf, 0, size); - - op.cmd = FLASK_ADD_OCONTEXT; - snprintf(buf, size, "%s %255s %lu %lu", ioport, scontext, low, high); - op.buf = buf; - op.size = size; - - if ( (err = xc_flask_op(xc_handle, &op)) != 0 ) - { - free(buf); - return err; - } - - free(buf); - return 0; - -} - -int flask_add_iomem(xc_interface *xc_handle, unsigned long low, unsigned long high, - char *scontext) -{ - int err; - flask_op_t op; - char *buf; - char *iomem = OCON_IOMEM_STR; - int size = INITCONTEXTLEN + strlen(iomem) + - (sizeof(unsigned long) * 2) + (sizeof(char) * 4); - - if ( (buf = (char *) malloc(size)) == NULL ) - return -ENOMEM; - memset(buf, 0, size); - - op.cmd = FLASK_ADD_OCONTEXT; - snprintf(buf, size, "%s %255s %lu %lu", iomem, scontext, low, high); - op.buf = buf; - op.size = size; - - if ( (err = xc_flask_op(xc_handle, &op)) != 0 ) - { - free(buf); - return err; - } - - free(buf); - return 0; - -} - -int flask_add_device(xc_interface *xc_handle, unsigned long device, char *scontext) -{ - int err; - flask_op_t op; - char *buf; - char *dev = OCON_DEVICE_STR; - int size = INITCONTEXTLEN + strlen(dev) + (sizeof(unsigned long)) + - (sizeof(char) * 3); - - if ( (buf = (char *) malloc(size)) == NULL ) - return -ENOMEM; - memset(buf, 0, size); - - op.cmd = FLASK_ADD_OCONTEXT; - snprintf(buf, size, "%s %255s %lu", dev, scontext, device); - op.buf = buf; - op.size = size; - - if ( (err = xc_flask_op(xc_handle, &op)) != 0 ) - { - free(buf); - return err; - } - - free(buf); - return 0; - -} - -int flask_del_pirq(xc_interface *xc_handle, unsigned int pirq) -{ - int err; - flask_op_t op; - char *buf; - char *pirq_s = OCON_PIRQ_STR; - int size = strlen(pirq_s) + (sizeof(unsigned int)) + - (sizeof(char) * 2); - - if ( (buf = (char *) malloc(size)) == NULL ) - return -ENOMEM; - memset(buf, 0, size); - - op.cmd = FLASK_DEL_OCONTEXT; - snprintf(buf, size, "%s %u", pirq_s, pirq); - op.buf = buf; - op.size = size; - - if ( (err = xc_flask_op(xc_handle, &op)) != 0 ) - { - free(buf); - return err; - } - - free(buf); - return 0; - -} - -int flask_del_ioport(xc_interface *xc_handle, unsigned long low, unsigned long high) -{ - int err; - flask_op_t op; - char *buf; - char *ioport = OCON_IOPORT_STR; - int size = strlen(ioport) + (sizeof(unsigned long) * 2) + - (sizeof(char) * 3); - - if ( (buf = (char *) malloc(size)) == NULL ) - return -ENOMEM; - memset(buf, 0, size); - - op.cmd = FLASK_DEL_OCONTEXT; - snprintf(buf, size, "%s %lu %lu", ioport, low, high); - op.buf = buf; - op.size = size; - - if ( (err = xc_flask_op(xc_handle, &op)) != 0 ) - { - free(buf); - return err; - } - - free(buf); - return 0; - -} - -int flask_del_iomem(xc_interface *xc_handle, unsigned long low, unsigned long high) -{ - int err; - flask_op_t op; - char *buf; - char *iomem = OCON_IOMEM_STR; - int size = strlen(iomem) + (sizeof(unsigned long) * 2) + - (sizeof(char) * 3); - - if ( (buf = (char *) malloc(size)) == NULL ) - return -ENOMEM; - memset(buf, 0, size); - - op.cmd = FLASK_DEL_OCONTEXT; - snprintf(buf, size, "%s %lu %lu", iomem, low, high); - op.buf = buf; - op.size = size; - - if ( (err = xc_flask_op(xc_handle, &op)) != 0 ) - { - free(buf); - return err; - } - - free(buf); - return 0; - -} - -int flask_del_device(xc_interface *xc_handle, unsigned long device) -{ - int err; - flask_op_t op; - char *buf; - char *dev = OCON_DEVICE_STR; - int size = strlen(dev) + (sizeof(unsigned long)) + (sizeof(char) * 2); - - if ( (buf = (char *) malloc(size)) == NULL ) - return -ENOMEM; - memset(buf, 0, size); - - op.cmd = FLASK_DEL_OCONTEXT; - snprintf(buf, size, "%s %lu", dev, device); - op.buf = buf; - op.size = size; - - if ( (err = xc_flask_op(xc_handle, &op)) != 0 ) - { - free(buf); - return err; - } - - free(buf); - return 0; - -} - -int flask_access(xc_interface *xc_handle, const char *scon, const char *tcon, - u_int16_t tclass, u_int32_t req, - u_int32_t *allowed, u_int32_t *decided, - u_int32_t *auditallow, u_int32_t *auditdeny, - u_int32_t *seqno) -{ -/* maximum number of digits in a 16-bit decimal number: */ -#define MAX_SHORT_DEC_LEN 5 - - char *buf; - int bufLen; - int err; - flask_op_t op; - u_int32_t dummy_allowed; - u_int32_t dummy_decided; - u_int32_t dummy_auditallow; - u_int32_t dummy_auditdeny; - u_int32_t dummy_seqno; - - if (!allowed) - allowed = &dummy_allowed; - if (!decided) - decided = &dummy_decided; - if (!auditallow) - auditallow = &dummy_auditallow; - if (!auditdeny) - auditdeny = &dummy_auditdeny; - if (!seqno) - seqno = &dummy_seqno; - - if (!scon) - return -EINVAL; - if (!tcon) - return -EINVAL; - - bufLen = strlen(scon) + 1 + strlen(tcon) + 1 + - MAX_SHORT_DEC_LEN + 1 + - sizeof(req)*2 + 1; - buf = malloc(bufLen); - snprintf(buf, bufLen, "%s %s %hu %x", scon, tcon, tclass, req); - - op.cmd = FLASK_ACCESS; - op.buf = buf; - op.size = strlen(buf)+1; - - if ( (err = xc_flask_op(xc_handle, &op)) != 0 ) - { - free(buf); - return err; - } - - if (sscanf(op.buf, "%x %x %x %x %u", - allowed, decided, - auditallow, auditdeny, - seqno) != 5) { - err = -EILSEQ; - } - - err = ((*allowed & req) == req)? 0 : -EPERM; - - return err; - -} - -int flask_avc_hashstats(xc_interface *xc_handle, char *buf, int size) -{ - int err; - flask_op_t op; - - op.cmd = FLASK_AVC_HASHSTATS; - op.buf = buf; - op.size = size; - - if ( (err = xc_flask_op(xc_handle, &op)) != 0 ) - { - free(buf); - return err; - } - - return 0; -} - -int flask_avc_cachestats(xc_interface *xc_handle, char *buf, int size) -{ - int err; - flask_op_t op; - - op.cmd = FLASK_AVC_CACHESTATS; - op.buf = buf; - op.size = size; - - if ( (err = xc_flask_op(xc_handle, &op)) != 0 ) - { - free(buf); - return err; - } - - return 0; -} - -int flask_policyvers(xc_interface *xc_handle, char *buf, int size) -{ - int err; - flask_op_t op; - - op.cmd = FLASK_POLICYVERS; - op.buf = buf; - op.size = size; - - if ( (err = xc_flask_op(xc_handle, &op)) != 0 ) - { - free(buf); - return err; - } - - return 0; -} - -int flask_getavc_threshold(xc_interface *xc_handle) -{ - int err; - flask_op_t op; - char buf[20]; - int size = 20; - int threshold; - - op.cmd = FLASK_GETAVC_THRESHOLD; - op.buf = buf; - op.size = size; - - if ( (err = xc_flask_op(xc_handle, &op)) != 0 ) - return err; - - sscanf(buf, "%i", &threshold); - - return threshold; -} - -int flask_setavc_threshold(xc_interface *xc_handle, int threshold) -{ - int err; - flask_op_t op; - char buf[20]; - int size = 20; - - op.cmd = FLASK_SETAVC_THRESHOLD; - op.buf = buf; - op.size = size; - - snprintf(buf, size, "%i", threshold); - - if ( (err = xc_flask_op(xc_handle, &op)) != 0 ) - return err; - - return 0; -} diff --git a/tools/flask/libflask/include/libflask.h b/tools/flask/libflask/include/libflask.h deleted file mode 100644 index b8a6ca934e..0000000000 --- a/tools/flask/libflask/include/libflask.h +++ /dev/null @@ -1,57 +0,0 @@ -/* - * - * Authors: Michael LeMay, <mdlemay@epoch.ncsc.mil> - * George Coker, <gscoker@alpha.ncsc.mil> - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License version 2, - * as published by the Free Software Foundation. - */ - -#ifndef __LIBFLASK_H__ -#define __LIBFLASK_H__ - -#include <stdint.h> -#include <xen/xen.h> -#include <xen/xsm/flask_op.h> -#include <xenctrl.h> - -int flask_load(xc_interface *xc_handle, char *buf, uint32_t size); -int flask_context_to_sid(xc_interface *xc_handle, char *buf, uint32_t size, uint32_t *sid); -int flask_sid_to_context(xc_interface *xc_handle, int sid, char *buf, uint32_t size); -int flask_getenforce(xc_interface *xc_handle); -int flask_setenforce(xc_interface *xc_handle, int mode); -int flask_getbool_byid(xc_interface *xc_handle, int id, char *name, int *curr, int *pend); -int flask_getbool_byname(xc_interface *xc_handle, char *name, int *curr, int *pend); -int flask_setbool(xc_interface *xc_handle, char *name, int value, int commit); -int flask_add_pirq(xc_interface *xc_handle, unsigned int pirq, char *scontext); -int flask_add_ioport(xc_interface *xc_handle, unsigned long low, unsigned long high, - char *scontext); -int flask_add_iomem(xc_interface *xc_handle, unsigned long low, unsigned long high, - char *scontext); -int flask_add_device(xc_interface *xc_handle, unsigned long device, char *scontext); -int flask_del_pirq(xc_interface *xc_handle, unsigned int pirq); -int flask_del_ioport(xc_interface *xc_handle, unsigned long low, unsigned long high); -int flask_del_iomem(xc_interface *xc_handle, unsigned long low, unsigned long high); -int flask_del_device(xc_interface *xc_handle, unsigned long device); -int flask_access(xc_interface *xc_handle, const char *scon, const char *tcon, - u_int16_t tclass, u_int32_t req, - u_int32_t *allowed, u_int32_t *decided, - u_int32_t *auditallow, u_int32_t *auditdeny, - u_int32_t *seqno); -int flask_avc_cachestats(xc_interface *xc_handle, char *buf, int size); -int flask_policyvers(xc_interface *xc_handle, char *buf, int size); -int flask_avc_hashstats(xc_interface *xc_handle, char *buf, int size); -int flask_getavc_threshold(xc_interface *xc_handle); -int flask_setavc_threshold(xc_interface *xc_handle, int threshold); -#define flask_add_single_ioport(x, l, s) flask_add_ioport(x, l, l, s) -#define flask_add_single_iomem(x, l, s) flask_add_iomem(x, l, l, s) -#define flask_del_single_ioport(x, l) flask_del_ioport(x, l, l) -#define flask_del_single_iomem(x, l) flask_del_iomem(x, l, l); - -#define OCON_PIRQ_STR "pirq" -#define OCON_IOPORT_STR "ioport" -#define OCON_IOMEM_STR "iomem" -#define OCON_DEVICE_STR "pcidevice" -#define INITCONTEXTLEN 256 -#endif /* __LIBFLASK_H__ */ |