ia64/xen-unstable
changeset 16546:3df07c94c9aa
xm-test: An additional ACM security test case for the test suite.
Signed-off-by: Stefan Berger <stefanb@us.ibm.com>
Signed-off-by: Stefan Berger <stefanb@us.ibm.com>
| author | Keir Fraser <keir.fraser@citrix.com> |
|---|---|
| date | Thu Dec 06 12:12:29 2007 +0000 (2007-12-06) |
| parents | 0f9b5ab59579 |
| children | 3221dff4b460 |
| files | tools/xm-test/lib/XmTestLib/acm.py tools/xm-test/tests/security-acm/10_security-acm_pol_update.py tools/xm-test/tests/security-acm/Makefile.am tools/xm-test/tests/security-acm/xm-test-update-security_policy.xml |
line diff
1.1 --- a/tools/xm-test/lib/XmTestLib/acm.py Thu Dec 06 11:56:51 2007 +0000 1.2 +++ b/tools/xm-test/lib/XmTestLib/acm.py Thu Dec 06 12:12:29 2007 +0000 1.3 @@ -30,11 +30,17 @@ except: 1.4 1.5 labeled_resources = {} 1.6 acm_verbose = False 1.7 +policy='xm-test' 1.8 + 1.9 1.10 def isACMEnabled(): 1.11 return security.on() 1.12 1.13 -def ACMSetPolicy(policy='xm-test'): 1.14 +def setCurrentPolicy(plcy): 1.15 + global policy 1.16 + policy = plcy 1.17 + 1.18 +def ACMSetPolicy(): 1.19 cmd='xm dumppolicy | grep -E "^POLICY REFERENCE = ' + policy + '.$"' 1.20 s, o = traceCommand(cmd) 1.21 if o != "":
2.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 2.2 +++ b/tools/xm-test/tests/security-acm/10_security-acm_pol_update.py Thu Dec 06 12:12:29 2007 +0000 2.3 @@ -0,0 +1,350 @@ 2.4 +#!/usr/bin/python 2.5 + 2.6 +# Copyright (C) International Business Machines Corp., 2006 2.7 +# Author: Stefan Berger <stefanb@us.ibm.com> 2.8 +# 2.9 + 2.10 +import os 2.11 +import re 2.12 +import commands 2.13 +from XmTestLib import * 2.14 +import xen.util.xsm.xsm as security 2.15 +from xen.util import xsconstants 2.16 + 2.17 +def checkLabel(labeldata, expected, domname): 2.18 + if labeldata[0] != expected[0]: 2.19 + FAIL("Policy type of %s is bad: %s" % (domname, labeldata[0])) 2.20 + if labeldata[1] != expected[1]: 2.21 + FAIL("Unexpected policy indicated in %s label '%s', expected '%s'." % 2.22 + (domname, labeldata[1], expected[1])) 2.23 + if labeldata[2] != expected[2]: 2.24 + FAIL("%s does not have '%s' label but '%s'." % 2.25 + (domname, expected[2], labeldata[2])) 2.26 + 2.27 +testpolicy = "xm-test" 2.28 +testlabel1 = "blue" 2.29 +testlabel2 = "red" 2.30 +testlabel3 = "green" 2.31 + 2.32 +s, o = traceCommand('xm resources | grep -E "^[phy|file|vlan]" ') 2.33 +resnames = [] 2.34 +if o: 2.35 + resnames = o.split('\n') 2.36 + 2.37 + for res in resnames: 2.38 + s, o = traceCommand('xm rmlabel res %s' % res) 2.39 + 2.40 +#Unlabeled domain must not start under xm-test policy 2.41 +domain_ul = XmTestDomain(name='domain-unlabeled', 2.42 + extraConfig=None) 2.43 +del domain_ul.config.opts['access_control'] 2.44 +try: 2.45 + domain_ul.start(noConsole=True) 2.46 + FAIL("Could start unlabeled domain.") 2.47 +except DomainError, e: 2.48 + pass 2.49 + 2.50 + 2.51 +config = {"access_control":"policy=%s,label=%s" % (testpolicy,testlabel1)} 2.52 + 2.53 +domain_blue = XmTestDomain(name='domain-%s' % testlabel1, 2.54 + extraConfig=config) 2.55 + 2.56 +config = {"access_control":"policy=%s,label=%s" % (testpolicy,testlabel3)} 2.57 + 2.58 +domain_green = XmTestDomain(name='domain-%s' % testlabel3, 2.59 + extraConfig=config) 2.60 + 2.61 + 2.62 +try: 2.63 + domain_blue.start(noConsole=True) 2.64 +except DomainError, e: 2.65 + if verbose: 2.66 + print e.extra 2.67 + FAIL("Unable to start blue labeled test domain") 2.68 + 2.69 +s, o = traceCommand('xm list Domain-0 --label | grep -E "Domain-0"') 2.70 +if s: 2.71 + FAIL("Could not get the label of Domain-0") 2.72 + 2.73 +info = o.strip().split(' ') 2.74 +labeldata = info[-1].split(':') 2.75 +if len(labeldata) != 3: 2.76 + FAIL("Label of Domain-0 is bad: '%s'" % info[-1]) 2.77 +checkLabel(labeldata, 2.78 + [xsconstants.ACM_POLICY_ID, "xm-test", "SystemManagement"], 2.79 + "Domain-0") 2.80 + 2.81 +# Should be able to set the Domain-0 label to blue 2.82 +s, o = traceCommand('xm addlabel blue mgt Domain-0') 2.83 +if s: 2.84 + FAIL("Could not set the label of Domain-0 to 'blue'.") 2.85 +s,o = traceCommand('xm list Domain-0 --label | grep -E "Domain-0"') 2.86 +if s: 2.87 + FAIL("Could not get the label of Domain-0") 2.88 + 2.89 +info = o.strip().split() 2.90 +labeldata = info[-1].split(':') 2.91 +if len(labeldata) != 3: 2.92 + FAIL("Label of Domain-0 is bad: '%s'" % info[-1]) 2.93 +checkLabel(labeldata, 2.94 + [xsconstants.ACM_POLICY_ID, "xm-test", "blue"], 2.95 + "Domain-0") 2.96 + 2.97 +#Should not be able to set the label of Domain-0 to 'red' 2.98 +s, o = traceCommand('xm addlabel red mgt Domain-0') 2.99 +if not s: 2.100 + FAIL("Could set the label of Domain-0 to 'red'.") 2.101 +s,o = traceCommand('xm list Domain-0 --label | grep -E "Domain-0"') 2.102 +if s: 2.103 + FAIL("Could not get the label of Domain-0") 2.104 + 2.105 +info = o.strip().split() 2.106 +labeldata = info[-1].split(':') 2.107 +if len(labeldata) != 3: 2.108 + FAIL("Label of Domain-0 is bad: '%s'" % info[-1]) 2.109 +checkLabel(labeldata, 2.110 + [xsconstants.ACM_POLICY_ID, "xm-test", "blue"], 2.111 + "Domain-0") 2.112 + 2.113 +# Should be able to set the label of Domain-0 to 'SystemManagement' 2.114 +s, o = traceCommand('xm addlabel SystemManagement mgt Domain-0') 2.115 +if s: 2.116 + FAIL("Could not set the label of Domain-0 to 'SystemManagement'.") 2.117 +s,o = traceCommand('xm list Domain-0 --label | grep -E "Domain-0"') 2.118 +if s: 2.119 + FAIL("Could not get the label of Domain-0") 2.120 + 2.121 +info = o.strip().split() 2.122 +labeldata = info[-1].split(':') 2.123 +if len(labeldata) != 3: 2.124 + FAIL("Label of Domain-0 is bad: '%s'" % info[-1]) 2.125 +checkLabel(labeldata, 2.126 + [xsconstants.ACM_POLICY_ID, "xm-test", "SystemManagement"], 2.127 + "Domain-0") 2.128 + 2.129 +#Label some resource green 2.130 +#Label some resource red 2.131 +#Label some resource blue 2.132 + 2.133 +s, o = traceCommand('xm addlabel green res file:/tmp/green') 2.134 +if s: 2.135 + FAIL("Could not label resource 'green'.") 2.136 +s, o = traceCommand('xm addlabel red res file:/tmp/red') 2.137 +if s: 2.138 + FAIL("Could not label resource 'red'.") 2.139 +s, o = traceCommand('xm addlabel blue res file:/tmp/blue') 2.140 +if s: 2.141 + FAIL("Could not label resrouce 'blue'") 2.142 + 2.143 +# Start a green domain 2.144 +try: 2.145 + domain_green.start(noConsole=True) 2.146 +except DomainError, e: 2.147 + if verbose: 2.148 + print e.extra 2.149 + FAIL("Unable to start green labeled test domain") 2.150 + 2.151 +# Update the system's policy. Should not work, since blue Domain is running 2.152 +s, o = traceCommand('xm setpolicy ACM xm-test-update') 2.153 +if not s: 2.154 + FAIL("Could set the new policy even though blue domain is running.") 2.155 + 2.156 +s, o = traceCommand('xm getpolicy | grep "Policy name"') 2.157 +info = o.split(':') 2.158 +poldata = [i.strip() for i in info] 2.159 + 2.160 +if poldata[1] != 'xm-test': 2.161 + FAIL("Policy should be 'xm-test' but is now '%s'." % poldata[1]) 2.162 + 2.163 +# Check that no labels have changed 2.164 +s, o = traceCommand('xm getlabel res file:/tmp/green') 2.165 +if s: 2.166 + FAIL("Could not get label for green resource.") 2.167 +label=o.strip() 2.168 +if label != 'ACM:xm-test:green': 2.169 + FAIL("Label for green resource has changed to '%s', but should not have," 2.170 + % label) 2.171 + 2.172 +s, o = traceCommand('xm getlabel res file:/tmp/red') 2.173 +if s: 2.174 + FAIL("Could not get label for red resource.") 2.175 +label=o.strip() 2.176 +if label != 'ACM:xm-test:red': 2.177 + FAIL("Label for red resource has changed to '%s', but should not have," 2.178 + % label) 2.179 + 2.180 +s, o = traceCommand('xm getlabel res file:/tmp/blue') 2.181 +if s: 2.182 + FAIL("Could not get label for blue resource.") 2.183 +label=o.strip() 2.184 +if label != 'ACM:xm-test:blue': 2.185 + FAIL("Label for blue resource has changed to '%s', but should not have," 2.186 + % label) 2.187 + 2.188 +# Terminate blue domain 2.189 +domain_blue.stop() 2.190 + 2.191 +# Update the system's policy. Should work and rename the green domain to GREEN 2.192 +s, o = traceCommand('xm setpolicy ACM xm-test-update') 2.193 +if s: 2.194 + FAIL("Could not set the new policy.") 2.195 + 2.196 +acm.setCurrentPolicy('xm-test-update') 2.197 + 2.198 +s, o = traceCommand('xm getpolicy | grep "Policy name"') 2.199 +info = o.split(':') 2.200 +poldata = [i.strip() for i in info] 2.201 + 2.202 +if poldata[1] != 'xm-test-update': 2.203 + FAIL("Policy should be 'xm-test-update' but is now '%s'." % poldata[1]) 2.204 + 2.205 +# check previously labeled resources 2.206 +# - green should be GREEN now 2.207 +# - blue should have been invalidated 2.208 +# - red should be the same 2.209 +s, o = traceCommand('xm getlabel res file:/tmp/green') 2.210 +if s: 2.211 + FAIL("Could not get label for GREEN resource.") 2.212 +label=o.strip() 2.213 +if label != 'ACM:xm-test-update:GREEN': 2.214 + FAIL("Label for green resource has changed to '%s', but should not have," 2.215 + % label) 2.216 + 2.217 +s, o = traceCommand('xm getlabel res file:/tmp/red') 2.218 +if s: 2.219 + FAIL("Could not get label for RED resource.") 2.220 +label=o.strip() 2.221 +if label != 'ACM:xm-test-update:RED': 2.222 + FAIL("Label for RED resource has changed to '%s', expected is '%s'," 2.223 + % (label,'ACM:xm-test-update:RED')) 2.224 + 2.225 +s, o = traceCommand('xm getlabel res file:/tmp/blue') 2.226 +if s: 2.227 + FAIL("Could not get label for blue resource.") 2.228 +label=o.strip() 2.229 +if label != 'INV_ACM:xm-test:blue': 2.230 + FAIL("Label for blue resource has changed to '%s', expected is '%s'," 2.231 + % (label,'INV_ACM:xm-test:blue')) 2.232 + 2.233 +config = {"access_control":"policy=%s,label=%s" % ('xm-test-update',testlabel2)} 2.234 + 2.235 +domain_red = XmTestDomain(name='domain-%s' % testlabel2, 2.236 + extraConfig=config) 2.237 + 2.238 +# Start the red domain - should not work due to conflict set 2.239 +try: 2.240 + domain_red.start(noConsole=True) 2.241 + FAIL("Could start 'red' domain.") 2.242 +except DomainError, e: 2.243 + pass 2.244 + 2.245 +# Terminate GREEN domain 2.246 +domain_green.destroy() 2.247 + 2.248 +# Start the red domain - should work now 2.249 +try: 2.250 + domain_red.start() 2.251 +except DomainError, e: 2.252 + FAIL("Could not start 'red' domain.") 2.253 + 2.254 +# Stop the red domain. 2.255 +domain_red.destroy() 2.256 + 2.257 +# Make Domain-0 GREEN 2.258 +s, o = traceCommand('xm addlabel GREEN mgt Domain-0') 2.259 +if s: 2.260 + FAIL("Could not set Domain-0's label to 'GREEN'.") 2.261 +s,o = traceCommand('xm list Domain-0 --label | grep -E "Domain-0"') 2.262 +if s: 2.263 + FAIL("Could not get the label of Domain-0") 2.264 + 2.265 +info = o.strip().split() 2.266 +labeldata = info[-1].split(':') 2.267 +if len(labeldata) != 3: 2.268 + FAIL("Label of Domain-0 is bad: '%s'" % info[-1]) 2.269 +checkLabel(labeldata, 2.270 + [xsconstants.ACM_POLICY_ID, "xm-test-update", "GREEN"], 2.271 + "Domain-0") 2.272 + 2.273 +# Start the red domain - should not work due to conflict set 2.274 +try: 2.275 + domain_red.start() 2.276 + FAIL("Could start 'red' domain.") 2.277 +except DomainError, e: 2.278 + pass 2.279 + 2.280 +# Set Domain-0's domain to SystemManagement 2.281 +s, o = traceCommand('xm addlabel SystemManagement mgt Domain-0') 2.282 +if s: 2.283 + FAIL("Could not set Domain-0's label to SystemManagement.") 2.284 + 2.285 +# Start unlabeled domain - should work 2.286 +try: 2.287 + domain_ul.start(noConsole=True) 2.288 +except DomainError, e: 2.289 + FAIL("Could not start unlabeled domain.") 2.290 + 2.291 +# Stop red domain 2.292 +domain_red.destroy() 2.293 + 2.294 +# reset the policy - should not work 2.295 +s, o = traceCommand('xm resetpolicy') 2.296 +if not s: 2.297 + FAIL("Could reset the policy.") 2.298 + 2.299 +# Stop unlabeled domain 2.300 +domain_ul.destroy() 2.301 + 2.302 + 2.303 +# Mark Domain-0 as red. This must not have any effect on the later reset 2.304 +s, o = traceCommand('xm addlabel red mgt Domain-0') 2.305 +if s: 2.306 + FAIL("Could not set Domain-0's label to 'red'.") 2.307 +s,o = traceCommand('xm list Domain-0 --label | grep -E "Domain-0"') 2.308 +if s: 2.309 + FAIL("Could not get the label of Domain-0") 2.310 + 2.311 +info = o.strip().split() 2.312 +labeldata = info[-1].split(':') 2.313 +if len(labeldata) != 3: 2.314 + FAIL("Label of Domain-0 is bad: '%s'" % info[-1]) 2.315 +checkLabel(labeldata, 2.316 + [xsconstants.ACM_POLICY_ID, "xm-test-update", "red"], 2.317 + "Domain-0") 2.318 + 2.319 +# reset the policy - should work 2.320 +s, o = traceCommand('xm resetpolicy') 2.321 +if s: 2.322 + FAIL("Could not reset the policy.") 2.323 + 2.324 +# check previously labeled resources 2.325 +# - GREEN should be invalid 2.326 +# - red should be invalid 2.327 +# - blue should be invalid 2.328 +s, o = traceCommand('xm getlabel res file:/tmp/green') 2.329 +if s: 2.330 + FAIL("Could not get label for GREEN resource.") 2.331 +label=o.strip() 2.332 +exp='INV_ACM:xm-test-update:GREEN' 2.333 +if label != exp: 2.334 + FAIL("Label for green resource has changed to '%s', but should be '%s'," 2.335 + % (label, exp)) 2.336 + 2.337 +s, o = traceCommand('xm getlabel res file:/tmp/red') 2.338 +if s: 2.339 + FAIL("Could not get label for RED resource.") 2.340 +label=o.strip() 2.341 +exp='INV_ACM:xm-test-update:RED' 2.342 +if label != exp: 2.343 + FAIL("Label for RED resource has changed to '%s', but should be '%s'.," 2.344 + % (label, exp)) 2.345 + 2.346 +s, o = traceCommand('xm getlabel res file:/tmp/blue') 2.347 +if s: 2.348 + FAIL("Could not get label for blue resource.") 2.349 +label=o.strip() 2.350 +exp='INV_ACM:xm-test:blue' 2.351 +if label != exp: 2.352 + FAIL("Label for blue resource has changed to '%s', but should be '%s'," 2.353 + % (label, exp))
3.1 --- a/tools/xm-test/tests/security-acm/Makefile.am Thu Dec 06 11:56:51 2007 +0000 3.2 +++ b/tools/xm-test/tests/security-acm/Makefile.am Thu Dec 06 12:12:29 2007 +0000 3.3 @@ -8,7 +8,8 @@ TESTS = 01_security-acm_basic.test \ 3.4 06_security-acm_dom_block_attach.test \ 3.5 07_security-acm_pol_update.test \ 3.6 08_security-acm_xapi.test \ 3.7 - 09_security-acm_pol_update.test 3.8 + 09_security-acm_pol_update.test \ 3.9 + 10_security-acm_pol_update.test 3.10 3.11 XFAIL_TESTS = 3.12 3.13 @@ -19,8 +20,9 @@ TESTS_ENVIRONMENT=@TENV@ 3.14 cp $< $@ 3.15 chmod +x $@ 3.16 @if [ -d /etc/xen/acm-security/policies ]; then \ 3.17 - cp -f xm-test-security_policy.xml \ 3.18 - /etc/xen/acm-security/policies; \ 3.19 + cp -f xm-test-security_policy.xml \ 3.20 + xm-test-update-security_policy.xml\ 3.21 + /etc/xen/acm-security/policies; \ 3.22 fi; 3.23 3.24 clean-local: am_config_clean-local
4.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 4.2 +++ b/tools/xm-test/tests/security-acm/xm-test-update-security_policy.xml Thu Dec 06 12:12:29 2007 +0000 4.3 @@ -0,0 +1,117 @@ 4.4 +<?xml version="1.0" encoding="UTF-8"?> 4.5 +<!-- Auto-generated by ezPolicy --> 4.6 +<SecurityPolicyDefinition xmlns="http://www.ibm.com" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.ibm.com ../../security_policy.xsd "> 4.7 + <PolicyHeader> 4.8 + <PolicyName>xm-test-update</PolicyName> 4.9 + <Date>Fri Sep 29 14:44:38 2006</Date> 4.10 + <Version>1.1</Version> 4.11 + <FromPolicy> 4.12 + <PolicyName>xm-test</PolicyName> 4.13 + <Version>1.0</Version> 4.14 + </FromPolicy> 4.15 + </PolicyHeader> 4.16 + 4.17 + <SimpleTypeEnforcement> 4.18 + <SimpleTypeEnforcementTypes> 4.19 + <Type>SystemManagement</Type> 4.20 + <Type>GREEN</Type> 4.21 + <Type>red</Type> 4.22 + <Type>__UNLABELED__</Type> 4.23 + </SimpleTypeEnforcementTypes> 4.24 + </SimpleTypeEnforcement> 4.25 + 4.26 + <ChineseWall priority="PrimaryPolicyComponent"> 4.27 + <ChineseWallTypes> 4.28 + <Type>SystemManagement</Type> 4.29 + <Type>GREEN</Type> 4.30 + <Type>red</Type> 4.31 + <Type>__UNLABELED__</Type> 4.32 + </ChineseWallTypes> 4.33 + 4.34 + <ConflictSets> 4.35 + <Conflict name="RER"> 4.36 + <Type>GREEN</Type> 4.37 + <Type>red</Type> 4.38 + </Conflict> 4.39 + </ConflictSets> 4.40 + </ChineseWall> 4.41 + 4.42 + <SecurityLabelTemplate> 4.43 + <SubjectLabels bootstrap="SystemManagement"> 4.44 + <VirtualMachineLabel> 4.45 + <Name>SystemManagement</Name> 4.46 + <SimpleTypeEnforcementTypes> 4.47 + <Type>SystemManagement</Type> 4.48 + <Type>GREEN</Type> 4.49 + <Type>red</Type> 4.50 + <Type>__UNLABELED__</Type> 4.51 + </SimpleTypeEnforcementTypes> 4.52 + <ChineseWallTypes> 4.53 + <Type>SystemManagement</Type> 4.54 + </ChineseWallTypes> 4.55 + </VirtualMachineLabel> 4.56 + 4.57 + <VirtualMachineLabel> 4.58 + <Name from="green">GREEN</Name> 4.59 + <SimpleTypeEnforcementTypes> 4.60 + <Type>GREEN</Type> 4.61 + </SimpleTypeEnforcementTypes> 4.62 + <ChineseWallTypes> 4.63 + <Type>GREEN</Type> 4.64 + </ChineseWallTypes> 4.65 + </VirtualMachineLabel> 4.66 + 4.67 + <VirtualMachineLabel> 4.68 + <Name>red</Name> 4.69 + <SimpleTypeEnforcementTypes> 4.70 + <Type>red</Type> 4.71 + </SimpleTypeEnforcementTypes> 4.72 + <ChineseWallTypes> 4.73 + <Type>red</Type> 4.74 + </ChineseWallTypes> 4.75 + </VirtualMachineLabel> 4.76 + 4.77 + <VirtualMachineLabel> 4.78 + <Name>__UNLABELED__</Name> 4.79 + <SimpleTypeEnforcementTypes> 4.80 + <Type>__UNLABELED__</Type> 4.81 + </SimpleTypeEnforcementTypes> 4.82 + <ChineseWallTypes> 4.83 + <Type>__UNLABELED__</Type> 4.84 + </ChineseWallTypes> 4.85 + </VirtualMachineLabel> 4.86 + 4.87 + </SubjectLabels> 4.88 + 4.89 + <ObjectLabels> 4.90 + <ResourceLabel> 4.91 + <Name>SystemManagement</Name> 4.92 + <SimpleTypeEnforcementTypes> 4.93 + <Type>SystemManagement</Type> 4.94 + </SimpleTypeEnforcementTypes> 4.95 + </ResourceLabel> 4.96 + 4.97 + <ResourceLabel> 4.98 + <Name from="green">GREEN</Name> 4.99 + <SimpleTypeEnforcementTypes> 4.100 + <Type>GREEN</Type> 4.101 + </SimpleTypeEnforcementTypes> 4.102 + </ResourceLabel> 4.103 + 4.104 + <ResourceLabel> 4.105 + <Name from="red">RED</Name> 4.106 + <SimpleTypeEnforcementTypes> 4.107 + <Type>red</Type> 4.108 + </SimpleTypeEnforcementTypes> 4.109 + </ResourceLabel> 4.110 + 4.111 + <ResourceLabel> 4.112 + <Name>__UNLABELED__</Name> 4.113 + <SimpleTypeEnforcementTypes> 4.114 + <Type>__UNLABELED__</Type> 4.115 + </SimpleTypeEnforcementTypes> 4.116 + </ResourceLabel> 4.117 + 4.118 + </ObjectLabels> 4.119 + </SecurityLabelTemplate> 4.120 +</SecurityPolicyDefinition>