diff options
author | Machon Gregory <mbgrego@tycho.ncsc.mil> | 2011-06-02 17:32:18 +0100 |
---|---|---|
committer | Machon Gregory <mbgrego@tycho.ncsc.mil> | 2011-06-02 17:32:18 +0100 |
commit | 8acc9d512e07e1134709cb0dd485853ef54a7873 (patch) | |
tree | 1d207a0e9d59ffe3efc17132c05e0faf7df7cfa9 /tools/libxl/libxl_flask.c | |
parent | 7b7866eb2689ba6334d4beb3e1a63afa376bab90 (diff) | |
download | xen-8acc9d512e07e1134709cb0dd485853ef54a7873.tar.gz xen-8acc9d512e07e1134709cb0dd485853ef54a7873.tar.bz2 xen-8acc9d512e07e1134709cb0dd485853ef54a7873.zip |
libxl: flask xsm support
Adds support for assigning a label to domains, obtaining and setting the
current enforcing mode, and loading a policy with xl command and libxl
header when the Flask XSM is in use. Adheres to the changes made by the
patch to remove exposure of libxenctrl/libxenstore headers via libxl.h.
Signed-Off-By: Machon Gregory <mbgrego@tycho.ncsc.mil>
Committed-by: Ian Jackson <ian.jackson@eu.citrix.com>
Diffstat (limited to 'tools/libxl/libxl_flask.c')
-rw-r--r-- | tools/libxl/libxl_flask.c | 71 |
1 files changed, 71 insertions, 0 deletions
diff --git a/tools/libxl/libxl_flask.c b/tools/libxl/libxl_flask.c new file mode 100644 index 0000000000..a5d0b8a4ce --- /dev/null +++ b/tools/libxl/libxl_flask.c @@ -0,0 +1,71 @@ +/* + * + * Author: Machon Gregory, <mbgrego@tycho.ncsc.mil> + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 2, + * as published by the Free Software Foundation. + */ + +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +#include <errno.h> +#include <xenctrl.h> + +#include "libxl.h" +#include "libxl_internal.h" + +int libxl_flask_context_to_sid(libxl_ctx *ctx, char *buf, size_t len, + uint32_t *ssidref) +{ + int rc; + + rc = xc_flask_context_to_sid(ctx->xch, buf, len, ssidref); + + return rc; +} + +int libxl_flask_sid_to_context(libxl_ctx *ctx, uint32_t ssidref, + char **buf, size_t *len) +{ + int rc; + char tmp[XC_PAGE_SIZE]; + + rc = xc_flask_sid_to_context(ctx->xch, ssidref, tmp, sizeof(tmp)); + + if (!rc) { + *len = strlen(tmp); + *buf = strdup(tmp); + } + + return rc; +} + +int libxl_flask_getenforce(libxl_ctx *ctx) +{ + int rc; + + rc = xc_flask_getenforce(ctx->xch); + + return rc; +} + +int libxl_flask_setenforce(libxl_ctx *ctx, int mode) +{ + int rc; + + rc = xc_flask_setenforce(ctx->xch, mode); + + return rc; +} + +int libxl_flask_loadpolicy(libxl_ctx *ctx, void *policy, uint32_t size) +{ + + int rc; + + rc = xc_flask_load(ctx->xch, policy, size); + + return rc; +} |