* [PATCH] choose security model for ACM at built-time
@ 2005-06-24 15:33 aq
2005-06-24 16:13 ` Keir Fraser
0 siblings, 1 reply; 3+ messages in thread
From: aq @ 2005-06-24 15:33 UTC (permalink / raw)
To: xen-devel, xense-devel, Keir Fraser
[-- Attachment #1: Type: text/plain, Size: 640 bytes --]
At the moment, there is a problem with ACM: it is impossible to set
ACM security model at built-time, so even with ACM is chosen to build,
the default policy is NULL, which is useless.
This patch propose a solution to this problem: build process will
generate a header file (include/public/acm_policy.h) based on the
value set in xen/Makefile or at command-line, and gets acm.h included
it.
Signed-off-by: Nguyen Anh Quynh <aquynh@gmail.com>
$ diffstat acm6.patch
xen/Makefile | 27 +++++++++++++++++++++++++--
xen/include/public/acm.h | 9 +++------
2 files changed, 28 insertions(+), 8 deletions(-)
[-- Attachment #2: acm6.patch --]
[-- Type: application/octet-stream, Size: 2816 bytes --]
===== xen/Makefile 1.86 vs edited =====
--- 1.86/xen/Makefile 2005-06-22 23:18:11 +09:00
+++ edited/xen/Makefile 2005-06-24 23:39:45 +09:00
@@ -15,6 +15,14 @@
export BASEDIR := $(CURDIR)
+# ACM_USE_SECURITY_POLICY is set to security policy for Xen
+# Supported models are:
+# ACM_NULL_POLICY (ACM will not be built with this policy)
+# ACM_CHINESE_WALL_POLICY
+# ACM_SIMPLE_TYPE_ENFORCEMENT_POLICY
+# ACM_CHINESE_WALL_AND_SIMPLE_TYPE_ENFORCEMENT_POLICY
+ACM_USE_SECURITY_POLICY ?= ACM_NULL_POLICY
+
include Rules.mk
default: build
@@ -54,20 +62,35 @@
$(TARGET): delete-unfresh-files
$(MAKE) include/xen/compile.h
+ $(MAKE) include/public/acm_policy.h
[ -e include/asm ] || ln -sf asm-$(TARGET_ARCH) include/asm
$(MAKE) -C arch/$(TARGET_ARCH) asm-offsets.s
$(MAKE) include/asm-$(TARGET_ARCH)/asm-offsets.h
$(MAKE) -C common
$(MAKE) -C drivers
-ifdef ACM_USE_SECURITY_POLICY
+ifneq ($(ACM_USE_SECURITY_POLICY),ACM_NULL_POLICY)
$(MAKE) -C acm
endif
$(MAKE) -C arch/$(TARGET_ARCH)
# drivers/char/console.o may contain static banner/compile info. Blow it away.
delete-unfresh-files:
- rm -f include/xen/banner.h include/xen/compile.h drivers/char/console.o
+ rm -f include/xen/banner.h include/xen/compile.h include/public/acm_policy.h drivers/char/console.o
$(MAKE) -C arch/$(TARGET_ARCH) delete-unfresh-files
+
+# acm_policy.h contains security policy for Xen
+include/public/acm_policy.h:
+ @(set -e; \
+ echo "/*"; \
+ echo " * DO NOT MODIFY."; \
+ echo " *"; \
+ echo " * This file was auto-generated by xen/Makefile $<"; \
+ echo " *"; \
+ echo " */"; \
+ echo ""; \
+ echo "#ifndef ACM_USE_SECURITY_POLICY"; \
+ echo "#define ACM_USE_SECURITY_POLICY $(ACM_USE_SECURITY_POLICY)"; \
+ echo "#endif") >$@
# compile.h contains dynamic build info. Rebuilt on every 'make' invocation.
include/xen/compile.h: LANG=C
===== xen/include/public/acm.h 1.1 vs edited =====
--- 1.1/xen/include/public/acm.h 2005-06-21 07:28:06 +09:00
+++ edited/xen/include/public/acm.h 2005-06-25 00:18:40 +09:00
@@ -22,11 +22,12 @@
* todo: move from static policy choice to compile option.
*/
-#ifndef _XEN_PUBLIC_SHYPE_H
-#define _XEN_PUBLIC_SHYPE_H
+#ifndef _XEN_PUBLIC_ACM_H
+#define _XEN_PUBLIC_ACM_H
#include "xen.h"
#include "sched_ctl.h"
+#include "acm_policy.h"
/* if ACM_DEBUG defined, all hooks should
* print a short trace message (comment it out
@@ -70,10 +71,6 @@
(X == ACM_SIMPLE_TYPE_ENFORCEMENT_POLICY) ? "SIMPLE TYPE ENFORCEMENT policy" : \
(X == ACM_CHINESE_WALL_AND_SIMPLE_TYPE_ENFORCEMENT_POLICY) ? "CHINESE WALL AND SIMPLE TYPE ENFORCEMENT policy" : \
"UNDEFINED policy"
-
-#ifndef ACM_USE_SECURITY_POLICY
-#define ACM_USE_SECURITY_POLICY ACM_NULL_POLICY
-#endif
/* defines a ssid reference used by xen */
typedef u32 ssidref_t;
[-- Attachment #3: Type: text/plain, Size: 138 bytes --]
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xensource.com
http://lists.xensource.com/xen-devel
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [PATCH] choose security model for ACM at built-time
2005-06-24 15:33 [PATCH] choose security model for ACM at built-time aq
@ 2005-06-24 16:13 ` Keir Fraser
2005-06-24 23:25 ` aq
0 siblings, 1 reply; 3+ messages in thread
From: Keir Fraser @ 2005-06-24 16:13 UTC (permalink / raw)
To: aq; +Cc: xen-devel, xense-devel
On 24 Jun 2005, at 16:33, aq wrote:
> At the moment, there is a problem with ACM: it is impossible to set
> ACM security model at built-time, so even with ACM is chosen to build,
> the default policy is NULL, which is useless.
>
> This patch propose a solution to this problem: build process will
> generate a header file (include/public/acm_policy.h) based on the
> value set in xen/Makefile or at command-line, and gets acm.h included
> it.
Looks fine, but:
Firstly, is the configured policy something that needs to be propagated
to user tools (i.e., should the generated header reside within
include/public or should it be in include/xen)?
Secondly, you missed conditional inclusion of acm/acm.o into the
ALL_OBJS list in xen/Rules.mk. Also, the definition of
ACM_USE_SECURITY_POLICY probably belongs more correctly in Rules.mk
rather than the Makefile.
-- Keir
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [PATCH] choose security model for ACM at built-time
2005-06-24 16:13 ` Keir Fraser
@ 2005-06-24 23:25 ` aq
0 siblings, 0 replies; 3+ messages in thread
From: aq @ 2005-06-24 23:25 UTC (permalink / raw)
To: Keir Fraser; +Cc: xen-devel, xense-devel
[-- Attachment #1: Type: text/plain, Size: 1362 bytes --]
On 6/25/05, Keir Fraser <Keir.Fraser@cl.cam.ac.uk> wrote:
>
> On 24 Jun 2005, at 16:33, aq wrote:
>
> > At the moment, there is a problem with ACM: it is impossible to set
> > ACM security model at built-time, so even with ACM is chosen to build,
> > the default policy is NULL, which is useless.
> >
> > This patch propose a solution to this problem: build process will
> > generate a header file (include/public/acm_policy.h) based on the
> > value set in xen/Makefile or at command-line, and gets acm.h included
> > it.
>
> Looks fine, but:
>
> Firstly, is the configured policy something that needs to be propagated
> to user tools (i.e., should the generated header reside within
> include/public or should it be in include/xen)?
>
i guess not. so right, it is better to put it into include/xen
> Secondly, you missed conditional inclusion of acm/acm.o into the
> ALL_OBJS list in xen/Rules.mk. Also, the definition of
> ACM_USE_SECURITY_POLICY probably belongs more correctly in Rules.mk
> rather than the Makefile.
>
ok, please take this revision.
Signed-off-by: Nguyen Anh Quynh <aquynh@gmail.com>
$ diffstat acm7.patch
Makefile | 19 +++++++++++++++++--
Rules.mk | 13 ++++++++++---
include/public/acm.h | 9 +++------
3 files changed, 30 insertions(+), 11 deletions(-)
[-- Attachment #2: acm7.patch --]
[-- Type: application/octet-stream, Size: 3412 bytes --]
===== xen/Makefile 1.86 vs edited =====
--- 1.86/xen/Makefile 2005-06-22 23:18:11 +09:00
+++ edited/xen/Makefile 2005-06-25 08:13:17 +09:00
@@ -54,20 +54,35 @@
$(TARGET): delete-unfresh-files
$(MAKE) include/xen/compile.h
+ $(MAKE) include/xen/acm_policy.h
[ -e include/asm ] || ln -sf asm-$(TARGET_ARCH) include/asm
$(MAKE) -C arch/$(TARGET_ARCH) asm-offsets.s
$(MAKE) include/asm-$(TARGET_ARCH)/asm-offsets.h
$(MAKE) -C common
$(MAKE) -C drivers
-ifdef ACM_USE_SECURITY_POLICY
+ifneq ($(ACM_USE_SECURITY_POLICY),ACM_NULL_POLICY)
$(MAKE) -C acm
endif
$(MAKE) -C arch/$(TARGET_ARCH)
# drivers/char/console.o may contain static banner/compile info. Blow it away.
delete-unfresh-files:
- rm -f include/xen/banner.h include/xen/compile.h drivers/char/console.o
+ rm -f include/xen/banner.h include/xen/compile.h include/xen/acm_policy.h drivers/char/console.o
$(MAKE) -C arch/$(TARGET_ARCH) delete-unfresh-files
+
+# acm_policy.h contains security policy for Xen
+include/xen/acm_policy.h:
+ @(set -e; \
+ echo "/*"; \
+ echo " * DO NOT MODIFY."; \
+ echo " *"; \
+ echo " * This file was auto-generated by xen/Makefile $<"; \
+ echo " *"; \
+ echo " */"; \
+ echo ""; \
+ echo "#ifndef ACM_USE_SECURITY_POLICY"; \
+ echo "#define ACM_USE_SECURITY_POLICY $(ACM_USE_SECURITY_POLICY)"; \
+ echo "#endif") >$@
# compile.h contains dynamic build info. Rebuilt on every 'make' invocation.
include/xen/compile.h: LANG=C
===== xen/Rules.mk 1.45 vs edited =====
--- 1.45/xen/Rules.mk 2005-06-22 23:18:11 +09:00
+++ edited/xen/Rules.mk 2005-06-25 08:13:17 +09:00
@@ -1,4 +1,3 @@
-
verbose ?= n
debug ?= n
perfc ?= n
@@ -8,6 +7,14 @@
domu_debug ?= n
crash_debug ?= n
+# ACM_USE_SECURITY_POLICY is set to security policy of Xen
+# Supported models are:
+# ACM_NULL_POLICY (ACM will not be built with this policy)
+# ACM_CHINESE_WALL_POLICY
+# ACM_SIMPLE_TYPE_ENFORCEMENT_POLICY
+# ACM_CHINESE_WALL_AND_SIMPLE_TYPE_ENFORCEMENT_POLICY
+ACM_USE_SECURITY_POLICY ?= ACM_NULL_POLICY
+
include $(BASEDIR)/../Config.mk
# Set ARCH/SUBARCH appropriately.
@@ -35,8 +42,8 @@
ALL_OBJS := $(BASEDIR)/common/common.o
ALL_OBJS += $(BASEDIR)/drivers/char/driver.o
ALL_OBJS += $(BASEDIR)/drivers/acpi/driver.o
-ifdef ACM_USE_SECURITY_POLICY
-ALL_OBJS += $(BASEDIR)/acm/acm.o
+ifneq ($(ACM_USE_SECURITY_POLICY),ACM_NULL_POLICY)
+ ALL_OBJS += $(BASEDIR)/acm/acm.o
endif
ALL_OBJS += $(BASEDIR)/arch/$(TARGET_ARCH)/arch.o
===== xen/include/public/acm.h 1.1 vs edited =====
--- 1.1/xen/include/public/acm.h 2005-06-21 07:28:06 +09:00
+++ edited/xen/include/public/acm.h 2005-06-25 08:13:17 +09:00
@@ -22,11 +22,12 @@
* todo: move from static policy choice to compile option.
*/
-#ifndef _XEN_PUBLIC_SHYPE_H
-#define _XEN_PUBLIC_SHYPE_H
+#ifndef _XEN_PUBLIC_ACM_H
+#define _XEN_PUBLIC_ACM_H
#include "xen.h"
#include "sched_ctl.h"
+#include "xen/acm_policy.h"
/* if ACM_DEBUG defined, all hooks should
* print a short trace message (comment it out
@@ -70,10 +71,6 @@
(X == ACM_SIMPLE_TYPE_ENFORCEMENT_POLICY) ? "SIMPLE TYPE ENFORCEMENT policy" : \
(X == ACM_CHINESE_WALL_AND_SIMPLE_TYPE_ENFORCEMENT_POLICY) ? "CHINESE WALL AND SIMPLE TYPE ENFORCEMENT policy" : \
"UNDEFINED policy"
-
-#ifndef ACM_USE_SECURITY_POLICY
-#define ACM_USE_SECURITY_POLICY ACM_NULL_POLICY
-#endif
/* defines a ssid reference used by xen */
typedef u32 ssidref_t;
[-- Attachment #3: Type: text/plain, Size: 138 bytes --]
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xensource.com
http://lists.xensource.com/xen-devel
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2005-06-24 23:25 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2005-06-24 15:33 [PATCH] choose security model for ACM at built-time aq
2005-06-24 16:13 ` Keir Fraser
2005-06-24 23:25 ` aq
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.