ia64/xen-unstable

changeset 10621:9dbcf482f600

Revert 10521, 10526 and 10527. This completes reversion of ACM modifications to xm.
Signed-off-by: Keir Fraser <keir@xensource.com>
author kfraser@dhcp93.uk.xensource.com
date Fri Jun 30 13:33:20 2006 +0100 (2006-06-30)
parents 53f552ad4042
children ffbdd113c74b
files tools/python/xen/util/security.py tools/python/xen/xend/server/blkif.py tools/python/xen/xm/addlabel.py tools/python/xen/xm/create.py tools/python/xen/xm/dry-run.py tools/python/xen/xm/getlabel.py tools/python/xen/xm/main.py tools/python/xen/xm/resources.py tools/python/xen/xm/rmlabel.py
line diff
     1.1 --- a/tools/python/xen/util/security.py	Fri Jun 30 13:25:43 2006 +0100
     1.2 +++ b/tools/python/xen/util/security.py	Fri Jun 30 13:33:20 2006 +0100
     1.3 @@ -14,7 +14,6 @@
     1.4  #============================================================================
     1.5  # Copyright (C) 2006 International Business Machines Corp.
     1.6  # Author: Reiner Sailer
     1.7 -# Author: Bryan D. Payne <bdpayne@us.ibm.com>
     1.8  #============================================================================
     1.9  
    1.10  import commands
    1.11 @@ -22,14 +21,11 @@ import logging
    1.12  import sys, os, string, re
    1.13  import traceback
    1.14  import shutil
    1.15 -#from xml.marshal import generic
    1.16  from xen.lowlevel import acm
    1.17  from xen.xend import sxp
    1.18 -from xen.xend.XendLogging import log
    1.19  
    1.20  #global directories and tools for security management
    1.21  policy_dir_prefix = "/etc/xen/acm-security/policies"
    1.22 -res_label_filename = policy_dir_prefix + "/resource_labels"
    1.23  boot_filename = "/boot/grub/menu.lst"
    1.24  xensec_xml2bin = "/usr/sbin/xensec_xml2bin"
    1.25  xensec_tool = "/usr/sbin/xensec_tool"
    1.26 @@ -534,101 +530,3 @@ def list_labels(policy_name, condition):
    1.27              if label not in labels:
    1.28                  labels.append(label)
    1.29      return labels
    1.30 -
    1.31 -
    1.32 -def get_res_label(resource):
    1.33 -    """Returns resource label information (label, policy) if it exists.
    1.34 -       Otherwise returns null label and policy.
    1.35 -    """
    1.36 -    def default_res_label():
    1.37 -        ssidref = NULL_SSIDREF
    1.38 -        if on():
    1.39 -            label = ssidref2label(ssidref)
    1.40 -        else:
    1.41 -            label = None
    1.42 -        return (label, 'NULL')
    1.43 -
    1.44 -    (label, policy) = default_res_label()
    1.45 -
    1.46 -    # load the resource label file
    1.47 -    configfile = res_label_filename
    1.48 -    if not os.path.isfile(configfile):
    1.49 -        log.info("Resource label file not found.")
    1.50 -        return default_res_label()
    1.51 -#
    1.52 -# Commented out pending replacement for xml.marshal.generic
    1.53 -#
    1.54 -#     fd = open(configfile, "rb")
    1.55 -#     res_label_cache = generic.load(fd)
    1.56 -#     fd.close()
    1.57 -
    1.58 -#     # find the resource information
    1.59 -#     if res_label_cache.has_key(resource):
    1.60 -#         (policy, label) = res_label_cache[resource]
    1.61 -
    1.62 -    return (label, policy)
    1.63 -
    1.64 -
    1.65 -def get_res_security_details(resource):
    1.66 -    """Returns the (label, ssidref, policy) associated with a given
    1.67 -       resource from the global resource label file.
    1.68 -    """
    1.69 -    def default_security_details():
    1.70 -        ssidref = NULL_SSIDREF
    1.71 -        if on():
    1.72 -            label = ssidref2label(ssidref)
    1.73 -        else:
    1.74 -            label = None
    1.75 -        policy = active_policy
    1.76 -        return (label, ssidref, policy)
    1.77 -
    1.78 -    (label, ssidref, policy) = default_security_details()
    1.79 -
    1.80 -    # find the entry associated with this resource
    1.81 -    (label, policy) = get_res_label(resource)
    1.82 -    if policy == 'NULL':
    1.83 -        log.info("Resource label for "+resource+" not in file, using DEFAULT.")
    1.84 -        return default_security_details()
    1.85 -
    1.86 -    # is this resource label for the running policy?
    1.87 -    if policy == active_policy:
    1.88 -        ssidref = label2ssidref(label, policy, 'res')
    1.89 -    else:
    1.90 -        log.info("Resource label not for active policy, using DEFAULT.")
    1.91 -        return default_security_details()
    1.92 -
    1.93 -    return (label, ssidref, policy)
    1.94 -
    1.95 -
    1.96 -def res_security_check(resource, domain_label):
    1.97 -    """Checks if the given resource can be used by the given domain
    1.98 -       label.  Returns 1 if the resource can be used, otherwise 0.
    1.99 -    """
   1.100 -    rtnval = 1
   1.101 -
   1.102 -    # if security is on, ask the hypervisor for a decision
   1.103 -    if on():
   1.104 -        (label, ssidref, policy) = get_res_security_details(resource)
   1.105 -        domac = ['access_control']
   1.106 -        domac.append(['policy', active_policy])
   1.107 -        domac.append(['label', domain_label])
   1.108 -        domac.append(['type', 'dom'])
   1.109 -        decision = get_decision(domac, ['ssidref', str(ssidref)])
   1.110 -
   1.111 -        # provide descriptive error messages
   1.112 -        if decision == 'DENIED':
   1.113 -            if label == ssidref2label(NULL_SSIDREF):
   1.114 -                raise ACMError("Resource '"+resource+"' is not labeled")
   1.115 -                rtnval = 0
   1.116 -            else:
   1.117 -                raise ACMError("Permission denied for resource '"+resource+"' because label '"+label+"' is not allowed")
   1.118 -                rtnval = 0
   1.119 -
   1.120 -    # security is off, make sure resource isn't labeled
   1.121 -    else:
   1.122 -        (label, policy) = get_res_label(resource)
   1.123 -        if policy != 'NULL':
   1.124 -            raise ACMError("Security is off, but '"+resource+"' is labeled")
   1.125 -            rtnval = 0
   1.126 -
   1.127 -    return rtnval
     2.1 --- a/tools/python/xen/xend/server/blkif.py	Fri Jun 30 13:25:43 2006 +0100
     2.2 +++ b/tools/python/xen/xend/server/blkif.py	Fri Jun 30 13:33:20 2006 +0100
     2.3 @@ -21,7 +21,6 @@ import re
     2.4  import string
     2.5  
     2.6  from xen.util import blkif
     2.7 -from xen.util import security
     2.8  from xen.xend import sxp
     2.9  from xen.xend.XendError import VmError
    2.10  
    2.11 @@ -41,22 +40,15 @@ class BlkifController(DevController):
    2.12  
    2.13      def getDeviceDetails(self, config):
    2.14          """@see DevController.getDeviceDetails"""
    2.15 -        uname = sxp.child_value(config, 'uname')
    2.16  
    2.17          dev = sxp.child_value(config, 'dev')
    2.18  
    2.19 -        (typ, params) = string.split(uname, ':', 1)
    2.20 +        (typ, params) = string.split(sxp.child_value(config, 'uname'), ':', 1)
    2.21          back = { 'dev'    : dev,
    2.22                   'type'   : typ,
    2.23                   'params' : params,
    2.24                   'mode'   : sxp.child_value(config, 'mode', 'r')
    2.25 -               }
    2.26 -
    2.27 -        if security.on():
    2.28 -            (label, ssidref, policy) = security.get_res_security_details(uname)
    2.29 -            back.update({'acm_label'  : label,
    2.30 -                         'acm_ssidref': str(ssidref),
    2.31 -                         'acm_policy' : policy})
    2.32 +                 }
    2.33  
    2.34          if 'ioemu:' in dev:
    2.35              (dummy, dev1) = string.split(dev, ':', 1)
     3.1 --- a/tools/python/xen/xm/addlabel.py	Fri Jun 30 13:25:43 2006 +0100
     3.2 +++ b/tools/python/xen/xm/addlabel.py	Fri Jun 30 13:33:20 2006 +0100
     3.3 @@ -14,156 +14,61 @@
     3.4  #============================================================================
     3.5  # Copyright (C) 2006 International Business Machines Corp.
     3.6  # Author: Reiner Sailer <sailer@us.ibm.com>
     3.7 -# Author: Bryan D. Payne <bdpayne@us.ibm.com>
     3.8  #============================================================================
     3.9  
    3.10 -"""Labeling a domain configuration file or a resoruce.
    3.11 +"""Labeling a domain configuration file.
    3.12  """
    3.13  import sys, os
    3.14 -import string
    3.15  import traceback
    3.16 -#from xml.marshal import generic
    3.17 -from xen.util import security
    3.18 +
    3.19 +
    3.20 +from xen.util.security import ACMError, err, active_policy, label2ssidref, on, access_control_re
    3.21 +
    3.22  
    3.23  def usage():
    3.24 -    print "\nUsage: xm addlabel <label> dom <configfile> [<policy>]"
    3.25 -    print "       xm addlabel <label> res <resource> [<policy>]\n"
    3.26 -    print "  This program adds an acm_label entry into the 'configfile'"
    3.27 -    print "  for a domain or to the global resource label file for a"
    3.28 -    print "  resource. It derives the policy from the running hypervisor"
    3.29 -    print "  if it is not given (optional parameter). If a label already"
    3.30 -    print "  exists for the given domain or resource, then addlabel fails.\n"
    3.31 -    security.err("Usage")
    3.32 -
    3.33 -def validate_config_file(configfile):
    3.34 -    """Performs a simple sanity check on the configuration file passed on
    3.35 -       the command line.  We basically just want to make sure that it's
    3.36 -       not a domain image file so we check for a few configuration values
    3.37 -       and then we are satisfied.  Returned 1 on success, otherwise 0.
    3.38 -    """
    3.39 -    # read in the config file
    3.40 -    globs = {}
    3.41 -    locs = {}
    3.42 -    try:
    3.43 -        execfile(configfile, globs, locs)
    3.44 -    except:
    3.45 -        print "Invalid configuration file."
    3.46 -        return 0
    3.47 -
    3.48 -    # sanity check on the data from the file
    3.49 -    count = 0
    3.50 -    required = ['kernel', 'memory', 'name']
    3.51 -    for (k, v) in locs.items():
    3.52 -        if k in required:
    3.53 -            count += 1
    3.54 -    if count != 3:
    3.55 -        print "Invalid configuration file."
    3.56 -        return 0
    3.57 -    else:
    3.58 -        return 1
    3.59 +    print "\nUsage: xm addlabel <configfile> <label> [<policy>]\n"
    3.60 +    print "  This program adds an acm_label entry into the 'configfile'."
    3.61 +    print "  It derives the policy from the running hypervisor if it"
    3.62 +    print "  is not given (optional parameter). If the configfile is"
    3.63 +    print "  already labeled, then addlabel fails.\n"
    3.64 +    err("Usage")
    3.65  
    3.66  
    3.67 -def add_resource_label(label, resource, policyref):
    3.68 -    """Adds a resource label to the global resource label file.
    3.69 -    """
    3.70 +def main(argv):
    3.71      try:
    3.72 -        # sanity check: make sure this label can be instantiated later on
    3.73 -        ssidref = security.label2ssidref(label, policyref, 'res')
    3.74 +        policyref = None
    3.75 +        if len(argv) not in [3,4]:
    3.76 +            usage()
    3.77 +        configfile = argv[1]
    3.78 +        label = argv[2]
    3.79  
    3.80 -        # sanity check on resource name
    3.81 -        (type, file) = resource.split(":")
    3.82 -        if type == "phy":
    3.83 -            file = "/dev/" + file
    3.84 -        if not os.path.exists(file):
    3.85 -            print "Invalid resource '"+resource+"'"
    3.86 -            return
    3.87 +        if len(argv) == 4:
    3.88 +            policyref = argv[3]
    3.89 +        elif on():
    3.90 +            policyref = active_policy
    3.91 +        else:
    3.92 +            err("No active policy. Policy must be specified in command line.")
    3.93  
    3.94 -        # see if this resource is already in the file
    3.95 -        file = security.res_label_filename
    3.96 -        if not os.path.isfile(file):
    3.97 -            print "Resource file not found, creating new file at:"
    3.98 -            print "%s" % (file)
    3.99 -            fd = open(file, "w")
   3.100 -            fd.close();
   3.101 -            access_control = {}
   3.102 -        else:
   3.103 -            fd = open(file, "rb")
   3.104 -#            access_control = generic.load(fd)
   3.105 -            fd.close()
   3.106 +        #sanity checks: make sure this label can be instantiated later on
   3.107 +        ssidref = label2ssidref(label, policyref, 'dom')
   3.108  
   3.109 -        if access_control.has_key(resource):
   3.110 -            security.err("This resource is already labeled.")
   3.111 +        new_label = "access_control = ['policy=%s,label=%s']\n" % (policyref, label)
   3.112 +        if not os.path.isfile(configfile):
   3.113 +            err("Configuration file \'" + configfile + "\' not found.")
   3.114 +        config_fd = open(configfile, "ra+")
   3.115 +        for line in config_fd:
   3.116 +            if not access_control_re.match(line):
   3.117 +                continue
   3.118 +            config_fd.close()
   3.119 +            err("Config file \'" + configfile + "\' is already labeled.")
   3.120 +        config_fd.write(new_label)
   3.121 +        config_fd.close()
   3.122  
   3.123 -        # write the data to file
   3.124 -        new_entry = { resource : tuple([policyref, label]) }
   3.125 -        access_control.update(new_entry)
   3.126 -        fd = open(file, "wb")
   3.127 -#        generic.dump(access_control, fd)
   3.128 -        fd.close()
   3.129 -
   3.130 -    except security.ACMError:
   3.131 +    except ACMError:
   3.132          pass
   3.133      except:
   3.134          traceback.print_exc(limit=1)
   3.135  
   3.136 -def add_domain_label(label, configfile, policyref):
   3.137 -    try:
   3.138 -        # sanity checks: make sure this label can be instantiated later on
   3.139 -        ssidref = security.label2ssidref(label, policyref, 'dom')
   3.140 -
   3.141 -        new_label = "access_control = ['policy=%s,label=%s']\n" % (policyref, label)
   3.142 -        if not os.path.isfile(configfile):
   3.143 -            security.err("Configuration file \'" + configfile + "\' not found.")
   3.144 -        config_fd = open(configfile, "ra+")
   3.145 -        for line in config_fd:
   3.146 -            if not security.access_control_re.match(line):
   3.147 -                continue
   3.148 -            config_fd.close()
   3.149 -            security.err("Config file \'" + configfile + "\' is already labeled.")
   3.150 -        config_fd.write(new_label)
   3.151 -        config_fd.close()
   3.152 -
   3.153 -    except security.ACMError:
   3.154 -        pass
   3.155 -    except:
   3.156 -        traceback.print_exc(limit=1)
   3.157 -
   3.158 -def main (argv):
   3.159 -    try:
   3.160 -        policyref = None
   3.161 -        if len(argv) not in [4,5]:
   3.162 -            usage()
   3.163 -        label = argv[1]
   3.164 -
   3.165 -        if len(argv) == 5:
   3.166 -            policyref = argv[4]
   3.167 -        elif security.on():
   3.168 -            policyref = security.active_policy
   3.169 -        else:
   3.170 -            security.err("No active policy. Policy must be specified in command line.")
   3.171 -
   3.172 -        if argv[2].lower() == "dom":
   3.173 -            configfile = argv[3]
   3.174 -            if configfile[0] != '/':
   3.175 -                for prefix in [".", "/etc/xen"]:
   3.176 -                    configfile = prefix + "/" + configfile
   3.177 -                    if os.path.isfile(configfile):
   3.178 -                        fd = open(configfile, "rb")
   3.179 -                        break
   3.180 -            if not validate_config_file(configfile):
   3.181 -                usage()
   3.182 -            else:
   3.183 -                add_domain_label(label, configfile, policyref)
   3.184 -        elif argv[2].lower() == "res":
   3.185 -            resource = argv[3]
   3.186 -            add_resource_label(label, resource, policyref)
   3.187 -        else:
   3.188 -            usage()
   3.189 -
   3.190 -    except security.ACMError:
   3.191 -        pass
   3.192 -    except:
   3.193 -        traceback.print_exc(limit=1)
   3.194  
   3.195  if __name__ == '__main__':
   3.196      main(sys.argv)
     4.1 --- a/tools/python/xen/xm/create.py	Fri Jun 30 13:25:43 2006 +0100
     4.2 +++ b/tools/python/xen/xm/create.py	Fri Jun 30 13:33:20 2006 +0100
     4.3 @@ -985,56 +985,6 @@ def parseCommandLine(argv):
     4.4      return (gopts, config)
     4.5  
     4.6  
     4.7 -def config_security_check(config, verbose):
     4.8 -    """Checks each resource listed in the config to see if the active
     4.9 -       policy will permit creation of a new domain using the config.
    4.10 -       Returns 1 if the config passes all tests, otherwise 0.
    4.11 -    """
    4.12 -    answer = 1
    4.13 -
    4.14 -    # get the domain acm_label
    4.15 -    domain_label = None
    4.16 -    domain_policy = None
    4.17 -    for x in sxp.children(config):
    4.18 -        if sxp.name(x) == 'security':
    4.19 -            domain_label = sxp.child_value(sxp.name(sxp.child0(x)), 'label')
    4.20 -            domain_policy = sxp.child_value(sxp.name(sxp.child0(x)), 'policy')
    4.21 -
    4.22 -    # if no domain label, use default
    4.23 -    if not domain_label and security.on():
    4.24 -        domain_label = security.ssidref2label(security.NULL_SSIDREF)
    4.25 -        domain_policy = 'NULL'
    4.26 -    elif not domain_label:
    4.27 -        domain_label = ""
    4.28 -        domain_policy = 'NULL'
    4.29 -
    4.30 -    if verbose:
    4.31 -        print "Checking resources:"
    4.32 -
    4.33 -    # build a list of all resources in the config file
    4.34 -    resources = []
    4.35 -    for x in sxp.children(config):
    4.36 -        if sxp.name(x) == 'device':
    4.37 -            if sxp.name(sxp.child0(x)) == 'vbd':
    4.38 -                resources.append(sxp.child_value(sxp.child0(x), 'uname'))
    4.39 -
    4.40 -    # perform a security check on each resource
    4.41 -    for resource in resources:
    4.42 -        try:
    4.43 -            security.res_security_check(resource, domain_label)
    4.44 -            if verbose:
    4.45 -                print "   %s: PERMITTED" % (resource)
    4.46 -
    4.47 -        except security.ACMError:
    4.48 -            print "   %s: DENIED" % (resource)
    4.49 -            (res_label, res_policy) = security.get_res_label(resource)
    4.50 -            print "   --> res:"+res_label+" ("+res_policy+")"
    4.51 -            print "   --> dom:"+domain_label+" ("+domain_policy+")"
    4.52 -            answer = 0
    4.53 -
    4.54 -    return answer
    4.55 -
    4.56 -
    4.57  def main(argv):
    4.58      try:
    4.59          (opts, config) = parseCommandLine(argv)
    4.60 @@ -1047,12 +997,9 @@ def main(argv):
    4.61      if opts.vals.dryrun:
    4.62          PrettyPrint.prettyprint(config)
    4.63      else:
    4.64 -        if not config_security_check(config, verbose=0):
    4.65 -            err("Resource access violation")
    4.66 -        else:
    4.67 -            dom = make_domain(opts, config)
    4.68 -            if opts.vals.console_autoconnect:
    4.69 -                console.execConsole(dom)
    4.70 +        dom = make_domain(opts, config)
    4.71 +        if opts.vals.console_autoconnect:
    4.72 +            console.execConsole(dom)
    4.73          
    4.74  if __name__ == '__main__':
    4.75      main(sys.argv)
     5.1 --- a/tools/python/xen/xm/dry-run.py	Fri Jun 30 13:25:43 2006 +0100
     5.2 +++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
     5.3 @@ -1,95 +0,0 @@
     5.4 -#============================================================================
     5.5 -# This library is free software; you can redistribute it and/or
     5.6 -# modify it under the terms of version 2.1 of the GNU Lesser General Public
     5.7 -# License as published by the Free Software Foundation.
     5.8 -#
     5.9 -# This library is distributed in the hope that it will be useful,
    5.10 -# but WITHOUT ANY WARRANTY; without even the implied warranty of
    5.11 -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
    5.12 -# Lesser General Public License for more details.
    5.13 -#
    5.14 -# You should have received a copy of the GNU Lesser General Public
    5.15 -# License along with this library; if not, write to the Free Software
    5.16 -# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
    5.17 -#============================================================================
    5.18 -# Copyright (C) 2006 International Business Machines Corp.
    5.19 -# Author: Bryan D. Payne <bdpayne@us.ibm.com>
    5.20 -#============================================================================
    5.21 -
    5.22 -"""Tests the security settings for a domain and its resources.
    5.23 -"""
    5.24 -from xen.util import security
    5.25 -from xen.xm import create
    5.26 -from xen.xend import sxp
    5.27 -
    5.28 -def usage():
    5.29 -    print "\nUsage: xm dry-run <configfile>\n"
    5.30 -    print "This program checks each resource listed in the configfile"
    5.31 -    print "to see if the domain created by the configfile can access"
    5.32 -    print "the resources.  The status of each resource is listed"
    5.33 -    print "individually along with the final security decision.\n"
    5.34 -
    5.35 -
    5.36 -def check_domain_label(config):
    5.37 -    """All that we need to check here is that the domain label exists and
    5.38 -       is not null when security is on.  Other error conditions are
    5.39 -       handled when the config file is parsed.
    5.40 -    """
    5.41 -    answer = 0
    5.42 -    secon = 0
    5.43 -    default_label = security.ssidref2label(security.NULL_SSIDREF)
    5.44 -    if security.on():
    5.45 -        secon = 1
    5.46 -
    5.47 -    # get the domain acm_label
    5.48 -    dom_label = None
    5.49 -    dom_name = None
    5.50 -    for x in sxp.children(config):
    5.51 -        if sxp.name(x) == 'security':
    5.52 -            dom_label = sxp.child_value(sxp.name(sxp.child0(x)), 'label')
    5.53 -        if sxp.name(x) == 'name':
    5.54 -            dom_name = sxp.child0(x)
    5.55 -
    5.56 -    # sanity check on domain label
    5.57 -    print "Checking domain:"
    5.58 -    if (not secon) and (not dom_label):
    5.59 -        print "   %s: PERMITTED" % (dom_name)
    5.60 -        answer = 1
    5.61 -    elif (secon) and (dom_label) and (dom_label != default_label):
    5.62 -        print "   %s: PERMITTED" % (dom_name)
    5.63 -        answer = 1
    5.64 -    else:
    5.65 -        print "   %s: DENIED" % (dom_name)
    5.66 -        if not secon:
    5.67 -            print "   --> Security off, but domain labeled"
    5.68 -        else:
    5.69 -            print "   --> Domain not labeled"
    5.70 -        answer = 0
    5.71 -
    5.72 -    return answer
    5.73 -
    5.74 -
    5.75 -def main (argv):
    5.76 -    if len(argv) != 2:
    5.77 -        usage()
    5.78 -        return
    5.79 -
    5.80 -    try:
    5.81 -        passed = 0
    5.82 -        (opts, config) = create.parseCommandLine(argv)
    5.83 -        if check_domain_label(config):
    5.84 -            if create.config_security_check(config, verbose=1):
    5.85 -                passed = 1
    5.86 -        else:
    5.87 -            print "Checking resources: (skipped)"
    5.88 -
    5.89 -        if passed:
    5.90 -            print "Dry Run: PASSED"
    5.91 -        else:
    5.92 -            print "Dry Run: FAILED"
    5.93 -    except security.ACMError:
    5.94 -        pass
    5.95 -
    5.96 -
    5.97 -if __name__ == '__main__':
    5.98 -    main(sys.argv)
     6.1 --- a/tools/python/xen/xm/getlabel.py	Fri Jun 30 13:25:43 2006 +0100
     6.2 +++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
     6.3 @@ -1,134 +0,0 @@
     6.4 -#============================================================================
     6.5 -# This library is free software; you can redistribute it and/or
     6.6 -# modify it under the terms of version 2.1 of the GNU Lesser General Public
     6.7 -# License as published by the Free Software Foundation.
     6.8 -#
     6.9 -# This library is distributed in the hope that it will be useful,
    6.10 -# but WITHOUT ANY WARRANTY; without even the implied warranty of
    6.11 -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
    6.12 -# Lesser General Public License for more details.
    6.13 -#
    6.14 -# You should have received a copy of the GNU Lesser General Public
    6.15 -# License along with this library; if not, write to the Free Software
    6.16 -# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
    6.17 -#============================================================================
    6.18 -# Copyright (C) 2006 International Business Machines Corp.
    6.19 -# Author: Bryan D. Payne <bdpayne@us.ibm.com>
    6.20 -#============================================================================
    6.21 -
    6.22 -"""Show the label for a domain or resoruce.
    6.23 -"""
    6.24 -import sys, os, re
    6.25 -import string
    6.26 -import traceback
    6.27 -#from xml.marshal import generic
    6.28 -from xen.util import security
    6.29 -
    6.30 -def usage():
    6.31 -    print "\nUsage: xm getlabel dom <configfile>"
    6.32 -    print "       xm getlabel res <resource>\n"
    6.33 -    print "  This program shows the label for a domain or resource.\n"
    6.34 -
    6.35 -
    6.36 -def get_resource_label(resource):
    6.37 -    """Gets the resource label
    6.38 -    """
    6.39 -    try:
    6.40 -        # read in the resource file
    6.41 -        file = security.res_label_filename
    6.42 -        if os.path.isfile(file):
    6.43 -            fd = open(file, "rb")
    6.44 -#            access_control = generic.load(fd)
    6.45 -            fd.close()
    6.46 -        else:
    6.47 -            print "Resource label file not found"
    6.48 -            return
    6.49 -
    6.50 -        # get the entry and print label
    6.51 -        if access_control.has_key(resource):
    6.52 -            policy = access_control[resource][0]
    6.53 -            label = access_control[resource][1]
    6.54 -            print "policy="+policy+",label="+label
    6.55 -        else:
    6.56 -            print "Resource not labeled"
    6.57 -            return
    6.58 -
    6.59 -    except security.ACMError:
    6.60 -        pass
    6.61 -    except:
    6.62 -        traceback.print_exc(limit=1)
    6.63 -
    6.64 -
    6.65 -def get_domain_label(configfile):
    6.66 -    try:
    6.67 -        # open the domain config file
    6.68 -        fd = None
    6.69 -        file = None
    6.70 -        if configfile[0] == '/':
    6.71 -            fd = open(configfile, "rb")
    6.72 -        else:
    6.73 -            for prefix in [".", "/etc/xen"]:
    6.74 -                file = prefix + "/" + configfile
    6.75 -                if os.path.isfile(file):
    6.76 -                    fd = open(file, "rb")
    6.77 -                    break
    6.78 -        if not fd:
    6.79 -            print "Configuration file '"+configfile+"' not found."
    6.80 -            return
    6.81 -
    6.82 -        # read in the domain config file, finding the label line
    6.83 -        ac_entry_re = re.compile("^access_control\s*=.*", re.IGNORECASE)
    6.84 -        ac_exit_re = re.compile(".*'\].*")
    6.85 -        acline = ""
    6.86 -        record = 0
    6.87 -        for line in fd.readlines():
    6.88 -            if ac_entry_re.match(line):
    6.89 -                record = 1
    6.90 -            if record:
    6.91 -                acline = acline + line
    6.92 -            if record and ac_exit_re.match(line):
    6.93 -                record = 0
    6.94 -        fd.close()
    6.95 -
    6.96 -        # send error message if we didn't find anything
    6.97 -        if acline == "":
    6.98 -            print "Label does not exist in domain configuration file."
    6.99 -            return
   6.100 -
   6.101 -        # print out the label
   6.102 -        (title, data) = acline.split("=", 1)
   6.103 -        data = data.strip()
   6.104 -        data = data.lstrip("[\'")
   6.105 -        data = data.rstrip("\']")
   6.106 -        (p, l) = data.split(",")
   6.107 -        print data
   6.108 -
   6.109 -    except security.ACMError:
   6.110 -        pass
   6.111 -    except:
   6.112 -        traceback.print_exc(limit=1)
   6.113 -
   6.114 -
   6.115 -def main (argv):
   6.116 -    try:
   6.117 -        if len(argv) != 3:
   6.118 -            usage()
   6.119 -            return
   6.120 -
   6.121 -        if argv[1].lower() == "dom":
   6.122 -            configfile = argv[2]
   6.123 -            get_domain_label(configfile)
   6.124 -        elif argv[1].lower() == "res":
   6.125 -            resource = argv[2]
   6.126 -            get_resource_label(resource)
   6.127 -        else:
   6.128 -            usage()
   6.129 -
   6.130 -    except security.ACMError:
   6.131 -        traceback.print_exc(limit=1)
   6.132 -
   6.133 -
   6.134 -if __name__ == '__main__':
   6.135 -    main(sys.argv)
   6.136 -
   6.137 -
     7.1 --- a/tools/python/xen/xm/main.py	Fri Jun 30 13:25:43 2006 +0100
     7.2 +++ b/tools/python/xen/xm/main.py	Fri Jun 30 13:33:20 2006 +0100
     7.3 @@ -30,7 +30,6 @@ import socket
     7.4  import warnings
     7.5  warnings.filterwarnings('ignore', category=FutureWarning)
     7.6  import xmlrpclib
     7.7 -import traceback
     7.8  
     7.9  import xen.xend.XendProtocol
    7.10  
    7.11 @@ -120,11 +119,7 @@ vnet_list_help = "vnet-list [-l|--long] 
    7.12  vnet_create_help = "vnet-create <config>             create a vnet from a config file"
    7.13  vnet_delete_help = "vnet-delete <vnetid>             delete a vnet"
    7.14  vtpm_list_help = "vtpm-list <DomId> [--long]       list virtual TPM devices"
    7.15 -addlabel_help =  "addlabel <label> dom <configfile> Add security label to domain\n            <label> res <resource>   or resource"
    7.16 -rmlabel_help =  "rmlabel dom <configfile>         Remove security label from domain\n           res <resource>           or resource"
    7.17 -getlabel_help =  "getlabel dom <configfile>        Show security label for domain\n            res <resource>          or resource"
    7.18 -dry_run_help =  "dry-run <configfile>             Tests if domain can access its resources"
    7.19 -resources_help =  "resources                        Show info for each labeled resource"
    7.20 +addlabel_help =  "addlabel <ConfigFile> <label>    Add security label to ConfigFile"
    7.21  cfgbootpolicy_help = "cfgbootpolicy <policy>           Add policy to boot configuration "
    7.22  dumppolicy_help = "dumppolicy                       Print hypervisor ACM state information"
    7.23  loadpolicy_help = "loadpolicy <policy>              Load binary policy into hypervisor"
    7.24 @@ -208,10 +203,6 @@ vnet_commands = [
    7.25  acm_commands = [
    7.26      "labels",
    7.27      "addlabel",
    7.28 -    "rmlabel",
    7.29 -    "getlabel",
    7.30 -    "dry-run",
    7.31 -    "resources",
    7.32      "makepolicy",
    7.33      "loadpolicy",
    7.34      "cfgbootpolicy",
    7.35 @@ -1001,19 +992,6 @@ def xm_block_attach(args):
    7.36      if len(args) == 5:
    7.37          vbd.append(['backend', args[4]])
    7.38  
    7.39 -    # verify that policy permits attaching this resource
    7.40 -    try:
    7.41 -        dominfo = server.xend.domain(dom)
    7.42 -        domid = sxp.child_value(dominfo, 'domid')
    7.43 -        (tmp1, label, tmp2, tmp3) = security.get_ssid(domid)
    7.44 -        security.res_security_check(args[1], label)
    7.45 -    except security.ACMError, e:
    7.46 -        print e.value
    7.47 -        sys.exit(1)
    7.48 -    except:
    7.49 -        traceback.print_exc(limit=1)
    7.50 -        sys.exit(1)
    7.51 -
    7.52      server.xend.domain.device_create(dom, vbd)
    7.53  
    7.54  
    7.55 @@ -1146,10 +1124,6 @@ subcommands = [
    7.56      'shutdown',
    7.57      'labels',
    7.58      'addlabel',
    7.59 -    'rmlabel',
    7.60 -    'getlabel',
    7.61 -    'dry-run',
    7.62 -    'resources',
    7.63      'cfgbootpolicy',
    7.64      'makepolicy',
    7.65      'loadpolicy',
     8.1 --- a/tools/python/xen/xm/resources.py	Fri Jun 30 13:25:43 2006 +0100
     8.2 +++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
     8.3 @@ -1,70 +0,0 @@
     8.4 -#============================================================================
     8.5 -# This library is free software; you can redistribute it and/or
     8.6 -# modify it under the terms of version 2.1 of the GNU Lesser General Public
     8.7 -# License as published by the Free Software Foundation.
     8.8 -#
     8.9 -# This library is distributed in the hope that it will be useful,
    8.10 -# but WITHOUT ANY WARRANTY; without even the implied warranty of
    8.11 -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
    8.12 -# Lesser General Public License for more details.
    8.13 -#
    8.14 -# You should have received a copy of the GNU Lesser General Public
    8.15 -# License along with this library; if not, write to the Free Software
    8.16 -# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
    8.17 -#============================================================================
    8.18 -# Copyright (C) 2006 International Business Machines Corp.
    8.19 -# Author: Bryan D. Payne <bdpayne@us.ibm.com>
    8.20 -#============================================================================
    8.21 -
    8.22 -"""List the resource label information from the global resource label file
    8.23 -"""
    8.24 -import sys, os
    8.25 -import string
    8.26 -import traceback
    8.27 -#from xml.marshal import generic
    8.28 -from xen.util import security
    8.29 -
    8.30 -def usage():
    8.31 -    print "\nUsage: xm resource\n"
    8.32 -    print "  This program lists information for each resource in the"
    8.33 -    print "  global resource label file\n"
    8.34 -
    8.35 -
    8.36 -def print_resource_data(access_control):
    8.37 -    """Prints out a resource dictionary to stdout
    8.38 -    """
    8.39 -    for resource in access_control:
    8.40 -        (policy, label) = access_control[resource]
    8.41 -        print resource
    8.42 -        print "    policy: "+policy
    8.43 -        print "    label:  "+label
    8.44 -
    8.45 -
    8.46 -def get_resource_data():
    8.47 -    """Returns the resource dictionary.
    8.48 -    """
    8.49 -    file = security.res_label_filename
    8.50 -    if not os.path.isfile(file):
    8.51 -        security.err("Resource file not found.")
    8.52 -
    8.53 -    fd = open(file, "rb")
    8.54 -#    access_control = generic.load(fd)
    8.55 -    fd.close()
    8.56 -    return access_control
    8.57 -
    8.58 -
    8.59 -def main (argv):
    8.60 -    try:
    8.61 -        access_control = get_resource_data()
    8.62 -        print_resource_data(access_control)
    8.63 -
    8.64 -    except security.ACMError:
    8.65 -        pass
    8.66 -    except:
    8.67 -        traceback.print_exc(limit=1)
    8.68 -
    8.69 -
    8.70 -if __name__ == '__main__':
    8.71 -    main(sys.argv)
    8.72 -
    8.73 -
     9.1 --- a/tools/python/xen/xm/rmlabel.py	Fri Jun 30 13:25:43 2006 +0100
     9.2 +++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
     9.3 @@ -1,134 +0,0 @@
     9.4 -#============================================================================
     9.5 -# This library is free software; you can redistribute it and/or
     9.6 -# modify it under the terms of version 2.1 of the GNU Lesser General Public
     9.7 -# License as published by the Free Software Foundation.
     9.8 -#
     9.9 -# This library is distributed in the hope that it will be useful,
    9.10 -# but WITHOUT ANY WARRANTY; without even the implied warranty of
    9.11 -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
    9.12 -# Lesser General Public License for more details.
    9.13 -#
    9.14 -# You should have received a copy of the GNU Lesser General Public
    9.15 -# License along with this library; if not, write to the Free Software
    9.16 -# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
    9.17 -#============================================================================
    9.18 -# Copyright (C) 2006 International Business Machines Corp.
    9.19 -# Author: Bryan D. Payne <bdpayne@us.ibm.com>
    9.20 -#============================================================================
    9.21 -
    9.22 -"""Remove a label from a domain configuration file or a resoruce.
    9.23 -"""
    9.24 -import sys, os, re
    9.25 -import string
    9.26 -import traceback
    9.27 -#from xml.marshal import generic
    9.28 -from xen.util import security
    9.29 -
    9.30 -def usage():
    9.31 -    print "\nUsage: xm rmlabel dom <configfile>"
    9.32 -    print "       xm rmlabel res <resource>\n"
    9.33 -    print "  This program removes an acm_label entry from the 'configfile'"
    9.34 -    print "  for a domain or from the global resource label file for a"
    9.35 -    print "  resource. If the label does not exist for the given domain or"
    9.36 -    print "  resource, then rmlabel fails.\n"
    9.37 -
    9.38 -
    9.39 -def rm_resource_label(resource):
    9.40 -    """Removes a resource label from the global resource label file.
    9.41 -    """
    9.42 -    try:
    9.43 -        # read in the resource file
    9.44 -        file = security.res_label_filename
    9.45 -        if os.path.isfile(file):
    9.46 -            fd = open(file, "rb")
    9.47 -#            access_control = generic.load(fd)
    9.48 -            fd.close()
    9.49 -        else:
    9.50 -            security.err("Resource file not found, cannot remove label!")
    9.51 -
    9.52 -        # remove the entry and update file
    9.53 -        if access_control.has_key(resource):
    9.54 -            del access_control[resource]
    9.55 -            fd = open(file, "wb")
    9.56 -#            generic.dump(access_control, fd)
    9.57 -            fd.close()
    9.58 -        else:
    9.59 -            security.err("Label does not exist in resource label file.")
    9.60 -
    9.61 -    except security.ACMError:
    9.62 -        pass
    9.63 -    except:
    9.64 -        traceback.print_exc(limit=1)
    9.65 -
    9.66 -
    9.67 -def rm_domain_label(configfile):
    9.68 -    try:
    9.69 -        # open the domain config file
    9.70 -        fd = None
    9.71 -        file = None
    9.72 -        if configfile[0] == '/':
    9.73 -            fd = open(configfile, "rb")
    9.74 -        else:
    9.75 -            for prefix in [".", "/etc/xen"]:
    9.76 -                file = prefix + "/" + configfile
    9.77 -                if os.path.isfile(file):
    9.78 -                    fd = open(file, "rb")
    9.79 -                    break
    9.80 -        if not fd:
    9.81 -            security.err("Configuration file '"+configfile+"' not found.")
    9.82 -
    9.83 -        # read in the domain config file, removing label
    9.84 -        ac_entry_re = re.compile("^access_control\s*=.*", re.IGNORECASE)
    9.85 -        ac_exit_re = re.compile(".*'\].*")
    9.86 -        file_contents = ""
    9.87 -        comment = 0
    9.88 -        removed = 0
    9.89 -        for line in fd.readlines():
    9.90 -            if ac_entry_re.match(line):
    9.91 -                comment = 1
    9.92 -            if comment:
    9.93 -                removed = 1
    9.94 -                line = "#"+line
    9.95 -            if comment and ac_exit_re.match(line):
    9.96 -                comment = 0
    9.97 -            file_contents = file_contents + line
    9.98 -        fd.close()
    9.99 -
   9.100 -        # send error message if we didn't find anything to remove
   9.101 -        if not removed:
   9.102 -            security.err("Label does not exist in domain configuration file.")
   9.103 -
   9.104 -        # write the data back out to the file
   9.105 -        fd = open(file, "wb")
   9.106 -        fd.writelines(file_contents)
   9.107 -        fd.close()
   9.108 -
   9.109 -    except security.ACMError:
   9.110 -        pass
   9.111 -    except:
   9.112 -        traceback.print_exc(limit=1)
   9.113 -
   9.114 -
   9.115 -def main (argv):
   9.116 -    try:
   9.117 -        if len(argv) != 3:
   9.118 -            usage()
   9.119 -            return
   9.120 -
   9.121 -        if argv[1].lower() == "dom":
   9.122 -            configfile = argv[2]
   9.123 -            rm_domain_label(configfile)
   9.124 -        elif argv[1].lower() == "res":
   9.125 -            resource = argv[2]
   9.126 -            rm_resource_label(resource)
   9.127 -        else:
   9.128 -            usage()
   9.129 -
   9.130 -    except security.ACMError:
   9.131 -        traceback.print_exc(limit=1)
   9.132 -
   9.133 -
   9.134 -if __name__ == '__main__':
   9.135 -    main(sys.argv)
   9.136 -
   9.137 -