* [PATCH] choose security model for ACM at built-time @ 2005-06-24 15:33 aq 2005-06-24 16:13 ` Keir Fraser 0 siblings, 1 reply; 3+ messages in thread From: aq @ 2005-06-24 15:33 UTC (permalink / raw) To: xen-devel, xense-devel, Keir Fraser [-- Attachment #1: Type: text/plain, Size: 640 bytes --] At the moment, there is a problem with ACM: it is impossible to set ACM security model at built-time, so even with ACM is chosen to build, the default policy is NULL, which is useless. This patch propose a solution to this problem: build process will generate a header file (include/public/acm_policy.h) based on the value set in xen/Makefile or at command-line, and gets acm.h included it. Signed-off-by: Nguyen Anh Quynh <aquynh@gmail.com> $ diffstat acm6.patch xen/Makefile | 27 +++++++++++++++++++++++++-- xen/include/public/acm.h | 9 +++------ 2 files changed, 28 insertions(+), 8 deletions(-) [-- Attachment #2: acm6.patch --] [-- Type: application/octet-stream, Size: 2816 bytes --] ===== xen/Makefile 1.86 vs edited ===== --- 1.86/xen/Makefile 2005-06-22 23:18:11 +09:00 +++ edited/xen/Makefile 2005-06-24 23:39:45 +09:00 @@ -15,6 +15,14 @@ export BASEDIR := $(CURDIR) +# ACM_USE_SECURITY_POLICY is set to security policy for Xen +# Supported models are: +# ACM_NULL_POLICY (ACM will not be built with this policy) +# ACM_CHINESE_WALL_POLICY +# ACM_SIMPLE_TYPE_ENFORCEMENT_POLICY +# ACM_CHINESE_WALL_AND_SIMPLE_TYPE_ENFORCEMENT_POLICY +ACM_USE_SECURITY_POLICY ?= ACM_NULL_POLICY + include Rules.mk default: build @@ -54,20 +62,35 @@ $(TARGET): delete-unfresh-files $(MAKE) include/xen/compile.h + $(MAKE) include/public/acm_policy.h [ -e include/asm ] || ln -sf asm-$(TARGET_ARCH) include/asm $(MAKE) -C arch/$(TARGET_ARCH) asm-offsets.s $(MAKE) include/asm-$(TARGET_ARCH)/asm-offsets.h $(MAKE) -C common $(MAKE) -C drivers -ifdef ACM_USE_SECURITY_POLICY +ifneq ($(ACM_USE_SECURITY_POLICY),ACM_NULL_POLICY) $(MAKE) -C acm endif $(MAKE) -C arch/$(TARGET_ARCH) # drivers/char/console.o may contain static banner/compile info. Blow it away. delete-unfresh-files: - rm -f include/xen/banner.h include/xen/compile.h drivers/char/console.o + rm -f include/xen/banner.h include/xen/compile.h include/public/acm_policy.h drivers/char/console.o $(MAKE) -C arch/$(TARGET_ARCH) delete-unfresh-files + +# acm_policy.h contains security policy for Xen +include/public/acm_policy.h: + @(set -e; \ + echo "/*"; \ + echo " * DO NOT MODIFY."; \ + echo " *"; \ + echo " * This file was auto-generated by xen/Makefile $<"; \ + echo " *"; \ + echo " */"; \ + echo ""; \ + echo "#ifndef ACM_USE_SECURITY_POLICY"; \ + echo "#define ACM_USE_SECURITY_POLICY $(ACM_USE_SECURITY_POLICY)"; \ + echo "#endif") >$@ # compile.h contains dynamic build info. Rebuilt on every 'make' invocation. include/xen/compile.h: LANG=C ===== xen/include/public/acm.h 1.1 vs edited ===== --- 1.1/xen/include/public/acm.h 2005-06-21 07:28:06 +09:00 +++ edited/xen/include/public/acm.h 2005-06-25 00:18:40 +09:00 @@ -22,11 +22,12 @@ * todo: move from static policy choice to compile option. */ -#ifndef _XEN_PUBLIC_SHYPE_H -#define _XEN_PUBLIC_SHYPE_H +#ifndef _XEN_PUBLIC_ACM_H +#define _XEN_PUBLIC_ACM_H #include "xen.h" #include "sched_ctl.h" +#include "acm_policy.h" /* if ACM_DEBUG defined, all hooks should * print a short trace message (comment it out @@ -70,10 +71,6 @@ (X == ACM_SIMPLE_TYPE_ENFORCEMENT_POLICY) ? "SIMPLE TYPE ENFORCEMENT policy" : \ (X == ACM_CHINESE_WALL_AND_SIMPLE_TYPE_ENFORCEMENT_POLICY) ? "CHINESE WALL AND SIMPLE TYPE ENFORCEMENT policy" : \ "UNDEFINED policy" - -#ifndef ACM_USE_SECURITY_POLICY -#define ACM_USE_SECURITY_POLICY ACM_NULL_POLICY -#endif /* defines a ssid reference used by xen */ typedef u32 ssidref_t; [-- Attachment #3: Type: text/plain, Size: 138 bytes --] _______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel ^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [PATCH] choose security model for ACM at built-time 2005-06-24 15:33 [PATCH] choose security model for ACM at built-time aq @ 2005-06-24 16:13 ` Keir Fraser 2005-06-24 23:25 ` aq 0 siblings, 1 reply; 3+ messages in thread From: Keir Fraser @ 2005-06-24 16:13 UTC (permalink / raw) To: aq; +Cc: xen-devel, xense-devel On 24 Jun 2005, at 16:33, aq wrote: > At the moment, there is a problem with ACM: it is impossible to set > ACM security model at built-time, so even with ACM is chosen to build, > the default policy is NULL, which is useless. > > This patch propose a solution to this problem: build process will > generate a header file (include/public/acm_policy.h) based on the > value set in xen/Makefile or at command-line, and gets acm.h included > it. Looks fine, but: Firstly, is the configured policy something that needs to be propagated to user tools (i.e., should the generated header reside within include/public or should it be in include/xen)? Secondly, you missed conditional inclusion of acm/acm.o into the ALL_OBJS list in xen/Rules.mk. Also, the definition of ACM_USE_SECURITY_POLICY probably belongs more correctly in Rules.mk rather than the Makefile. -- Keir ^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [PATCH] choose security model for ACM at built-time 2005-06-24 16:13 ` Keir Fraser @ 2005-06-24 23:25 ` aq 0 siblings, 0 replies; 3+ messages in thread From: aq @ 2005-06-24 23:25 UTC (permalink / raw) To: Keir Fraser; +Cc: xen-devel, xense-devel [-- Attachment #1: Type: text/plain, Size: 1362 bytes --] On 6/25/05, Keir Fraser <Keir.Fraser@cl.cam.ac.uk> wrote: > > On 24 Jun 2005, at 16:33, aq wrote: > > > At the moment, there is a problem with ACM: it is impossible to set > > ACM security model at built-time, so even with ACM is chosen to build, > > the default policy is NULL, which is useless. > > > > This patch propose a solution to this problem: build process will > > generate a header file (include/public/acm_policy.h) based on the > > value set in xen/Makefile or at command-line, and gets acm.h included > > it. > > Looks fine, but: > > Firstly, is the configured policy something that needs to be propagated > to user tools (i.e., should the generated header reside within > include/public or should it be in include/xen)? > i guess not. so right, it is better to put it into include/xen > Secondly, you missed conditional inclusion of acm/acm.o into the > ALL_OBJS list in xen/Rules.mk. Also, the definition of > ACM_USE_SECURITY_POLICY probably belongs more correctly in Rules.mk > rather than the Makefile. > ok, please take this revision. Signed-off-by: Nguyen Anh Quynh <aquynh@gmail.com> $ diffstat acm7.patch Makefile | 19 +++++++++++++++++-- Rules.mk | 13 ++++++++++--- include/public/acm.h | 9 +++------ 3 files changed, 30 insertions(+), 11 deletions(-) [-- Attachment #2: acm7.patch --] [-- Type: application/octet-stream, Size: 3412 bytes --] ===== xen/Makefile 1.86 vs edited ===== --- 1.86/xen/Makefile 2005-06-22 23:18:11 +09:00 +++ edited/xen/Makefile 2005-06-25 08:13:17 +09:00 @@ -54,20 +54,35 @@ $(TARGET): delete-unfresh-files $(MAKE) include/xen/compile.h + $(MAKE) include/xen/acm_policy.h [ -e include/asm ] || ln -sf asm-$(TARGET_ARCH) include/asm $(MAKE) -C arch/$(TARGET_ARCH) asm-offsets.s $(MAKE) include/asm-$(TARGET_ARCH)/asm-offsets.h $(MAKE) -C common $(MAKE) -C drivers -ifdef ACM_USE_SECURITY_POLICY +ifneq ($(ACM_USE_SECURITY_POLICY),ACM_NULL_POLICY) $(MAKE) -C acm endif $(MAKE) -C arch/$(TARGET_ARCH) # drivers/char/console.o may contain static banner/compile info. Blow it away. delete-unfresh-files: - rm -f include/xen/banner.h include/xen/compile.h drivers/char/console.o + rm -f include/xen/banner.h include/xen/compile.h include/xen/acm_policy.h drivers/char/console.o $(MAKE) -C arch/$(TARGET_ARCH) delete-unfresh-files + +# acm_policy.h contains security policy for Xen +include/xen/acm_policy.h: + @(set -e; \ + echo "/*"; \ + echo " * DO NOT MODIFY."; \ + echo " *"; \ + echo " * This file was auto-generated by xen/Makefile $<"; \ + echo " *"; \ + echo " */"; \ + echo ""; \ + echo "#ifndef ACM_USE_SECURITY_POLICY"; \ + echo "#define ACM_USE_SECURITY_POLICY $(ACM_USE_SECURITY_POLICY)"; \ + echo "#endif") >$@ # compile.h contains dynamic build info. Rebuilt on every 'make' invocation. include/xen/compile.h: LANG=C ===== xen/Rules.mk 1.45 vs edited ===== --- 1.45/xen/Rules.mk 2005-06-22 23:18:11 +09:00 +++ edited/xen/Rules.mk 2005-06-25 08:13:17 +09:00 @@ -1,4 +1,3 @@ - verbose ?= n debug ?= n perfc ?= n @@ -8,6 +7,14 @@ domu_debug ?= n crash_debug ?= n +# ACM_USE_SECURITY_POLICY is set to security policy of Xen +# Supported models are: +# ACM_NULL_POLICY (ACM will not be built with this policy) +# ACM_CHINESE_WALL_POLICY +# ACM_SIMPLE_TYPE_ENFORCEMENT_POLICY +# ACM_CHINESE_WALL_AND_SIMPLE_TYPE_ENFORCEMENT_POLICY +ACM_USE_SECURITY_POLICY ?= ACM_NULL_POLICY + include $(BASEDIR)/../Config.mk # Set ARCH/SUBARCH appropriately. @@ -35,8 +42,8 @@ ALL_OBJS := $(BASEDIR)/common/common.o ALL_OBJS += $(BASEDIR)/drivers/char/driver.o ALL_OBJS += $(BASEDIR)/drivers/acpi/driver.o -ifdef ACM_USE_SECURITY_POLICY -ALL_OBJS += $(BASEDIR)/acm/acm.o +ifneq ($(ACM_USE_SECURITY_POLICY),ACM_NULL_POLICY) + ALL_OBJS += $(BASEDIR)/acm/acm.o endif ALL_OBJS += $(BASEDIR)/arch/$(TARGET_ARCH)/arch.o ===== xen/include/public/acm.h 1.1 vs edited ===== --- 1.1/xen/include/public/acm.h 2005-06-21 07:28:06 +09:00 +++ edited/xen/include/public/acm.h 2005-06-25 08:13:17 +09:00 @@ -22,11 +22,12 @@ * todo: move from static policy choice to compile option. */ -#ifndef _XEN_PUBLIC_SHYPE_H -#define _XEN_PUBLIC_SHYPE_H +#ifndef _XEN_PUBLIC_ACM_H +#define _XEN_PUBLIC_ACM_H #include "xen.h" #include "sched_ctl.h" +#include "xen/acm_policy.h" /* if ACM_DEBUG defined, all hooks should * print a short trace message (comment it out @@ -70,10 +71,6 @@ (X == ACM_SIMPLE_TYPE_ENFORCEMENT_POLICY) ? "SIMPLE TYPE ENFORCEMENT policy" : \ (X == ACM_CHINESE_WALL_AND_SIMPLE_TYPE_ENFORCEMENT_POLICY) ? "CHINESE WALL AND SIMPLE TYPE ENFORCEMENT policy" : \ "UNDEFINED policy" - -#ifndef ACM_USE_SECURITY_POLICY -#define ACM_USE_SECURITY_POLICY ACM_NULL_POLICY -#endif /* defines a ssid reference used by xen */ typedef u32 ssidref_t; [-- Attachment #3: Type: text/plain, Size: 138 bytes --] _______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel ^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2005-06-24 23:25 UTC | newest] Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed) -- links below jump to the message on this page -- 2005-06-24 15:33 [PATCH] choose security model for ACM at built-time aq 2005-06-24 16:13 ` Keir Fraser 2005-06-24 23:25 ` aq
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.