diff options
24 files changed, 61 insertions, 64 deletions
@@ -151,6 +151,7 @@ ^tools/python/build/.*$ ^tools/security/secpol_tool$ ^tools/security/xen/.*$ +^tools/security/xensec_tool$ ^tools/tests/blowfish\.bin$ ^tools/tests/blowfish\.h$ ^tools/tests/test_x86_emulator$ @@ -79,19 +79,9 @@ LDFLAGS += $(foreach i, $(EXTRA_LIB), -L$(i)) CFLAGS += $(foreach i, $(EXTRA_INCLUDES), -I$(i)) # Enable XSM security module. Enabling XSM requires selection of an -# XSM security module. +# XSM security module (FLASK_ENABLE or ACM_SECURITY). XSM_ENABLE ?= n -ifeq ($(XSM_ENABLE),y) FLASK_ENABLE ?= n -ifeq ($(FLASK_ENABLE),y) -FLASK_DEVELOP ?= y -FLASK_BOOTPARAM ?= y -FLASK_AVC_STATS ?= y -endif -endif - -# If ACM_SECURITY = y, then the access control module is compiled -# into Xen and the policy type can be set by the boot policy file ACM_SECURITY ?= n # Optional components diff --git a/tools/Rules.mk b/tools/Rules.mk index 4d0b193a53..aab715989b 100644 --- a/tools/Rules.mk +++ b/tools/Rules.mk @@ -49,6 +49,8 @@ mk-symlinks: ( cd xen/hvm && ln -sf ../../$(XEN_ROOT)/xen/include/public/hvm/*.h . ) mkdir -p xen/io ( cd xen/io && ln -sf ../../$(XEN_ROOT)/xen/include/public/io/*.h . ) + mkdir -p xen/xsm + ( cd xen/xsm && ln -sf ../../$(XEN_ROOT)/xen/include/public/xsm/*.h . ) mkdir -p xen/arch-x86 ( cd xen/arch-x86 && ln -sf ../../$(XEN_ROOT)/xen/include/public/arch-x86/*.h . ) mkdir -p xen/foreign diff --git a/tools/libxc/xenctrl.h b/tools/libxc/xenctrl.h index 73ff16c2cf..591e6c25a3 100644 --- a/tools/libxc/xenctrl.h +++ b/tools/libxc/xenctrl.h @@ -26,8 +26,8 @@ #include <xen/event_channel.h> #include <xen/sched.h> #include <xen/memory.h> -#include <xen/acm.h> -#include <xen/acm_ops.h> +#include <xen/xsm/acm.h> +#include <xen/xsm/acm_ops.h> #ifdef __ia64__ #define XC_PAGE_SHIFT 14 diff --git a/tools/python/xen/lowlevel/acm/acm.c b/tools/python/xen/lowlevel/acm/acm.c index 9b59ea48ed..0a37ba3d92 100644 --- a/tools/python/xen/lowlevel/acm/acm.c +++ b/tools/python/xen/lowlevel/acm/acm.c @@ -18,6 +18,7 @@ * * indent -i4 -kr -nut */ + #include <Python.h> #include <stdio.h> @@ -27,8 +28,8 @@ #include <stdlib.h> #include <sys/ioctl.h> #include <netinet/in.h> -#include <xen/acm.h> -#include <xen/acm_ops.h> +#include <xen/xsm/acm.h> +#include <xen/xsm/acm_ops.h> #include <xenctrl.h> diff --git a/tools/security/secpol_tool.c b/tools/security/secpol_tool.c index 9845ef6bb4..14b4bcc73d 100644 --- a/tools/security/secpol_tool.c +++ b/tools/security/secpol_tool.c @@ -34,8 +34,8 @@ #include <string.h> #include <netinet/in.h> #include <stdint.h> -#include <xen/acm.h> -#include <xen/acm_ops.h> +#include <xen/xsm/acm.h> +#include <xen/xsm/acm_ops.h> #include <xenctrl.h> diff --git a/tools/security/secpol_xml2bin.c b/tools/security/secpol_xml2bin.c index 98ef3e1af3..0fbe8efcbd 100644 --- a/tools/security/secpol_xml2bin.c +++ b/tools/security/secpol_xml2bin.c @@ -22,6 +22,7 @@ * * indent -i4 -kr -nut */ + #include <stdio.h> #include <stdlib.h> #include <string.h> @@ -38,7 +39,7 @@ #include <libxml/tree.h> #include <libxml/xmlreader.h> #include <stdint.h> -#include <xen/acm.h> +#include <xen/xsm/acm.h> #include "secpol_xml2bin.h" diff --git a/xen/Rules.mk b/xen/Rules.mk index acf739d8a8..b4abd642c7 100644 --- a/xen/Rules.mk +++ b/xen/Rules.mk @@ -57,11 +57,9 @@ ALL_OBJS-y += $(BASEDIR)/arch/$(TARGET_ARCH)/built_in.o CFLAGS-y += -g -D__XEN__ CFLAGS-$(XSM_ENABLE) += -DXSM_ENABLE -CFLAGS-$(FLASK_ENABLE) += -DFLASK_ENABLE -DXSM_MAGIC=0xf97cff8c -CFLAGS-$(FLASK_DEVELOP) += -DFLASK_DEVELOP -CFLAGS-$(FLASK_BOOTPARAM) += -DFLASK_BOOTPARAM -CFLAGS-$(FLASK_AVC_STATS) += -DFLASK_AVC_STATS -CFLAGS-$(ACM_SECURITY) += -DACM_SECURITY -DXSM_MAGIC=0xbcde0100 +CFLAGS-$(FLASK_ENABLE) += -DFLASK_ENABLE -DXSM_MAGIC=0xf97cff8c +CFLAGS-$(FLASK_ENABLE) += -DFLASK_DEVELOP -DFLASK_BOOTPARAM -DFLASK_AVC_STATS +CFLAGS-$(ACM_SECURITY) += -DACM_SECURITY -DXSM_MAGIC=0xbcde0100 CFLAGS-$(verbose) += -DVERBOSE CFLAGS-$(crash_debug) += -DCRASH_DEBUG CFLAGS-$(perfc) += -DPERF_COUNTERS diff --git a/xen/arch/ia64/xen/xensetup.c b/xen/arch/ia64/xen/xensetup.c index 8d2143eb0c..40b139f5d2 100644 --- a/xen/arch/ia64/xen/xensetup.c +++ b/xen/arch/ia64/xen/xensetup.c @@ -28,7 +28,7 @@ #include <asm/iosapic.h> #include <xen/softirq.h> #include <xen/rcupdate.h> -#include <acm/acm_hooks.h> +#include <xsm/acm/acm_hooks.h> #include <asm/sn/simulator.h> unsigned long xenheap_phys_end, total_pages; diff --git a/xen/arch/powerpc/setup.c b/xen/arch/powerpc/setup.c index 4607534c67..6abf10cf17 100644 --- a/xen/arch/powerpc/setup.c +++ b/xen/arch/powerpc/setup.c @@ -38,7 +38,7 @@ #include <xen/numa.h> #include <xen/rcupdate.h> #include <xen/version.h> -#include <acm/acm_hooks.h> +#include <xsm/acm/acm_hooks.h> #include <public/version.h> #include <asm/mpic.h> #include <asm/processor.h> diff --git a/xen/arch/x86/setup.c b/xen/arch/x86/setup.c index 5f6bd7330d..99b752ac38 100644 --- a/xen/arch/x86/setup.c +++ b/xen/arch/x86/setup.c @@ -32,7 +32,7 @@ #include <asm/desc.h> #include <asm/paging.h> #include <asm/e820.h> -#include <acm/acm_hooks.h> +#include <xsm/acm/acm_hooks.h> #include <xen/kexec.h> #include <asm/edd.h> #include <xsm/xsm.h> diff --git a/xen/include/public/acm.h b/xen/include/public/xsm/acm.h index 79fc510746..09e7879238 100644 --- a/xen/include/public/acm.h +++ b/xen/include/public/xsm/acm.h @@ -26,7 +26,7 @@ #ifndef _XEN_PUBLIC_ACM_H #define _XEN_PUBLIC_ACM_H -#include "xen.h" +#include "../xen.h" /* if ACM_DEBUG defined, all hooks should * print a short trace message (comment it out diff --git a/xen/include/public/acm_ops.h b/xen/include/public/xsm/acm_ops.h index 27a88720a7..1fef7a0f8b 100644 --- a/xen/include/public/acm_ops.h +++ b/xen/include/public/xsm/acm_ops.h @@ -26,7 +26,7 @@ #ifndef __XEN_PUBLIC_ACM_OPS_H__ #define __XEN_PUBLIC_ACM_OPS_H__ -#include "xen.h" +#include "../xen.h" #include "acm.h" /* diff --git a/xen/include/xen/sched.h b/xen/include/xen/sched.h index 703b339918..9135ca3b44 100644 --- a/xen/include/xen/sched.h +++ b/xen/include/xen/sched.h @@ -10,7 +10,7 @@ #include <public/xen.h> #include <public/domctl.h> #include <public/vcpu.h> -#include <public/acm.h> +#include <public/xsm/acm.h> #include <xen/time.h> #include <xen/timer.h> #include <xen/grant_table.h> @@ -63,6 +63,9 @@ struct evtchn u16 pirq; /* state == ECS_PIRQ */ u16 virq; /* state == ECS_VIRQ */ } u; +#ifdef FLASK_ENABLE + void *ssid; +#endif }; int evtchn_init(struct domain *d); diff --git a/xen/include/acm/acm_core.h b/xen/include/xsm/acm/acm_core.h index 1db2f32120..b6d30d7c7b 100644 --- a/xen/include/acm/acm_core.h +++ b/xen/include/xsm/acm/acm_core.h @@ -21,9 +21,9 @@ #include <xen/spinlock.h> #include <xen/list.h> -#include <public/acm.h> -#include <public/acm_ops.h> -#include <acm/acm_endian.h> +#include <public/xsm/acm.h> +#include <public/xsm/acm_ops.h> +#include <xsm/acm/acm_endian.h> #define ACM_DEFAULT_SECURITY_POLICY \ ACM_CHINESE_WALL_AND_SIMPLE_TYPE_ENFORCEMENT_POLICY diff --git a/xen/include/acm/acm_endian.h b/xen/include/xsm/acm/acm_endian.h index 11781dd4f4..11781dd4f4 100644 --- a/xen/include/acm/acm_endian.h +++ b/xen/include/xsm/acm/acm_endian.h diff --git a/xen/include/acm/acm_hooks.h b/xen/include/xsm/acm/acm_hooks.h index 896a901250..54bd15e2a0 100644 --- a/xen/include/acm/acm_hooks.h +++ b/xen/include/xsm/acm/acm_hooks.h @@ -26,8 +26,8 @@ #include <xen/delay.h> #include <xen/sched.h> #include <xen/multiboot.h> -#include <public/acm.h> -#include <acm/acm_core.h> +#include <public/xsm/acm.h> +#include <xsm/acm/acm_core.h> #include <public/domctl.h> #include <public/event_channel.h> #include <asm/current.h> diff --git a/xen/xsm/acm/acm_chinesewall_hooks.c b/xen/xsm/acm/acm_chinesewall_hooks.c index b05cecf9ae..5208d3ee45 100644 --- a/xen/xsm/acm/acm_chinesewall_hooks.c +++ b/xen/xsm/acm/acm_chinesewall_hooks.c @@ -36,12 +36,11 @@ #include <xen/lib.h> #include <xen/delay.h> #include <xen/sched.h> -#include <public/acm.h> +#include <public/xsm/acm.h> #include <asm/atomic.h> -#include <acm/acm_core.h> -#include <acm/acm_hooks.h> -#include <acm/acm_endian.h> -#include <acm/acm_core.h> +#include <xsm/acm/acm_core.h> +#include <xsm/acm/acm_hooks.h> +#include <xsm/acm/acm_endian.h> ssidref_t dom0_chwall_ssidref = 0x0001; diff --git a/xen/xsm/acm/acm_core.c b/xen/xsm/acm/acm_core.c index 57a4370d71..59a281446d 100644 --- a/xen/xsm/acm/acm_core.c +++ b/xen/xsm/acm/acm_core.c @@ -1,4 +1,4 @@ -/**************************************************************** +#/**************************************************************** * acm_core.c * * Copyright (C) 2005 IBM Corporation @@ -29,16 +29,16 @@ #include <xen/delay.h> #include <xen/sched.h> #include <xen/multiboot.h> -#include <acm/acm_hooks.h> -#include <acm/acm_endian.h> +#include <xsm/acm/acm_hooks.h> +#include <xsm/acm/acm_endian.h> #include <xsm/xsm.h> /* debug: - * include/acm/acm_hooks.h defines a constant ACM_TRACE_MODE; + * include/xsm/acm/acm_hooks.h defines a constant ACM_TRACE_MODE; * define/undefine this constant to receive / suppress any * security hook debug output of sHype * - * include/public/acm.h defines a constant ACM_DEBUG + * include/public/xsm/acm.h defines a constant ACM_DEBUG * define/undefine this constant to receive non-hook-related * debug output. */ diff --git a/xen/xsm/acm/acm_null_hooks.c b/xen/xsm/acm/acm_null_hooks.c index c3bd87f4f3..440ee61bd8 100644 --- a/xen/xsm/acm/acm_null_hooks.c +++ b/xen/xsm/acm/acm_null_hooks.c @@ -12,7 +12,7 @@ * License. */ -#include <acm/acm_hooks.h> +#include <xsm/acm/acm_hooks.h> static int null_init_domain_ssid(void **ssid, ssidref_t ssidref) diff --git a/xen/xsm/acm/acm_ops.c b/xen/xsm/acm/acm_ops.c index e4f38ef113..8edd5d428b 100644 --- a/xen/xsm/acm/acm_ops.c +++ b/xen/xsm/acm/acm_ops.c @@ -18,14 +18,14 @@ #include <xen/types.h> #include <xen/lib.h> #include <xen/mm.h> -#include <public/acm.h> -#include <public/acm_ops.h> +#include <public/xsm/acm.h> +#include <public/xsm/acm_ops.h> #include <xen/sched.h> #include <xen/event.h> #include <xen/trace.h> #include <xen/console.h> #include <xen/guest_access.h> -#include <acm/acm_hooks.h> +#include <xsm/acm/acm_hooks.h> #ifndef ACM_SECURITY diff --git a/xen/xsm/acm/acm_policy.c b/xen/xsm/acm/acm_policy.c index e0c7bce544..6f334effa8 100644 --- a/xen/xsm/acm/acm_policy.c +++ b/xen/xsm/acm/acm_policy.c @@ -28,10 +28,10 @@ #include <xen/sched.h> #include <xen/guest_access.h> #include <public/xen.h> -#include <acm/acm_core.h> -#include <public/acm_ops.h> -#include <acm/acm_hooks.h> -#include <acm/acm_endian.h> +#include <xsm/acm/acm_core.h> +#include <public/xsm/acm_ops.h> +#include <xsm/acm/acm_hooks.h> +#include <xsm/acm/acm_endian.h> #include <asm/current.h> static int acm_check_deleted_ssidrefs(struct acm_sized_buffer *dels, diff --git a/xen/xsm/acm/acm_simple_type_enforcement_hooks.c b/xen/xsm/acm/acm_simple_type_enforcement_hooks.c index eaeb0a233b..652351ab05 100644 --- a/xen/xsm/acm/acm_simple_type_enforcement_hooks.c +++ b/xen/xsm/acm/acm_simple_type_enforcement_hooks.c @@ -28,10 +28,10 @@ #include <xen/lib.h> #include <asm/types.h> #include <asm/current.h> -#include <acm/acm_hooks.h> #include <asm/atomic.h> -#include <acm/acm_endian.h> -#include <acm/acm_core.h> +#include <xsm/acm/acm_hooks.h> +#include <xsm/acm/acm_endian.h> +#include <xsm/acm/acm_core.h> ssidref_t dom0_ste_ssidref = 0x0001; diff --git a/xen/xsm/acm/acm_xsm_hooks.c b/xen/xsm/acm/acm_xsm_hooks.c index 6affebdf23..6d3202b45f 100644 --- a/xen/xsm/acm/acm_xsm_hooks.c +++ b/xen/xsm/acm/acm_xsm_hooks.c @@ -20,34 +20,36 @@ */ #include <xsm/xsm.h> -#include <acm/acm_hooks.h> -#include <public/acm.h> +#include <xsm/acm/acm_hooks.h> +#include <public/xsm/acm.h> -static int acm_grant_mapref (struct domain *ld, struct domain *rd, - uint32_t flags) +static int acm_grant_mapref( + struct domain *ld, struct domain *rd, uint32_t flags) { domid_t id = rd->domain_id; return acm_pre_grant_map_ref(id); } -static int acm_evtchn_unbound (struct domain *d1, struct evtchn *chn1, domid_t id2) +static int acm_evtchn_unbound( + struct domain *d1, struct evtchn *chn1, domid_t id2) { domid_t id1 = d1->domain_id; return acm_pre_eventchannel_unbound(id1, id2); } -static int acm_evtchn_interdomain (struct domain *d1, struct evtchn *chn1, - struct domain *d2, struct evtchn *chn2) +static int acm_evtchn_interdomain( + struct domain *d1, struct evtchn *chn1, + struct domain *d2, struct evtchn *chn2) { domid_t id2 = d2->domain_id; return acm_pre_eventchannel_interdomain(id2); } -static void acm_security_domaininfo (struct domain *d, - struct xen_domctl_getdomaininfo *info) +static void acm_security_domaininfo( + struct domain *d, struct xen_domctl_getdomaininfo *info) { if ( d->ssid != NULL ) info->ssidref = ((struct acm_ssid_domain *)d->ssid)->ssidref; |