diff options
| author | kfraser@localhost.localdomain <kfraser@localhost.localdomain> | 2007-08-31 11:21:35 +0100 |
|---|---|---|
| committer | kfraser@localhost.localdomain <kfraser@localhost.localdomain> | 2007-08-31 11:21:35 +0100 |
| commit | d046f361dc937d8fc179cc2da168f571726cb5a0 (patch) | |
| tree | 578473169c1d081d7e3ed825d926377e4b8b9226 /xen/xsm/xsm_policy.c | |
| parent | 3d030c1164e2c7bfc4873368e14bae9cc0e23e16 (diff) | |
| download | xen-d046f361dc937d8fc179cc2da168f571726cb5a0.tar.gz xen-d046f361dc937d8fc179cc2da168f571726cb5a0.tar.bz2 xen-d046f361dc937d8fc179cc2da168f571726cb5a0.zip | |
Xen Security Modules: XSM
Signed-off-by: George Coker <gscoker@alpha.ncsc.mil>
Diffstat (limited to 'xen/xsm/xsm_policy.c')
| -rw-r--r-- | xen/xsm/xsm_policy.c | 67 |
1 files changed, 67 insertions, 0 deletions
diff --git a/xen/xsm/xsm_policy.c b/xen/xsm/xsm_policy.c new file mode 100644 index 0000000000..6da6e3164e --- /dev/null +++ b/xen/xsm/xsm_policy.c @@ -0,0 +1,67 @@ +/* + * Copyright (C) 2005 IBM Corporation + * + * Authors: + * Reiner Sailer, <sailer@watson.ibm.com> + * Stefan Berger, <stefanb@watson.ibm.com> + * + * Contributors: + * Michael LeMay, <mdlemay@epoch.ncsc.mil> + * George Coker, <gscoker@alpha.ncsc.mil> + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 2, + * as published by the Free Software Foundation. + * + * + * This file contains the XSM policy init functions for Xen. + * This file is based on the ACM functions of the same name. + * + */ + +#include <xsm/xsm.h> +#include <xen/multiboot.h> + +char *policy_buffer = NULL; +u32 policy_size = 0; + +int xsm_policy_init(unsigned int *initrdidx, const multiboot_info_t *mbi, + unsigned long initial_images_start) +{ + int i; + module_t *mod = (module_t *)__va(mbi->mods_addr); + int rc = 0; + u32 *_policy_start; + unsigned long start, _policy_len; + + /* + * Try all modules and see whichever could be the binary policy. + * Adjust the initrdidx if module[1] is the binary policy. + */ + for ( i = mbi->mods_count-1; i >= 1; i-- ) + { + start = initial_images_start + (mod[i].mod_start-mod[0].mod_start); +#if defined(__i386__) + _policy_start = (u32 *)start; +#elif defined(__x86_64__) + _policy_start = maddr_to_virt(start); +#endif + _policy_len = mod[i].mod_end - mod[i].mod_start; + + if ( (xsm_magic_t)(*_policy_start) == XSM_MAGIC ) + { + policy_buffer = (char *)_policy_start; + policy_size = _policy_len; + + printk("Policy len 0x%lx, start at %p.\n", + _policy_len,_policy_start); + + if ( i == 1 ) + *initrdidx = (mbi->mods_count > 2) ? 2 : 0; + break; + + } + } + + return rc; +} |