# HG changeset patch
# User kfraser@xxxxxxxxxxxxxxxxxxxxx
# Date 1177489912 -3600
# Node ID d5d6d2a8d10c0e03c18af1db00d7b09fd488073b
# Parent 3d613faed8c32fb807384cae1d08a27f51d5433f
acm: Changes to XML schema of the policy
This patch changes the XML schema of the ACM policy to require a
version and that every conflict set have a name. Every VM label must
have one Chinese Wall Type and every resource label one Simple Type
Enforcement Type. As a consequence of this some example policies
needed to be changed. Also not offering that many configuration
options for compiling xen anymore to make things simpler.
Signed-off-by: Stefan Berger <stefanb@xxxxxxxxxx>
---
tools/security/policies/example/chwall/client_v1-security_policy.xml |
90 ----
tools/security/policies/example/chwall_ste/client_v1-security_policy.xml |
194 ---------
Config.mk |
2
docs/src/user.tex |
53 +-
tools/security/Makefile |
15
tools/security/policies/example/client_v1-security_policy.xml |
195 ++++++++++
tools/security/policies/example/test-security_policy.xml |
97 ++++
tools/security/python/xensec_gen/cgi-bin/policy.cgi |
1
tools/security/xensec_ezpolicy |
5
tools/xm-test/tests/security-acm/xm-test-security_policy.xml |
1
10 files changed, 328 insertions(+), 325 deletions(-)
diff -r 3d613faed8c3 -r d5d6d2a8d10c Config.mk
--- a/Config.mk Tue Apr 24 23:40:40 2007 +0100
+++ b/Config.mk Wed Apr 25 09:31:52 2007 +0100
@@ -83,8 +83,6 @@ ACM_SECURITY ?= n
# ACM_DEFAULT_SECURITY_POLICY
# Supported models are:
# ACM_NULL_POLICY
-# ACM_CHINESE_WALL_POLICY
-# ACM_SIMPLE_TYPE_ENFORCEMENT_POLICY
# ACM_CHINESE_WALL_AND_SIMPLE_TYPE_ENFORCEMENT_POLICY
ACM_DEFAULT_SECURITY_POLICY ?= ACM_NULL_POLICY
diff -r 3d613faed8c3 -r d5d6d2a8d10c docs/src/user.tex
--- a/docs/src/user.tex Tue Apr 24 23:40:40 2007 +0100
+++ b/docs/src/user.tex Wed Apr 25 09:31:52 2007 +0100
@@ -2673,33 +2673,34 @@ 03 <SecurityPolicyDefinition
xsi:schemaLocation=
"http://www.ibm.com ../../security_policy.xsd ">
04 <PolicyHeader>
-05 <PolicyName>example.chwall_ste.test</PolicyName>
+05 <PolicyName>example.test</PolicyName>
06 <Date>Wed Jul 12 17:32:59 2006</Date>
-07 </PolicyHeader>
-08
-09 <SimpleTypeEnforcement>
-10 <SimpleTypeEnforcementTypes>
-11 <Type>SystemManagement</Type>
-12 <Type>PepsiCo</Type>
-13 <Type>CocaCola</Type>
-14 </SimpleTypeEnforcementTypes>
-15 </SimpleTypeEnforcement>
-16
-17 <ChineseWall priority="PrimaryPolicyComponent">
-18 <ChineseWallTypes>
-19 <Type>SystemManagement</Type>
-20 <Type>PepsiCo</Type>
-21 <Type>CocaCola</Type>
-22 </ChineseWallTypes>
-23
-24 <ConflictSets>
-25 <Conflict name="RER1">
-26 <Type>CocaCola</Type>
-27 <Type>PepsiCo</Type>
-28 </Conflict>
-29 </ConflictSets>
-30 </ChineseWall>
-31
+07 <Version>1.0</Version>
+08 </PolicyHeader>
+09
+10 <SimpleTypeEnforcement>
+11 <SimpleTypeEnforcementTypes>
+12 <Type>SystemManagement</Type>
+13 <Type>PepsiCo</Type>
+14 <Type>CocaCola</Type>
+15 </SimpleTypeEnforcementTypes>
+16 </SimpleTypeEnforcement>
+17
+18 <ChineseWall priority="PrimaryPolicyComponent">
+19 <ChineseWallTypes>
+20 <Type>SystemManagement</Type>
+21 <Type>PepsiCo</Type>
+22 <Type>CocaCola</Type>
+23 </ChineseWallTypes>
+24
+25 <ConflictSets>
+26 <Conflict name="RER1">
+27 <Type>CocaCola</Type>
+28 <Type>PepsiCo</Type>
+29 </Conflict>
+30 </ConflictSets>
+31 </ChineseWall>
+32
\end{verbatim}
\end{scriptsize}
\caption{Example XML security policy file -- Part I: Types and Rules
Definition.}
diff -r 3d613faed8c3 -r d5d6d2a8d10c tools/security/Makefile
--- a/tools/security/Makefile Tue Apr 24 23:40:40 2007 +0100
+++ b/tools/security/Makefile Wed Apr 25 09:31:52 2007 +0100
@@ -15,12 +15,6 @@ LDFLAGS += $(shell xml2-config --libs
ifeq ($(ACM_DEFAULT_SECURITY_POLICY),ACM_NULL_POLICY)
POLICY=null
-endif
-ifeq ($(ACM_DEFAULT_SECURITY_POLICY),ACM_CHINESE_WALL_POLICY)
-POLICY=chwall
-endif
-ifeq ($(ACM_DEFAULT_SECURITY_POLICY),ACM_SIMPLE_TYPE_ENFORCEMENT_POLICY)
-POLICY=ste
endif
ifeq
($(ACM_DEFAULT_SECURITY_POLICY),ACM_CHINESE_WALL_AND_SIMPLE_TYPE_ENFORCEMENT_POLICY)
POLICY=chwall_ste
@@ -46,7 +40,7 @@ ACM_SECGEN_CGIDIR = $(ACM_SECGEN_HTMLDIR
ACM_SECGEN_CGIDIR = $(ACM_SECGEN_HTMLDIR)/cgi-bin
ACM_SCHEMA = security_policy.xsd
-ACM_EXAMPLES = chwall ste chwall_ste
+ACM_EXAMPLES = client_v1 test
ACM_POLICY_SUFFIX = security_policy.xml
ifeq ($(ACM_SECURITY),y)
@@ -66,8 +60,7 @@ install: all $(ACM_CONFIG_FILE)
$(INSTALL_DATA) policies/$(ACM_SCHEMA) $(DESTDIR)$(ACM_POLICY_DIR)
$(INSTALL_DIR) $(DESTDIR)$(ACM_POLICY_DIR)/example
for i in $(ACM_EXAMPLES); do \
- $(INSTALL_DIR) $(DESTDIR)$(ACM_POLICY_DIR)/example/$$i; \
- $(INSTALL_DATA)
policies/example/$$i/client_v1-$(ACM_POLICY_SUFFIX)
$(DESTDIR)$(ACM_POLICY_DIR)/example/$$i; \
+ $(INSTALL_DATA) policies/example/$$i-$(ACM_POLICY_SUFFIX)
$(DESTDIR)$(ACM_POLICY_DIR)/example/; \
done
$(INSTALL_DIR) $(DESTDIR)$(ACM_SCRIPT_DIR)
$(INSTALL_PROG) $(ACM_SCRIPTS) $(DESTDIR)$(ACM_SCRIPT_DIR)
@@ -94,10 +87,10 @@ build: $(ACM_INST_TOOLS) $(ACM_NOINST_TO
chmod 700 $(ACM_SCRIPTS)
xensec_tool: $(OBJS_TOOL)
- $(CC) $(CFLAGS) $(LDFLAGS) -o $@ $^ -L$(XEN_LIBXC) -lxenctrl
+ $(CC) -g $(CFLAGS) $(LDFLAGS) -O0 -o $@ $^ -L$(XEN_LIBXC) -lxenctrl
xensec_xml2bin: $(OBJS_XML2BIN)
- $(CC) $(CFLAGS) $(LDFLAGS) -o $@ $^
+ $(CC) -g $(CFLAGS) $(LDFLAGS) -O0 -o $@ $^
xensec_gen: xensec_gen.py
cp -f $^ $@
diff -r 3d613faed8c3 -r d5d6d2a8d10c
tools/security/policies/example/chwall/client_v1-security_policy.xml
--- a/tools/security/policies/example/chwall/client_v1-security_policy.xml
Tue Apr 24 23:40:40 2007 +0100
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,90 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!-- Author: Reiner Sailer, Ray Valdez {sailer,rvaldez}@us.ibm.com -->
-<!-- This file defines the security policies, which -->
-<!-- can be enforced by the Xen Access Control Module. -->
-<!-- Currently: Chinese Wall and Simple Type Enforcement-->
-<SecurityPolicyDefinition xmlns="http://www.ibm.com"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.ibm.com ../../security_policy.xsd ">
- <PolicyHeader>
- <PolicyName>example.chwall.client_v1</PolicyName>
- <PolicyUrl>www.ibm.com/example/chwall/client_v1</PolicyUrl>
- <Date>2006-03-31</Date>
- </PolicyHeader>
- <!-- -->
- <!-- example of a chinese wall type definition -->
- <!-- along with its conflict sets -->
- <!-- (typse in a confict set are exclusive, i.e. -->
- <!-- once a Domain with one type of a set is -->
- <!-- running, no other Domain with another type -->
- <!-- of the same conflict set can start.) -->
- <ChineseWall priority="PrimaryPolicyComponent">
- <ChineseWallTypes>
- <Type>cw_SystemManagement</Type>
- <Type>cw_Sensitive</Type>
- <Type>cw_Isolated</Type>
- <Type>cw_Distrusted</Type>
- </ChineseWallTypes>
- <ConflictSets>
- <Conflict name="Protection1">
- <Type>cw_Sensitive</Type>
- <Type>cw_Distrusted</Type>
- </Conflict>
- </ConflictSets>
- </ChineseWall>
- <SecurityLabelTemplate>
- <SubjectLabels bootstrap="dom_SystemManagement">
- <!-- single ste typed domains -->
- <!-- ACM enforces that only domains with -->
- <!-- the same type can share information -->
- <!-- -->
- <!-- Bootstrap label is assigned to Dom0 -->
- <VirtualMachineLabel>
- <Name>dom_HomeBanking</Name>
- <ChineseWallTypes>
- <Type>cw_Sensitive</Type>
- </ChineseWallTypes>
- </VirtualMachineLabel>
-
- <VirtualMachineLabel>
- <Name>dom_Fun</Name>
- <ChineseWallTypes>
- <Type>cw_Distrusted</Type>
- </ChineseWallTypes>
- </VirtualMachineLabel>
-
- <VirtualMachineLabel>
- <!-- donating some cycles to seti@home -->
- <Name>dom_BoincClient</Name>
- <ChineseWallTypes>
- <Type>cw_Isolated</Type>
- </ChineseWallTypes>
- </VirtualMachineLabel>
-
- <!-- Domains with multiple ste types services; such
domains -->
- <!-- must keep the types inside their domain safely
confined. -->
- <VirtualMachineLabel>
- <Name>dom_SystemManagement</Name>
- <ChineseWallTypes>
- <Type>cw_SystemManagement</Type>
- </ChineseWallTypes>
- </VirtualMachineLabel>
-
- <VirtualMachineLabel>
- <!-- serves persistent storage to other domains
-->
- <Name>dom_StorageDomain</Name>
- <ChineseWallTypes>
- <Type>cw_SystemManagement</Type>
- </ChineseWallTypes>
- </VirtualMachineLabel>
-
- <VirtualMachineLabel>
- <!-- serves network access to other domains -->
- <Name>dom_NetworkDomain</Name>
- <ChineseWallTypes>
- <Type>cw_SystemManagement</Type>
- </ChineseWallTypes>
- </VirtualMachineLabel>
- </SubjectLabels>
- </SecurityLabelTemplate>
-
-</SecurityPolicyDefinition>
-
diff -r 3d613faed8c3 -r d5d6d2a8d10c
tools/security/policies/example/chwall_ste/client_v1-security_policy.xml
--- a/tools/security/policies/example/chwall_ste/client_v1-security_policy.xml
Tue Apr 24 23:40:40 2007 +0100
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,194 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!-- Author: Reiner Sailer, Ray Valdez {sailer,rvaldez}@us.ibm.com -->
-<!-- This file defines the security policies, which -->
-<!-- can be enforced by the Xen Access Control Module. -->
-<!-- Currently: Chinese Wall and Simple Type Enforcement-->
-<SecurityPolicyDefinition xmlns="http://www.ibm.com"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.ibm.com ../../security_policy.xsd ">
- <PolicyHeader>
- <PolicyName>example.chwall_ste.client_v1</PolicyName>
- <PolicyUrl>www.ibm.com/example/chwall_ste/client_v1</PolicyUrl>
- <Date>2006-03-31</Date>
- </PolicyHeader>
- <!-- -->
- <!-- example of a simple type enforcement policy definition -->
- <!-- -->
- <SimpleTypeEnforcement>
- <SimpleTypeEnforcementTypes>
- <Type>ste_SystemManagement</Type><!-- machine/security
management -->
- <Type>ste_PersonalFinances</Type><!-- personal finances
-->
- <Type>ste_InternetInsecure</Type><!-- games, active X,
etc. -->
- <Type>ste_DonatedCycles</Type><!-- donation to
BOINC/seti@home -->
- <Type>ste_PersistentStorageA</Type><!-- domain managing
the harddrive A-->
- <Type>ste_NetworkAdapter0</Type><!-- type of the domain
managing ethernet adapter 0-->
- </SimpleTypeEnforcementTypes>
- </SimpleTypeEnforcement>
- <!-- -->
- <!-- example of a chinese wall type definition -->
- <!-- along with its conflict sets -->
- <!-- (typse in a confict set are exclusive, i.e. -->
- <!-- once a Domain with one type of a set is -->
- <!-- running, no other Domain with another type -->
- <!-- of the same conflict set can start.) -->
- <ChineseWall priority="PrimaryPolicyComponent">
- <ChineseWallTypes>
- <Type>cw_SystemManagement</Type>
- <Type>cw_Sensitive</Type>
- <Type>cw_Isolated</Type>
- <Type>cw_Distrusted</Type>
- </ChineseWallTypes>
-
- <ConflictSets>
- <Conflict name="Protection1">
- <Type>cw_Sensitive</Type>
- <Type>cw_Distrusted</Type>
- </Conflict>
- </ConflictSets>
- </ChineseWall>
- <SecurityLabelTemplate>
- <SubjectLabels bootstrap="dom_SystemManagement">
- <!-- single ste typed domains -->
- <!-- ACM enforces that only domains with -->
- <!-- the same type can share information -->
- <!-- -->
- <!-- Bootstrap label is assigned to Dom0 -->
- <VirtualMachineLabel>
- <Name>dom_HomeBanking</Name>
- <SimpleTypeEnforcementTypes>
- <Type>ste_PersonalFinances</Type>
- </SimpleTypeEnforcementTypes>
-
- <ChineseWallTypes>
- <Type>cw_Sensitive</Type>
- </ChineseWallTypes>
- </VirtualMachineLabel>
-
- <VirtualMachineLabel>
- <Name>dom_Fun</Name>
- <SimpleTypeEnforcementTypes>
- <Type>ste_InternetInsecure</Type>
- </SimpleTypeEnforcementTypes>
-
- <ChineseWallTypes>
- <Type>cw_Distrusted</Type>
- </ChineseWallTypes>
- </VirtualMachineLabel>
-
- <VirtualMachineLabel>
- <!-- donating some cycles to seti@home -->
- <Name>dom_BoincClient</Name>
- <SimpleTypeEnforcementTypes>
- <Type>ste_DonatedCycles</Type>
- </SimpleTypeEnforcementTypes>
-
- <ChineseWallTypes>
- <Type>cw_Isolated</Type>
- </ChineseWallTypes>
- </VirtualMachineLabel>
-
- <!-- Domains with multiple ste types services; such
domains -->
- <!-- must keep the types inside their domain safely
confined. -->
- <VirtualMachineLabel>
- <Name>dom_SystemManagement</Name>
- <SimpleTypeEnforcementTypes>
- <!-- since dom0 needs access to every
domain and -->
- <!-- resource right now ... -->
- <Type>ste_SystemManagement</Type>
- <Type>ste_PersonalFinances</Type>
- <Type>ste_InternetInsecure</Type>
- <Type>ste_DonatedCycles</Type>
- <Type>ste_PersistentStorageA</Type>
- <Type>ste_NetworkAdapter0</Type>
- </SimpleTypeEnforcementTypes>
-
- <ChineseWallTypes>
- <Type>cw_SystemManagement</Type>
- </ChineseWallTypes>
- </VirtualMachineLabel>
-
- <VirtualMachineLabel>
- <!-- serves persistent storage to other domains
-->
- <Name>dom_StorageDomain</Name>
- <SimpleTypeEnforcementTypes>
- <!-- access right to the resource (hard
drive a) -->
- <Type>ste_PersistentStorageA</Type>
- <!-- can serve following types -->
- <Type>ste_PersonalFinances</Type>
- <Type>ste_InternetInsecure</Type>
- </SimpleTypeEnforcementTypes>
-
- <ChineseWallTypes>
- <Type>cw_SystemManagement</Type>
- </ChineseWallTypes>
- </VirtualMachineLabel>
-
- <VirtualMachineLabel>
- <!-- serves network access to other domains -->
- <Name>dom_NetworkDomain</Name>
- <SimpleTypeEnforcementTypes>
- <!-- access right to the resource
(ethernet card) -->
- <Type>ste_NetworkAdapter0</Type>
- <!-- can serve following types -->
- <Type>ste_PersonalFinances</Type>
- <Type>ste_InternetInsecure</Type>
- <Type>ste_DonatedCycles</Type>
- </SimpleTypeEnforcementTypes>
-
- <ChineseWallTypes>
- <Type>cw_SystemManagement</Type>
- </ChineseWallTypes>
- </VirtualMachineLabel>
- </SubjectLabels>
-
- <ObjectLabels>
- <ResourceLabel>
- <Name>res_ManagementResource</Name>
- <SimpleTypeEnforcementTypes>
- <Type>ste_SystemManagement</Type>
- </SimpleTypeEnforcementTypes>
- </ResourceLabel>
-
- <ResourceLabel>
- <Name>res_HardDrive(hda)</Name>
- <SimpleTypeEnforcementTypes>
- <Type>ste_PersistentStorageA</Type>
- </SimpleTypeEnforcementTypes>
- </ResourceLabel>
-
- <ResourceLabel>
- <Name>res_LogicalDiskPartition1(hda1)</Name>
- <SimpleTypeEnforcementTypes>
- <Type>ste_PersonalFinances</Type>
- </SimpleTypeEnforcementTypes>
- </ResourceLabel>
-
- <ResourceLabel>
- <Name>res_LogicalDiskPartition2(hda2)</Name>
- <SimpleTypeEnforcementTypes>
- <Type>ste_InternetInsecure</Type>
- </SimpleTypeEnforcementTypes>
- </ResourceLabel>
-
- <ResourceLabel>
- <Name>res_EthernetCard</Name>
- <SimpleTypeEnforcementTypes>
- <Type>ste_NetworkAdapter0</Type>
- </SimpleTypeEnforcementTypes>
- </ResourceLabel>
-
- <ResourceLabel>
- <Name>res_SecurityToken</Name>
- <SimpleTypeEnforcementTypes>
- <Type>ste_PersonalFinances</Type>
- </SimpleTypeEnforcementTypes>
- </ResourceLabel>
-
- <ResourceLabel>
- <Name>res_GraphicsAdapter</Name>
- <SimpleTypeEnforcementTypes>
- <Type>ste_SystemManagement</Type>
- </SimpleTypeEnforcementTypes>
- </ResourceLabel>
- </ObjectLabels>
- </SecurityLabelTemplate>
-</SecurityPolicyDefinition>
-
diff -r 3d613faed8c3 -r d5d6d2a8d10c
tools/security/policies/example/client_v1-security_policy.xml
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/tools/security/policies/example/client_v1-security_policy.xml Wed Apr
25 09:31:52 2007 +0100
@@ -0,0 +1,195 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!-- Author: Reiner Sailer, Ray Valdez {sailer,rvaldez}@us.ibm.com -->
+<!-- This file defines the security policies, which -->
+<!-- can be enforced by the Xen Access Control Module. -->
+<!-- Currently: Chinese Wall and Simple Type Enforcement-->
+<SecurityPolicyDefinition xmlns="http://www.ibm.com"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.ibm.com ../../security_policy.xsd ">
+ <PolicyHeader>
+ <PolicyName>example.client_v1</PolicyName>
+ <PolicyUrl>www.ibm.com/example/client_v1</PolicyUrl>
+ <Date>2006-03-31</Date>
+ <Version>1.0</Version>
+ </PolicyHeader>
+ <!-- -->
+ <!-- example of a simple type enforcement policy definition -->
+ <!-- -->
+ <SimpleTypeEnforcement>
+ <SimpleTypeEnforcementTypes>
+ <Type>ste_SystemManagement</Type><!-- machine/security
management -->
+ <Type>ste_PersonalFinances</Type><!-- personal finances
-->
+ <Type>ste_InternetInsecure</Type><!-- games, active X,
etc. -->
+ <Type>ste_DonatedCycles</Type><!-- donation to
BOINC/seti@home -->
+ <Type>ste_PersistentStorageA</Type><!-- domain managing
the harddrive A-->
+ <Type>ste_NetworkAdapter0</Type><!-- type of the domain
managing ethernet adapter 0-->
+ </SimpleTypeEnforcementTypes>
+ </SimpleTypeEnforcement>
+ <!-- -->
+ <!-- example of a chinese wall type definition -->
+ <!-- along with its conflict sets -->
+ <!-- (typse in a confict set are exclusive, i.e. -->
+ <!-- once a Domain with one type of a set is -->
+ <!-- running, no other Domain with another type -->
+ <!-- of the same conflict set can start.) -->
+ <ChineseWall priority="PrimaryPolicyComponent">
+ <ChineseWallTypes>
+ <Type>cw_SystemManagement</Type>
+ <Type>cw_Sensitive</Type>
+ <Type>cw_Isolated</Type>
+ <Type>cw_Distrusted</Type>
+ </ChineseWallTypes>
+
+ <ConflictSets>
+ <Conflict name="Protection1">
+ <Type>cw_Sensitive</Type>
+ <Type>cw_Distrusted</Type>
+ </Conflict>
+ </ConflictSets>
+ </ChineseWall>
+ <SecurityLabelTemplate>
+ <SubjectLabels bootstrap="dom_SystemManagement">
+ <!-- single ste typed domains -->
+ <!-- ACM enforces that only domains with -->
+ <!-- the same type can share information -->
+ <!-- -->
+ <!-- Bootstrap label is assigned to Dom0 -->
+ <VirtualMachineLabel>
+ <Name>dom_HomeBanking</Name>
+ <SimpleTypeEnforcementTypes>
+ <Type>ste_PersonalFinances</Type>
+ </SimpleTypeEnforcementTypes>
+
+ <ChineseWallTypes>
+ <Type>cw_Sensitive</Type>
+ </ChineseWallTypes>
+ </VirtualMachineLabel>
+
+ <VirtualMachineLabel>
+ <Name>dom_Fun</Name>
+ <SimpleTypeEnforcementTypes>
+ <Type>ste_InternetInsecure</Type>
+ </SimpleTypeEnforcementTypes>
+
+ <ChineseWallTypes>
+ <Type>cw_Distrusted</Type>
+ </ChineseWallTypes>
+ </VirtualMachineLabel>
+
+ <VirtualMachineLabel>
+ <!-- donating some cycles to seti@home -->
+ <Name>dom_BoincClient</Name>
+ <SimpleTypeEnforcementTypes>
+ <Type>ste_DonatedCycles</Type>
+ </SimpleTypeEnforcementTypes>
+
+ <ChineseWallTypes>
+ <Type>cw_Isolated</Type>
+ </ChineseWallTypes>
+ </VirtualMachineLabel>
+
+ <!-- Domains with multiple ste types services; such
domains -->
+ <!-- must keep the types inside their domain safely
confined. -->
+ <VirtualMachineLabel>
+ <Name>dom_SystemManagement</Name>
+ <SimpleTypeEnforcementTypes>
+ <!-- since dom0 needs access to every
domain and -->
+ <!-- resource right now ... -->
+ <Type>ste_SystemManagement</Type>
+ <Type>ste_PersonalFinances</Type>
+ <Type>ste_InternetInsecure</Type>
+ <Type>ste_DonatedCycles</Type>
+ <Type>ste_PersistentStorageA</Type>
+ <Type>ste_NetworkAdapter0</Type>
+ </SimpleTypeEnforcementTypes>
+
+ <ChineseWallTypes>
+ <Type>cw_SystemManagement</Type>
+ </ChineseWallTypes>
+ </VirtualMachineLabel>
+
+ <VirtualMachineLabel>
+ <!-- serves persistent storage to other domains
-->
+ <Name>dom_StorageDomain</Name>
+ <SimpleTypeEnforcementTypes>
+ <!-- access right to the resource (hard
drive a) -->
+ <Type>ste_PersistentStorageA</Type>
+ <!-- can serve following types -->
+ <Type>ste_PersonalFinances</Type>
+ <Type>ste_InternetInsecure</Type>
+ </SimpleTypeEnforcementTypes>
+
+ <ChineseWallTypes>
+ <Type>cw_SystemManagement</Type>
+ </ChineseWallTypes>
+ </VirtualMachineLabel>
+
+ <VirtualMachineLabel>
+ <!-- serves network access to other domains -->
+ <Name>dom_NetworkDomain</Name>
+ <SimpleTypeEnforcementTypes>
+ <!-- access right to the resource
(ethernet card) -->
+ <Type>ste_NetworkAdapter0</Type>
+ <!-- can serve following types -->
+ <Type>ste_PersonalFinances</Type>
+ <Type>ste_InternetInsecure</Type>
+ <Type>ste_DonatedCycles</Type>
+ </SimpleTypeEnforcementTypes>
+
+ <ChineseWallTypes>
+ <Type>cw_SystemManagement</Type>
+ </ChineseWallTypes>
+ </VirtualMachineLabel>
+ </SubjectLabels>
+
+ <ObjectLabels>
+ <ResourceLabel>
+ <Name>res_ManagementResource</Name>
+ <SimpleTypeEnforcementTypes>
+ <Type>ste_SystemManagement</Type>
+ </SimpleTypeEnforcementTypes>
+ </ResourceLabel>
+
+ <ResourceLabel>
+ <Name>res_HardDrive(hda)</Name>
+ <SimpleTypeEnforcementTypes>
+ <Type>ste_PersistentStorageA</Type>
+ </SimpleTypeEnforcementTypes>
+ </ResourceLabel>
+
+ <ResourceLabel>
+ <Name>res_LogicalDiskPartition1(hda1)</Name>
+ <SimpleTypeEnforcementTypes>
+ <Type>ste_PersonalFinances</Type>
+ </SimpleTypeEnforcementTypes>
+ </ResourceLabel>
+
+ <ResourceLabel>
+ <Name>res_LogicalDiskPartition2(hda2)</Name>
+ <SimpleTypeEnforcementTypes>
+ <Type>ste_InternetInsecure</Type>
+ </SimpleTypeEnforcementTypes>
+ </ResourceLabel>
+
+ <ResourceLabel>
+ <Name>res_EthernetCard</Name>
+ <SimpleTypeEnforcementTypes>
+ <Type>ste_NetworkAdapter0</Type>
+ </SimpleTypeEnforcementTypes>
+ </ResourceLabel>
+
+ <ResourceLabel>
+ <Name>res_SecurityToken</Name>
+ <SimpleTypeEnforcementTypes>
+ <Type>ste_PersonalFinances</Type>
+ </SimpleTypeEnforcementTypes>
+ </ResourceLabel>
+
+ <ResourceLabel>
+ <Name>res_GraphicsAdapter</Name>
+ <SimpleTypeEnforcementTypes>
+ <Type>ste_SystemManagement</Type>
+ </SimpleTypeEnforcementTypes>
+ </ResourceLabel>
+ </ObjectLabels>
+ </SecurityLabelTemplate>
+</SecurityPolicyDefinition>
+
diff -r 3d613faed8c3 -r d5d6d2a8d10c
tools/security/policies/example/test-security_policy.xml
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/tools/security/policies/example/test-security_policy.xml Wed Apr 25
09:31:52 2007 +0100
@@ -0,0 +1,97 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!-- Auto-generated by ezPolicy -->
+<SecurityPolicyDefinition xmlns="http://www.ibm.com"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.ibm.com ../../security_policy.xsd ">
+ <PolicyHeader>
+ <PolicyName>example.test</PolicyName>
+ <Date>Mon Apr 16 13:13:59 2007</Date>
+ <Version>1.0</Version>
+ </PolicyHeader>
+
+ <SimpleTypeEnforcement>
+ <SimpleTypeEnforcementTypes>
+ <Type>SystemManagement</Type>
+ <Type>PepsiCo</Type>
+ <Type>CocaCola</Type>
+ </SimpleTypeEnforcementTypes>
+ </SimpleTypeEnforcement>
+
+ <ChineseWall priority="PrimaryPolicyComponent">
+ <ChineseWallTypes>
+ <Type>SystemManagement</Type>
+ <Type>PepsiCo</Type>
+ <Type>CocaCola</Type>
+ <Type>VIOServer</Type>
+ </ChineseWallTypes>
+
+ </ChineseWall>
+
+ <SecurityLabelTemplate>
+ <SubjectLabels bootstrap="SystemManagement">
+ <VirtualMachineLabel>
+ <Name>SystemManagement</Name>
+ <SimpleTypeEnforcementTypes>
+ <Type>SystemManagement</Type>
+ <Type>PepsiCo</Type>
+ <Type>CocaCola</Type>
+ </SimpleTypeEnforcementTypes>
+ <ChineseWallTypes>
+ <Type>SystemManagement</Type>
+ </ChineseWallTypes>
+ </VirtualMachineLabel>
+
+ <VirtualMachineLabel>
+ <Name>PepsiCo</Name>
+ <SimpleTypeEnforcementTypes>
+ <Type>PepsiCo</Type>
+ </SimpleTypeEnforcementTypes>
+ <ChineseWallTypes>
+ <Type>PepsiCo</Type>
+ </ChineseWallTypes>
+ </VirtualMachineLabel>
+
+ <VirtualMachineLabel>
+ <Name>CocaCola</Name>
+ <SimpleTypeEnforcementTypes>
+ <Type>CocaCola</Type>
+ </SimpleTypeEnforcementTypes>
+ <ChineseWallTypes>
+ <Type>CocaCola</Type>
+ </ChineseWallTypes>
+ </VirtualMachineLabel>
+
+ <VirtualMachineLabel>
+ <Name>VIO</Name>
+ <SimpleTypeEnforcementTypes>
+ <Type>CocaCola</Type>
+ <Type>PepsiCo</Type>
+ </SimpleTypeEnforcementTypes>
+ <ChineseWallTypes>
+ <Type>VIOServer</Type>
+ </ChineseWallTypes>
+ </VirtualMachineLabel>
+ </SubjectLabels>
+
+ <ObjectLabels>
+ <ResourceLabel>
+ <Name>SystemManagement</Name>
+ <SimpleTypeEnforcementTypes>
+ <Type>SystemManagement</Type>
+ </SimpleTypeEnforcementTypes>
+ </ResourceLabel>
+
+ <ResourceLabel>
+ <Name>PepsiCo</Name>
+ <SimpleTypeEnforcementTypes>
+ <Type>PepsiCo</Type>
+ </SimpleTypeEnforcementTypes>
+ </ResourceLabel>
+
+ <ResourceLabel>
+ <Name>CocaCola</Name>
+ <SimpleTypeEnforcementTypes>
+ <Type>CocaCola</Type>
+ </SimpleTypeEnforcementTypes>
+ </ResourceLabel>
+ </ObjectLabels>
+ </SecurityLabelTemplate>
+</SecurityPolicyDefinition>
diff -r 3d613faed8c3 -r d5d6d2a8d10c
tools/security/python/xensec_gen/cgi-bin/policy.cgi
--- a/tools/security/python/xensec_gen/cgi-bin/policy.cgi Tue Apr 24
23:40:40 2007 +0100
+++ b/tools/security/python/xensec_gen/cgi-bin/policy.cgi Wed Apr 25
09:31:52 2007 +0100
@@ -1816,6 +1816,7 @@ def sendPHeaderXml( ):
# Policy header definition
print '<PolicyHeader>'
print ' <PolicyName>' + formPolicyName[1] + '</PolicyName>'
+ print ' <Version>1.0</Version>'
if len( formPolicyUrl[1] ) > 0:
print ' <PolicyUrl>' + formPolicyUrl[1] + '</PolicyUrl>'
if len( formPolicyRef[1] ) > 0:
diff -r 3d613faed8c3 -r d5d6d2a8d10c tools/security/xensec_ezpolicy
--- a/tools/security/xensec_ezpolicy Tue Apr 24 23:40:40 2007 +0100
+++ b/tools/security/xensec_ezpolicy Wed Apr 25 09:31:52 2007 +0100
@@ -1131,15 +1131,16 @@ def dict_read(dictname, filename):
#==================== Policy Generation/Translation functions
-def printPolicyHeader (fd, policyname, timestamp):
+def printPolicyHeader (fd, policyname, timestamp, version="1.0"):
fd.write( """<?xml version=\"1.0\" encoding=\"UTF-8\"?>
<!-- Auto-generated by ezPolicy -->
<SecurityPolicyDefinition xmlns=\"http://www.ibm.com\"
xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\"
xsi:schemaLocation=\"http://www.ibm.com ../../security_policy.xsd \">
<PolicyHeader>
<PolicyName>%s</PolicyName>
<Date>%s</Date>
+ <Version>%s</Version>
</PolicyHeader>
-""" % (policyname, timestamp))
+""" % (policyname, timestamp, version))
diff -r 3d613faed8c3 -r d5d6d2a8d10c
tools/xm-test/tests/security-acm/xm-test-security_policy.xml
--- a/tools/xm-test/tests/security-acm/xm-test-security_policy.xml Tue Apr
24 23:40:40 2007 +0100
+++ b/tools/xm-test/tests/security-acm/xm-test-security_policy.xml Wed Apr
25 09:31:52 2007 +0100
@@ -4,6 +4,7 @@
<PolicyHeader>
<PolicyName>xm-test</PolicyName>
<Date>Fri Sep 29 14:44:38 2006</Date>
+ <Version>1.0</Version>
</PolicyHeader>
<SimpleTypeEnforcement>
_______________________________________________
Xen-changelog mailing list
Xen-changelog@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-changelog
|