ia64/xen-unstable

changeset 15638:4a8dbbc16d48

[ACM] Allow the loadpolicy operation once

This patch allows the loadpolicy operation to only happen once, then
require an update until the default policy has been installed (again).

Signed-off-by: Stefan Berger <stefanb@us.ibm.com>
author kfraser@localhost.localdomain
date Mon Jul 23 09:45:23 2007 +0100 (2007-07-23)
parents 66db6b98f072
children dae6a2790f6b
files xen/acm/acm_chinesewall_hooks.c xen/acm/acm_policy.c xen/acm/acm_simple_type_enforcement_hooks.c xen/include/acm/acm_hooks.h
line diff
     1.1 --- a/xen/acm/acm_chinesewall_hooks.c	Fri Jul 20 14:10:40 2007 +0100
     1.2 +++ b/xen/acm/acm_chinesewall_hooks.c	Mon Jul 23 09:45:23 2007 +0100
     1.3 @@ -650,6 +650,13 @@ static void chwall_domain_destroy(void *
     1.4      return;
     1.5  }
     1.6  
     1.7 +
     1.8 +static int chwall_is_default_policy(void)
     1.9 +{
    1.10 +    return ( (chwall_bin_pol.max_types    == 1 ) &&
    1.11 +             (chwall_bin_pol.max_ssidrefs == 2 ) );
    1.12 +}
    1.13 +
    1.14  struct acm_operations acm_chinesewall_ops = {
    1.15      /* policy management services */
    1.16      .init_domain_ssid = chwall_init_domain_ssid,
    1.17 @@ -674,6 +681,8 @@ struct acm_operations acm_chinesewall_op
    1.18      .fail_grant_setup = NULL,
    1.19      /* generic domain-requested decision hooks */
    1.20      .sharing = NULL,
    1.21 +
    1.22 +    .is_default_policy = chwall_is_default_policy,
    1.23  };
    1.24  
    1.25  /*
     2.1 --- a/xen/acm/acm_policy.c	Fri Jul 20 14:10:40 2007 +0100
     2.2 +++ b/xen/acm/acm_policy.c	Mon Jul 23 09:45:23 2007 +0100
     2.3 @@ -87,9 +87,16 @@ static int
     2.4                     struct acm_sized_buffer *errors)
     2.5  {
     2.6      uint32_t offset, length;
     2.7 +    static int require_update = 0;
     2.8  
     2.9      write_lock(&acm_bin_pol_rwlock);
    2.10  
    2.11 +    if (  require_update != 0 &&
    2.12 +        ( deletions == NULL || ssidchanges == NULL ) )
    2.13 +    {
    2.14 +        goto error_lock_free;
    2.15 +    }
    2.16 +    require_update = 1;
    2.17      /*
    2.18         first some tests to check compatibility of new policy with
    2.19         current state of system/domains
    2.20 @@ -153,7 +160,13 @@ static int
    2.21             &pol->xml_pol_version,
    2.22             sizeof(acm_bin_pol.xml_pol_version));
    2.23  
    2.24 +    if ( acm_primary_ops->is_default_policy() &&
    2.25 +         acm_secondary_ops->is_default_policy() ) {
    2.26 +        require_update = 0;
    2.27 +    }
    2.28 +
    2.29      write_unlock(&acm_bin_pol_rwlock);
    2.30 +
    2.31      return ACM_OK;
    2.32  
    2.33  error_lock_free:
     3.1 --- a/xen/acm/acm_simple_type_enforcement_hooks.c	Fri Jul 20 14:10:40 2007 +0100
     3.2 +++ b/xen/acm/acm_simple_type_enforcement_hooks.c	Mon Jul 23 09:45:23 2007 +0100
     3.3 @@ -739,6 +739,14 @@ ste_sharing(ssidref_t ssidref1, ssidref_
     3.4          return ACM_ACCESS_DENIED;
     3.5  }
     3.6  
     3.7 +/* */
     3.8 +
     3.9 +static int
    3.10 +ste_is_default_policy(void)
    3.11 +{
    3.12 +    return ( (ste_bin_pol.max_types    == 1) &&
    3.13 +             (ste_bin_pol.max_ssidrefs == 2) );
    3.14 +}
    3.15  
    3.16  /* now define the hook structure similarly to LSM */
    3.17  struct acm_operations acm_simple_type_enforcement_ops = {
    3.18 @@ -768,6 +776,8 @@ struct acm_operations acm_simple_type_en
    3.19      .pre_grant_setup        = ste_pre_grant_setup,
    3.20      .fail_grant_setup       = NULL,
    3.21      .sharing                = ste_sharing,
    3.22 +
    3.23 +    .is_default_policy      = ste_is_default_policy,
    3.24  };
    3.25  
    3.26  /*
     4.1 --- a/xen/include/acm/acm_hooks.h	Fri Jul 20 14:10:40 2007 +0100
     4.2 +++ b/xen/include/acm/acm_hooks.h	Mon Jul 23 09:45:23 2007 +0100
     4.3 @@ -113,6 +113,8 @@ struct acm_operations {
     4.4      void (*fail_grant_setup)           (domid_t id);
     4.5      /* generic domain-requested decision hooks (can be NULL) */
     4.6      int (*sharing)                     (ssidref_t ssidref1, ssidref_t ssidref2);
     4.7 +    /* determine whether the default policy is installed */
     4.8 +    int (*is_default_policy)           (void);
     4.9  };
    4.10  
    4.11  /* global variables */