ia64/xen-unstable

changeset 11881:8190a4a7ea4d

[ACM] Makes acm_setup arch-independant.
Move module extraction code to x86/setup.c

Be sure the dump binary file is aligned.

Signed-off-by: Tristan Gingold <tristan.gingold@bull.net>
author kfraser@localhost.localdomain
date Wed Oct 18 17:24:36 2006 +0100 (2006-10-18)
parents 7b99b8bdbc85
children 12f7be674616
files xen/acm/acm_core.c xen/arch/x86/setup.c xen/include/acm/acm_hooks.h
line diff
     1.1 --- a/xen/acm/acm_core.c	Wed Oct 18 17:17:15 2006 +0100
     1.2 +++ b/xen/acm/acm_core.c	Wed Oct 18 17:24:36 2006 +0100
     1.3 @@ -100,9 +100,11 @@ acm_dump_policy_reference(u8 *buf, u32 b
     1.4      struct acm_policy_reference_buffer *pr_buf = (struct acm_policy_reference_buffer *)buf;
     1.5      int ret = sizeof(struct acm_policy_reference_buffer) + strlen(acm_bin_pol.policy_reference_name) + 1;
     1.6  
     1.7 +    ret = (ret + 7) & ~7;
     1.8      if (buf_size < ret)
     1.9          return -EINVAL;
    1.10  
    1.11 +    memset(buf, 0, ret);
    1.12      pr_buf->len = htonl(strlen(acm_bin_pol.policy_reference_name) + 1); /* including stringend '\0' */
    1.13      strcpy((char *)(buf + sizeof(struct acm_policy_reference_buffer)),
    1.14             acm_bin_pol.policy_reference_name);
    1.15 @@ -187,85 +189,58 @@ acm_init_binary_policy(u32 policy_code)
    1.16      return ret;
    1.17  }
    1.18  
    1.19 -static int
    1.20 -acm_setup(unsigned int *initrdidx,
    1.21 -          const multiboot_info_t *mbi,
    1.22 -          unsigned long initial_images_start)
    1.23 +int
    1.24 +acm_is_policy(char *buf, unsigned long len)
    1.25  {
    1.26 -    int i;
    1.27 -    module_t *mod = (module_t *)__va(mbi->mods_addr);
    1.28 -    int rc = ACM_OK;
    1.29 -
    1.30 -    if (mbi->mods_count > 1)
    1.31 -        *initrdidx = 1;
    1.32 +    struct acm_policy_buffer *pol;
    1.33  
    1.34 -    /*
    1.35 -     * Try all modules and see whichever could be the binary policy.
    1.36 -     * Adjust the initrdidx if module[1] is the binary policy.
    1.37 -     */
    1.38 -    for (i = mbi->mods_count-1; i >= 1; i--)
    1.39 -    {
    1.40 -        struct acm_policy_buffer *pol;
    1.41 -        char *_policy_start;
    1.42 -        unsigned long _policy_len;
    1.43 -#if defined(__i386__)
    1.44 -        _policy_start = (char *)(initial_images_start + (mod[i].mod_start-mod[0].mod_start));
    1.45 -#elif defined(__x86_64__)
    1.46 -        _policy_start = __va(initial_images_start + (mod[i].mod_start-mod[0].mod_start));
    1.47 -#else
    1.48 -#error Architecture unsupported by sHype
    1.49 -#endif
    1.50 -        _policy_len   = mod[i].mod_end - mod[i].mod_start;
    1.51 -        if (_policy_len < sizeof(struct acm_policy_buffer))
    1.52 -            continue; /* not a policy */
    1.53 +    if (buf == NULL || len < sizeof(struct acm_policy_buffer))
    1.54 +        return 0;
    1.55 +
    1.56 +    pol = (struct acm_policy_buffer *)buf;
    1.57 +    return ntohl(pol->magic) == ACM_MAGIC;
    1.58 +}
    1.59 +
    1.60  
    1.61 -        pol = (struct acm_policy_buffer *)_policy_start;
    1.62 -        if (ntohl(pol->magic) == ACM_MAGIC)
    1.63 -        {
    1.64 -            rc = do_acm_set_policy((void *)_policy_start,
    1.65 -                                   (u32)_policy_len);
    1.66 -            if (rc == ACM_OK)
    1.67 -            {
    1.68 -                printkd("Policy len  0x%lx, start at %p.\n",_policy_len,_policy_start);
    1.69 -                if (i == 1)
    1.70 -                {
    1.71 -                    if (mbi->mods_count > 2)
    1.72 -                    {
    1.73 -                        *initrdidx = 2;
    1.74 -                    }
    1.75 -                    else {
    1.76 -                        *initrdidx = 0;
    1.77 -                    }
    1.78 -                }
    1.79 -                else
    1.80 -                {
    1.81 -                    *initrdidx = 1;
    1.82 -                }
    1.83 -                break;
    1.84 -            }
    1.85 -            else
    1.86 -            {
    1.87 -                printk("Invalid policy. %d.th module line.\n", i+1);
    1.88 -                /* load default policy later */
    1.89 -                acm_active_security_policy = ACM_POLICY_UNDEFINED;
    1.90 -            }
    1.91 -        } /* end if a binary policy definition, i.e., (ntohl(pol->magic) == ACM_MAGIC ) */
    1.92 +static int
    1.93 +acm_setup(char *policy_start,
    1.94 +          unsigned long policy_len)
    1.95 +{
    1.96 +    int rc = ACM_OK;
    1.97 +    struct acm_policy_buffer *pol;
    1.98 +
    1.99 +    if (policy_start == NULL || policy_len < sizeof(struct acm_policy_buffer))
   1.100 +        return rc;
   1.101 +
   1.102 +    pol = (struct acm_policy_buffer *)policy_start;
   1.103 +    if (ntohl(pol->magic) != ACM_MAGIC)
   1.104 +        return rc;
   1.105 +
   1.106 +    rc = do_acm_set_policy((void *)policy_start, (u32)policy_len);
   1.107 +    if (rc == ACM_OK)
   1.108 +    {
   1.109 +        printkd("Policy len  0x%lx, start at %p.\n",policy_len,policy_start);
   1.110 +    }
   1.111 +    else
   1.112 +    {
   1.113 +        printk("Invalid policy.\n");
   1.114 +        /* load default policy later */
   1.115 +        acm_active_security_policy = ACM_POLICY_UNDEFINED;
   1.116      }
   1.117      return rc;
   1.118  }
   1.119  
   1.120  
   1.121  int
   1.122 -acm_init(unsigned int *initrdidx,
   1.123 -         const multiboot_info_t *mbi,
   1.124 -         unsigned long initial_images_start)
   1.125 +acm_init(char *policy_start,
   1.126 +         unsigned long policy_len)
   1.127  {
   1.128      int ret = ACM_OK;
   1.129  
   1.130      acm_set_endian();
   1.131  
   1.132      /* first try to load the boot policy (uses its own locks) */
   1.133 -    acm_setup(initrdidx, mbi, initial_images_start);
   1.134 +    acm_setup(policy_start, policy_len);
   1.135  
   1.136      if (acm_active_security_policy != ACM_POLICY_UNDEFINED)
   1.137      {
     2.1 --- a/xen/arch/x86/setup.c	Wed Oct 18 17:17:15 2006 +0100
     2.2 +++ b/xen/arch/x86/setup.c	Wed Oct 18 17:24:36 2006 +0100
     2.3 @@ -202,6 +202,44 @@ static void __init percpu_free_unused_ar
     2.4  #endif
     2.5  }
     2.6  
     2.7 +/* Fetch acm policy module from multiboot modules. */
     2.8 +static void extract_acm_policy(
     2.9 +    multiboot_info_t *mbi,
    2.10 +    unsigned int *initrdidx,
    2.11 +    char **_policy_start,
    2.12 +    unsigned long *_policy_len)
    2.13 +{
    2.14 +    int i;
    2.15 +    module_t *mod = (module_t *)__va(mbi->mods_addr);
    2.16 +    unsigned long start, policy_len;
    2.17 +    char *policy_start;
    2.18 +
    2.19 +    /*
    2.20 +     * Try all modules and see whichever could be the binary policy.
    2.21 +     * Adjust the initrdidx if module[1] is the binary policy.
    2.22 +     */
    2.23 +    for ( i = mbi->mods_count-1; i >= 1; i-- )
    2.24 +    {
    2.25 +        start = initial_images_start + (mod[i].mod_start-mod[0].mod_start);
    2.26 +#if defined(__i386__)
    2.27 +        policy_start = (char *)start;
    2.28 +#elif defined(__x86_64__)
    2.29 +        policy_start = __va(start);
    2.30 +#endif
    2.31 +        policy_len   = mod[i].mod_end - mod[i].mod_start;
    2.32 +        if ( acm_is_policy(policy_start, policy_len) )
    2.33 +        {
    2.34 +            printk("Policy len  0x%lx, start at %p - module %d.\n",
    2.35 +                   policy_len, policy_start, i);
    2.36 +            *_policy_start = policy_start;
    2.37 +            *_policy_len = policy_len;
    2.38 +            if ( i == 1 )
    2.39 +                *initrdidx = (mbi->mods_count > 2) ? 2 : 0;
    2.40 +            break;
    2.41 +        }
    2.42 +    }
    2.43 +}
    2.44 +
    2.45  static void __init init_idle_domain(void)
    2.46  {
    2.47      struct domain *idle_domain;
    2.48 @@ -224,6 +262,8 @@ void __init __start_xen(multiboot_info_t
    2.49      char __cmdline[] = "", *cmdline = __cmdline;
    2.50      unsigned long _initrd_start = 0, _initrd_len = 0;
    2.51      unsigned int initrdidx = 1;
    2.52 +    char *_policy_start = NULL;
    2.53 +    unsigned long _policy_len = 0;
    2.54      module_t *mod = (module_t *)__va(mbi->mods_addr);
    2.55      unsigned long nr_pages, modules_length;
    2.56      paddr_t s, e;
    2.57 @@ -565,8 +605,11 @@ void __init __start_xen(multiboot_info_t
    2.58      if ( opt_watchdog ) 
    2.59          watchdog_enable();
    2.60  
    2.61 +    /* Extract policy from multiboot.  */
    2.62 +    extract_acm_policy(mbi, &initrdidx, &_policy_start, &_policy_len);
    2.63 +
    2.64      /* initialize access control security module */
    2.65 -    acm_init(&initrdidx, mbi, initial_images_start);
    2.66 +    acm_init(_policy_start, _policy_len);
    2.67  
    2.68      /* Create initial domain 0. */
    2.69      dom0 = domain_create(0);
     3.1 --- a/xen/include/acm/acm_hooks.h	Wed Oct 18 17:17:15 2006 +0100
     3.2 +++ b/xen/include/acm/acm_hooks.h	Wed Oct 18 17:24:36 2006 +0100
     3.3 @@ -143,9 +143,9 @@ static inline int acm_pre_grant_map_ref(
     3.4  { return 0; }
     3.5  static inline int acm_pre_grant_setup(domid_t id) 
     3.6  { return 0; }
     3.7 -static inline int acm_init(unsigned int *initrdidx,
     3.8 -                           const multiboot_info_t *mbi,
     3.9 -                           unsigned long start)
    3.10 +static inline int acm_init(char *policy_start, unsigned long policy_len)
    3.11 +{ return 0; }
    3.12 +static inline int acm_is_policy(char *buf, unsigned long len)
    3.13  { return 0; }
    3.14  static inline void acm_post_domain0_create(domid_t domid) 
    3.15  { return; }
    3.16 @@ -369,9 +369,11 @@ static inline int acm_sharing(ssidref_t 
    3.17          return ACM_ACCESS_PERMITTED;
    3.18  }
    3.19  
    3.20 -extern int acm_init(unsigned int *initrdidx,
    3.21 -                    const multiboot_info_t *mbi,
    3.22 -                    unsigned long start);
    3.23 +
    3.24 +extern int acm_init(char *policy_start, unsigned long policy_len);
    3.25 +
    3.26 +/* Return true iff buffer has an acm policy magic number.  */
    3.27 +extern int acm_is_policy(char *buf, unsigned long len);
    3.28  
    3.29  #endif
    3.30