WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-changelog

[Xen-changelog] [xen-unstable] Merge

# HG changeset patch
# User Tim Deegan <Tim.Deegan@xxxxxxxxxxxxx>
# Date 1184763381 -3600
# Node ID e1f74a5a09cbb52ed67bb8b089c4cd2d31cc4a73
# Parent  ad87a491287455e302a914ed17a2a00902136ec6
# Parent  ad1c6cf0baafe149c9fe03be3255b95ffef68a34
Merge
---
 tools/python/xen/util/acmpolicy.py                               |   17 
 tools/python/xen/util/security.py                                |    7 
 tools/python/xen/xend/XendAPI.py                                 |   14 
 tools/python/xen/xend/XendVDI.py                                 |    1 
 tools/python/xen/xend/XendXSPolicyAdmin.py                       |    9 
 tools/python/xen/xm/cfgbootpolicy.py                             |    5 
 tools/xm-test/lib/XmTestLib/XenAPIDomain.py                      |    4 
 tools/xm-test/lib/XmTestLib/acm.py                               |   52 +
 tools/xm-test/tests/security-acm/01_security-acm_basic.py        |   24 
 tools/xm-test/tests/security-acm/07_security-acm_pol_update.py   |  303 +++++++
 tools/xm-test/tests/security-acm/08_security-acm_xapi.py         |  354 
++++++++
 tools/xm-test/tests/security-acm/09_security-acm_pol_update.py   |  427 
++++++++++
 tools/xm-test/tests/security-acm/Makefile.am                     |    5 
 tools/xm-test/tests/security-acm/xm-test-new-security_policy.xml |   97 ++
 xen/arch/x86/hvm/vpt.c                                           |    8 
 15 files changed, 1286 insertions(+), 41 deletions(-)

diff -r ad87a4912874 -r e1f74a5a09cb tools/python/xen/util/acmpolicy.py
--- a/tools/python/xen/util/acmpolicy.py        Wed Jul 18 13:56:00 2007 +0100
+++ b/tools/python/xen/util/acmpolicy.py        Wed Jul 18 13:56:21 2007 +0100
@@ -122,7 +122,8 @@ class ACMPolicy(XSPolicy):
             rc = -xsconstants.XSERR_GENERAL_FAILURE
         if rc != xsconstants.XSERR_SUCCESS:
             log.warn("XML did not validate against schema")
-        rc = self.__validate_name_and_labels()
+        if rc == xsconstants.XSERR_SUCCESS:
+            rc = self.__validate_name_and_labels()
         return rc
 
     def __validate_name_and_labels(self):
@@ -626,14 +627,15 @@ class ACMPolicy(XSPolicy):
     def policy_get_stes_of_vmlabel(self, vmlabel):
         """ Get a list of all STEs of a given VMlabel """
         return self.__policy_get_stes_of_labeltype(vmlabel,
-                                                   "VirtualMachineLabel")
+                                        "/SubjectLabels", 
"VirtualMachineLabel")
 
     def policy_get_stes_of_resource(self, reslabel):
         """ Get a list of all resources of a given VMlabel """
-        return self.__policy_get_stes_of_labeltype(reslabel, "ResourceLabel")
-
-    def __policy_get_stes_of_labeltype(self, label, labeltype):
-        node = self.dom_get_node("SecurityLabelTemplate/SubjectLabels")
+        return self.__policy_get_stes_of_labeltype(reslabel,
+                                        "/ObjectLabels", "ResourceLabel")
+
+    def __policy_get_stes_of_labeltype(self, label, path, labeltype):
+        node = self.dom_get_node("SecurityLabelTemplate" + path)
         if node:
             i = 0
             while i < len(node.childNodes):
@@ -661,7 +663,8 @@ class ACMPolicy(XSPolicy):
             return False
         for res in resources:
             res_stes = self.policy_get_stes_of_resource(res)
-            if len( set(res_stes).union( set(vm_stes) ) ) == 0:
+            if len(res_stes) == 0 or \
+               len( set(res_stes).intersection( set(vm_stes) ) ) == 0:
                 return False
         return True
 
diff -r ad87a4912874 -r e1f74a5a09cb tools/python/xen/util/security.py
--- a/tools/python/xen/util/security.py Wed Jul 18 13:56:00 2007 +0100
+++ b/tools/python/xen/util/security.py Wed Jul 18 13:56:21 2007 +0100
@@ -799,9 +799,10 @@ def is_resource_in_use(resource):
             lst.append(dominfo)
     return lst
 
-def devices_equal(res1, res2):
+def devices_equal(res1, res2, mustexist=True):
     """ Determine whether two devices are equal """
-    return (unify_resname(res1) == unify_resname(res2))
+    return (unify_resname(res1, mustexist) ==
+            unify_resname(res2, mustexist))
 
 def is_resource_in_use_by_dom(dominfo, resource):
     """ Determine whether a resources is in use by a given domain
@@ -817,7 +818,7 @@ def is_resource_in_use_by_dom(dominfo, r
         dev = devs[uuid]
         if len(dev) >= 2 and dev[1].has_key('uname'):
             # dev[0] is type, i.e. 'vbd'
-            if devices_equal(dev[1]['uname'], resource):
+            if devices_equal(dev[1]['uname'], resource, mustexist=False):
                 log.info("RESOURCE IN USE: Domain %d uses %s." %
                          (dominfo.domid, resource))
                 return True
diff -r ad87a4912874 -r e1f74a5a09cb tools/python/xen/xend/XendAPI.py
--- a/tools/python/xen/xend/XendAPI.py  Wed Jul 18 13:56:00 2007 +0100
+++ b/tools/python/xen/xend/XendAPI.py  Wed Jul 18 13:56:21 2007 +0100
@@ -1410,22 +1410,22 @@ class XendAPI(object):
     def VM_set_memory_dynamic_max(self, session, vm_ref, mem):
         dom = XendDomain.instance().get_vm_by_uuid(vm_ref)
         dom.set_memory_dynamic_max(int(mem))
-        return xen_api_success_void()
+        return self._VM_save(dom)
 
     def VM_set_memory_dynamic_min(self, session, vm_ref, mem):
         dom = XendDomain.instance().get_vm_by_uuid(vm_ref)
         dom.set_memory_dynamic_min(int(mem))
-        return xen_api_success_void()
+        return self._VM_save(dom)
 
     def VM_set_memory_static_max(self, session, vm_ref, mem):
         dom = XendDomain.instance().get_vm_by_uuid(vm_ref)
         dom.set_memory_static_max(int(mem))
-        return xen_api_success_void()
+        return self._VM_save(dom)
     
     def VM_set_memory_static_min(self, session, vm_ref, mem):
         dom = XendDomain.instance().get_vm_by_uuid(vm_ref)
         dom.set_memory_static_min(int(mem))
-        return xen_api_success_void()
+        return self._VM_save(dom)
 
     def VM_set_memory_dynamic_max_live(self, session, vm_ref, mem):
         dom = XendDomain.instance().get_vm_by_uuid(vm_ref)
@@ -1620,7 +1620,8 @@ class XendAPI(object):
         (rc, errors, oldlabel, new_ssidref) = \
                                  dom.set_security_label(sec_label, old_label)
         if rc != xsconstants.XSERR_SUCCESS:
-            return xen_api_error(['SECURITY_ERROR', rc])
+            return xen_api_error(['SECURITY_ERROR', rc,
+                                 xsconstants.xserr2string(-rc)])
         if rc == 0:
             rc = new_ssidref
         return xen_api_success(rc)
@@ -2239,7 +2240,8 @@ class XendAPI(object):
         vdi = XendNode.instance().get_vdi_by_uuid(vdi_ref)
         rc = vdi.set_security_label(sec_lab, old_lab)
         if rc < 0:
-            return xen_api_error(['SECURITY_ERROR', rc])
+            return xen_api_error(['SECURITY_ERROR', rc,
+                                 xsconstants.xserr2string(-rc)])
         return xen_api_success(rc)
 
     def VDI_get_security_label(self, session, vdi_ref):
diff -r ad87a4912874 -r e1f74a5a09cb tools/python/xen/xend/XendVDI.py
--- a/tools/python/xen/xend/XendVDI.py  Wed Jul 18 13:56:00 2007 +0100
+++ b/tools/python/xen/xend/XendVDI.py  Wed Jul 18 13:56:21 2007 +0100
@@ -24,6 +24,7 @@ from xen.util.xmlrpclib2 import stringif
 from xen.util.xmlrpclib2 import stringify
 from xmlrpclib import dumps, loads
 from xen.util import security, xsconstants
+from xen.xend.XendError import SecurityError
 
 KB = 1024
 MB = 1024 * 1024
diff -r ad87a4912874 -r e1f74a5a09cb tools/python/xen/xend/XendXSPolicyAdmin.py
--- a/tools/python/xen/xend/XendXSPolicyAdmin.py        Wed Jul 18 13:56:00 
2007 +0100
+++ b/tools/python/xen/xend/XendXSPolicyAdmin.py        Wed Jul 18 13:56:21 
2007 +0100
@@ -56,7 +56,10 @@ class XSPolicyAdmin:
             typ = data[1]
             try:
                 if typ == xsconstants.ACM_POLICY_ID:
-                    self.xsobjs[ref] = ACMPolicy(name=name, ref=ref)
+                    try:
+                        self.xsobjs[ref] = ACMPolicy(name=name, ref=ref)
+                    except Exception, e:
+                        del self.policies[ref]
                 else:
                     del self.policies[ref]
             except Exception, e:
@@ -271,6 +274,10 @@ class XSPolicyAdmin:
                 return pol
         return None
 
+    def get_hv_loaded_policy_name(self):
+        security.refresh_security_policy()
+        return security.active_policy
+
     def get_policy_by_name(self, name):
         for pol in self.xsobjs.values():
             if pol.get_name() == name:
diff -r ad87a4912874 -r e1f74a5a09cb tools/python/xen/xm/cfgbootpolicy.py
--- a/tools/python/xen/xm/cfgbootpolicy.py      Wed Jul 18 13:56:00 2007 +0100
+++ b/tools/python/xen/xm/cfgbootpolicy.py      Wed Jul 18 13:56:21 2007 +0100
@@ -170,8 +170,9 @@ def cfgbootpolicy_xapi(policy, user_titl
             OptionError("No policy installed on system?")
         acmpol = ACMPolicy(xml=xml)
         if acmpol.get_name() != policy:
-            OptionError("Policy installed on system '%s' does not match the "
-                        "request policy '%s'" % (acmpol.get_name(), policy))
+            raise OptionError("Policy installed on system '%s' does not "
+                              "match the requested policy '%s'" %
+                              (acmpol.get_name(), policy))
         flags = int(policystate['flags']) | xsconstants.XS_INST_BOOT
         rc = int(server.xenapi.XSPolicy.activate_xspolicy(xs_ref, flags))
         if rc == flags:
diff -r ad87a4912874 -r e1f74a5a09cb tools/xm-test/lib/XmTestLib/XenAPIDomain.py
--- a/tools/xm-test/lib/XmTestLib/XenAPIDomain.py       Wed Jul 18 13:56:00 
2007 +0100
+++ b/tools/xm-test/lib/XmTestLib/XenAPIDomain.py       Wed Jul 18 13:56:21 
2007 +0100
@@ -23,6 +23,7 @@ import sys
 import sys
 from XmTestLib import *
 from types import DictType
+from acm import *
 
 
 class XenAPIConfig:
@@ -38,6 +39,9 @@ class XenAPIConfig:
                            'kernel' : 'PV_kernel',
                            'ramdisk': 'PV_ramdisk',
                            'root'   : 'PV_args'}
+        if isACMEnabled():
+            #A default so every VM can start with ACM enabled
+            self.opts["security_label"] = "ACM:xm-test:red"
 
     def setOpt(self, name, value):
         """Set an option in the config"""
diff -r ad87a4912874 -r e1f74a5a09cb tools/xm-test/lib/XmTestLib/acm.py
--- a/tools/xm-test/lib/XmTestLib/acm.py        Wed Jul 18 13:56:00 2007 +0100
+++ b/tools/xm-test/lib/XmTestLib/acm.py        Wed Jul 18 13:56:21 2007 +0100
@@ -19,6 +19,9 @@
 """
 from Test import *
 from xen.util import security
+from xen.xm.main import server
+from xen.util import xsconstants
+import re
 
 try:
     from acm_config import *
@@ -32,16 +35,47 @@ def isACMEnabled():
     return security.on()
 
 
+def getSystemPolicyName():
+    s,o = traceCommand("xm getpolicy")
+    m = re.compile("Policy name[\s]*: ([A-z\-]+)").search(o)
+    if m:
+        polname = m.group(1)
+        return polname
+    return ""
+
+
+def ACMLoadPolicy_XenAPI(policy='xm-test'):
+    polname = getSystemPolicyName()
+    if polname != policy:
+        # Try it, maybe it's not activated
+        traceCommand("xm setpolicy %s %s" %
+                     (xsconstants.XS_POLICY_ACM, policy))
+        polname = getSystemPolicyName()
+        if polname != policy:
+            FAIL("Need to have a system with no or policy '%s' active, "
+                 "not %s" % (policy,polname))
+        else:
+            s, o = traceCommand("xm activatepolicy --load")
+    else:
+        s, o = traceCommand("xm activatepolicy --load")
+        if not re.search("Successfully", o):
+            FAIL("Could not set the policy '%s'." % policy)
+
+
 def ACMLoadPolicy(policy='xm-test'):
-    s, o = traceCommand("xm makepolicy %s" % (policy))
-    if s != 0:
-        FAIL("Need to be able to do 'xm makepolicy %s' but could not" %
-             (policy))
-    s, o = traceCommand("xm loadpolicy %s" % (policy))
-    if s != 0:
-        FAIL("Could not load the required policy '%s'.\n"
-             "Start the system without any policy.\n%s" %
-             (policy, o))
+    from xen.xm import main
+    if main.serverType == main.SERVER_XEN_API:
+        ACMLoadPolicy_XenAPI()
+    else:
+        s, o = traceCommand("xm makepolicy %s" % (policy))
+        if s != 0:
+            FAIL("Need to be able to do 'xm makepolicy %s' but could not" %
+                 (policy))
+        s, o = traceCommand("xm loadpolicy %s" % (policy))
+        if s != 0:
+            FAIL("Could not load the required policy '%s'.\n"
+                 "Start the system without any policy.\n%s" %
+                 (policy, o))
 
 def ACMPrepareSystem(resources):
     if isACMEnabled():
diff -r ad87a4912874 -r e1f74a5a09cb 
tools/xm-test/tests/security-acm/01_security-acm_basic.py
--- a/tools/xm-test/tests/security-acm/01_security-acm_basic.py Wed Jul 18 
13:56:00 2007 +0100
+++ b/tools/xm-test/tests/security-acm/01_security-acm_basic.py Wed Jul 18 
13:56:21 2007 +0100
@@ -15,6 +15,7 @@
 
 from XmTestLib import *
 from xen.util import security
+from xen.util import xsconstants
 import commands
 import os
 import re
@@ -28,7 +29,7 @@ if not isACMEnabled():
     SKIP("Not running this test since ACM not enabled.")
 
 status, output = traceCommand("xm makepolicy %s" % (testpolicy))
-if status != 0 or output != "":
+if status != 0:
     FAIL("'xm makepolicy' failed with status %d and output\n%s" %
          (status,output));
 
@@ -47,7 +48,7 @@ status, output = traceCommand("xm addlab
 status, output = traceCommand("xm addlabel %s dom %s %s" %
                               (testlabel, vmconfigfile, testpolicy))
 if status != 0:
-    FAIL("'xm addlabel' failed with status %d.\n" % status)
+    FAIL("(1) 'xm addlabel' failed with status %d.\n" % status)
 
 status, output = traceCommand("xm getlabel dom %s" %
                               (vmconfigfile))
@@ -55,8 +56,9 @@ if status != 0:
 if status != 0:
     FAIL("'xm getlabel' failed with status %d, output:\n%s" %
          (status, output))
-if output != "policy=%s,label=%s" % (testpolicy,testlabel):
-    FAIL("Received unexpected output from 'xm getlabel': \n%s" %
+if output != "policytype=%s,policy=%s,label=%s" % \
+             (xsconstants.ACM_POLICY_ID, testpolicy, testlabel):
+    FAIL("(1) Received unexpected output from 'xm getlabel dom': \n%s" %
          (output))
 
 
@@ -74,30 +76,34 @@ status, output = traceCommand("xm getlab
                               (vmconfigfile))
 
 if output != "Error: 'Domain not labeled'":
-    FAIL("Received unexpected output from 'xm getlabel': \n%s" %
+    FAIL("(2) Received unexpected output from 'xm getlabel dom': \n%s" %
          (output))
 
 #Whatever label the resource might have, remove it
 status, output = traceCommand("xm rmlabel res %s" %
                               (testresource))
+if status != 0:
+    FAIL("'xm rmlabel' on resource failed with status %d.\n" % status)
 
 status, output = traceCommand("xm addlabel %s res %s %s" %
                               (testlabel, testresource, testpolicy))
 if status != 0:
-    FAIL("'xm addlabel' on resource failed with status %d.\n" % status)
+    FAIL("(2) 'xm addlabel' on resource failed with status %d.\n" % status)
 
 status, output = traceCommand("xm getlabel res %s" % (testresource))
 
 if status != 0:
     FAIL("'xm getlabel' on resource failed with status %d, output:\n%s" %
          (status, output))
-if output != "policy=%s,label=%s" % (testpolicy,testlabel):
-    FAIL("Received unexpected output from 'xm getlabel': \n%s" %
+if output != "%s:%s:%s" % (xsconstants.ACM_POLICY_ID,\
+                           testpolicy,testlabel):
+    FAIL("Received unexpected output from 'xm getlabel res': \n%s" %
          (output))
 
 status, output = traceCommand("xm resources")
 
 if status != 0:
+    print "status = %s" % str(status)
     FAIL("'xm resources' did not run properly")
 if not re.search(security.unify_resname(testresource), output):
     FAIL("'xm resources' did not show the tested resource '%s'." %
@@ -117,5 +123,5 @@ status, output = traceCommand("xm getlab
                               (testresource))
 
 if output != "Error: 'Resource not labeled'":
-    FAIL("Received unexpected output from 'xm getlabel': \n%s" %
+    FAIL("Received unexpected output from 'xm getlabel res': \n%s" %
          (output))
diff -r ad87a4912874 -r e1f74a5a09cb 
tools/xm-test/tests/security-acm/07_security-acm_pol_update.py
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/tools/xm-test/tests/security-acm/07_security-acm_pol_update.py    Wed Jul 
18 13:56:21 2007 +0100
@@ -0,0 +1,303 @@
+#!/usr/bin/python
+
+# Copyright (C) International Business Machines Corp., 2006
+# Author: Stefan Berger <stefanb@xxxxxxxxxx>
+
+# Test to exercise the xspolicy class
+
+from XmTestLib import xapi
+from XmTestLib.XenAPIDomain import XmTestAPIDomain
+from XmTestLib import *
+from xen.xend import XendAPIConstants
+from xen.util import acmpolicy, security, xsconstants
+from xen.util.acmpolicy import ACMPolicy
+from xen.xend.XendDomain import DOM0_UUID
+
+import commands
+import os
+import base64
+
+xm_test = {}
+xm_test['policyname'] = "xm-test"
+xm_test['date'] = "Fri Sep 29 14:44:38 2006"
+xm_test['url']  = None
+
+vm_label_red   = "%s:xm-test:red" % xsconstants.ACM_POLICY_ID
+vm_label_green = "%s:xm-test:green" % xsconstants.ACM_POLICY_ID
+vm_label_blue  = "%s:xm-test:blue" % xsconstants.ACM_POLICY_ID
+vm_label_sys   = "%s:xm-test:SystemManagement" % xsconstants.ACM_POLICY_ID
+
+vm_label_black = "%s:xm-test:black"
+
+session = xapi.connect()
+
+oldlabel = session.xenapi.VM.get_security_label(DOM0_UUID)
+
+ssidref = session.xenapi.VM.set_security_label(DOM0_UUID,
+                                               vm_label_sys,
+                                               oldlabel)
+if int(ssidref) <= 0 or int(ssidref) != 0x00010001:
+    FAIL("(0) Domain-0 label for '%s' has unexpected failure: %08x" %
+         (vm_label_sys, int(ssidref)))
+print "ssidref for '%s' is 0x%08x" % (vm_label_sys, int(ssidref))
+
+
+xstype = session.xenapi.XSPolicy.get_xstype()
+if int(xstype) & xsconstants.XS_POLICY_ACM == 0:
+    SKIP("ACM not enabled/compiled in Xen")
+
+policystate = session.xenapi.XSPolicy.get_xspolicy()
+if not policystate.has_key('xs_ref'):
+    FAIL("get_xspolicy must return member 'xs_ref'")
+
+xs_ref = policystate['xs_ref']
+if xs_ref != "":
+    origpolicyxml = session.xenapi.ACMPolicy.get_xml(xs_ref)
+else:
+    origpolicyxml = ""
+
+f = open("xm-test-security_policy.xml", 'r')
+if f:
+    newpolicyxml = f.read()
+    f.close()
+else:
+    FAIL("Could not read 'xm-test' policy")
+
+try:
+    os.unlink("/boot/xm-test.bin")
+except:
+    pass
+
+policystate = session.xenapi.XSPolicy.get_xspolicy()
+
+if int(policystate['type']) == 0:
+    policystate = session.xenapi.XSPolicy.set_xspolicy(
+                          xsconstants.XS_POLICY_ACM,
+                          newpolicyxml,
+                          xsconstants.XS_INST_LOAD | xsconstants.XS_INST_BOOT,
+                          1)
+    if int(policystate['flags']) == -1:
+        FAIL("Could not set the new policy.")
+
+print "state of policy = %s " % policystate
+
+rc = session.xenapi.XSPolicy.activate_xspolicy(
+                          policystate['xs_ref'],
+                          xsconstants.XS_INST_LOAD | xsconstants.XS_INST_BOOT)
+if int(rc) != xsconstants.XS_INST_LOAD | xsconstants.XS_INST_BOOT:
+    FAIL("Could not activate the current policy: rc = %08x" % int(rc))
+
+if not os.path.exists("/boot/xm-test.bin"):
+    FAIL("Binary policy was not installed. Check grub config file.")
+
+policystate = session.xenapi.XSPolicy.get_xspolicy()
+
+if int(policystate['flags']) != xsconstants.XS_INST_BOOT | \
+                                xsconstants.XS_INST_LOAD:
+    FAIL("Flags (%x) are not indicating the correct state of the policy.",
+         int(policystate['flags']))
+
+policystate = session.xenapi.XSPolicy.get_xspolicy()
+xs_ref = policystate['xs_ref']
+
+newpolicyxml = None
+f = open("xm-test-new-security_policy.xml", 'r')
+if f:
+    newpolicyxml = f.read()
+    f.close()
+else:
+    FAIL("Could not read 'xm-test-new' policy")
+
+cur_acmpol = ACMPolicy(xml = policystate['repr'])
+new_acmpol = ACMPolicy(xml = newpolicyxml)
+
+new_acmpol.update_frompolicy(cur_acmpol)
+
+policystate = session.xenapi.XSPolicy.set_xspolicy(xsconstants.XS_POLICY_ACM,
+                          new_acmpol.toxml(),
+                          xsconstants.XS_INST_LOAD | xsconstants.XS_INST_BOOT,
+                          1)
+
+f = open("xm-test-security_policy.xml", 'r')
+if f:
+    newpolicyxml = f.read()
+    f.close()
+else:
+    FAIL("Could not read 'xm-test-new' policy")
+
+cur_acmpol = new_acmpol
+new_acmpol = ACMPolicy(xml = newpolicyxml)
+
+new_acmpol.update_frompolicy(cur_acmpol)
+
+policystate = session.xenapi.XSPolicy.set_xspolicy(xsconstants.XS_POLICY_ACM,
+                          new_acmpol.toxml(),
+                          xsconstants.XS_INST_LOAD | xsconstants.XS_INST_BOOT,
+                          1)
+
+dom0_lab = session.xenapi.VM.get_security_label(DOM0_UUID)
+
+ssidref = session.xenapi.VM.set_security_label(DOM0_UUID,
+                                               vm_label_sys, dom0_lab)
+if int(ssidref) <= 0 or int(ssidref) != 0x00010001:
+    FAIL("(1) Domain-0 label for '%s' has unexpected failure: %08x" %
+         (vm_label_sys, int(ssidref)))
+print "ssidref for '%s' is 0x%08x" % (vm_label_sys, int(ssidref))
+
+try:
+    ssidref = session.xenapi.VM.set_security_label(DOM0_UUID,
+                                                   vm_label_black,
+                                                   vm_label_sys)
+    FAIL("Could set label '%s', although it's not in the policy. "
+         "ssidref=%s" % (vm_label_black, ssidref))
+except:
+    pass
+
+ssidref = session.xenapi.VM.set_security_label(DOM0_UUID,
+                                               vm_label_red,
+                                               vm_label_sys)
+if int(ssidref) <= 0:
+    FAIL("(2) Domain-0 label for '%s' has unexpected failure: %08x" %
+         (vm_label_red, int(ssidref)))
+print "ssidref for '%s' is 0x%08x" % (vm_label_red, int(ssidref))
+
+label = session.xenapi.VM.get_security_label(DOM0_UUID)
+
+if label != vm_label_red:
+    FAIL("Dom0 label '%s' not as expected '%s'" % (label, vm_label_red))
+
+
+ssidref = session.xenapi.VM.set_security_label(DOM0_UUID,
+                                               vm_label_sys,
+                                               vm_label_red)
+if int(ssidref) <= 0 or int(ssidref) != 0x00010001:
+    FAIL("(3) Domain-0 label for '%s' has unexpected failure: %08x" %
+         (vm_label_sys, int(ssidref)))
+
+label = session.xenapi.VM.get_security_label(DOM0_UUID)
+
+if label != vm_label_sys:
+    FAIL("Dom0 label '%s' not as expected '%s'" % label, dom0_label)
+
+header = session.xenapi.ACMPolicy.get_header(xs_ref)
+
+if header['policyname'] != xm_test['policyname']:
+    FAIL("Name in header is '%s', expected is '%s'." %
+         (header['policyname'],xm_test['policyname']))
+if header['date'] != xm_test['date']:
+    FAIL("Date in header is '%s', expected is '%s'." %
+         (header['date'],xm_test['date']))
+if header.has_key("url") and header['url' ] != xm_test['url' ]:
+    FAIL("URL  in header is '%s', expected is '%s'." %
+         (header['url' ],xm_test['url' ]))
+
+# Create another domain
+try:
+    # XmTestAPIDomain tries to establish a connection to XenD
+    domain = XmTestAPIDomain(extraConfig={ 'security_label' : vm_label_blue })
+except Exception, e:
+    SKIP("Skipping test. Error: %s" % str(e))
+
+
+vm_uuid = domain.get_uuid()
+
+res = session.xenapi.VM.get_security_label(vm_uuid)
+if res != vm_label_blue:
+    FAIL("VM has security label '%s', expected is '%s'" %
+         (res, vm_label_blue))
+
+try:
+    domain.start(noConsole=True)
+except:
+    FAIL("Could not create domain")
+
+
+# Attempt to relabel the running domain
+ssidref = session.xenapi.VM.set_security_label(vm_uuid,
+                                               vm_label_red,
+                                               vm_label_blue)
+if int(ssidref) <= 0:
+    FAIL("Could not relabel running domain to '%s'." % vm_label_red)
+
+# user domain is 'red', dom0 is current 'SystemManagement'.
+# Try to move domain-0 to 'red' first, then to 'blue'.
+
+# Moving domain-0 to 'red' should work
+ssidref = session.xenapi.VM.set_security_label(DOM0_UUID,
+                                               vm_label_red,
+                                               vm_label_sys)
+if int(ssidref) <= 0:
+    FAIL("Could not label domain-0 '%s'" % vm_label_red)
+
+# Moving the guest domain to 'blue' should not work due to conflict set
+try:
+    ssidref = session.xenapi.VM.set_security_label(vm_uuid,
+                                                   vm_label_blue,
+                                                   vm_label_red)
+    FAIL("Could label guest domain with '%s', although this is in a conflict "
+         "set. ssidref=%x" % (vm_label_blue,int(ssidref)))
+except:
+    pass
+
+label = session.xenapi.VM.get_security_label(vm_uuid)
+if label != vm_label_red:
+    FAIL("User domain has wrong label '%s', expected '%s'." %
+         (label, vm_label_red))
+
+label = session.xenapi.VM.get_security_label(DOM0_UUID)
+if label != vm_label_red:
+    FAIL("Domain-0 has wrong label '%s'; expected '%s'." %
+         (label, vm_label_red))
+
+ssidref = session.xenapi.VM.set_security_label(DOM0_UUID,
+                                               vm_label_sys,
+                                               vm_label_red)
+if int(ssidref) < 0:
+    FAIL("Could not set the domain-0 security label to '%s'." %
+         (vm_label_sys))
+
+# pause the domain and relabel it...
+session.xenapi.VM.pause(vm_uuid)
+
+label = session.xenapi.VM.get_security_label(vm_uuid)
+if label != vm_label_red:
+    FAIL("User domain has wrong label '%s', expected '%s'." %
+         (label, vm_label_red))
+
+ssidref = session.xenapi.VM.set_security_label(vm_uuid,
+                                               vm_label_blue,
+                                               vm_label_red)
+print "guest domain new label '%s'; ssidref is 0x%08x" % \
+      (vm_label_blue, int(ssidref))
+if int(ssidref) <= 0:
+    FAIL("Could not label guest domain with '%s'" % (vm_label_blue))
+
+label = session.xenapi.VM.get_security_label(vm_uuid)
+if label != vm_label_blue:
+    FAIL("User domain has wrong label '%s', expected '%s'." %
+         (label, vm_label_blue))
+
+session.xenapi.VM.unpause(vm_uuid)
+
+rc = session.xenapi.VM.suspend(vm_uuid)
+
+ssidref = session.xenapi.VM.set_security_label(vm_uuid,
+                                               vm_label_green,
+                                               vm_label_blue)
+print "guest domain new label '%s'; ssidref is 0x%08x" % \
+      (vm_label_green, int(ssidref))
+if int(ssidref) < 0:
+    FAIL("Could not label suspended guest domain with '%s'" % (vm_label_blue))
+
+label = session.xenapi.VM.get_security_label(vm_uuid)
+if label != vm_label_green:
+    FAIL("User domain has wrong label '%s', expected '%s'." %
+         (label, vm_label_green))
+
+
+rc = session.xenapi.VM.resume(vm_uuid, False)
+
+label = session.xenapi.VM.get_security_label(vm_uuid)
+if label != vm_label_green:
+    FAIL("User domain has wrong label '%s', expected '%s'." %
+         (label, vm_label_green))
diff -r ad87a4912874 -r e1f74a5a09cb 
tools/xm-test/tests/security-acm/08_security-acm_xapi.py
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/tools/xm-test/tests/security-acm/08_security-acm_xapi.py  Wed Jul 18 
13:56:21 2007 +0100
@@ -0,0 +1,354 @@
+#!/usr/bin/python
+
+# Copyright (C) International Business Machines Corp., 2007
+# Author: Stefan Berger <stefanb@xxxxxxxxxx>
+
+# VM creation test with labeled VM and labeled VDI
+
+from XmTestLib import xapi
+from XmTestLib.XenAPIDomain import XmTestAPIDomain
+from XmTestLib import *
+from xen.xend import XendAPIConstants
+from xen.util import acmpolicy, security, xsconstants
+import commands
+import os
+
+vm_label_red    = xsconstants.ACM_POLICY_ID + ":xm-test:red"
+vm_label_green  = xsconstants.ACM_POLICY_ID + ":xm-test:green"
+vdi_label_red   = xsconstants.ACM_POLICY_ID + ":xm-test:red"
+vdi_label_green = xsconstants.ACM_POLICY_ID + ":xm-test:green"
+
+vdi_file = "/dev/ram0"
+vdi_path = "phy:" + vdi_file
+
+#Note:
+# If during the suspend/resume operations 'red' instead of 'green' is
+# used, the Chinese Wall policy goes into effect and disallows the
+# suspended VM from being resumed...
+
+try:
+    # XmTestAPIDomain tries to establish a connection to XenD
+    domain = XmTestAPIDomain(extraConfig={ 'security_label' : vm_label_red })
+except Exception, e:
+    SKIP("Skipping test. Error: %s" % str(e))
+
+vm_uuid = domain.get_uuid()
+
+session = xapi.connect()
+xstype = session.xenapi.XSPolicy.get_xstype()
+if int(xstype) & xsconstants.XS_POLICY_ACM == 0:
+    SKIP("ACM not enabled/compiled in Xen")
+
+f = open("xm-test-security_policy.xml", 'r')
+if f:
+    newpolicyxml = f.read()
+    f.close()
+else:
+    FAIL("Could not read 'xm-test' policy")
+
+policystate = session.xenapi.XSPolicy.get_xspolicy()
+if int(policystate['type']) == 0:
+    policystate = session.xenapi.XSPolicy.set_xspolicy(
+                         xsconstants.XS_POLICY_ACM,
+                         newpolicyxml,
+                         xsconstants.XS_INST_BOOT | xsconstants.XS_INST_LOAD,
+                         True)
+    if int(policystate['flags']) == -1:
+        FAIL("Could not set the new policy.")
+
+policystate = session.xenapi.XSPolicy.get_xspolicy()
+print "policystate = %s" % policystate
+acm_ref = policystate['xs_ref']
+
+
+#
+# Some tests with labeling of resources
+#
+labels = session.xenapi.XSPolicy.get_labeled_resources()
+print "labeled resources are:\n%s" % labels
+
+oldlabel = session.xenapi.XSPolicy.get_resource_label("phy:/dev/ram0")
+
+rc  = session.xenapi.XSPolicy.set_resource_label("phy:/dev/ram0", "",
+                                                 oldlabel)
+
+rc  = session.xenapi.XSPolicy.set_resource_label("phy:/dev/ram0",
+                                                 vdi_label_green,
+                                                 "")
+
+res = session.xenapi.XSPolicy.get_resource_label("phy:/dev/ram0")
+if res != vdi_label_green:
+    FAIL("(1) get_resource_label returned unexpected result %s, wanted %s" %
+         (res, vdi_label_green))
+
+
+#
+# Some test with labeling of VMs
+#
+
+res = session.xenapi.VM.get_security_label(vm_uuid)
+
+if res != vm_label_red:
+    FAIL("VM.get_security_label returned wrong security label '%s'." % res)
+
+res = session.xenapi.VM.set_security_label(vm_uuid, vm_label_green,
+                                                    vm_label_red)
+
+res = session.xenapi.VM.get_security_label(vm_uuid)
+if res != vm_label_green:
+     FAIL("VM does not show expected label '%s' but '%s'." %
+          (vm_label_green, res))
+
+res = session.xenapi.VM.set_security_label(vm_uuid, "", vm_label_green)
+if int(res) != 0:
+    FAIL("Should be able to unlabel the domain while it's halted.")
+
+res = session.xenapi.VM.get_security_label(vm_uuid)
+if res != "":
+    FAIL("Unexpected VM security label after removal: %s" % res)
+
+res = session.xenapi.VM.set_security_label(vm_uuid, vm_label_red, res)
+if int(res) != 0:
+    FAIL("Could not label the VM to '%s'" % vm_label_red)
+
+res = session.xenapi.VM.get_security_label(vm_uuid)
+if res != vm_label_red:
+    FAIL("VM has wrong label '%s', expected '%s'." % (res, vm_label_red))
+
+sr_uuid = session.xenapi.SR.get_by_name_label("Local")
+if len(sr_uuid) == 0:
+    FAIL("Could not get a handle on SR 'Local'")
+
+
+vdi_rec = { 'name_label'  : "My disk",
+            'SR'          : sr_uuid[0],
+            'virtual_size': 0,
+            'sector_size' : 512,
+            'parent'      : '',
+            'SR_name'     : 'Local',
+            'type'        : 'system',
+            'shareable'   : False,
+            'read-only'   : False,
+            'other_config': {'location': vdi_path}
+}
+
+vdi_ref = session.xenapi.VDI.create(vdi_rec)
+
+res = session.xenapi.VDI.get_name_label(vdi_ref)
+if res != vdi_rec['name_label']:
+    print "Destroying VDI now"
+    session.xenapi.VDI.destroy(vdi_ref)
+    FAIL("VDI_get_name_label return wrong information")
+
+res = session.xenapi.VDI.get_record(vdi_ref)
+print "vdi_record : %s" % res
+
+oldlabel = session.xenapi.XSPolicy.get_resource_label(vdi_path)
+
+#Remove label from VDI device
+rc  = session.xenapi.XSPolicy.set_resource_label(vdi_path,
+                                                 "",
+                                                 oldlabel)
+
+
+# Attach a VBD to the VM
+
+vbd_rec = { 'VM'      : vm_uuid,
+            'VDI'     : vdi_ref,
+            'device'  : "xvda1",
+            'mode'    : 1,
+            'bootable': 0,
+}
+
+vbd_ref = session.xenapi.VBD.create(vbd_rec)
+
+res = session.xenapi.VBD.get_record(vbd_ref)
+
+try:
+    domain.start(noConsole=True)
+    # Should not get here.
+    print "Destroying VDI now"
+    session.xenapi.VDI.destroy(vdi_ref)
+    FAIL("Could start VM with a VBD that it is not allowed to access.")
+except:
+    pass
+    print "Could not create domain -- that's good"
+
+
+#
+# Label the VDI now
+#
+
+rc    = session.xenapi.VDI.set_security_label(vdi_ref, vdi_label_red, "")
+if int(rc) != 0:
+    FAIL("Could not set the VDI label to '%s'" % vdi_label_red)
+
+label = session.xenapi.VDI.get_security_label(vdi_ref)
+if label != vdi_label_red:
+    session.xenapi.VDI.destroy(vdi_ref)
+    FAIL("Unexpected label '%s' on VDI, wanted '%s'" %
+         (label, vdi_label_red))
+
+rc    = session.xenapi.VDI.set_security_label(vdi_ref, "", label)
+if int(rc) != 0:
+    session.xenapi.VDI.destroy(vdi_ref)
+    FAIL("Should be able to unlabel VDI.")
+
+rc    = session.xenapi.VDI.set_security_label(vdi_ref, vdi_label_red, "")
+if int(rc) != 0:
+    session.xenapi.VDI.destroy(vdi_ref)
+    FAIL("Should be able to label VDI with label '%s'" % vid_label_red)
+
+res   = session.xenapi.XSPolicy.get_resource_label(vdi_path)
+if res != vdi_label_red:
+    session.xenapi.VDI.destroy(vdi_ref)
+    FAIL("(2) get_resource_label on %s returned unexpected result %s, wanted 
'%s'" %
+         (vdi_path, res, vdi_label_red))
+
+res = session.xenapi.VDI.get_security_label(vdi_ref)
+if res != vdi_label_red:
+    session.xenapi.VDI.destroy(vdi_ref)
+    FAIL("get_security_label returned unexpected result %s, wanted '%s'" %
+         (res, vdi_label_red))
+
+domain.start(noConsole=True)
+
+console = domain.getConsole()
+
+domName = domain.getName()
+
+try:
+    run = console.runCmd("cat /proc/interrupts")
+except ConsoleError, e:
+    saveLog(console.getHistory())
+    FAIL("Could not access proc-filesystem")
+
+# Try to relabel while VM is running
+try:
+    res = session.xenapi.VM.set_security_label(vm_uuid, vm_label_green,
+                                               vm_label_red)
+except:
+    pass
+
+lab = session.xenapi.VM.get_security_label(vm_uuid)
+if lab == vm_label_green:
+    FAIL("Should not be able to reset the security label while running."
+         "tried to set to %s, got %s, old: %s" %(vm_label_green, lab,
+         vm_label_red))
+
+
+#
+# Suspend the domain and relabel it
+#
+
+try:
+    status, output = traceCommand("xm suspend %s" % domName,
+                                  timeout=30)
+except TimeoutError, e:
+    session.xenapi.VDI.destroy(vdi_ref)
+    FAIL("Failure from suspending VM: %s." % str(e))
+
+# Try to relabel while VM is suspended -- this should work
+
+rc  = session.xenapi.VM.set_security_label(vm_uuid, vm_label_green,
+                                           vm_label_red)
+if int(rc) != 0:
+    FAIL("VM security label could not be set to %s" % vm_label_green)
+
+res = session.xenapi.VM.get_security_label(vm_uuid)
+if res != vm_label_green:
+    session.xenapi.VDI.destroy(vdi_ref)
+    FAIL("VM (suspended) has label '%s', expected '%s'." %
+         (res, vm_label_green))
+
+status, output = traceCommand("xm list")
+
+#Try to resume now -- should fail due to denied access to block device
+try:
+    status, output = traceCommand("xm resume %s" % domName,
+                                  timeout=30)
+    if status == 0:
+        session.xenapi.VDI.destroy(vdi_ref)
+        FAIL("Could resume re-labeled VM: %s" % output)
+except Exception, e:
+    session.xenapi.VDI.destroy(vdi_ref)
+    FAIL("1. Error resuming the VM: %s." % str(e))
+
+# Relabel VM so it would resume
+res = session.xenapi.VM.set_security_label(vm_uuid, vm_label_red,
+                                           vm_label_green)
+if int(res) != 0:
+    session.xenapi.VDI.destroy(vdi_ref)
+    FAIL("Could not relabel VM to have it resume.")
+
+res = session.xenapi.VM.get_security_label(vm_uuid)
+if res != vm_label_red:
+    session.xenapi.VDI.destroy(vdi_ref)
+    FAIL("VM (suspended) has label '%s', expected '%s'." %
+         (res, vm_label_red))
+
+
+# Relabel the resource so VM should not resume
+try:
+    session.xenapi.XSPolicy.set_resource_label(vdi_path,
+                                               vdi_label_green,
+                                               "")
+except Exception, e:
+    session.xenapi.VDI.destroy(vdi_ref)
+    FAIL("Could not label the VDI to '%s': %x" %
+         (vdi_label_green, int(rc)))
+
+#Try to resume now -- should fail due to denied access to block device
+try:
+    status, output = traceCommand("xm resume %s" % domName,
+                                  timeout=30)
+    if status == 0:
+        session.xenapi.VDI.destroy(vdi_ref)
+        FAIL("Could resume re-labeled VM: %s" % output)
+except Exception, e:
+    session.xenapi.VDI.destroy(vdi_ref)
+    FAIL("2. Error resuming the VM: %s." % str(e))
+
+
+status, output = traceCommand("xm list")
+
+# Relabel the resource so VM can resume
+try:
+    session.xenapi.XSPolicy.set_resource_label(vdi_path,
+                                               vdi_label_red,
+                                               vdi_label_green)
+except Exception, e:
+    session.xenapi.VDI.destroy(vdi_ref)
+    FAIL("Could not label the resource to '%s'" % vid_label_red)
+
+res = session.xenapi.XSPolicy.get_resource_label(vdi_path)
+if res != vdi_label_red:
+    session.xenapi.VDI.destroy(vdi_ref)
+    FAIL("'%s' has label '%s', expected '%s'." %
+         (vdi_path, res, vdi_label_red))
+
+#Try to resume now -- should work
+try:
+    status, output = traceCommand("xm resume %s" % domName,
+                                  timeout=30)
+    if status != 0:
+        session.xenapi.VDI.destroy(vdi_ref)
+        FAIL("Could not resume re-labeled VM: %s" % output)
+except Exception, e:
+    session.xenapi.VDI.destroy(vdi_ref)
+    FAIL("3. Error resuming the VM: %s." % str(e))
+
+
+status, output = traceCommand("xm list")
+
+console = domain.getConsole()
+
+try:
+    run = console.runCmd("cat /proc/interrupts")
+except ConsoleError, e:
+    saveLog(console.getHistory())
+    session.xenapi.VDI.destroy(vdi_ref)
+    FAIL("Could not access proc-filesystem")
+
+domain.stop()
+domain.destroy()
diff -r ad87a4912874 -r e1f74a5a09cb 
tools/xm-test/tests/security-acm/09_security-acm_pol_update.py
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/tools/xm-test/tests/security-acm/09_security-acm_pol_update.py    Wed Jul 
18 13:56:21 2007 +0100
@@ -0,0 +1,427 @@
+#!/usr/bin/python
+
+# Copyright (C) International Business Machines Corp., 2007
+# Author: Stefan Berger <stefanb@xxxxxxxxxx>
+
+# Test to exercise the xspolicy and acmpolicy classes
+
+from XmTestLib import xapi
+from XmTestLib.XenAPIDomain import XmTestAPIDomain
+from XmTestLib import *
+from xen.xend import XendAPIConstants
+from xen.util import security, xsconstants
+from xen.util.acmpolicy import ACMPolicy
+from xen.xend.XendDomain import DOM0_UUID
+import base64
+import struct
+import time
+
+def typestoxml(types):
+    res = ""
+    for t in types:
+        res += "<Type>" + t + "</Type>\n"
+    return res
+
+def cfstoxml(cfss):
+    res = ""
+    for cfs in cfss:
+        res += "<Conflict name=\"" + cfs['name'] + "\">\n" + \
+               typestoxml(cfs['chws']) + \
+               "</Conflict>\n"
+    return res
+
+def vmlabelstoxml(vmlabels, vmfrommap):
+    res = ""
+    for vmlabel in vmlabels:
+        res += "<VirtualMachineLabel>\n"
+        if vmlabel['name'] in vmfrommap:
+            res += "<Name from=\""+ vmfrommap[vmlabel['name']] +"\">"
+        else:
+            res += "<Name>"
+        res += vmlabel['name'] + "</Name>\n"
+        res += "<SimpleTypeEnforcementTypes>\n" + \
+                  typestoxml(vmlabel['stes']) + \
+               "</SimpleTypeEnforcementTypes>\n"
+        if vmlabel.has_key('chws'):
+            res += "<ChineseWallTypes>\n" + \
+                     typestoxml(vmlabel['chws']) + \
+                   "</ChineseWallTypes>\n"
+        res += "</VirtualMachineLabel>\n"
+    return res
+
+
+def reslabelstoxml(reslabels, resfrommap):
+    res = ""
+    for reslabel in reslabels:
+        res += "<ResourceLabel>\n"
+        if resfrommap.has_key(reslabel['name']):
+            res += "<Name from=\""+ resfrommap[reslabel['name']] +"\">"
+        else:
+            res += "<Name>"
+        res += reslabel['name'] + "</Name>\n"
+        res += "<SimpleTypeEnforcementTypes>\n" + \
+                  typestoxml(reslabel['stes']) + \
+               "</SimpleTypeEnforcementTypes>\n"
+        res += "</ResourceLabel>\n"
+    return res
+
+def create_xml_policy(hdr, stes, chws,
+                      vmlabels, vmfrommap, bootstrap,
+                      reslabels, resfrommap,
+                      cfss):
+    hdr_xml ="<PolicyHeader>\n" + \
+             "  <PolicyName>" + hdr['name'] + "</PolicyName>\n" + \
+             "  <Version>"    + hdr['version'] + "</Version>\n" + \
+             "  <FromPolicy>\n" + \
+             "    <PolicyName>" + hdr['oldname'] + "</PolicyName>\n" + \
+             "    <Version>"    + hdr['oldversion'] + "</Version>\n" + \
+             "  </FromPolicy>\n" + \
+               "</PolicyHeader>\n"
+
+    stes_xml = "<SimpleTypeEnforcement>\n" + \
+               "  <SimpleTypeEnforcementTypes>\n" + \
+                typestoxml(stes) + \
+               "  </SimpleTypeEnforcementTypes>\n" + \
+               "</SimpleTypeEnforcement>\n"
+
+    chws_xml = "<ChineseWall>\n" + \
+               "  <ChineseWallTypes>\n" + \
+               typestoxml(chws) + \
+               "  </ChineseWallTypes>\n" + \
+               "  <ConflictSets>\n" + \
+               cfstoxml(cfss) + \
+               "  </ConflictSets>\n" + \
+               "</ChineseWall>\n"
+
+    subjlabel_xml = "<SubjectLabels bootstrap=\""+ bootstrap +"\">\n" + \
+                     vmlabelstoxml(vmlabels, vmfrommap) + \
+                    "</SubjectLabels>\n"
+    objlabel_xml  = "<ObjectLabels>\n" + \
+                      reslabelstoxml(reslabels, resfrommap) + \
+                    "</ObjectLabels>\n"
+
+    policyxml = "<?xml version=\"1.0\" ?>\n" + \
+                "<SecurityPolicyDefinition xmlns=\"http://www.ibm.com\"; 
xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\"; 
xsi:schemaLocation=\"http://www.ibm.com ../../security_policy.xsd \">\n" + \
+                hdr_xml + \
+                stes_xml + \
+                chws_xml + \
+                "<SecurityLabelTemplate>\n" + \
+                  subjlabel_xml + \
+                  objlabel_xml + \
+                "</SecurityLabelTemplate>\n" + \
+                "</SecurityPolicyDefinition>\n"
+    return policyxml
+
+
+def update_hdr(hdr):
+    """ Update the version information in the header """
+    hdr['oldversion'] = hdr['version']
+    hdr['oldname']    = hdr['name']
+    vers = hdr['version']
+    tmp = vers.split('.')
+    if len(tmp) == 1:
+        rev = 1
+    else:
+        rev = int(tmp[1]) + 1
+    hdr['version'] = "%s.%s" % (tmp[0],rev)
+    return hdr
+
+session = xapi.connect()
+
+policystate = session.xenapi.XSPolicy.get_xspolicy()
+
+if policystate['repr'] != "":
+    print "%s" % policystate['repr']
+    try:
+        acmpol = ACMPolicy(xml=policystate['repr'])
+    except Exception, e:
+        FAIL("Failure from creating ACMPolicy object: %s" % str(e))
+    oldname = acmpol.policy_dom_get_hdr_item("PolicyName")
+    oldvers = acmpol.policy_dom_get_hdr_item("Version")
+    tmp = oldvers.split(".")
+    if len(tmp) == 1:
+        rev = 1
+    else:
+        rev = int(tmp[1]) + 1
+    newvers = "%s.%s" % (tmp[0], str(rev))
+    print "old name/version = %s/%s" % (oldname, oldvers)
+else:
+    oldname = None
+    oldvers = None
+    newvers = "1.0"
+
+# Initialize the header of the policy
+hdr = {}
+hdr['name'] = "xm-test"
+hdr['version'] = newvers
+
+if oldname:
+    hdr['oldname']    = oldname
+    if oldvers and oldvers != "":
+        hdr['oldversion'] = oldvers
+
+stes = [ "SystemManagement", "red", "green", "blue" ]
+
+chws = [ "SystemManagement", "red", "green", "blue" ]
+
+bootstrap = "SystemManagement"
+
+vm_sysmgt = { 'name' : bootstrap,
+              'stes' : stes,
+              'chws' : [ "SystemManagement" ] }
+
+vm_red   = { 'name' : "red" ,
+             'stes' : ["red"] ,
+             'chws' : ["red"] }
+
+vm_green = { 'name' : "green" ,
+             'stes' : ["green"] ,
+             'chws' : ["green"] }
+
+vm_blue  = { 'name' : "blue" ,
+             'stes' : ["blue"] ,
+             'chws' : ["blue"] }
+
+res_red   = { 'name' : "red" ,
+              'stes' : ["red"] }
+
+res_green = { 'name' : "green" ,
+              'stes' : ["green"] }
+
+res_blue  = { 'name' : "blue" ,
+              'stes' : ["blue"] }
+
+cfs_1 = { 'name' : "CFS1",
+          'chws' : [ "red" , "blue" ] }
+
+vmlabels = [ vm_sysmgt, vm_red, vm_green, vm_blue ]
+vmfrommap = {}
+reslabels = [ res_red, res_green, res_blue ]
+resfrommap = {}
+cfss = [ cfs_1 ]
+
+vm_label_red    = xsconstants.ACM_POLICY_ID + ":xm-test:red"
+vm_label_green  = xsconstants.ACM_POLICY_ID + ":xm-test:green"
+vm_label_blue   = xsconstants.ACM_POLICY_ID + ":xm-test:blue"
+
+xml = create_xml_policy(hdr, stes, chws,
+                        vmlabels, vmfrommap, bootstrap,
+                        reslabels, resfrommap,
+                        cfss)
+
+xml_good = xml
+
+policystate = session.xenapi.XSPolicy.set_xspolicy(xsconstants.XS_POLICY_ACM,
+                                                   xml,
+                                                   xsconstants.XS_INST_LOAD,
+                                                   True)
+
+print "\n\npolicystate = %s" % policystate
+
+policystate = session.xenapi.XSPolicy.get_xspolicy()
+
+#
+# Create two non-conflicting domains and start them
+#
+try:
+    # XmTestAPIDomain tries to establish a connection to XenD
+    domain1 = XmTestAPIDomain(extraConfig={ 'security_label' : vm_label_red })
+except Exception, e:
+    SKIP("Skipping test. Error: %s" % str(e))
+
+
+vm1_uuid = domain1.get_uuid()
+
+try:
+    domain1.start(noConsole=True)
+except:
+    FAIL("Could not start domain1")
+
+print "Domain 1 started"
+
+try:
+    # XmTestAPIDomain tries to establish a connection to XenD
+    domain2 = XmTestAPIDomain(extraConfig={'security_label': vm_label_green })
+except Exception, e:
+    SKIP("Skipping test. Error: %s" % str(e))
+
+vm2_uuid = domain2.get_uuid()
+
+try:
+    domain2.start(noConsole=True)
+except:
+    FAIL("Could not start domain1")
+
+
+print "Domain 2 started"
+
+# Try a policy that would put the two domains into conflict
+cfs_2 = { 'name' : "CFS1",
+          'chws' : [ "red" , "green" ] }
+cfss = [ cfs_2 ]
+
+hdr = update_hdr(hdr)
+xml = create_xml_policy(hdr, stes, chws,
+                        vmlabels, vmfrommap, bootstrap,
+                        reslabels, resfrommap,
+                        cfss)
+
+policystate = session.xenapi.XSPolicy.set_xspolicy(xsconstants.XS_POLICY_ACM,
+                                                   xml,
+                                                   xsconstants.XS_INST_LOAD,
+                                                   True)
+
+print "policystate %s" % policystate
+
+if int(policystate['xserr']) == 0:
+    FAIL("(1) Should not have been able to set this policy.")
+
+if len(policystate['errors']) == 0:
+    FAIL("Hypervisor should have reported errros.")
+
+errors = base64.b64decode(policystate['errors'])
+
+print "Length of errors: %d" % len(errors)
+a,b = struct.unpack("!ii",errors)
+
+print "%08x , %08x" % (a,b)
+
+#
+# Create a faulty policy with 'red' STE missing
+#
+
+cfss = [ cfs_1 ]
+stes = [ "SystemManagement", "green", "blue" ]
+
+xml = create_xml_policy(hdr, stes, chws,
+                        vmlabels, vmfrommap, bootstrap,
+                        reslabels, resfrommap,
+                        cfss)
+policystate = session.xenapi.XSPolicy.set_xspolicy(xsconstants.XS_POLICY_ACM,
+                                                   xml,
+                                                   xsconstants.XS_INST_LOAD,
+                                                   True)
+
+print "Result from setting faulty(!) policy with STE 'red' missing:"
+print "policystate %s" % policystate
+
+if int(policystate['xserr']) == 0:
+    FAIL("(2) Should not have been able to set this policy.")
+
+#
+# Create a policy with 'red' VMLabel missing -- should not work since it is
+# in use.
+#
+stes = [ "SystemManagement", "red", "green", "blue" ]
+
+vmlabels = [ vm_sysmgt, vm_green, vm_blue ]
+
+xml = create_xml_policy(hdr, stes, chws,
+                        vmlabels, vmfrommap, bootstrap,
+                        reslabels, resfrommap,
+                        cfss)
+policystate = session.xenapi.XSPolicy.set_xspolicy(xsconstants.XS_POLICY_ACM,
+                                                   xml,
+                                                   xsconstants.XS_INST_LOAD,
+                                                   True)
+print "Result from setting faulty(!) policy with VMlabel 'red' missing:"
+print "policystate %s" % policystate
+
+if int(policystate['xserr']) == 0:
+    FAIL("(3) Should not have been able to set this policy.")
+
+#
+# Create a policy with 'blue' VMLabel missing -- should work since it is NOT
+# in use.
+#
+vmlabels = [ vm_sysmgt, vm_red, vm_green ]
+
+xml = create_xml_policy(hdr, stes, chws,
+                        vmlabels, vmfrommap, bootstrap,
+                        reslabels, resfrommap,
+                        cfss)
+policystate = session.xenapi.XSPolicy.set_xspolicy(xsconstants.XS_POLICY_ACM,
+                                                   xml,
+                                                   xsconstants.XS_INST_LOAD,
+                                                   True)
+
+print "Result from setting (good) policy with VMlabel 'blue' missing:"
+print "policystate %s" % policystate
+
+if int(policystate['xserr']) != 0:
+    FAIL("(4) Should have been able to set this policy: %s" % xml)
+
+#
+# Move the green VMLabel towards blue which should put the running
+# domain with label blue into a conflict set
+#
+vmlabels = [ vm_sysmgt, vm_red, vm_blue ]
+
+vmfrommap = { "blue" : "green" }  #  new : old
+
+hdr = update_hdr(hdr)  #Needed, since last update was successful
+xml = create_xml_policy(hdr, stes, chws,
+                        vmlabels, vmfrommap, bootstrap,
+                        reslabels, resfrommap,
+                        cfss)
+
+policystate = session.xenapi.XSPolicy.set_xspolicy(xsconstants.XS_POLICY_ACM,
+                                                   xml,
+                                                   xsconstants.XS_INST_LOAD,
+                                                   True)
+
+print "policystate %s" % policystate
+
+if int(policystate['xserr']) == 0:
+    FAIL("(5) Should not have been able to set this policy.")
+
+#
+# Try to install a policy where a VM label has a faulty VM label name
+#
+vmfrommap = {}
+
+vm_blue_bad = { 'name' : "blue:x" ,   # ':' no allowed
+                'stes' : ["blue"],
+                'chws' : ["blue"] }
+
+vmlabels = [ vm_sysmgt, vm_red, vm_green, vm_blue_bad ]
+
+xml = create_xml_policy(hdr, stes, chws,
+                        vmlabels, vmfrommap, bootstrap,
+                        reslabels, resfrommap,
+                        cfss)
+
+policystate = session.xenapi.XSPolicy.set_xspolicy(xsconstants.XS_POLICY_ACM,
+                                                   xml,
+                                                   xsconstants.XS_INST_LOAD,
+                                                   True)
+
+print "policystate %s" % policystate
+
+if int(policystate['xserr']) == 0:
+    FAIL("(6) Should not have been able to set this policy.")
+
+#
+# End the test by installing the initial policy again
+#
+
+cur_version = hdr['version']
+(maj, min) = cur_version.split(".")
+cur_version = "%s.%s" % (maj, str(int(min)-1) )
+
+orig_acmpol = ACMPolicy(xml=xml_good)
+orig_acmpol.set_frompolicy_version(cur_version)
+orig_acmpol.set_policy_version(hdr['version'])
+
+policystate = session.xenapi.XSPolicy.set_xspolicy(xsconstants.XS_POLICY_ACM,
+                                                   orig_acmpol.toxml(),
+                                                   xsconstants.XS_INST_LOAD,
+                                                   True)
+
+if int(policystate['xserr']) != 0:
+    FAIL("(END) Should have been able to set this policy.")
+
+domain1.stop()
+domain2.stop()
+domain1.destroy()
+domain2.destroy()
diff -r ad87a4912874 -r e1f74a5a09cb 
tools/xm-test/tests/security-acm/Makefile.am
--- a/tools/xm-test/tests/security-acm/Makefile.am      Wed Jul 18 13:56:00 
2007 +0100
+++ b/tools/xm-test/tests/security-acm/Makefile.am      Wed Jul 18 13:56:21 
2007 +0100
@@ -5,7 +5,10 @@ TESTS = 01_security-acm_basic.test \
         03_security-acm_dom_conflict.test \
         04_security-acm_dom_res.test \
         05_security-acm_dom_res_conf.test \
-        06_security-acm_dom_block_attach.test
+        06_security-acm_dom_block_attach.test \
+        07_security-acm_pol_update.test \
+        08_security-acm_xapi.test \
+        09_security-acm_pol_update.test
 
 XFAIL_TESTS =
 
diff -r ad87a4912874 -r e1f74a5a09cb 
tools/xm-test/tests/security-acm/xm-test-new-security_policy.xml
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/tools/xm-test/tests/security-acm/xm-test-new-security_policy.xml  Wed Jul 
18 13:56:21 2007 +0100
@@ -0,0 +1,97 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!-- Auto-generated by ezPolicy        -->
+<SecurityPolicyDefinition xmlns="http://www.ibm.com"; 
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; 
xsi:schemaLocation="http://www.ibm.com ../../security_policy.xsd ">
+    <PolicyHeader>
+        <PolicyName>xm-test</PolicyName>
+        <Date>Fri Sep 29 14:44:38 2006</Date>
+        <Version>1.1</Version>
+        <FromPolicy>
+            <PolicyName>xm-test</PolicyName>
+            <Version>1.0</Version>
+        </FromPolicy>
+    </PolicyHeader>
+
+    <SimpleTypeEnforcement>
+        <SimpleTypeEnforcementTypes>
+            <Type>SystemManagement</Type>
+            <Type>green</Type>
+            <Type>red</Type>
+        </SimpleTypeEnforcementTypes>
+    </SimpleTypeEnforcement>
+
+    <ChineseWall priority="PrimaryPolicyComponent">
+        <ChineseWallTypes>
+            <Type>SystemManagement</Type>
+            <Type>green</Type>
+            <Type>red</Type>
+        </ChineseWallTypes>
+
+        <ConflictSets>
+            <Conflict name="RER">
+                <Type>green</Type>
+                <Type>red</Type>
+            </Conflict>
+       </ConflictSets>
+    </ChineseWall>
+
+    <SecurityLabelTemplate>
+        <SubjectLabels bootstrap="SystemManagement">
+            <VirtualMachineLabel>
+                <Name>SystemManagement</Name>
+                <SimpleTypeEnforcementTypes>
+                    <Type>SystemManagement</Type>
+                    <Type>green</Type>
+                    <Type>red</Type>
+                </SimpleTypeEnforcementTypes>
+                <ChineseWallTypes>
+                    <Type>SystemManagement</Type>
+                </ChineseWallTypes>
+            </VirtualMachineLabel>
+
+            <VirtualMachineLabel>
+                <Name>green</Name>
+                <SimpleTypeEnforcementTypes>
+                    <Type>green</Type>
+                </SimpleTypeEnforcementTypes>
+                <ChineseWallTypes>
+                    <Type>green</Type>
+                </ChineseWallTypes>
+            </VirtualMachineLabel>
+
+            <VirtualMachineLabel>
+                <Name>red</Name>
+                <SimpleTypeEnforcementTypes>
+                    <Type>red</Type>
+                </SimpleTypeEnforcementTypes>
+                <ChineseWallTypes>
+                    <Type>red</Type>
+                </ChineseWallTypes>
+            </VirtualMachineLabel>
+
+        </SubjectLabels>
+
+        <ObjectLabels>
+            <ResourceLabel>
+                <Name>SystemManagement</Name>
+                <SimpleTypeEnforcementTypes>
+                    <Type>SystemManagement</Type>
+                </SimpleTypeEnforcementTypes>
+            </ResourceLabel>
+
+            <ResourceLabel>
+                <Name>green</Name>
+                <SimpleTypeEnforcementTypes>
+                    <Type>green</Type>
+                </SimpleTypeEnforcementTypes>
+            </ResourceLabel>
+
+            <ResourceLabel>
+                <Name>red</Name>
+                <SimpleTypeEnforcementTypes>
+                    <Type>red</Type>
+                </SimpleTypeEnforcementTypes>
+            </ResourceLabel>
+
+        </ObjectLabels>
+    </SecurityLabelTemplate>
+</SecurityPolicyDefinition>
diff -r ad87a4912874 -r e1f74a5a09cb xen/arch/x86/hvm/vpt.c
--- a/xen/arch/x86/hvm/vpt.c    Wed Jul 18 13:56:00 2007 +0100
+++ b/xen/arch/x86/hvm/vpt.c    Wed Jul 18 13:56:21 2007 +0100
@@ -261,13 +261,15 @@ void create_periodic_time(
     pt->enabled = 1;
     pt->pending_intr_nr = 0;
 
-    if ( period < 900000 ) /* < 0.9 ms */
+    /* Periodic timer must be at least 0.9ms. */
+    if ( (period < 900000) && !one_shot )
     {
         gdprintk(XENLOG_WARNING,
                  "HVM_PlatformTime: program too small period %"PRIu64"\n",
                  period);
-        period = 900000; /* force to 0.9ms */
-    }
+        period = 900000;
+    }
+
     pt->period = period;
     pt->vcpu = v;
     pt->last_plt_gtime = hvm_get_guest_time(pt->vcpu);

_______________________________________________
Xen-changelog mailing list
Xen-changelog@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-changelog

<Prev in Thread] Current Thread [Next in Thread>