From 6102cace934c5ef156e7e1e21966cf3950dc40e5 Mon Sep 17 00:00:00 2001 From: Keir Fraser Date: Fri, 25 Mar 2011 21:47:57 +0000 Subject: Remove unmaintained Access Control Module (ACM) from hypervisor. Signed-off-by: Keir Fraser --- tools/xm-test/README | 32 -- tools/xm-test/configure.ac | 15 - tools/xm-test/grouptest/default | 1 - tools/xm-test/grouptest/security | 1 - tools/xm-test/lib/XmTestLib/XenAPIDomain.py | 4 - tools/xm-test/lib/XmTestLib/XenDomain.py | 5 - tools/xm-test/lib/XmTestLib/acm.py | 101 ----- tools/xm-test/lib/XmTestLib/block_utils.py | 2 - tools/xm-test/runtest.sh | 6 - tools/xm-test/tests/Makefile.am | 1 - .../tests/security-acm/01_security-acm_basic.py | 121 ------ .../security-acm/02_security-acm_dom_start.py | 64 --- .../security-acm/03_security-acm_dom_conflict.py | 60 --- .../tests/security-acm/04_security-acm_dom_res.py | 69 ---- .../security-acm/05_security-acm_dom_res_conf.py | 38 -- .../06_security-acm_dom_block_attach.py | 82 ---- .../security-acm/07_security-acm_pol_update.py | 313 --------------- .../tests/security-acm/08_security-acm_xapi.py | 358 ----------------- .../security-acm/09_security-acm_pol_update.py | 437 --------------------- .../security-acm/10_security-acm_pol_update.py | 354 ----------------- tools/xm-test/tests/security-acm/Makefile.am | 33 -- tools/xm-test/tests/security-acm/acm_utils.py | 16 - .../security-acm/xm-test-new-security_policy.xml | 97 ----- .../tests/security-acm/xm-test-security_policy.xml | 111 ------ .../xm-test-update-security_policy.xml | 117 ------ 25 files changed, 2438 deletions(-) delete mode 100644 tools/xm-test/grouptest/security delete mode 100644 tools/xm-test/lib/XmTestLib/acm.py delete mode 100644 tools/xm-test/tests/security-acm/01_security-acm_basic.py delete mode 100644 tools/xm-test/tests/security-acm/02_security-acm_dom_start.py delete mode 100644 tools/xm-test/tests/security-acm/03_security-acm_dom_conflict.py delete mode 100644 tools/xm-test/tests/security-acm/04_security-acm_dom_res.py delete mode 100644 tools/xm-test/tests/security-acm/05_security-acm_dom_res_conf.py delete mode 100644 tools/xm-test/tests/security-acm/06_security-acm_dom_block_attach.py delete mode 100644 tools/xm-test/tests/security-acm/07_security-acm_pol_update.py delete mode 100644 tools/xm-test/tests/security-acm/08_security-acm_xapi.py delete mode 100644 tools/xm-test/tests/security-acm/09_security-acm_pol_update.py delete mode 100644 tools/xm-test/tests/security-acm/10_security-acm_pol_update.py delete mode 100644 tools/xm-test/tests/security-acm/Makefile.am delete mode 100644 tools/xm-test/tests/security-acm/acm_utils.py delete mode 100644 tools/xm-test/tests/security-acm/xm-test-new-security_policy.xml delete mode 100644 tools/xm-test/tests/security-acm/xm-test-security_policy.xml delete mode 100644 tools/xm-test/tests/security-acm/xm-test-update-security_policy.xml (limited to 'tools/xm-test') diff --git a/tools/xm-test/README b/tools/xm-test/README index 405532c7fb..88c00836ed 100644 --- a/tools/xm-test/README +++ b/tools/xm-test/README @@ -137,38 +137,6 @@ Xm-test will look for disk.img in the ramdisk directory when run by default. -BUILDING for ACM Security Testing -================================= - -A number of tests have been added to test the access control module (ACM) -in the Xen hypervisor and the tools for supporting ACM. Those tests are -located in the security-acm directory. If ACM support is compiled into Xen -(see the user guide for how to do this) those tests can be run with the -following command from the xm-test directory - -./runtest.sh [...] -g security - -Some of these tests will work even without support of ACM by Xen. - -The xm test suite has been extended to support labeling of resources -as required by the existing tests. However, by default the test suite -is not allowed to automatically label resources since this may affect -existing labels. To enable this, the test suite must be configured with -the following parameter passed to the configure scripts (in addition to -any other desired parameters) - -./configure --enable-full-labeling - -To revoke the privilege at a later time run the configure scripts without -this parameter: - -./configure - -If a 'make' has previously been run for building the test suite, it is not -necessary to run 'make' again just for enabling or disabling the automatic -labeling of resources. - - Running ======= diff --git a/tools/xm-test/configure.ac b/tools/xm-test/configure.ac index 40d93c41d7..ad1eb78391 100644 --- a/tools/xm-test/configure.ac +++ b/tools/xm-test/configure.ac @@ -41,20 +41,6 @@ fi AM_CONDITIONAL(HVM, test x$ENABLE_HVM = xTrue) AC_SUBST(ENABLE_HVM) -AC_ARG_ENABLE(full-labeling, - [[ --enable-full-labeling allows the test suite to label all resources]], - [ - ENABLE_LABELING=True - ],[ - ENABLE_LABELING=False - ]) - -if test "x$ENABLE_LABELING" = "xTrue"; then - echo "ACM_LABEL_RESOURCES = True" > lib/XmTestLib/acm_config.py -else - rm -f lib/XmTestLib/acm_config.py* -fi - # Network needs to know ips to use: dhcp or a range of IPs in the form # of: 192.0.2.1-192.0.2.100 # If not dhcp, a netmask and network address must be supplied. Defaults to @@ -151,7 +137,6 @@ AC_CONFIG_FILES([ tests/restore/Makefile tests/save/Makefile tests/sched-credit/Makefile - tests/security-acm/Makefile tests/sedf/Makefile tests/shutdown/Makefile tests/sysrq/Makefile diff --git a/tools/xm-test/grouptest/default b/tools/xm-test/grouptest/default index 1db6a73398..f0516b2949 100644 --- a/tools/xm-test/grouptest/default +++ b/tools/xm-test/grouptest/default @@ -22,7 +22,6 @@ reboot restore save sched-credit -security-acm shutdown sysrq unpause diff --git a/tools/xm-test/grouptest/security b/tools/xm-test/grouptest/security deleted file mode 100644 index 4d5c8b941d..0000000000 --- a/tools/xm-test/grouptest/security +++ /dev/null @@ -1 +0,0 @@ -security-acm diff --git a/tools/xm-test/lib/XmTestLib/XenAPIDomain.py b/tools/xm-test/lib/XmTestLib/XenAPIDomain.py index 3c5310f061..1ca2307c27 100644 --- a/tools/xm-test/lib/XmTestLib/XenAPIDomain.py +++ b/tools/xm-test/lib/XmTestLib/XenAPIDomain.py @@ -23,7 +23,6 @@ import os import sys from XmTestLib import * from types import DictType -from acm import * class XenAPIConfig: @@ -40,9 +39,6 @@ class XenAPIConfig: 'ramdisk': 'PV_ramdisk', 'root' : 'PV_args', 'extra' : 'PV_args' } - if isACMEnabled(): - #A default so every VM can start with ACM enabled - self.opts["security_label"] = "ACM:xm-test:red" def setOpt(self, name, value): """Set an option in the config""" diff --git a/tools/xm-test/lib/XmTestLib/XenDomain.py b/tools/xm-test/lib/XmTestLib/XenDomain.py index f15b6a00a7..ae8c550c48 100644 --- a/tools/xm-test/lib/XmTestLib/XenDomain.py +++ b/tools/xm-test/lib/XmTestLib/XenDomain.py @@ -30,7 +30,6 @@ from config import * from Console import * from XenDevice import * from DomainTracking import * -from acm import * DOM0_UUID = "00000000-0000-0000-0000-000000000000" @@ -61,9 +60,6 @@ class XenConfig: self.defaultOpts["disk"] = [] self.defaultOpts["vif"] = [] self.defaultOpts["vtpm"] = [] - if isACMEnabled(): - #A default so every VM can start with ACM enabled - self.defaultOpts["access_control"] = ['policy=xm-test,label=red'] self.opts = self.defaultOpts @@ -91,7 +87,6 @@ class XenConfig: output = file(filename, "w") output.write(self.toString()) output.close() - ACMPrepareSystem(self.opts) def __str__(self): """When used as a string, we represent ourself by a config diff --git a/tools/xm-test/lib/XmTestLib/acm.py b/tools/xm-test/lib/XmTestLib/acm.py deleted file mode 100644 index f8a62f4991..0000000000 --- a/tools/xm-test/lib/XmTestLib/acm.py +++ /dev/null @@ -1,101 +0,0 @@ -#!/usr/bin/python -""" - Copyright (C) International Business Machines Corp., 2006 - Author: Stefan Berger - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; under version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA - -""" -from Test import * -import xen.util.xsm.xsm as security -from xen.xm.main import server -from xen.util import xsconstants -import re - -try: - from acm_config import * -except: - ACM_LABEL_RESOURCES = False - -labeled_resources = {} -acm_verbose = False -policy='xm-test' - - -def isACMEnabled(): - return security.on() - -def setCurrentPolicy(plcy): - global policy - policy = plcy - -def ACMSetPolicy(): - cmd='xm dumppolicy | grep -E "^POLICY REFERENCE = ' + policy + '.$"' - s, o = traceCommand(cmd) - if o != "": - return - s, o = traceCommand("xm setpolicy ACM %s" % (policy)) - if s != 0: - FAIL("Could not load the required policy '%s'.\n" - "Start the system without any policy.\n%s" % \ - (policy, o)) - -def ACMPrepareSystem(resources): - if isACMEnabled(): - ACMSetPolicy() - ACMLabelResources(resources) - -def ACMLabelResources(resources): - for k, v in resources.items(): - if k == "disk": - for vv in v: - res = vv.split(',')[0] - ACMLabelResource(res) - -# Applications may label resources explicitly by calling this function -def ACMLabelResource(resource, label='red'): - if not isACMEnabled(): - return - if acm_verbose: - print "labeling resource %s with label %s" % (resource, label) - if not ACM_LABEL_RESOURCES: - SKIP("Skipping test since not allowed to label resources in " - "test suite") - if not isACMResourceLabeled(resource): - ACMUnlabelResource(resource) - s, o = traceCommand("xm addlabel %s res %s" % (label, resource)) - if s != 0: - FAIL("Could not add label to resource") - else: - labeled_resources["%s" % resource] = 1 - - -# Application may remove a label from a resource. It has to call this -# function and must do so once a resource for re-labeling a resource -def ACMUnlabelResource(resource): - s, o = traceCommand("xm rmlabel res %s" % (resource)) - labeled_resources["%s" % resource] = 0 - - -def isACMResourceLabeled(resource): - """ Check whether a resource has been labeled using this API - and while running the application """ - try: - if labeled_resources["%s" % resource] == 1: - if acm_verbose: - print "resource %s already labeled!" % resource - return True - except: - return False - return False diff --git a/tools/xm-test/lib/XmTestLib/block_utils.py b/tools/xm-test/lib/XmTestLib/block_utils.py index 58124c832a..c302efeb15 100644 --- a/tools/xm-test/lib/XmTestLib/block_utils.py +++ b/tools/xm-test/lib/XmTestLib/block_utils.py @@ -6,7 +6,6 @@ import time from XmTestLib import * -from acm import * import xen.util.blkif @@ -27,7 +26,6 @@ def get_state(domain, devname): def block_attach(domain, phy, virt): - ACMLabelResource(phy) status, output = traceCommand("xm block-attach %s %s %s w" % (domain.getName(), phy, virt)) if status != 0: diff --git a/tools/xm-test/runtest.sh b/tools/xm-test/runtest.sh index aee67dfa06..73d1a5c69d 100755 --- a/tools/xm-test/runtest.sh +++ b/tools/xm-test/runtest.sh @@ -221,12 +221,6 @@ run=yes unsafe=no GROUPENTERED=default -#Prepare for usage with ACM -if [ -d /etc/xen/acm-security/policies ]; then - cp -f tests/security-acm/xm-test-security_policy.xml \ - /etc/xen/acm-security/policies -fi - unset XM_MANAGED_DOMAINS # Resolve options diff --git a/tools/xm-test/tests/Makefile.am b/tools/xm-test/tests/Makefile.am index d5b64ef6cb..8d673ed525 100644 --- a/tools/xm-test/tests/Makefile.am +++ b/tools/xm-test/tests/Makefile.am @@ -19,7 +19,6 @@ SUBDIRS = \ pause \ reboot \ sched-credit \ - security-acm \ sedf \ shutdown \ sysrq \ diff --git a/tools/xm-test/tests/security-acm/01_security-acm_basic.py b/tools/xm-test/tests/security-acm/01_security-acm_basic.py deleted file mode 100644 index 7876c51d1b..0000000000 --- a/tools/xm-test/tests/security-acm/01_security-acm_basic.py +++ /dev/null @@ -1,121 +0,0 @@ -#!/usr/bin/python - -# Copyright (C) International Business Machines Corp., 2006 -# Author: Stefan Berger -# -# A couple of simple tests that test ACM security extensions -# for the xm tool. The following xm subcommands are tested: -# -# - labels -# - rmlabel -# - addlabel -# - getlabel -# - resources - -from XmTestLib import * -import xen.util.xsm.xsm as security -from xen.util import xsconstants -import commands -import os -import re - -testpolicy = "xm-test" -testlabel = "blue" -vmconfigfile = "/tmp/xm-test.conf" -testresource = "phy:ram0" - -if not isACMEnabled(): - SKIP("Not running this test since ACM not enabled.") - -status, output = traceCommand("xm labels %s" % (testpolicy)) -if status != 0: - FAIL("'xm labels' failed with status %d.\n" % status) - -#Need to get a vm config file - just have it written to a file -domain = XmTestDomain() -domain.config.write(vmconfigfile) - -#Whatever label it might have - remove it -status, output = traceCommand("xm rmlabel dom %s" % - (vmconfigfile)) - -status, output = traceCommand("xm addlabel %s dom %s %s" % - (testlabel, vmconfigfile, testpolicy)) -if status != 0: - FAIL("(1) 'xm addlabel' failed with status %d.\n" % status) - -status, output = traceCommand("xm getlabel dom %s" % - (vmconfigfile)) - -if status != 0: - FAIL("'xm getlabel' failed with status %d, output:\n%s" % - (status, output)) -if output != "policytype=%s,policy=%s,label=%s" % \ - (xsconstants.ACM_POLICY_ID, testpolicy, testlabel): - FAIL("(1) Received unexpected output from 'xm getlabel dom': \n%s" % - (output)) - - -status, output = traceCommand("xm rmlabel dom %s" % - (vmconfigfile)) - -if status != 0: - FAIL("'xm rmlabel' failed with status %d, output: \n%s" % - (status,output)) -if output != "": - FAIL("Received unexpected output from 'xm rmlabel': \n%s" % - (output)) - -status, output = traceCommand("xm getlabel dom %s" % - (vmconfigfile)) - -if output != "Error: 'Domain not labeled'": - FAIL("(2) Received unexpected output from 'xm getlabel dom': \n%s" % - (output)) - -#Whatever label the resource might have, remove it -status, output = traceCommand("xm rmlabel res %s" % - (testresource)) -if status != 0: - FAIL("'xm rmlabel' on resource failed with status %d.\n" % status) - -status, output = traceCommand("xm addlabel %s res %s %s" % - (testlabel, testresource, testpolicy)) -if status != 0: - FAIL("(2) 'xm addlabel' on resource failed with status %d.\n" % status) - -status, output = traceCommand("xm getlabel res %s" % (testresource)) - -if status != 0: - FAIL("'xm getlabel' on resource failed with status %d, output:\n%s" % - (status, output)) -if output != "%s:%s:%s" % (xsconstants.ACM_POLICY_ID,\ - testpolicy,testlabel): - FAIL("Received unexpected output from 'xm getlabel res': \n%s" % - (output)) - -status, output = traceCommand("xm resources") - -if status != 0: - print "status = %s" % str(status) - FAIL("'xm resources' did not run properly") -if not re.search(security.unify_resname(testresource), output): - FAIL("'xm resources' did not show the tested resource '%s'." % - testresource) - -status, output = traceCommand("xm rmlabel res %s" % - (testresource)) - -if status != 0: - FAIL("'xm rmlabel' on resource failed with status %d, output: \n%s" % - (status,output)) -if output != "": - FAIL("Received unexpected output from 'xm rmlabel': \n%s" % - (output)) - -status, output = traceCommand("xm getlabel res %s" % - (testresource)) - -if output != "Error: 'Resource not labeled'": - FAIL("Received unexpected output from 'xm getlabel res': \n%s" % - (output)) diff --git a/tools/xm-test/tests/security-acm/02_security-acm_dom_start.py b/tools/xm-test/tests/security-acm/02_security-acm_dom_start.py deleted file mode 100644 index 4aac09d2fc..0000000000 --- a/tools/xm-test/tests/security-acm/02_security-acm_dom_start.py +++ /dev/null @@ -1,64 +0,0 @@ -#!/usr/bin/python - -# Copyright (C) International Business Machines Corp., 2006 -# Author: Stefan Berger -# -# Simple test that starts two labeled domains; both domains should start -# -# The following xm subcommands are tested: -# - dumppolicy -# - labels - -from XmTestLib import * -from acm_utils import * -import commands -import os - -testlabel1 = "green" -testlabel2 = "red" - -status, output = traceCommand("xm labels") - -labels = ["SystemManagement", "blue", "red", "green"] -for l in labels: - if not re.search(l, output): - FAIL("Label '%s' not found in current policy!", l) - -status, output = traceCommand("xm dumppolicy") -if status != 0: - FAIL("'xm dumppolicy' returned an error code.") -lines = ["ssidref 0: 00 00 00 00", - "ssidref 1: 01 00 00 00", - "ssidref 2: 00 01 00 00", - "ssidref 3: 00 00 01 00", - "ssidref 4: 00 00 00 01"] -for l in lines: - if not re.search(l, output): - FAIL("Could not find '%s' in output of 'xm dumppolicy'" % l) - -config = {"access_control":"policy=%s,label=%s" % (testpolicy,testlabel1)} -verbose = True -domain1 = XmTestDomain(name="domain-%s" % testlabel1, - extraConfig=config) - -try: - domain1.start(noConsole=True) -except DomainError, e: - if verbose: - print e.extra - FAIL("Unable to start 1st labeled test domain.") - -config = {"access_control":"policy=%s,label=%s" % (testpolicy,testlabel2)} - -domain2 = XmTestDomain(name="domain-%s" % testlabel2, - extraConfig=config) - -try: - domain2.start(noConsole=True) -except DomainError, e: - if verbose: - print e.extra - FAIL("Unable to start 2nd labeled test domain.") - -domain2.destroy() -domain1.destroy() diff --git a/tools/xm-test/tests/security-acm/03_security-acm_dom_conflict.py b/tools/xm-test/tests/security-acm/03_security-acm_dom_conflict.py deleted file mode 100644 index 4aef380de5..0000000000 --- a/tools/xm-test/tests/security-acm/03_security-acm_dom_conflict.py +++ /dev/null @@ -1,60 +0,0 @@ -#!/usr/bin/python - -# Copyright (C) International Business Machines Corp., 2006 -# Author: Stefan Berger -# -# A test that exercises the conflict set of the chinese wall policy. -# Start a first domain and then a second one. The second one is -# expected NOT to be starteable. - -from XmTestLib import * -from acm_utils import * -import commands -import os - -testlabel1 = "blue" -testlabel2 = "red" - -config = {"access_control":"policy=%s,label=%s" % (testpolicy,testlabel1)} - -domain1 = XmTestDomain(name="domain-%s" % testlabel1, - extraConfig=config) - -try: - domain1.start(noConsole=True) -except DomainError, e: - if verbose: - print e.extra - FAIL("Unable to start 1st labeled test domain") - -# Verify with xm dry-run -status, output = traceCommand("xm dry-run /tmp/xm-test.conf | " - "grep -v \"Dry Run\"") -if status != 0: - FAIL("'xm dry-run' failed") -if not re.search("PERMITTED", output): - FAIL("'xm dry-run' did not succeed.") - -config = {"access_control":"policy=%s,label=%s" % (testpolicy,testlabel2)} - -domain2 = XmTestDomain(name="domain-%s" % testlabel2, - extraConfig=config) - -try: - domain2.start(noConsole=True) - # Should never get here! - FAIL("Could start a domain in a conflict set - " - "this should not be possible") -except DomainError, e: - #This is exactly what we want in this case - status = 0 - -# Verify with xm dry-run -status, output = traceCommand("xm dry-run /tmp/xm-test.conf | " - "grep -v \"Dry Run\"") -if status != 0: - FAIL("'xm dry-run' failed.") -if not re.search("PERMITTED", output): - FAIL("'xm dry-run' did not show that operation was permitted.") - -domain1.destroy() diff --git a/tools/xm-test/tests/security-acm/04_security-acm_dom_res.py b/tools/xm-test/tests/security-acm/04_security-acm_dom_res.py deleted file mode 100644 index 367016339f..0000000000 --- a/tools/xm-test/tests/security-acm/04_security-acm_dom_res.py +++ /dev/null @@ -1,69 +0,0 @@ -#!/usr/bin/python - -# Copyright (C) International Business Machines Corp., 2006 -# Author: Stefan Berger -# -# Simple test that starts two labeled domains using labeled resources each -# - -from XmTestLib import * -from acm_utils import * -import commands -import os - -testlabel1 = "green" -resource1 = "phy:ram0" -testlabel2 = "red" -resource2 = "phy:/dev/ram1" - -config = {"access_control":"policy=%s,label=%s" % (testpolicy,testlabel1), - "disk" :"%s,hda1,w" % (resource1)} -domain1 = XmTestDomain(name="domain-%s" % testlabel1, - extraConfig=config) - -# Explicity label the resource -ACMLabelResource(resource1, testlabel1) - -try: - domain1.start(noConsole=True) -except DomainError, e: - if verbose: - print e.extra - FAIL("Unable to start 1st labeled test domain.") - -# Verify with xm dry-run -status, output = traceCommand("xm dry-run /tmp/xm-test.conf | " - "grep -v \"Dry Run\"") - -if status != 0: - FAIL("'xm dry-run' failed") -if not re.search("%s: PERMITTED" % resource1, output): - FAIL("'xm dry-run' did not succeed.") - -config = {"access_control":"policy=%s,label=%s" % (testpolicy,testlabel2), - "disk" :"%s,hda1,w" % (resource2)} - -domain2 = XmTestDomain(name="domain-%s" % testlabel2, - extraConfig=config) - -# Explicity label the resource -ACMLabelResource(resource2, testlabel2) - -try: - domain2.start(noConsole=True) -except DomainError, e: - if verbose: - print e.extra - FAIL("Unable to start 2nd labeled test domain.") - -# Verify with xm dry-run -status, output = traceCommand("xm dry-run /tmp/xm-test.conf | " - "grep -v \"Dry Run\"") - -if status != 0: - FAIL("'xm dry-run' failed") -if not re.search("%s: PERMITTED" % resource2, output): - FAIL("'xm dry-run' did not succeed.") - -domain2.destroy() -domain1.destroy() diff --git a/tools/xm-test/tests/security-acm/05_security-acm_dom_res_conf.py b/tools/xm-test/tests/security-acm/05_security-acm_dom_res_conf.py deleted file mode 100644 index 89c6b5974c..0000000000 --- a/tools/xm-test/tests/security-acm/05_security-acm_dom_res_conf.py +++ /dev/null @@ -1,38 +0,0 @@ -#!/usr/bin/python - -# Copyright (C) International Business Machines Corp., 2006 -# Author: Stefan Berger -# -# A test that tries to start a domain using a resource that it is -# not supposed to be able to use due to its labeling - -from XmTestLib import * -from acm_utils import * -import commands -import os - -testlabel1 = "blue" -resource1 = "phy:ram0" - -config = {"access_control":"policy=%s,label=%s" % (testpolicy,testlabel1), - "disk" :"%s,hda1,w" % (resource1)} - -domain1 = XmTestDomain(name="domain-%s" % testlabel1, - extraConfig=config) - -ACMLabelResource(resource1,"red") - -try: - domain1.start(noConsole=True) - # Should never get here - FAIL("Could start domain with resource that it is not supposed to access.") -except DomainError, e: - #That's exactly what we want to have in this case - dummy = 0 - -# Verify via dry-run -status, output = traceCommand("xm dry-run /tmp/xm-test.conf | " - "grep -v \"Dry Run\"") -if not re.search("%s: DENIED" %resource1, output): - FAIL("'xm dry-run' did not show expected result that operation was NOT " - "permitted: \n%s" % output) diff --git a/tools/xm-test/tests/security-acm/06_security-acm_dom_block_attach.py b/tools/xm-test/tests/security-acm/06_security-acm_dom_block_attach.py deleted file mode 100644 index 92b09e9e01..0000000000 --- a/tools/xm-test/tests/security-acm/06_security-acm_dom_block_attach.py +++ /dev/null @@ -1,82 +0,0 @@ -#!/usr/bin/python - -# Copyright (C) International Business Machines Corp., 2005 -# Author: Stefan Berger -# Based on block-create/01_block_attach_device_pos.py -# -# Create a domain and attach 2 resources to it. The first resource -# should be attacheable, the 2nd one should not be due to the label it has. - -import re -from XmTestLib import * -from XmTestLib import block_utils -from acm_utils import * - -testlabel1 = "blue" -resource1 = "phy:ram1" -resourcelabel1 = "blue" -resource2 = "phy:/dev/ram0" -resourcelabel2 = "red" - -if ENABLE_HVM_SUPPORT: - SKIP("Block-attach not supported for HVM domains") - -# Create a domain (default XmTestDomain, with our ramdisk) -config = {"access_control":"policy=%s,label=%s" % (testpolicy,testlabel1)} - -domain = XmTestDomain(extraConfig=config) - -try: - console = domain.start() -except DomainError, e: - FAIL(str(e)) - -# Attach a console to it -try: - console.setHistorySaveCmds(value=True) - # Run 'ls' - run = console.runCmd("ls") -except ConsoleError, e: - saveLog(console.getHistory()) - FAIL(str(e)) - - -# Explicitly label the 1st resource -ACMLabelResource(resource1, resourcelabel1) -block_utils.block_attach(domain, resource1, "xvda1") - -try: - run1 = console.runCmd("cat /proc/partitions") -except ConsoleError, e: - FAIL(str(e)) - -#Explicitly label the 2nd resource -ACMLabelResource(resource2, resourcelabel2) -#Cannot call block_attach here since we legally may fail the command -status, output = traceCommand("xm block-attach %s %s %s w" % - (domain.getName(), resource2, "xvda2" )) - -for i in range(10): - if block_utils.get_state(domain, "xvda2") == 4: - break - time.sleep(1) - -try: - run2 = console.runCmd("cat /proc/partitions") -except ConsoleError, e: - FAIL(str(e)) - -# Close the console -domain.closeConsole() - -# Stop the domain (nice shutdown) -domain.stop() - -if not re.search("xvda1",run1["output"]): - FAIL("Labeled device 'xvda1' is not actually connected to the domU") - -if not re.search("xvda1",run2["output"]): - FAIL("Labeled device 'xbvda1' has disappeared?!") - -if re.search("xvda2",run2["output"]): - FAIL("Labeled device 'xvda2' is connected to the domU but should not be") diff --git a/tools/xm-test/tests/security-acm/07_security-acm_pol_update.py b/tools/xm-test/tests/security-acm/07_security-acm_pol_update.py deleted file mode 100644 index a9e19a2153..0000000000 --- a/tools/xm-test/tests/security-acm/07_security-acm_pol_update.py +++ /dev/null @@ -1,313 +0,0 @@ -#!/usr/bin/python - -# Copyright (C) International Business Machines Corp., 2006 -# Author: Stefan Berger - -# Test to exercise the xspolicy class - -from XmTestLib import xapi -from XmTestLib.XenAPIDomain import XmTestAPIDomain -from XmTestLib import * -from xen.xend import XendAPIConstants -import xen.util.xsm.xsm as security -from xen.util import acmpolicy, xsconstants -from xen.util.acmpolicy import ACMPolicy -from xen.xend.XendDomain import DOM0_UUID -from XmTestLib.acm import * - -import commands -import os -import base64 - -if not isACMEnabled(): - SKIP("Not running this test since ACM not enabled.") - -try: - session = xapi.connect() -except: - SKIP("Skipping this test since xm is not using the Xen-API.") - -xm_test = {} -xm_test['policyname'] = "xm-test" -xm_test['date'] = "Fri Sep 29 14:44:38 2006" -xm_test['url'] = None - -vm_label_red = "%s:xm-test:red" % xsconstants.ACM_POLICY_ID -vm_label_green = "%s:xm-test:green" % xsconstants.ACM_POLICY_ID -vm_label_blue = "%s:xm-test:blue" % xsconstants.ACM_POLICY_ID -vm_label_sys = "%s:xm-test:SystemManagement" % xsconstants.ACM_POLICY_ID - -vm_label_black = "%s:xm-test:black" - -session = xapi.connect() - -oldlabel = session.xenapi.VM.get_security_label(DOM0_UUID) - -ssidref = session.xenapi.VM.set_security_label(DOM0_UUID, - vm_label_sys, - oldlabel) -if int(ssidref) <= 0 or int(ssidref) != 0x00010001: - FAIL("(0) Domain-0 label for '%s' has unexpected failure: %08x" % - (vm_label_sys, int(ssidref))) -print "ssidref for '%s' is 0x%08x" % (vm_label_sys, int(ssidref)) - - -xstype = session.xenapi.XSPolicy.get_xstype() -if int(xstype) & xsconstants.XS_POLICY_ACM == 0: - SKIP("ACM not enabled/compiled in Xen") - -policystate = session.xenapi.XSPolicy.get_xspolicy() -if not policystate.has_key('xs_ref'): - FAIL("get_xspolicy must return member 'xs_ref'") - -xs_ref = policystate['xs_ref'] -if xs_ref != "": - origpolicyxml = session.xenapi.ACMPolicy.get_xml(xs_ref) -else: - origpolicyxml = "" - -f = open("xm-test-security_policy.xml", 'r') -if f: - newpolicyxml = f.read() - f.close() -else: - FAIL("Could not read 'xm-test' policy") - -try: - os.unlink("/boot/xm-test.bin") -except: - pass - -policystate = session.xenapi.XSPolicy.get_xspolicy() - -if int(policystate['type']) == 0: - policystate = session.xenapi.XSPolicy.set_xspolicy( - xsconstants.XS_POLICY_ACM, - newpolicyxml, - xsconstants.XS_INST_LOAD | xsconstants.XS_INST_BOOT, - 1) - if int(policystate['flags']) == -1: - FAIL("Could not set the new policy.") - -print "state of policy = %s " % policystate - -rc = session.xenapi.XSPolicy.activate_xspolicy( - policystate['xs_ref'], - xsconstants.XS_INST_LOAD | xsconstants.XS_INST_BOOT) -if int(rc) != xsconstants.XS_INST_LOAD | xsconstants.XS_INST_BOOT: - FAIL("Could not activate the current policy: rc = %08x" % int(rc)) - -if not os.path.exists("/boot/xm-test.bin"): - FAIL("Binary policy was not installed. Check grub config file.") - -policystate = session.xenapi.XSPolicy.get_xspolicy() - -if int(policystate['flags']) != xsconstants.XS_INST_BOOT | \ - xsconstants.XS_INST_LOAD: - FAIL("Flags (%x) are not indicating the correct state of the policy.", - int(policystate['flags'])) - -policystate = session.xenapi.XSPolicy.get_xspolicy() -xs_ref = policystate['xs_ref'] - -newpolicyxml = None -f = open("xm-test-new-security_policy.xml", 'r') -if f: - newpolicyxml = f.read() - f.close() -else: - FAIL("Could not read 'xm-test-new' policy") - -cur_acmpol = ACMPolicy(xml = policystate['repr']) -new_acmpol = ACMPolicy(xml = newpolicyxml) - -new_acmpol.update_frompolicy(cur_acmpol) - -policystate = session.xenapi.XSPolicy.set_xspolicy(xsconstants.XS_POLICY_ACM, - new_acmpol.toxml(), - xsconstants.XS_INST_LOAD | xsconstants.XS_INST_BOOT, - 1) - -f = open("xm-test-security_policy.xml", 'r') -if f: - newpolicyxml = f.read() - f.close() -else: - FAIL("Could not read 'xm-test-new' policy") - -cur_acmpol = new_acmpol -new_acmpol = ACMPolicy(xml = newpolicyxml) - -new_acmpol.update_frompolicy(cur_acmpol) - -policystate = session.xenapi.XSPolicy.set_xspolicy(xsconstants.XS_POLICY_ACM, - new_acmpol.toxml(), - xsconstants.XS_INST_LOAD | xsconstants.XS_INST_BOOT, - 1) - -dom0_lab = session.xenapi.VM.get_security_label(DOM0_UUID) - -ssidref = session.xenapi.VM.set_security_label(DOM0_UUID, - vm_label_sys, dom0_lab) -if int(ssidref) <= 0 or int(ssidref) != 0x00010001: - FAIL("(1) Domain-0 label for '%s' has unexpected failure: %08x" % - (vm_label_sys, int(ssidref))) -print "ssidref for '%s' is 0x%08x" % (vm_label_sys, int(ssidref)) - -try: - ssidref = session.xenapi.VM.set_security_label(DOM0_UUID, - vm_label_black, - vm_label_sys) - FAIL("Could set label '%s', although it's not in the policy. " - "ssidref=%s" % (vm_label_black, ssidref)) -except: - pass - -ssidref = session.xenapi.VM.set_security_label(DOM0_UUID, - vm_label_red, - vm_label_sys) -if int(ssidref) <= 0: - FAIL("(2) Domain-0 label for '%s' has unexpected failure: %08x" % - (vm_label_red, int(ssidref))) -print "ssidref for '%s' is 0x%08x" % (vm_label_red, int(ssidref)) - -label = session.xenapi.VM.get_security_label(DOM0_UUID) - -if label != vm_label_red: - FAIL("Dom0 label '%s' not as expected '%s'" % (label, vm_label_red)) - - -ssidref = session.xenapi.VM.set_security_label(DOM0_UUID, - vm_label_sys, - vm_label_red) -if int(ssidref) <= 0 or int(ssidref) != 0x00010001: - FAIL("(3) Domain-0 label for '%s' has unexpected failure: %08x" % - (vm_label_sys, int(ssidref))) - -label = session.xenapi.VM.get_security_label(DOM0_UUID) - -if label != vm_label_sys: - FAIL("Dom0 label '%s' not as expected '%s'" % label, dom0_label) - -header = session.xenapi.ACMPolicy.get_header(xs_ref) - -if header['policyname'] != xm_test['policyname']: - FAIL("Name in header is '%s', expected is '%s'." % - (header['policyname'],xm_test['policyname'])) -if header['date'] != xm_test['date']: - FAIL("Date in header is '%s', expected is '%s'." % - (header['date'],xm_test['date'])) -if header.has_key("url") and header['url' ] != xm_test['url' ]: - FAIL("URL in header is '%s', expected is '%s'." % - (header['url' ],xm_test['url' ])) - -# Create another domain -try: - # XmTestAPIDomain tries to establish a connection to XenD - domain = XmTestAPIDomain(extraConfig={ 'security_label' : vm_label_blue }) -except Exception, e: - SKIP("Skipping test. Error: %s" % str(e)) - - -vm_uuid = domain.get_uuid() - -res = session.xenapi.VM.get_security_label(vm_uuid) -if res != vm_label_blue: - FAIL("VM has security label '%s', expected is '%s'" % - (res, vm_label_blue)) - -try: - domain.start(noConsole=True) -except: - FAIL("Could not create domain") - - -# Attempt to relabel the running domain -ssidref = session.xenapi.VM.set_security_label(vm_uuid, - vm_label_red, - vm_label_blue) -if int(ssidref) <= 0: - FAIL("Could not relabel running domain to '%s'." % vm_label_red) - -# user domain is 'red', dom0 is current 'SystemManagement'. -# Try to move domain-0 to 'red' first, then to 'blue'. - -# Moving domain-0 to 'red' should work -ssidref = session.xenapi.VM.set_security_label(DOM0_UUID, - vm_label_red, - vm_label_sys) -if int(ssidref) <= 0: - FAIL("Could not label domain-0 '%s'" % vm_label_red) - -# Moving the guest domain to 'blue' should not work due to conflict set -try: - ssidref = session.xenapi.VM.set_security_label(vm_uuid, - vm_label_blue, - vm_label_red) - FAIL("Could label guest domain with '%s', although this is in a conflict " - "set. ssidref=%x" % (vm_label_blue,int(ssidref))) -except: - pass - -label = session.xenapi.VM.get_security_label(vm_uuid) -if label != vm_label_red: - FAIL("User domain has wrong label '%s', expected '%s'." % - (label, vm_label_red)) - -label = session.xenapi.VM.get_security_label(DOM0_UUID) -if label != vm_label_red: - FAIL("Domain-0 has wrong label '%s'; expected '%s'." % - (label, vm_label_red)) - -ssidref = session.xenapi.VM.set_security_label(DOM0_UUID, - vm_label_sys, - vm_label_red) -if int(ssidref) < 0: - FAIL("Could not set the domain-0 security label to '%s'." % - (vm_label_sys)) - -# pause the domain and relabel it... -session.xenapi.VM.pause(vm_uuid) - -label = session.xenapi.VM.get_security_label(vm_uuid) -if label != vm_label_red: - FAIL("User domain has wrong label '%s', expected '%s'." % - (label, vm_label_red)) - -ssidref = session.xenapi.VM.set_security_label(vm_uuid, - vm_label_blue, - vm_label_red) -print "guest domain new label '%s'; ssidref is 0x%08x" % \ - (vm_label_blue, int(ssidref)) -if int(ssidref) <= 0: - FAIL("Could not label guest domain with '%s'" % (vm_label_blue)) - -label = session.xenapi.VM.get_security_label(vm_uuid) -if label != vm_label_blue: - FAIL("User domain has wrong label '%s', expected '%s'." % - (label, vm_label_blue)) - -session.xenapi.VM.unpause(vm_uuid) - -rc = session.xenapi.VM.suspend(vm_uuid) - -ssidref = session.xenapi.VM.set_security_label(vm_uuid, - vm_label_green, - vm_label_blue) -print "guest domain new label '%s'; ssidref is 0x%08x" % \ - (vm_label_green, int(ssidref)) -if int(ssidref) < 0: - FAIL("Could not label suspended guest domain with '%s'" % (vm_label_blue)) - -label = session.xenapi.VM.get_security_label(vm_uuid) -if label != vm_label_green: - FAIL("User domain has wrong label '%s', expected '%s'." % - (label, vm_label_green)) - - -rc = session.xenapi.VM.resume(vm_uuid, False) - -label = session.xenapi.VM.get_security_label(vm_uuid) -if label != vm_label_green: - FAIL("User domain has wrong label '%s', expected '%s'." % - (label, vm_label_green)) diff --git a/tools/xm-test/tests/security-acm/08_security-acm_xapi.py b/tools/xm-test/tests/security-acm/08_security-acm_xapi.py deleted file mode 100644 index 469bf35a91..0000000000 --- a/tools/xm-test/tests/security-acm/08_security-acm_xapi.py +++ /dev/null @@ -1,358 +0,0 @@ -#!/usr/bin/python - -# Copyright (C) International Business Machines Corp., 2007 -# Author: Stefan Berger - -# VM creation test with labeled VM and labeled VDI - -from XmTestLib import xapi -from XmTestLib.XenAPIDomain import XmTestAPIDomain -from XmTestLib import * -from xen.xend import XendAPIConstants -import xen.util.xsm.xsm as security -from xen.util import acmpolicy, xsconstants -import commands -import os - -vm_label_red = xsconstants.ACM_POLICY_ID + ":xm-test:red" -vm_label_green = xsconstants.ACM_POLICY_ID + ":xm-test:green" -vdi_label_red = xsconstants.ACM_POLICY_ID + ":xm-test:red" -vdi_label_green = xsconstants.ACM_POLICY_ID + ":xm-test:green" - -vm_label_unlabeled = xsconstants.ACM_POLICY_ID + ":xm-test:" + \ - acmpolicy.ACM_LABEL_UNLABELED - -vdi_file = "/dev/ram0" -vdi_path = "phy:" + vdi_file - -#Note: -# If during the suspend/resume operations 'red' instead of 'green' is -# used, the Chinese Wall policy goes into effect and disallows the -# suspended VM from being resumed... - -try: - # XmTestAPIDomain tries to establish a connection to XenD - domain = XmTestAPIDomain(extraConfig={ 'security_label' : vm_label_red }) -except Exception, e: - SKIP("Skipping test. Error: %s" % str(e)) - -vm_uuid = domain.get_uuid() - -session = xapi.connect() -xstype = session.xenapi.XSPolicy.get_xstype() -if int(xstype) & xsconstants.XS_POLICY_ACM == 0: - SKIP("ACM not enabled/compiled in Xen") - -f = open("xm-test-security_policy.xml", 'r') -if f: - newpolicyxml = f.read() - f.close() -else: - FAIL("Could not read 'xm-test' policy") - -policystate = session.xenapi.XSPolicy.get_xspolicy() -if int(policystate['type']) == 0: - policystate = session.xenapi.XSPolicy.set_xspolicy( - xsconstants.XS_POLICY_ACM, - newpolicyxml, - xsconstants.XS_INST_BOOT | xsconstants.XS_INST_LOAD, - True) - if int(policystate['flags']) == -1: - FAIL("Could not set the new policy.") - -policystate = session.xenapi.XSPolicy.get_xspolicy() -print "policystate = %s" % policystate -acm_ref = policystate['xs_ref'] - - -# -# Some tests with labeling of resources -# -labels = session.xenapi.XSPolicy.get_labeled_resources() -print "labeled resources are:\n%s" % labels - -oldlabel = session.xenapi.XSPolicy.get_resource_label("phy:/dev/ram0") - -rc = session.xenapi.XSPolicy.set_resource_label("phy:/dev/ram0", "", - oldlabel) - -rc = session.xenapi.XSPolicy.set_resource_label("phy:/dev/ram0", - vdi_label_green, - "") - -res = session.xenapi.XSPolicy.get_resource_label("phy:/dev/ram0") -if res != vdi_label_green: - FAIL("(1) get_resource_label returned unexpected result %s, wanted %s" % - (res, vdi_label_green)) - - -# -# Some test with labeling of VMs -# - -res = session.xenapi.VM.get_security_label(vm_uuid) - -if res != vm_label_red: - FAIL("VM.get_security_label returned wrong security label '%s'." % res) - -res = session.xenapi.VM.set_security_label(vm_uuid, vm_label_green, - vm_label_red) - -res = session.xenapi.VM.get_security_label(vm_uuid) -if res != vm_label_green: - FAIL("VM does not show expected label '%s' but '%s'." % - (vm_label_green, res)) - -res = session.xenapi.VM.set_security_label(vm_uuid, "", vm_label_green) -if int(res) != 0: - FAIL("Should be able to unlabel the domain while it's halted.") - -res = session.xenapi.VM.get_security_label(vm_uuid) -if res != vm_label_unlabeled: - FAIL("Unexpected VM security label after removal: %s" % res) - -res = session.xenapi.VM.set_security_label(vm_uuid, vm_label_red, res) -if int(res) != 0: - FAIL("Could not label the VM to '%s'" % vm_label_red) - -res = session.xenapi.VM.get_security_label(vm_uuid) -if res != vm_label_red: - FAIL("VM has wrong label '%s', expected '%s'." % (res, vm_label_red)) - -sr_uuid = session.xenapi.SR.get_by_name_label("Local") -if len(sr_uuid) == 0: - FAIL("Could not get a handle on SR 'Local'") - - -vdi_rec = { 'name_label' : "My disk", - 'SR' : sr_uuid[0], - 'virtual_size': 0, - 'sector_size' : 512, - 'parent' : '', - 'SR_name' : 'Local', - 'type' : 'system', - 'shareable' : False, - 'read-only' : False, - 'other_config': {'location': vdi_path} -} - -vdi_ref = session.xenapi.VDI.create(vdi_rec) - -res = session.xenapi.VDI.get_name_label(vdi_ref) -if res != vdi_rec['name_label']: - print "Destroying VDI now" - session.xenapi.VDI.destroy(vdi_ref) - FAIL("VDI_get_name_label return wrong information") - -res = session.xenapi.VDI.get_record(vdi_ref) -print "vdi_record : %s" % res - -oldlabel = session.xenapi.XSPolicy.get_resource_label(vdi_path) - -#Remove label from VDI device -rc = session.xenapi.XSPolicy.set_resource_label(vdi_path, - "", - oldlabel) - - -# Attach a VBD to the VM - -vbd_rec = { 'VM' : vm_uuid, - 'VDI' : vdi_ref, - 'device' : "xvda1", - 'mode' : 1, - 'bootable': 0, -} - -vbd_ref = session.xenapi.VBD.create(vbd_rec) - -res = session.xenapi.VBD.get_record(vbd_ref) - -try: - domain.start(noConsole=True) - # Should not get here. - print "Destroying VDI now" - session.xenapi.VDI.destroy(vdi_ref) - FAIL("Could start VM with a VBD that it is not allowed to access.") -except: - pass - print "Could not create domain -- that's good" - - -# -# Label the VDI now -# - -rc = session.xenapi.VDI.set_security_label(vdi_ref, vdi_label_red, "") -if int(rc) != 0: - FAIL("Could not set the VDI label to '%s'" % vdi_label_red) - -label = session.xenapi.VDI.get_security_label(vdi_ref) -if label != vdi_label_red: - session.xenapi.VDI.destroy(vdi_ref) - FAIL("Unexpected label '%s' on VDI, wanted '%s'" % - (label, vdi_label_red)) - -rc = session.xenapi.VDI.set_security_label(vdi_ref, "", label) -if int(rc) != 0: - session.xenapi.VDI.destroy(vdi_ref) - FAIL("Should be able to unlabel VDI.") - -rc = session.xenapi.VDI.set_security_label(vdi_ref, vdi_label_red, "") -if int(rc) != 0: - session.xenapi.VDI.destroy(vdi_ref) - FAIL("Should be able to label VDI with label '%s'" % vid_label_red) - -res = session.xenapi.XSPolicy.get_resource_label(vdi_path) -if res != vdi_label_red: - session.xenapi.VDI.destroy(vdi_ref) - FAIL("(2) get_resource_label on %s returned unexpected result %s, wanted '%s'" % - (vdi_path, res, vdi_label_red)) - -res = session.xenapi.VDI.get_security_label(vdi_ref) -if res != vdi_label_red: - session.xenapi.VDI.destroy(vdi_ref) - FAIL("get_security_label returned unexpected result %s, wanted '%s'" % - (res, vdi_label_red)) - -domain.start(noConsole=True) - -console = domain.getConsole() - -domName = domain.getName() - -try: - run = console.runCmd("cat /proc/interrupts") -except ConsoleError, e: - saveLog(console.getHistory()) - FAIL("Could not access proc-filesystem") - -# Try to relabel while VM is running -try: - res = session.xenapi.VM.set_security_label(vm_uuid, vm_label_green, - vm_label_red) -except: - pass - -lab = session.xenapi.VM.get_security_label(vm_uuid) -if lab == vm_label_green: - FAIL("Should not be able to reset the security label while running." - "tried to set to %s, got %s, old: %s" %(vm_label_green, lab, - vm_label_red)) - - -# -# Suspend the domain and relabel it -# - -try: - status, output = traceCommand("xm suspend %s" % domName, - timeout=30) -except TimeoutError, e: - session.xenapi.VDI.destroy(vdi_ref) - FAIL("Failure from suspending VM: %s." % str(e)) - -# Try to relabel while VM is suspended -- this should work - -rc = session.xenapi.VM.set_security_label(vm_uuid, vm_label_green, - vm_label_red) -if int(rc) != 0: - FAIL("VM security label could not be set to %s" % vm_label_green) - -res = session.xenapi.VM.get_security_label(vm_uuid) -if res != vm_label_green: - session.xenapi.VDI.destroy(vdi_ref) - FAIL("VM (suspended) has label '%s', expected '%s'." % - (res, vm_label_green)) - -status, output = traceCommand("xm list") - -#Try to resume now -- should fail due to denied access to block device -try: - status, output = traceCommand("xm resume %s" % domName, - timeout=30) - if status == 0: - session.xenapi.VDI.destroy(vdi_ref) - FAIL("Could resume re-labeled VM: %s" % output) -except Exception, e: - session.xenapi.VDI.destroy(vdi_ref) - FAIL("1. Error resuming the VM: %s." % str(e)) - -# Relabel VM so it would resume -res = session.xenapi.VM.set_security_label(vm_uuid, vm_label_red, - vm_label_green) -if int(res) != 0: - session.xenapi.VDI.destroy(vdi_ref) - FAIL("Could not relabel VM to have it resume.") - -res = session.xenapi.VM.get_security_label(vm_uuid) -if res != vm_label_red: - session.xenapi.VDI.destroy(vdi_ref) - FAIL("VM (suspended) has label '%s', expected '%s'." % - (res, vm_label_red)) - - -# Relabel the resource so VM should not resume -try: - session.xenapi.XSPolicy.set_resource_label(vdi_path, - vdi_label_green, - "") -except Exception, e: - session.xenapi.VDI.destroy(vdi_ref) - FAIL("Could not label the VDI to '%s': %x" % - (vdi_label_green, int(rc))) - -#Try to resume now -- should fail due to denied access to block device -try: - status, output = traceCommand("xm resume %s" % domName, - timeout=30) - if status == 0: - session.xenapi.VDI.destroy(vdi_ref) - FAIL("Could resume re-labeled VM: %s" % output) -except Exception, e: - session.xenapi.VDI.destroy(vdi_ref) - FAIL("2. Error resuming the VM: %s." % str(e)) - - -status, output = traceCommand("xm list") - -# Relabel the resource so VM can resume -try: - session.xenapi.XSPolicy.set_resource_label(vdi_path, - vdi_label_red, - vdi_label_green) -except Exception, e: - session.xenapi.VDI.destroy(vdi_ref) - FAIL("Could not label the resource to '%s'" % vid_label_red) - -res = session.xenapi.XSPolicy.get_resource_label(vdi_path) -if res != vdi_label_red: - session.xenapi.VDI.destroy(vdi_ref) - FAIL("'%s' has label '%s', expected '%s'." % - (vdi_path, res, vdi_label_red)) - -#Try to resume now -- should work -try: - status, output = traceCommand("xm resume %s" % domName, - timeout=30) - if status != 0: - session.xenapi.VDI.destroy(vdi_ref) - FAIL("Could not resume re-labeled VM: %s" % output) -except Exception, e: - session.xenapi.VDI.destroy(vdi_ref) - FAIL("3. Error resuming the VM: %s." % str(e)) - - -status, output = traceCommand("xm list") - -console = domain.getConsole() - -try: - run = console.runCmd("cat /proc/interrupts") -except ConsoleError, e: - saveLog(console.getHistory()) - session.xenapi.VDI.destroy(vdi_ref) - FAIL("Could not access proc-filesystem") - -domain.stop() -domain.destroy() diff --git a/tools/xm-test/tests/security-acm/09_security-acm_pol_update.py b/tools/xm-test/tests/security-acm/09_security-acm_pol_update.py deleted file mode 100644 index cc53baf2b9..0000000000 --- a/tools/xm-test/tests/security-acm/09_security-acm_pol_update.py +++ /dev/null @@ -1,437 +0,0 @@ -#!/usr/bin/python - -# Copyright (C) International Business Machines Corp., 2007 -# Author: Stefan Berger - -# Test to exercise the xspolicy and acmpolicy classes - -from XmTestLib import xapi -from XmTestLib.XenAPIDomain import XmTestAPIDomain -from XmTestLib.acm import * -from XmTestLib import * -from xen.xend import XendAPIConstants -import xen.util.xsm.xsm as security -from xen.util import xsconstants -from xen.util.acmpolicy import ACMPolicy -from xen.xend.XendDomain import DOM0_UUID -import base64 -import struct -import time - -if not isACMEnabled(): - SKIP("Not running this test since ACM not enabled.") - -try: - session = xapi.connect() -except: - SKIP("Skipping this test since xm is not using the Xen-API.") - -def typestoxml(types): - res = "" - for t in types: - res += "" + t + "\n" - return res - -def cfstoxml(cfss): - res = "" - for cfs in cfss: - res += "\n" + \ - typestoxml(cfs['chws']) + \ - "\n" - return res - -def vmlabelstoxml(vmlabels, vmfrommap): - res = "" - for vmlabel in vmlabels: - res += "\n" - if vmlabel['name'] in vmfrommap: - res += "" - else: - res += "" - res += vmlabel['name'] + "\n" - res += "\n" + \ - typestoxml(vmlabel['stes']) + \ - "\n" - if vmlabel.has_key('chws'): - res += "\n" + \ - typestoxml(vmlabel['chws']) + \ - "\n" - res += "\n" - return res - - -def reslabelstoxml(reslabels, resfrommap): - res = "" - for reslabel in reslabels: - res += "\n" - if resfrommap.has_key(reslabel['name']): - res += "" - else: - res += "" - res += reslabel['name'] + "\n" - res += "\n" + \ - typestoxml(reslabel['stes']) + \ - "\n" - res += "\n" - return res - -def create_xml_policy(hdr, stes, chws, - vmlabels, vmfrommap, bootstrap, - reslabels, resfrommap, - cfss): - hdr_xml ="\n" + \ - " " + hdr['name'] + "\n" + \ - " " + hdr['version'] + "\n" + \ - " \n" + \ - " " + hdr['oldname'] + "\n" + \ - " " + hdr['oldversion'] + "\n" + \ - " \n" + \ - "\n" - - stes_xml = "\n" + \ - " \n" + \ - typestoxml(stes) + \ - " \n" + \ - "\n" - - chws_xml = "\n" + \ - " \n" + \ - typestoxml(chws) + \ - " \n" + \ - " \n" + \ - cfstoxml(cfss) + \ - " \n" + \ - "\n" - - subjlabel_xml = "\n" + \ - vmlabelstoxml(vmlabels, vmfrommap) + \ - "\n" - objlabel_xml = "\n" + \ - reslabelstoxml(reslabels, resfrommap) + \ - "\n" - - policyxml = "\n" + \ - "\n" + \ - hdr_xml + \ - stes_xml + \ - chws_xml + \ - "\n" + \ - subjlabel_xml + \ - objlabel_xml + \ - "\n" + \ - "\n" - return policyxml - - -def update_hdr(hdr): - """ Update the version information in the header """ - hdr['oldversion'] = hdr['version'] - hdr['oldname'] = hdr['name'] - vers = hdr['version'] - tmp = vers.split('.') - if len(tmp) == 1: - rev = 1 - else: - rev = int(tmp[1]) + 1 - hdr['version'] = "%s.%s" % (tmp[0],rev) - return hdr - -session = xapi.connect() - -policystate = session.xenapi.XSPolicy.get_xspolicy() - -if policystate['repr'] != "": - print "%s" % policystate['repr'] - try: - acmpol = ACMPolicy(xml=policystate['repr']) - except Exception, e: - FAIL("Failure from creating ACMPolicy object: %s" % str(e)) - oldname = acmpol.policy_dom_get_hdr_item("PolicyName") - oldvers = acmpol.policy_dom_get_hdr_item("Version") - tmp = oldvers.split(".") - if len(tmp) == 1: - rev = 1 - else: - rev = int(tmp[1]) + 1 - newvers = "%s.%s" % (tmp[0], str(rev)) - print "old name/version = %s/%s" % (oldname, oldvers) -else: - oldname = None - oldvers = None - newvers = "1.0" - -# Initialize the header of the policy -hdr = {} -hdr['name'] = "xm-test" -hdr['version'] = newvers - -if oldname: - hdr['oldname'] = oldname - if oldvers and oldvers != "": - hdr['oldversion'] = oldvers - -stes = [ "SystemManagement", "red", "green", "blue" ] - -chws = [ "SystemManagement", "red", "green", "blue" ] - -bootstrap = "SystemManagement" - -vm_sysmgt = { 'name' : bootstrap, - 'stes' : stes, - 'chws' : [ "SystemManagement" ] } - -vm_red = { 'name' : "red" , - 'stes' : ["red"] , - 'chws' : ["red"] } - -vm_green = { 'name' : "green" , - 'stes' : ["green"] , - 'chws' : ["green"] } - -vm_blue = { 'name' : "blue" , - 'stes' : ["blue"] , - 'chws' : ["blue"] } - -res_red = { 'name' : "red" , - 'stes' : ["red"] } - -res_green = { 'name' : "green" , - 'stes' : ["green"] } - -res_blue = { 'name' : "blue" , - 'stes' : ["blue"] } - -cfs_1 = { 'name' : "CFS1", - 'chws' : [ "red" , "blue" ] } - -vmlabels = [ vm_sysmgt, vm_red, vm_green, vm_blue ] -vmfrommap = {} -reslabels = [ res_red, res_green, res_blue ] -resfrommap = {} -cfss = [ cfs_1 ] - -vm_label_red = xsconstants.ACM_POLICY_ID + ":xm-test:red" -vm_label_green = xsconstants.ACM_POLICY_ID + ":xm-test:green" -vm_label_blue = xsconstants.ACM_POLICY_ID + ":xm-test:blue" - -xml = create_xml_policy(hdr, stes, chws, - vmlabels, vmfrommap, bootstrap, - reslabels, resfrommap, - cfss) - -xml_good = xml - -policystate = session.xenapi.XSPolicy.set_xspolicy(xsconstants.XS_POLICY_ACM, - xml, - xsconstants.XS_INST_LOAD, - True) - -print "\n\npolicystate = %s" % policystate - -policystate = session.xenapi.XSPolicy.get_xspolicy() - -# -# Create two non-conflicting domains and start them -# -try: - # XmTestAPIDomain tries to establish a connection to XenD - domain1 = XmTestAPIDomain(extraConfig={ 'security_label' : vm_label_red }) -except Exception, e: - SKIP("Skipping test. Error: %s" % str(e)) - - -vm1_uuid = domain1.get_uuid() - -try: - domain1.start(noConsole=True) -except: - FAIL("Could not start domain1") - -print "Domain 1 started" - -try: - # XmTestAPIDomain tries to establish a connection to XenD - domain2 = XmTestAPIDomain(extraConfig={'security_label': vm_label_green }) -except Exception, e: - SKIP("Skipping test. Error: %s" % str(e)) - -vm2_uuid = domain2.get_uuid() - -try: - domain2.start(noConsole=True) -except: - FAIL("Could not start domain1") - - -print "Domain 2 started" - -# Try a policy that would put the two domains into conflict -cfs_2 = { 'name' : "CFS1", - 'chws' : [ "red" , "green" ] } -cfss = [ cfs_2 ] - -hdr = update_hdr(hdr) -xml = create_xml_policy(hdr, stes, chws, - vmlabels, vmfrommap, bootstrap, - reslabels, resfrommap, - cfss) - -policystate = session.xenapi.XSPolicy.set_xspolicy(xsconstants.XS_POLICY_ACM, - xml, - xsconstants.XS_INST_LOAD, - True) - -print "policystate %s" % policystate - -if int(policystate['xserr']) == 0: - FAIL("(1) Should not have been able to set this policy.") - -if len(policystate['errors']) == 0: - FAIL("Hypervisor should have reported errros.") - -errors = base64.b64decode(policystate['errors']) - -print "Length of errors: %d" % len(errors) -a,b = struct.unpack("!ii",errors) - -print "%08x , %08x" % (a,b) - -# -# Create a faulty policy with 'red' STE missing -# - -cfss = [ cfs_1 ] -stes = [ "SystemManagement", "green", "blue" ] - -xml = create_xml_policy(hdr, stes, chws, - vmlabels, vmfrommap, bootstrap, - reslabels, resfrommap, - cfss) -policystate = session.xenapi.XSPolicy.set_xspolicy(xsconstants.XS_POLICY_ACM, - xml, - xsconstants.XS_INST_LOAD, - True) - -print "Result from setting faulty(!) policy with STE 'red' missing:" -print "policystate %s" % policystate - -if int(policystate['xserr']) == 0: - FAIL("(2) Should not have been able to set this policy.") - -# -# Create a policy with 'red' VMLabel missing -- should not work since it is -# in use. -# -stes = [ "SystemManagement", "red", "green", "blue" ] - -vmlabels = [ vm_sysmgt, vm_green, vm_blue ] - -xml = create_xml_policy(hdr, stes, chws, - vmlabels, vmfrommap, bootstrap, - reslabels, resfrommap, - cfss) -policystate = session.xenapi.XSPolicy.set_xspolicy(xsconstants.XS_POLICY_ACM, - xml, - xsconstants.XS_INST_LOAD, - True) -print "Result from setting faulty(!) policy with VMlabel 'red' missing:" -print "policystate %s" % policystate - -if int(policystate['xserr']) == 0: - FAIL("(3) Should not have been able to set this policy.") - -# -# Create a policy with 'blue' VMLabel missing -- should work since it is NOT -# in use. -# -vmlabels = [ vm_sysmgt, vm_red, vm_green ] - -xml = create_xml_policy(hdr, stes, chws, - vmlabels, vmfrommap, bootstrap, - reslabels, resfrommap, - cfss) -policystate = session.xenapi.XSPolicy.set_xspolicy(xsconstants.XS_POLICY_ACM, - xml, - xsconstants.XS_INST_LOAD, - True) - -print "Result from setting (good) policy with VMlabel 'blue' missing:" -print "policystate %s" % policystate - -if int(policystate['xserr']) != 0: - FAIL("(4) Should have been able to set this policy: %s" % xml) - -# -# Move the green VMLabel towards blue which should put the running -# domain with label blue into a conflict set -# -vmlabels = [ vm_sysmgt, vm_red, vm_blue ] - -vmfrommap = { "blue" : "green" } # new : old - -hdr = update_hdr(hdr) #Needed, since last update was successful -xml = create_xml_policy(hdr, stes, chws, - vmlabels, vmfrommap, bootstrap, - reslabels, resfrommap, - cfss) - -policystate = session.xenapi.XSPolicy.set_xspolicy(xsconstants.XS_POLICY_ACM, - xml, - xsconstants.XS_INST_LOAD, - True) - -print "policystate %s" % policystate - -if int(policystate['xserr']) == 0: - FAIL("(5) Should not have been able to set this policy.") - -# -# Try to install a policy where a VM label has a faulty VM label name -# -vmfrommap = {} - -vm_blue_bad = { 'name' : "blue:x" , # ':' no allowed - 'stes' : ["blue"], - 'chws' : ["blue"] } - -vmlabels = [ vm_sysmgt, vm_red, vm_green, vm_blue_bad ] - -xml = create_xml_policy(hdr, stes, chws, - vmlabels, vmfrommap, bootstrap, - reslabels, resfrommap, - cfss) - -policystate = session.xenapi.XSPolicy.set_xspolicy(xsconstants.XS_POLICY_ACM, - xml, - xsconstants.XS_INST_LOAD, - True) - -print "policystate %s" % policystate - -if int(policystate['xserr']) == 0: - FAIL("(6) Should not have been able to set this policy.") - -# -# End the test by installing the initial policy again -# - -cur_version = hdr['version'] -(maj, min) = cur_version.split(".") -cur_version = "%s.%s" % (maj, str(int(min)-1) ) - -orig_acmpol = ACMPolicy(xml=xml_good) -orig_acmpol.set_frompolicy_version(cur_version) -orig_acmpol.set_policy_version(hdr['version']) - -policystate = session.xenapi.XSPolicy.set_xspolicy(xsconstants.XS_POLICY_ACM, - orig_acmpol.toxml(), - xsconstants.XS_INST_LOAD, - True) - -if int(policystate['xserr']) != 0: - FAIL("(END) Should have been able to set this policy.") - -domain1.stop() -domain2.stop() -domain1.destroy() -domain2.destroy() diff --git a/tools/xm-test/tests/security-acm/10_security-acm_pol_update.py b/tools/xm-test/tests/security-acm/10_security-acm_pol_update.py deleted file mode 100644 index b60a62eae2..0000000000 --- a/tools/xm-test/tests/security-acm/10_security-acm_pol_update.py +++ /dev/null @@ -1,354 +0,0 @@ -#!/usr/bin/python - -# Copyright (C) International Business Machines Corp., 2006 -# Author: Stefan Berger -# - -import os -import re -import commands -from XmTestLib import * -import xen.util.xsm.xsm as security -from xen.util import xsconstants - -def checkLabel(labeldata, expected, domname): - if labeldata[0] != expected[0]: - FAIL("Policy type of %s is bad: %s" % (domname, labeldata[0])) - if labeldata[1] != expected[1]: - FAIL("Unexpected policy indicated in %s label '%s', expected '%s'." % - (domname, labeldata[1], expected[1])) - if labeldata[2] != expected[2]: - FAIL("%s does not have '%s' label but '%s'." % - (domname, expected[2], labeldata[2])) - -if not isACMEnabled(): - SKIP("Not running this test since ACM not enabled.") - -testpolicy = "xm-test" -testlabel1 = "blue" -testlabel2 = "red" -testlabel3 = "green" - -# reset the policy - must work -s, o = traceCommand('xm resetpolicy') -if s: - FAIL("Could not reset the policy.") - - -s, o = traceCommand('xm resources | grep -E "^[phy|file|vlan]" ') -resnames = [] -if o: - resnames = o.split('\n') - - for res in resnames: - s, o = traceCommand('xm rmlabel res %s' % res) - -#Unlabeled domain must not start under xm-test policy -domain_ul = XmTestDomain(name='domain-unlabeled', - extraConfig=None) -del domain_ul.config.opts['access_control'] -try: - domain_ul.start(noConsole=True) - FAIL("Could start unlabeled domain.") -except DomainError, e: - domain_ul.destroy() # delete if xend-managed domain - - -config = {"access_control":"policy=%s,label=%s" % (testpolicy,testlabel1)} - -domain_blue = XmTestDomain(name='domain-%s' % testlabel1, - extraConfig=config) - -config = {"access_control":"policy=%s,label=%s" % (testpolicy,testlabel3)} - -domain_green = XmTestDomain(name='domain-%s' % testlabel3, - extraConfig=config) - - -try: - domain_blue.start(noConsole=True) -except DomainError, e: - if verbose: - print e.extra - FAIL("Unable to start blue labeled test domain") - -s, o = traceCommand('xm list Domain-0 --label | grep -E "Domain-0"') -if s: - FAIL("Could not get the label of Domain-0") - -info = o.strip().split(' ') -labeldata = info[-1].split(':') -if len(labeldata) != 3: - FAIL("Label of Domain-0 is bad: '%s'" % info[-1]) -checkLabel(labeldata, - [xsconstants.ACM_POLICY_ID, "xm-test", "SystemManagement"], - "Domain-0") - -# Should be able to set the Domain-0 label to blue -s, o = traceCommand('xm addlabel blue mgt Domain-0') -if s: - FAIL("Could not set the label of Domain-0 to 'blue'.") -s,o = traceCommand('xm list Domain-0 --label | grep -E "Domain-0"') -if s: - FAIL("Could not get the label of Domain-0") - -info = o.strip().split() -labeldata = info[-1].split(':') -if len(labeldata) != 3: - FAIL("Label of Domain-0 is bad: '%s'" % info[-1]) -checkLabel(labeldata, - [xsconstants.ACM_POLICY_ID, "xm-test", "blue"], - "Domain-0") - -#Should not be able to set the label of Domain-0 to 'red' -s, o = traceCommand('xm addlabel red mgt Domain-0') -if not s: - FAIL("Could set the label of Domain-0 to 'red'.") -s,o = traceCommand('xm list Domain-0 --label | grep -E "Domain-0"') -if s: - FAIL("Could not get the label of Domain-0") - -info = o.strip().split() -labeldata = info[-1].split(':') -if len(labeldata) != 3: - FAIL("Label of Domain-0 is bad: '%s'" % info[-1]) -checkLabel(labeldata, - [xsconstants.ACM_POLICY_ID, "xm-test", "blue"], - "Domain-0") - -# Should be able to set the label of Domain-0 to 'SystemManagement' -s, o = traceCommand('xm addlabel SystemManagement mgt Domain-0') -if s: - FAIL("Could not set the label of Domain-0 to 'SystemManagement'.") -s,o = traceCommand('xm list Domain-0 --label | grep -E "Domain-0"') -if s: - FAIL("Could not get the label of Domain-0") - -info = o.strip().split() -labeldata = info[-1].split(':') -if len(labeldata) != 3: - FAIL("Label of Domain-0 is bad: '%s'" % info[-1]) -checkLabel(labeldata, - [xsconstants.ACM_POLICY_ID, "xm-test", "SystemManagement"], - "Domain-0") - -#Label some resource green -#Label some resource red -#Label some resource blue - -s, o = traceCommand('xm addlabel green res file:/tmp/green') -if s: - FAIL("Could not label resource 'green'.") -s, o = traceCommand('xm addlabel red res file:/tmp/red') -if s: - FAIL("Could not label resource 'red'.") -s, o = traceCommand('xm addlabel blue res file:/tmp/blue') -if s: - FAIL("Could not label resrouce 'blue'") - -# Start a green domain -try: - domain_green.start(noConsole=True) -except DomainError, e: - if verbose: - print e.extra - FAIL("Unable to start green labeled test domain") - -# Update the system's policy. Should not work, since blue Domain is running -s, o = traceCommand('xm setpolicy ACM xm-test-update') -if not s: - FAIL("Could set the new policy even though blue domain is running.") - -s, o = traceCommand('xm getpolicy | grep "Policy name"') -info = o.split(':') -poldata = [i.strip() for i in info] - -if poldata[1] != 'xm-test': - FAIL("Policy should be 'xm-test' but is now '%s'." % poldata[1]) - -# Check that no labels have changed -s, o = traceCommand('xm getlabel res file:/tmp/green') -if s: - FAIL("Could not get label for green resource.") -label=o.strip() -if label != 'ACM:xm-test:green': - FAIL("Label for green resource has changed to '%s', but should not have," - % label) - -s, o = traceCommand('xm getlabel res file:/tmp/red') -if s: - FAIL("Could not get label for red resource.") -label=o.strip() -if label != 'ACM:xm-test:red': - FAIL("Label for red resource has changed to '%s', but should not have," - % label) - -s, o = traceCommand('xm getlabel res file:/tmp/blue') -if s: - FAIL("Could not get label for blue resource.") -label=o.strip() -if label != 'ACM:xm-test:blue': - FAIL("Label for blue resource has changed to '%s', but should not have," - % label) - -# Terminate blue domain -domain_blue.destroy() - -# Update the system's policy. Should work and rename the green domain to GREEN -s, o = traceCommand('xm setpolicy ACM xm-test-update') -if s: - FAIL("Could not set the new policy.") - -acm.setCurrentPolicy('xm-test-update') - -s, o = traceCommand('xm getpolicy | grep "Policy name"') -info = o.split(':') -poldata = [i.strip() for i in info] - -if poldata[1] != 'xm-test-update': - FAIL("Policy should be 'xm-test-update' but is now '%s'." % poldata[1]) - -# check previously labeled resources -# - green should be GREEN now -# - blue should have been invalidated -# - red should be the same -s, o = traceCommand('xm getlabel res file:/tmp/green') -if s: - FAIL("Could not get label for GREEN resource.") -label=o.strip() -if label != 'ACM:xm-test-update:GREEN': - FAIL("Label for green resource has changed to '%s', but should not have," - % label) - -s, o = traceCommand('xm getlabel res file:/tmp/red') -if s: - FAIL("Could not get label for RED resource.") -label=o.strip() -if label != 'ACM:xm-test-update:RED': - FAIL("Label for RED resource has changed to '%s', expected is '%s'," - % (label,'ACM:xm-test-update:RED')) - -s, o = traceCommand('xm getlabel res file:/tmp/blue') -if s: - FAIL("Could not get label for blue resource.") -label=o.strip() -if label != 'INV_ACM:xm-test:blue': - FAIL("Label for blue resource has changed to '%s', expected is '%s'," - % (label,'INV_ACM:xm-test:blue')) - -config = {"access_control":"policy=%s,label=%s" % ('xm-test-update',testlabel2)} - -domain_red = XmTestDomain(name='domain-%s' % testlabel2, - extraConfig=config) - -# Start the red domain - should not work due to conflict set -try: - domain_red.start(noConsole=True) - FAIL("Could start 'red' domain.") -except DomainError, e: - domain_red.destroy() # delete if xend-managed domain - -# Terminate GREEN domain -domain_green.destroy() - -# Start the red domain - should work now -try: - domain_red.start() -except DomainError, e: - FAIL("Could not start 'red' domain.") - -# Stop the red domain. -domain_red.destroy() - -# Make Domain-0 GREEN -s, o = traceCommand('xm addlabel GREEN mgt Domain-0') -if s: - FAIL("Could not set Domain-0's label to 'GREEN'.") -s,o = traceCommand('xm list Domain-0 --label | grep -E "Domain-0"') -if s: - FAIL("Could not get the label of Domain-0") - -info = o.strip().split() -labeldata = info[-1].split(':') -if len(labeldata) != 3: - FAIL("Label of Domain-0 is bad: '%s'" % info[-1]) -checkLabel(labeldata, - [xsconstants.ACM_POLICY_ID, "xm-test-update", "GREEN"], - "Domain-0") - -# Start the red domain - should not work due to conflict set -try: - domain_red.start() - FAIL("Could start 'red' domain.") -except DomainError, e: - pass - -# Set Domain-0's domain to SystemManagement -s, o = traceCommand('xm addlabel SystemManagement mgt Domain-0') -if s: - FAIL("Could not set Domain-0's label to SystemManagement.") - -# Start unlabeled domain - should work -try: - domain_ul.start(noConsole=True) -except DomainError, e: - FAIL("Could not start unlabeled domain.") - -# Stop red domain -domain_red.destroy() - -# Stop unlabeled domain -domain_ul.destroy() - - -# Mark Domain-0 as red. This must not have any effect on the later reset -s, o = traceCommand('xm addlabel red mgt Domain-0') -if s: - FAIL("Could not set Domain-0's label to 'red'.") -s,o = traceCommand('xm list Domain-0 --label | grep -E "Domain-0"') -if s: - FAIL("Could not get the label of Domain-0") - -info = o.strip().split() -labeldata = info[-1].split(':') -if len(labeldata) != 3: - FAIL("Label of Domain-0 is bad: '%s'" % info[-1]) -checkLabel(labeldata, - [xsconstants.ACM_POLICY_ID, "xm-test-update", "red"], - "Domain-0") - -# reset the policy - should work -s, o = traceCommand('xm resetpolicy') -if s: - FAIL("Could not reset the policy.") - -# check previously labeled resources -# - GREEN should be invalid -# - red should be invalid -# - blue should be invalid -s, o = traceCommand('xm getlabel res file:/tmp/green') -if s: - FAIL("Could not get label for GREEN resource.") -label=o.strip() -exp='INV_ACM:xm-test-update:GREEN' -if label != exp: - FAIL("Label for green resource has changed to '%s', but should be '%s'," - % (label, exp)) - -s, o = traceCommand('xm getlabel res file:/tmp/red') -if s: - FAIL("Could not get label for RED resource.") -label=o.strip() -exp='INV_ACM:xm-test-update:RED' -if label != exp: - FAIL("Label for RED resource has changed to '%s', but should be '%s'.," - % (label, exp)) - -s, o = traceCommand('xm getlabel res file:/tmp/blue') -if s: - FAIL("Could not get label for blue resource.") -label=o.strip() -exp='INV_ACM:xm-test:blue' -if label != exp: - FAIL("Label for blue resource has changed to '%s', but should be '%s'," - % (label, exp)) diff --git a/tools/xm-test/tests/security-acm/Makefile.am b/tools/xm-test/tests/security-acm/Makefile.am deleted file mode 100644 index 9bbb856a1b..0000000000 --- a/tools/xm-test/tests/security-acm/Makefile.am +++ /dev/null @@ -1,33 +0,0 @@ -SUBDIRS = - -TESTS = 01_security-acm_basic.test \ - 02_security-acm_dom_start.test \ - 03_security-acm_dom_conflict.test \ - 04_security-acm_dom_res.test \ - 05_security-acm_dom_res_conf.test \ - 06_security-acm_dom_block_attach.test \ - 07_security-acm_pol_update.test \ - 08_security-acm_xapi.test \ - 09_security-acm_pol_update.test \ - 10_security-acm_pol_update.test - -XFAIL_TESTS = - -EXTRA_DIST = $(TESTS) $(XFAIL_TESTS) acm_utils.py -TESTS_ENVIRONMENT=@TENV@ - -%.test: %.py - cp $< $@ - chmod +x $@ - @if [ -d /etc/xen/acm-security/policies ]; then \ - cp -f xm-test-security_policy.xml \ - xm-test-update-security_policy.xml\ - /etc/xen/acm-security/policies; \ - fi; - -clean-local: am_config_clean-local - -am_config_clean-local: - rm -f *test - rm -f *log - rm -f *~ diff --git a/tools/xm-test/tests/security-acm/acm_utils.py b/tools/xm-test/tests/security-acm/acm_utils.py deleted file mode 100644 index 457aa840b3..0000000000 --- a/tools/xm-test/tests/security-acm/acm_utils.py +++ /dev/null @@ -1,16 +0,0 @@ -#!/usr/bin/python - -# Copyright (C) International Business Machines Corp., 2006 -# Author: Stefan Berger - -from XmTestLib import * -from XmTestLib.acm import * - -testpolicy = "xm-test" -vmconfigfile = "/tmp/xm-test.conf" - -if not isACMEnabled(): - SKIP("Not running this test since ACM not enabled.") - -setCurrentPolicy(testpolicy) -ACMSetPolicy() diff --git a/tools/xm-test/tests/security-acm/xm-test-new-security_policy.xml b/tools/xm-test/tests/security-acm/xm-test-new-security_policy.xml deleted file mode 100644 index abc49e1ef5..0000000000 --- a/tools/xm-test/tests/security-acm/xm-test-new-security_policy.xml +++ /dev/null @@ -1,97 +0,0 @@ - - - - - xm-test - Fri Sep 29 14:44:38 2006 - 1.1 - - xm-test - 1.0 - - - - - - SystemManagement - green - red - - - - - - SystemManagement - green - red - - - - - green - red - - - - - - - - SystemManagement - - SystemManagement - green - red - - - SystemManagement - - - - - green - - green - - - green - - - - - red - - red - - - red - - - - - - - - SystemManagement - - SystemManagement - - - - - green - - green - - - - - red - - red - - - - - - diff --git a/tools/xm-test/tests/security-acm/xm-test-security_policy.xml b/tools/xm-test/tests/security-acm/xm-test-security_policy.xml deleted file mode 100644 index 9c84a83626..0000000000 --- a/tools/xm-test/tests/security-acm/xm-test-security_policy.xml +++ /dev/null @@ -1,111 +0,0 @@ - - - - - xm-test - Fri Sep 29 14:44:38 2006 - 1.0 - - - - - SystemManagement - green - red - blue - - - - - - SystemManagement - green - red - blue - - - - - blue - red - - - - - - - - SystemManagement - - SystemManagement - green - red - blue - - - SystemManagement - - - - - green - - green - - - green - - - - - red - - red - - - red - - - - - blue - - blue - - - blue - - - - - - - SystemManagement - - SystemManagement - - - - - green - - green - - - - - red - - red - - - - - blue - - blue - - - - - diff --git a/tools/xm-test/tests/security-acm/xm-test-update-security_policy.xml b/tools/xm-test/tests/security-acm/xm-test-update-security_policy.xml deleted file mode 100644 index 8c026c9da2..0000000000 --- a/tools/xm-test/tests/security-acm/xm-test-update-security_policy.xml +++ /dev/null @@ -1,117 +0,0 @@ - - - - - xm-test-update - Fri Sep 29 14:44:38 2006 - 1.1 - - xm-test - 1.0 - - - - - - SystemManagement - GREEN - red - __UNLABELED__ - - - - - - SystemManagement - GREEN - red - __UNLABELED__ - - - - - GREEN - red - - - - - - - - SystemManagement - - SystemManagement - GREEN - red - __UNLABELED__ - - - SystemManagement - - - - - GREEN - - GREEN - - - GREEN - - - - - red - - red - - - red - - - - - __UNLABELED__ - - __UNLABELED__ - - - __UNLABELED__ - - - - - - - - SystemManagement - - SystemManagement - - - - - GREEN - - GREEN - - - - - RED - - red - - - - - __UNLABELED__ - - __UNLABELED__ - - - - - - -- cgit v1.2.3