diff options
author | kfraser@localhost.localdomain <kfraser@localhost.localdomain> | 2007-04-25 09:31:52 +0100 |
---|---|---|
committer | kfraser@localhost.localdomain <kfraser@localhost.localdomain> | 2007-04-25 09:31:52 +0100 |
commit | 8c706ec28d6ac4805a513fe29850a97773a9a4ee (patch) | |
tree | c132620a84b923f69f957d5916a08d8a240c7b10 /tools/security | |
parent | 74fd18ac582e414dfe2baa88551965f72df8b7cd (diff) | |
download | xen-8c706ec28d6ac4805a513fe29850a97773a9a4ee.tar.gz xen-8c706ec28d6ac4805a513fe29850a97773a9a4ee.tar.bz2 xen-8c706ec28d6ac4805a513fe29850a97773a9a4ee.zip |
acm: Changes to XML schema of the policy
This patch changes the XML schema of the ACM policy to require a
version and that every conflict set have a name. Every VM label must
have one Chinese Wall Type and every resource label one Simple Type
Enforcement Type. As a consequence of this some example policies
needed to be changed. Also not offering that many configuration
options for compiling xen anymore to make things simpler.
Signed-off-by: Stefan Berger <stefanb@us.ibm.com>
Diffstat (limited to 'tools/security')
-rw-r--r-- | tools/security/Makefile | 15 | ||||
-rw-r--r-- | tools/security/policies/example/chwall/client_v1-security_policy.xml | 90 | ||||
-rw-r--r-- | tools/security/policies/example/client_v1-security_policy.xml (renamed from tools/security/policies/example/chwall_ste/client_v1-security_policy.xml) | 5 | ||||
-rw-r--r-- | tools/security/policies/example/test-security_policy.xml | 97 | ||||
-rw-r--r-- | tools/security/python/xensec_gen/cgi-bin/policy.cgi | 1 | ||||
-rw-r--r-- | tools/security/xensec_ezpolicy | 5 |
6 files changed, 108 insertions, 105 deletions
diff --git a/tools/security/Makefile b/tools/security/Makefile index d4cc1b9b95..2ce8fbf4df 100644 --- a/tools/security/Makefile +++ b/tools/security/Makefile @@ -16,12 +16,6 @@ LDFLAGS += $(shell xml2-config --libs ) # if this does not work, try -L/usr/l ifeq ($(ACM_DEFAULT_SECURITY_POLICY),ACM_NULL_POLICY) POLICY=null endif -ifeq ($(ACM_DEFAULT_SECURITY_POLICY),ACM_CHINESE_WALL_POLICY) -POLICY=chwall -endif -ifeq ($(ACM_DEFAULT_SECURITY_POLICY),ACM_SIMPLE_TYPE_ENFORCEMENT_POLICY) -POLICY=ste -endif ifeq ($(ACM_DEFAULT_SECURITY_POLICY),ACM_CHINESE_WALL_AND_SIMPLE_TYPE_ENFORCEMENT_POLICY) POLICY=chwall_ste endif @@ -46,7 +40,7 @@ ACM_SECGEN_HTMLDIR= /var/lib/xensec_gen ACM_SECGEN_CGIDIR = $(ACM_SECGEN_HTMLDIR)/cgi-bin ACM_SCHEMA = security_policy.xsd -ACM_EXAMPLES = chwall ste chwall_ste +ACM_EXAMPLES = client_v1 test ACM_POLICY_SUFFIX = security_policy.xml ifeq ($(ACM_SECURITY),y) @@ -66,8 +60,7 @@ install: all $(ACM_CONFIG_FILE) $(INSTALL_DATA) policies/$(ACM_SCHEMA) $(DESTDIR)$(ACM_POLICY_DIR) $(INSTALL_DIR) $(DESTDIR)$(ACM_POLICY_DIR)/example for i in $(ACM_EXAMPLES); do \ - $(INSTALL_DIR) $(DESTDIR)$(ACM_POLICY_DIR)/example/$$i; \ - $(INSTALL_DATA) policies/example/$$i/client_v1-$(ACM_POLICY_SUFFIX) $(DESTDIR)$(ACM_POLICY_DIR)/example/$$i; \ + $(INSTALL_DATA) policies/example/$$i-$(ACM_POLICY_SUFFIX) $(DESTDIR)$(ACM_POLICY_DIR)/example/; \ done $(INSTALL_DIR) $(DESTDIR)$(ACM_SCRIPT_DIR) $(INSTALL_PROG) $(ACM_SCRIPTS) $(DESTDIR)$(ACM_SCRIPT_DIR) @@ -94,10 +87,10 @@ build: $(ACM_INST_TOOLS) $(ACM_NOINST_TOOLS) chmod 700 $(ACM_SCRIPTS) xensec_tool: $(OBJS_TOOL) - $(CC) $(CFLAGS) $(LDFLAGS) -o $@ $^ -L$(XEN_LIBXC) -lxenctrl + $(CC) -g $(CFLAGS) $(LDFLAGS) -O0 -o $@ $^ -L$(XEN_LIBXC) -lxenctrl xensec_xml2bin: $(OBJS_XML2BIN) - $(CC) $(CFLAGS) $(LDFLAGS) -o $@ $^ + $(CC) -g $(CFLAGS) $(LDFLAGS) -O0 -o $@ $^ xensec_gen: xensec_gen.py cp -f $^ $@ diff --git a/tools/security/policies/example/chwall/client_v1-security_policy.xml b/tools/security/policies/example/chwall/client_v1-security_policy.xml deleted file mode 100644 index 6c1ee84e5e..0000000000 --- a/tools/security/policies/example/chwall/client_v1-security_policy.xml +++ /dev/null @@ -1,90 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<!-- Author: Reiner Sailer, Ray Valdez {sailer,rvaldez}@us.ibm.com --> -<!-- This file defines the security policies, which --> -<!-- can be enforced by the Xen Access Control Module. --> -<!-- Currently: Chinese Wall and Simple Type Enforcement--> -<SecurityPolicyDefinition xmlns="http://www.ibm.com" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.ibm.com ../../security_policy.xsd "> - <PolicyHeader> - <PolicyName>example.chwall.client_v1</PolicyName> - <PolicyUrl>www.ibm.com/example/chwall/client_v1</PolicyUrl> - <Date>2006-03-31</Date> - </PolicyHeader> - <!-- --> - <!-- example of a chinese wall type definition --> - <!-- along with its conflict sets --> - <!-- (typse in a confict set are exclusive, i.e. --> - <!-- once a Domain with one type of a set is --> - <!-- running, no other Domain with another type --> - <!-- of the same conflict set can start.) --> - <ChineseWall priority="PrimaryPolicyComponent"> - <ChineseWallTypes> - <Type>cw_SystemManagement</Type> - <Type>cw_Sensitive</Type> - <Type>cw_Isolated</Type> - <Type>cw_Distrusted</Type> - </ChineseWallTypes> - <ConflictSets> - <Conflict name="Protection1"> - <Type>cw_Sensitive</Type> - <Type>cw_Distrusted</Type> - </Conflict> - </ConflictSets> - </ChineseWall> - <SecurityLabelTemplate> - <SubjectLabels bootstrap="dom_SystemManagement"> - <!-- single ste typed domains --> - <!-- ACM enforces that only domains with --> - <!-- the same type can share information --> - <!-- --> - <!-- Bootstrap label is assigned to Dom0 --> - <VirtualMachineLabel> - <Name>dom_HomeBanking</Name> - <ChineseWallTypes> - <Type>cw_Sensitive</Type> - </ChineseWallTypes> - </VirtualMachineLabel> - - <VirtualMachineLabel> - <Name>dom_Fun</Name> - <ChineseWallTypes> - <Type>cw_Distrusted</Type> - </ChineseWallTypes> - </VirtualMachineLabel> - - <VirtualMachineLabel> - <!-- donating some cycles to seti@home --> - <Name>dom_BoincClient</Name> - <ChineseWallTypes> - <Type>cw_Isolated</Type> - </ChineseWallTypes> - </VirtualMachineLabel> - - <!-- Domains with multiple ste types services; such domains --> - <!-- must keep the types inside their domain safely confined. --> - <VirtualMachineLabel> - <Name>dom_SystemManagement</Name> - <ChineseWallTypes> - <Type>cw_SystemManagement</Type> - </ChineseWallTypes> - </VirtualMachineLabel> - - <VirtualMachineLabel> - <!-- serves persistent storage to other domains --> - <Name>dom_StorageDomain</Name> - <ChineseWallTypes> - <Type>cw_SystemManagement</Type> - </ChineseWallTypes> - </VirtualMachineLabel> - - <VirtualMachineLabel> - <!-- serves network access to other domains --> - <Name>dom_NetworkDomain</Name> - <ChineseWallTypes> - <Type>cw_SystemManagement</Type> - </ChineseWallTypes> - </VirtualMachineLabel> - </SubjectLabels> - </SecurityLabelTemplate> - -</SecurityPolicyDefinition> - diff --git a/tools/security/policies/example/chwall_ste/client_v1-security_policy.xml b/tools/security/policies/example/client_v1-security_policy.xml index 55da60af34..669f0696c5 100644 --- a/tools/security/policies/example/chwall_ste/client_v1-security_policy.xml +++ b/tools/security/policies/example/client_v1-security_policy.xml @@ -5,9 +5,10 @@ <!-- Currently: Chinese Wall and Simple Type Enforcement--> <SecurityPolicyDefinition xmlns="http://www.ibm.com" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.ibm.com ../../security_policy.xsd "> <PolicyHeader> - <PolicyName>example.chwall_ste.client_v1</PolicyName> - <PolicyUrl>www.ibm.com/example/chwall_ste/client_v1</PolicyUrl> + <PolicyName>example.client_v1</PolicyName> + <PolicyUrl>www.ibm.com/example/client_v1</PolicyUrl> <Date>2006-03-31</Date> + <Version>1.0</Version> </PolicyHeader> <!-- --> <!-- example of a simple type enforcement policy definition --> diff --git a/tools/security/policies/example/test-security_policy.xml b/tools/security/policies/example/test-security_policy.xml new file mode 100644 index 0000000000..0f338a2c0b --- /dev/null +++ b/tools/security/policies/example/test-security_policy.xml @@ -0,0 +1,97 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!-- Auto-generated by ezPolicy --> +<SecurityPolicyDefinition xmlns="http://www.ibm.com" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.ibm.com ../../security_policy.xsd "> + <PolicyHeader> + <PolicyName>example.test</PolicyName> + <Date>Mon Apr 16 13:13:59 2007</Date> + <Version>1.0</Version> + </PolicyHeader> + + <SimpleTypeEnforcement> + <SimpleTypeEnforcementTypes> + <Type>SystemManagement</Type> + <Type>PepsiCo</Type> + <Type>CocaCola</Type> + </SimpleTypeEnforcementTypes> + </SimpleTypeEnforcement> + + <ChineseWall priority="PrimaryPolicyComponent"> + <ChineseWallTypes> + <Type>SystemManagement</Type> + <Type>PepsiCo</Type> + <Type>CocaCola</Type> + <Type>VIOServer</Type> + </ChineseWallTypes> + + </ChineseWall> + + <SecurityLabelTemplate> + <SubjectLabels bootstrap="SystemManagement"> + <VirtualMachineLabel> + <Name>SystemManagement</Name> + <SimpleTypeEnforcementTypes> + <Type>SystemManagement</Type> + <Type>PepsiCo</Type> + <Type>CocaCola</Type> + </SimpleTypeEnforcementTypes> + <ChineseWallTypes> + <Type>SystemManagement</Type> + </ChineseWallTypes> + </VirtualMachineLabel> + + <VirtualMachineLabel> + <Name>PepsiCo</Name> + <SimpleTypeEnforcementTypes> + <Type>PepsiCo</Type> + </SimpleTypeEnforcementTypes> + <ChineseWallTypes> + <Type>PepsiCo</Type> + </ChineseWallTypes> + </VirtualMachineLabel> + + <VirtualMachineLabel> + <Name>CocaCola</Name> + <SimpleTypeEnforcementTypes> + <Type>CocaCola</Type> + </SimpleTypeEnforcementTypes> + <ChineseWallTypes> + <Type>CocaCola</Type> + </ChineseWallTypes> + </VirtualMachineLabel> + + <VirtualMachineLabel> + <Name>VIO</Name> + <SimpleTypeEnforcementTypes> + <Type>CocaCola</Type> + <Type>PepsiCo</Type> + </SimpleTypeEnforcementTypes> + <ChineseWallTypes> + <Type>VIOServer</Type> + </ChineseWallTypes> + </VirtualMachineLabel> + </SubjectLabels> + + <ObjectLabels> + <ResourceLabel> + <Name>SystemManagement</Name> + <SimpleTypeEnforcementTypes> + <Type>SystemManagement</Type> + </SimpleTypeEnforcementTypes> + </ResourceLabel> + + <ResourceLabel> + <Name>PepsiCo</Name> + <SimpleTypeEnforcementTypes> + <Type>PepsiCo</Type> + </SimpleTypeEnforcementTypes> + </ResourceLabel> + + <ResourceLabel> + <Name>CocaCola</Name> + <SimpleTypeEnforcementTypes> + <Type>CocaCola</Type> + </SimpleTypeEnforcementTypes> + </ResourceLabel> + </ObjectLabels> + </SecurityLabelTemplate> +</SecurityPolicyDefinition> diff --git a/tools/security/python/xensec_gen/cgi-bin/policy.cgi b/tools/security/python/xensec_gen/cgi-bin/policy.cgi index 5916e35ac4..d429c57cb1 100644 --- a/tools/security/python/xensec_gen/cgi-bin/policy.cgi +++ b/tools/security/python/xensec_gen/cgi-bin/policy.cgi @@ -1816,6 +1816,7 @@ def sendPHeaderXml( ): # Policy header definition print '<PolicyHeader>' print ' <PolicyName>' + formPolicyName[1] + '</PolicyName>' + print ' <Version>1.0</Version>' if len( formPolicyUrl[1] ) > 0: print ' <PolicyUrl>' + formPolicyUrl[1] + '</PolicyUrl>' if len( formPolicyRef[1] ) > 0: diff --git a/tools/security/xensec_ezpolicy b/tools/security/xensec_ezpolicy index eaf5f91340..970fb380b4 100644 --- a/tools/security/xensec_ezpolicy +++ b/tools/security/xensec_ezpolicy @@ -1131,15 +1131,16 @@ def dict_read(dictname, filename): #==================== Policy Generation/Translation functions -def printPolicyHeader (fd, policyname, timestamp): +def printPolicyHeader (fd, policyname, timestamp, version="1.0"): fd.write( """<?xml version=\"1.0\" encoding=\"UTF-8\"?> <!-- Auto-generated by ezPolicy --> <SecurityPolicyDefinition xmlns=\"http://www.ibm.com\" xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\" xsi:schemaLocation=\"http://www.ibm.com ../../security_policy.xsd \"> <PolicyHeader> <PolicyName>%s</PolicyName> <Date>%s</Date> + <Version>%s</Version> </PolicyHeader> -""" % (policyname, timestamp)) +""" % (policyname, timestamp, version)) |