# HG changeset patch
# User Tim Deegan <Tim.Deegan@xxxxxxxxxxxxx>
# Date 1184763381 -3600
# Node ID e1f74a5a09cbb52ed67bb8b089c4cd2d31cc4a73
# Parent ad87a491287455e302a914ed17a2a00902136ec6
# Parent ad1c6cf0baafe149c9fe03be3255b95ffef68a34
Merge
---
tools/python/xen/util/acmpolicy.py | 17
tools/python/xen/util/security.py | 7
tools/python/xen/xend/XendAPI.py | 14
tools/python/xen/xend/XendVDI.py | 1
tools/python/xen/xend/XendXSPolicyAdmin.py | 9
tools/python/xen/xm/cfgbootpolicy.py | 5
tools/xm-test/lib/XmTestLib/XenAPIDomain.py | 4
tools/xm-test/lib/XmTestLib/acm.py | 52 +
tools/xm-test/tests/security-acm/01_security-acm_basic.py | 24
tools/xm-test/tests/security-acm/07_security-acm_pol_update.py | 303 +++++++
tools/xm-test/tests/security-acm/08_security-acm_xapi.py | 354
++++++++
tools/xm-test/tests/security-acm/09_security-acm_pol_update.py | 427
++++++++++
tools/xm-test/tests/security-acm/Makefile.am | 5
tools/xm-test/tests/security-acm/xm-test-new-security_policy.xml | 97 ++
xen/arch/x86/hvm/vpt.c | 8
15 files changed, 1286 insertions(+), 41 deletions(-)
diff -r ad87a4912874 -r e1f74a5a09cb tools/python/xen/util/acmpolicy.py
--- a/tools/python/xen/util/acmpolicy.py Wed Jul 18 13:56:00 2007 +0100
+++ b/tools/python/xen/util/acmpolicy.py Wed Jul 18 13:56:21 2007 +0100
@@ -122,7 +122,8 @@ class ACMPolicy(XSPolicy):
rc = -xsconstants.XSERR_GENERAL_FAILURE
if rc != xsconstants.XSERR_SUCCESS:
log.warn("XML did not validate against schema")
- rc = self.__validate_name_and_labels()
+ if rc == xsconstants.XSERR_SUCCESS:
+ rc = self.__validate_name_and_labels()
return rc
def __validate_name_and_labels(self):
@@ -626,14 +627,15 @@ class ACMPolicy(XSPolicy):
def policy_get_stes_of_vmlabel(self, vmlabel):
""" Get a list of all STEs of a given VMlabel """
return self.__policy_get_stes_of_labeltype(vmlabel,
- "VirtualMachineLabel")
+ "/SubjectLabels",
"VirtualMachineLabel")
def policy_get_stes_of_resource(self, reslabel):
""" Get a list of all resources of a given VMlabel """
- return self.__policy_get_stes_of_labeltype(reslabel, "ResourceLabel")
-
- def __policy_get_stes_of_labeltype(self, label, labeltype):
- node = self.dom_get_node("SecurityLabelTemplate/SubjectLabels")
+ return self.__policy_get_stes_of_labeltype(reslabel,
+ "/ObjectLabels", "ResourceLabel")
+
+ def __policy_get_stes_of_labeltype(self, label, path, labeltype):
+ node = self.dom_get_node("SecurityLabelTemplate" + path)
if node:
i = 0
while i < len(node.childNodes):
@@ -661,7 +663,8 @@ class ACMPolicy(XSPolicy):
return False
for res in resources:
res_stes = self.policy_get_stes_of_resource(res)
- if len( set(res_stes).union( set(vm_stes) ) ) == 0:
+ if len(res_stes) == 0 or \
+ len( set(res_stes).intersection( set(vm_stes) ) ) == 0:
return False
return True
diff -r ad87a4912874 -r e1f74a5a09cb tools/python/xen/util/security.py
--- a/tools/python/xen/util/security.py Wed Jul 18 13:56:00 2007 +0100
+++ b/tools/python/xen/util/security.py Wed Jul 18 13:56:21 2007 +0100
@@ -799,9 +799,10 @@ def is_resource_in_use(resource):
lst.append(dominfo)
return lst
-def devices_equal(res1, res2):
+def devices_equal(res1, res2, mustexist=True):
""" Determine whether two devices are equal """
- return (unify_resname(res1) == unify_resname(res2))
+ return (unify_resname(res1, mustexist) ==
+ unify_resname(res2, mustexist))
def is_resource_in_use_by_dom(dominfo, resource):
""" Determine whether a resources is in use by a given domain
@@ -817,7 +818,7 @@ def is_resource_in_use_by_dom(dominfo, r
dev = devs[uuid]
if len(dev) >= 2 and dev[1].has_key('uname'):
# dev[0] is type, i.e. 'vbd'
- if devices_equal(dev[1]['uname'], resource):
+ if devices_equal(dev[1]['uname'], resource, mustexist=False):
log.info("RESOURCE IN USE: Domain %d uses %s." %
(dominfo.domid, resource))
return True
diff -r ad87a4912874 -r e1f74a5a09cb tools/python/xen/xend/XendAPI.py
--- a/tools/python/xen/xend/XendAPI.py Wed Jul 18 13:56:00 2007 +0100
+++ b/tools/python/xen/xend/XendAPI.py Wed Jul 18 13:56:21 2007 +0100
@@ -1410,22 +1410,22 @@ class XendAPI(object):
def VM_set_memory_dynamic_max(self, session, vm_ref, mem):
dom = XendDomain.instance().get_vm_by_uuid(vm_ref)
dom.set_memory_dynamic_max(int(mem))
- return xen_api_success_void()
+ return self._VM_save(dom)
def VM_set_memory_dynamic_min(self, session, vm_ref, mem):
dom = XendDomain.instance().get_vm_by_uuid(vm_ref)
dom.set_memory_dynamic_min(int(mem))
- return xen_api_success_void()
+ return self._VM_save(dom)
def VM_set_memory_static_max(self, session, vm_ref, mem):
dom = XendDomain.instance().get_vm_by_uuid(vm_ref)
dom.set_memory_static_max(int(mem))
- return xen_api_success_void()
+ return self._VM_save(dom)
def VM_set_memory_static_min(self, session, vm_ref, mem):
dom = XendDomain.instance().get_vm_by_uuid(vm_ref)
dom.set_memory_static_min(int(mem))
- return xen_api_success_void()
+ return self._VM_save(dom)
def VM_set_memory_dynamic_max_live(self, session, vm_ref, mem):
dom = XendDomain.instance().get_vm_by_uuid(vm_ref)
@@ -1620,7 +1620,8 @@ class XendAPI(object):
(rc, errors, oldlabel, new_ssidref) = \
dom.set_security_label(sec_label, old_label)
if rc != xsconstants.XSERR_SUCCESS:
- return xen_api_error(['SECURITY_ERROR', rc])
+ return xen_api_error(['SECURITY_ERROR', rc,
+ xsconstants.xserr2string(-rc)])
if rc == 0:
rc = new_ssidref
return xen_api_success(rc)
@@ -2239,7 +2240,8 @@ class XendAPI(object):
vdi = XendNode.instance().get_vdi_by_uuid(vdi_ref)
rc = vdi.set_security_label(sec_lab, old_lab)
if rc < 0:
- return xen_api_error(['SECURITY_ERROR', rc])
+ return xen_api_error(['SECURITY_ERROR', rc,
+ xsconstants.xserr2string(-rc)])
return xen_api_success(rc)
def VDI_get_security_label(self, session, vdi_ref):
diff -r ad87a4912874 -r e1f74a5a09cb tools/python/xen/xend/XendVDI.py
--- a/tools/python/xen/xend/XendVDI.py Wed Jul 18 13:56:00 2007 +0100
+++ b/tools/python/xen/xend/XendVDI.py Wed Jul 18 13:56:21 2007 +0100
@@ -24,6 +24,7 @@ from xen.util.xmlrpclib2 import stringif
from xen.util.xmlrpclib2 import stringify
from xmlrpclib import dumps, loads
from xen.util import security, xsconstants
+from xen.xend.XendError import SecurityError
KB = 1024
MB = 1024 * 1024
diff -r ad87a4912874 -r e1f74a5a09cb tools/python/xen/xend/XendXSPolicyAdmin.py
--- a/tools/python/xen/xend/XendXSPolicyAdmin.py Wed Jul 18 13:56:00
2007 +0100
+++ b/tools/python/xen/xend/XendXSPolicyAdmin.py Wed Jul 18 13:56:21
2007 +0100
@@ -56,7 +56,10 @@ class XSPolicyAdmin:
typ = data[1]
try:
if typ == xsconstants.ACM_POLICY_ID:
- self.xsobjs[ref] = ACMPolicy(name=name, ref=ref)
+ try:
+ self.xsobjs[ref] = ACMPolicy(name=name, ref=ref)
+ except Exception, e:
+ del self.policies[ref]
else:
del self.policies[ref]
except Exception, e:
@@ -271,6 +274,10 @@ class XSPolicyAdmin:
return pol
return None
+ def get_hv_loaded_policy_name(self):
+ security.refresh_security_policy()
+ return security.active_policy
+
def get_policy_by_name(self, name):
for pol in self.xsobjs.values():
if pol.get_name() == name:
diff -r ad87a4912874 -r e1f74a5a09cb tools/python/xen/xm/cfgbootpolicy.py
--- a/tools/python/xen/xm/cfgbootpolicy.py Wed Jul 18 13:56:00 2007 +0100
+++ b/tools/python/xen/xm/cfgbootpolicy.py Wed Jul 18 13:56:21 2007 +0100
@@ -170,8 +170,9 @@ def cfgbootpolicy_xapi(policy, user_titl
OptionError("No policy installed on system?")
acmpol = ACMPolicy(xml=xml)
if acmpol.get_name() != policy:
- OptionError("Policy installed on system '%s' does not match the "
- "request policy '%s'" % (acmpol.get_name(), policy))
+ raise OptionError("Policy installed on system '%s' does not "
+ "match the requested policy '%s'" %
+ (acmpol.get_name(), policy))
flags = int(policystate['flags']) | xsconstants.XS_INST_BOOT
rc = int(server.xenapi.XSPolicy.activate_xspolicy(xs_ref, flags))
if rc == flags:
diff -r ad87a4912874 -r e1f74a5a09cb tools/xm-test/lib/XmTestLib/XenAPIDomain.py
--- a/tools/xm-test/lib/XmTestLib/XenAPIDomain.py Wed Jul 18 13:56:00
2007 +0100
+++ b/tools/xm-test/lib/XmTestLib/XenAPIDomain.py Wed Jul 18 13:56:21
2007 +0100
@@ -23,6 +23,7 @@ import sys
import sys
from XmTestLib import *
from types import DictType
+from acm import *
class XenAPIConfig:
@@ -38,6 +39,9 @@ class XenAPIConfig:
'kernel' : 'PV_kernel',
'ramdisk': 'PV_ramdisk',
'root' : 'PV_args'}
+ if isACMEnabled():
+ #A default so every VM can start with ACM enabled
+ self.opts["security_label"] = "ACM:xm-test:red"
def setOpt(self, name, value):
"""Set an option in the config"""
diff -r ad87a4912874 -r e1f74a5a09cb tools/xm-test/lib/XmTestLib/acm.py
--- a/tools/xm-test/lib/XmTestLib/acm.py Wed Jul 18 13:56:00 2007 +0100
+++ b/tools/xm-test/lib/XmTestLib/acm.py Wed Jul 18 13:56:21 2007 +0100
@@ -19,6 +19,9 @@
"""
from Test import *
from xen.util import security
+from xen.xm.main import server
+from xen.util import xsconstants
+import re
try:
from acm_config import *
@@ -32,16 +35,47 @@ def isACMEnabled():
return security.on()
+def getSystemPolicyName():
+ s,o = traceCommand("xm getpolicy")
+ m = re.compile("Policy name[\s]*: ([A-z\-]+)").search(o)
+ if m:
+ polname = m.group(1)
+ return polname
+ return ""
+
+
+def ACMLoadPolicy_XenAPI(policy='xm-test'):
+ polname = getSystemPolicyName()
+ if polname != policy:
+ # Try it, maybe it's not activated
+ traceCommand("xm setpolicy %s %s" %
+ (xsconstants.XS_POLICY_ACM, policy))
+ polname = getSystemPolicyName()
+ if polname != policy:
+ FAIL("Need to have a system with no or policy '%s' active, "
+ "not %s" % (policy,polname))
+ else:
+ s, o = traceCommand("xm activatepolicy --load")
+ else:
+ s, o = traceCommand("xm activatepolicy --load")
+ if not re.search("Successfully", o):
+ FAIL("Could not set the policy '%s'." % policy)
+
+
def ACMLoadPolicy(policy='xm-test'):
- s, o = traceCommand("xm makepolicy %s" % (policy))
- if s != 0:
- FAIL("Need to be able to do 'xm makepolicy %s' but could not" %
- (policy))
- s, o = traceCommand("xm loadpolicy %s" % (policy))
- if s != 0:
- FAIL("Could not load the required policy '%s'.\n"
- "Start the system without any policy.\n%s" %
- (policy, o))
+ from xen.xm import main
+ if main.serverType == main.SERVER_XEN_API:
+ ACMLoadPolicy_XenAPI()
+ else:
+ s, o = traceCommand("xm makepolicy %s" % (policy))
+ if s != 0:
+ FAIL("Need to be able to do 'xm makepolicy %s' but could not" %
+ (policy))
+ s, o = traceCommand("xm loadpolicy %s" % (policy))
+ if s != 0:
+ FAIL("Could not load the required policy '%s'.\n"
+ "Start the system without any policy.\n%s" %
+ (policy, o))
def ACMPrepareSystem(resources):
if isACMEnabled():
diff -r ad87a4912874 -r e1f74a5a09cb
tools/xm-test/tests/security-acm/01_security-acm_basic.py
--- a/tools/xm-test/tests/security-acm/01_security-acm_basic.py Wed Jul 18
13:56:00 2007 +0100
+++ b/tools/xm-test/tests/security-acm/01_security-acm_basic.py Wed Jul 18
13:56:21 2007 +0100
@@ -15,6 +15,7 @@
from XmTestLib import *
from xen.util import security
+from xen.util import xsconstants
import commands
import os
import re
@@ -28,7 +29,7 @@ if not isACMEnabled():
SKIP("Not running this test since ACM not enabled.")
status, output = traceCommand("xm makepolicy %s" % (testpolicy))
-if status != 0 or output != "":
+if status != 0:
FAIL("'xm makepolicy' failed with status %d and output\n%s" %
(status,output));
@@ -47,7 +48,7 @@ status, output = traceCommand("xm addlab
status, output = traceCommand("xm addlabel %s dom %s %s" %
(testlabel, vmconfigfile, testpolicy))
if status != 0:
- FAIL("'xm addlabel' failed with status %d.\n" % status)
+ FAIL("(1) 'xm addlabel' failed with status %d.\n" % status)
status, output = traceCommand("xm getlabel dom %s" %
(vmconfigfile))
@@ -55,8 +56,9 @@ if status != 0:
if status != 0:
FAIL("'xm getlabel' failed with status %d, output:\n%s" %
(status, output))
-if output != "policy=%s,label=%s" % (testpolicy,testlabel):
- FAIL("Received unexpected output from 'xm getlabel': \n%s" %
+if output != "policytype=%s,policy=%s,label=%s" % \
+ (xsconstants.ACM_POLICY_ID, testpolicy, testlabel):
+ FAIL("(1) Received unexpected output from 'xm getlabel dom': \n%s" %
(output))
@@ -74,30 +76,34 @@ status, output = traceCommand("xm getlab
(vmconfigfile))
if output != "Error: 'Domain not labeled'":
- FAIL("Received unexpected output from 'xm getlabel': \n%s" %
+ FAIL("(2) Received unexpected output from 'xm getlabel dom': \n%s" %
(output))
#Whatever label the resource might have, remove it
status, output = traceCommand("xm rmlabel res %s" %
(testresource))
+if status != 0:
+ FAIL("'xm rmlabel' on resource failed with status %d.\n" % status)
status, output = traceCommand("xm addlabel %s res %s %s" %
(testlabel, testresource, testpolicy))
if status != 0:
- FAIL("'xm addlabel' on resource failed with status %d.\n" % status)
+ FAIL("(2) 'xm addlabel' on resource failed with status %d.\n" % status)
status, output = traceCommand("xm getlabel res %s" % (testresource))
if status != 0:
FAIL("'xm getlabel' on resource failed with status %d, output:\n%s" %
(status, output))
-if output != "policy=%s,label=%s" % (testpolicy,testlabel):
- FAIL("Received unexpected output from 'xm getlabel': \n%s" %
+if output != "%s:%s:%s" % (xsconstants.ACM_POLICY_ID,\
+ testpolicy,testlabel):
+ FAIL("Received unexpected output from 'xm getlabel res': \n%s" %
(output))
status, output = traceCommand("xm resources")
if status != 0:
+ print "status = %s" % str(status)
FAIL("'xm resources' did not run properly")
if not re.search(security.unify_resname(testresource), output):
FAIL("'xm resources' did not show the tested resource '%s'." %
@@ -117,5 +123,5 @@ status, output = traceCommand("xm getlab
(testresource))
if output != "Error: 'Resource not labeled'":
- FAIL("Received unexpected output from 'xm getlabel': \n%s" %
+ FAIL("Received unexpected output from 'xm getlabel res': \n%s" %
(output))
diff -r ad87a4912874 -r e1f74a5a09cb
tools/xm-test/tests/security-acm/07_security-acm_pol_update.py
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/tools/xm-test/tests/security-acm/07_security-acm_pol_update.py Wed Jul
18 13:56:21 2007 +0100
@@ -0,0 +1,303 @@
+#!/usr/bin/python
+
+# Copyright (C) International Business Machines Corp., 2006
+# Author: Stefan Berger <stefanb@xxxxxxxxxx>
+
+# Test to exercise the xspolicy class
+
+from XmTestLib import xapi
+from XmTestLib.XenAPIDomain import XmTestAPIDomain
+from XmTestLib import *
+from xen.xend import XendAPIConstants
+from xen.util import acmpolicy, security, xsconstants
+from xen.util.acmpolicy import ACMPolicy
+from xen.xend.XendDomain import DOM0_UUID
+
+import commands
+import os
+import base64
+
+xm_test = {}
+xm_test['policyname'] = "xm-test"
+xm_test['date'] = "Fri Sep 29 14:44:38 2006"
+xm_test['url'] = None
+
+vm_label_red = "%s:xm-test:red" % xsconstants.ACM_POLICY_ID
+vm_label_green = "%s:xm-test:green" % xsconstants.ACM_POLICY_ID
+vm_label_blue = "%s:xm-test:blue" % xsconstants.ACM_POLICY_ID
+vm_label_sys = "%s:xm-test:SystemManagement" % xsconstants.ACM_POLICY_ID
+
+vm_label_black = "%s:xm-test:black"
+
+session = xapi.connect()
+
+oldlabel = session.xenapi.VM.get_security_label(DOM0_UUID)
+
+ssidref = session.xenapi.VM.set_security_label(DOM0_UUID,
+ vm_label_sys,
+ oldlabel)
+if int(ssidref) <= 0 or int(ssidref) != 0x00010001:
+ FAIL("(0) Domain-0 label for '%s' has unexpected failure: %08x" %
+ (vm_label_sys, int(ssidref)))
+print "ssidref for '%s' is 0x%08x" % (vm_label_sys, int(ssidref))
+
+
+xstype = session.xenapi.XSPolicy.get_xstype()
+if int(xstype) & xsconstants.XS_POLICY_ACM == 0:
+ SKIP("ACM not enabled/compiled in Xen")
+
+policystate = session.xenapi.XSPolicy.get_xspolicy()
+if not policystate.has_key('xs_ref'):
+ FAIL("get_xspolicy must return member 'xs_ref'")
+
+xs_ref = policystate['xs_ref']
+if xs_ref != "":
+ origpolicyxml = session.xenapi.ACMPolicy.get_xml(xs_ref)
+else:
+ origpolicyxml = ""
+
+f = open("xm-test-security_policy.xml", 'r')
+if f:
+ newpolicyxml = f.read()
+ f.close()
+else:
+ FAIL("Could not read 'xm-test' policy")
+
+try:
+ os.unlink("/boot/xm-test.bin")
+except:
+ pass
+
+policystate = session.xenapi.XSPolicy.get_xspolicy()
+
+if int(policystate['type']) == 0:
+ policystate = session.xenapi.XSPolicy.set_xspolicy(
+ xsconstants.XS_POLICY_ACM,
+ newpolicyxml,
+ xsconstants.XS_INST_LOAD | xsconstants.XS_INST_BOOT,
+ 1)
+ if int(policystate['flags']) == -1:
+ FAIL("Could not set the new policy.")
+
+print "state of policy = %s " % policystate
+
+rc = session.xenapi.XSPolicy.activate_xspolicy(
+ policystate['xs_ref'],
+ xsconstants.XS_INST_LOAD | xsconstants.XS_INST_BOOT)
+if int(rc) != xsconstants.XS_INST_LOAD | xsconstants.XS_INST_BOOT:
+ FAIL("Could not activate the current policy: rc = %08x" % int(rc))
+
+if not os.path.exists("/boot/xm-test.bin"):
+ FAIL("Binary policy was not installed. Check grub config file.")
+
+policystate = session.xenapi.XSPolicy.get_xspolicy()
+
+if int(policystate['flags']) != xsconstants.XS_INST_BOOT | \
+ xsconstants.XS_INST_LOAD:
+ FAIL("Flags (%x) are not indicating the correct state of the policy.",
+ int(policystate['flags']))
+
+policystate = session.xenapi.XSPolicy.get_xspolicy()
+xs_ref = policystate['xs_ref']
+
+newpolicyxml = None
+f = open("xm-test-new-security_policy.xml", 'r')
+if f:
+ newpolicyxml = f.read()
+ f.close()
+else:
+ FAIL("Could not read 'xm-test-new' policy")
+
+cur_acmpol = ACMPolicy(xml = policystate['repr'])
+new_acmpol = ACMPolicy(xml = newpolicyxml)
+
+new_acmpol.update_frompolicy(cur_acmpol)
+
+policystate = session.xenapi.XSPolicy.set_xspolicy(xsconstants.XS_POLICY_ACM,
+ new_acmpol.toxml(),
+ xsconstants.XS_INST_LOAD | xsconstants.XS_INST_BOOT,
+ 1)
+
+f = open("xm-test-security_policy.xml", 'r')
+if f:
+ newpolicyxml = f.read()
+ f.close()
+else:
+ FAIL("Could not read 'xm-test-new' policy")
+
+cur_acmpol = new_acmpol
+new_acmpol = ACMPolicy(xml = newpolicyxml)
+
+new_acmpol.update_frompolicy(cur_acmpol)
+
+policystate = session.xenapi.XSPolicy.set_xspolicy(xsconstants.XS_POLICY_ACM,
+ new_acmpol.toxml(),
+ xsconstants.XS_INST_LOAD | xsconstants.XS_INST_BOOT,
+ 1)
+
+dom0_lab = session.xenapi.VM.get_security_label(DOM0_UUID)
+
+ssidref = session.xenapi.VM.set_security_label(DOM0_UUID,
+ vm_label_sys, dom0_lab)
+if int(ssidref) <= 0 or int(ssidref) != 0x00010001:
+ FAIL("(1) Domain-0 label for '%s' has unexpected failure: %08x" %
+ (vm_label_sys, int(ssidref)))
+print "ssidref for '%s' is 0x%08x" % (vm_label_sys, int(ssidref))
+
+try:
+ ssidref = session.xenapi.VM.set_security_label(DOM0_UUID,
+ vm_label_black,
+ vm_label_sys)
+ FAIL("Could set label '%s', although it's not in the policy. "
+ "ssidref=%s" % (vm_label_black, ssidref))
+except:
+ pass
+
+ssidref = session.xenapi.VM.set_security_label(DOM0_UUID,
+ vm_label_red,
+ vm_label_sys)
+if int(ssidref) <= 0:
+ FAIL("(2) Domain-0 label for '%s' has unexpected failure: %08x" %
+ (vm_label_red, int(ssidref)))
+print "ssidref for '%s' is 0x%08x" % (vm_label_red, int(ssidref))
+
+label = session.xenapi.VM.get_security_label(DOM0_UUID)
+
+if label != vm_label_red:
+ FAIL("Dom0 label '%s' not as expected '%s'" % (label, vm_label_red))
+
+
+ssidref = session.xenapi.VM.set_security_label(DOM0_UUID,
+ vm_label_sys,
+ vm_label_red)
+if int(ssidref) <= 0 or int(ssidref) != 0x00010001:
+ FAIL("(3) Domain-0 label for '%s' has unexpected failure: %08x" %
+ (vm_label_sys, int(ssidref)))
+
+label = session.xenapi.VM.get_security_label(DOM0_UUID)
+
+if label != vm_label_sys:
+ FAIL("Dom0 label '%s' not as expected '%s'" % label, dom0_label)
+
+header = session.xenapi.ACMPolicy.get_header(xs_ref)
+
+if header['policyname'] != xm_test['policyname']:
+ FAIL("Name in header is '%s', expected is '%s'." %
+ (header['policyname'],xm_test['policyname']))
+if header['date'] != xm_test['date']:
+ FAIL("Date in header is '%s', expected is '%s'." %
+ (header['date'],xm_test['date']))
+if header.has_key("url") and header['url' ] != xm_test['url' ]:
+ FAIL("URL in header is '%s', expected is '%s'." %
+ (header['url' ],xm_test['url' ]))
+
+# Create another domain
+try:
+ # XmTestAPIDomain tries to establish a connection to XenD
+ domain = XmTestAPIDomain(extraConfig={ 'security_label' : vm_label_blue })
+except Exception, e:
+ SKIP("Skipping test. Error: %s" % str(e))
+
+
+vm_uuid = domain.get_uuid()
+
+res = session.xenapi.VM.get_security_label(vm_uuid)
+if res != vm_label_blue:
+ FAIL("VM has security label '%s', expected is '%s'" %
+ (res, vm_label_blue))
+
+try:
+ domain.start(noConsole=True)
+except:
+ FAIL("Could not create domain")
+
+
+# Attempt to relabel the running domain
+ssidref = session.xenapi.VM.set_security_label(vm_uuid,
+ vm_label_red,
+ vm_label_blue)
+if int(ssidref) <= 0:
+ FAIL("Could not relabel running domain to '%s'." % vm_label_red)
+
+# user domain is 'red', dom0 is current 'SystemManagement'.
+# Try to move domain-0 to 'red' first, then to 'blue'.
+
+# Moving domain-0 to 'red' should work
+ssidref = session.xenapi.VM.set_security_label(DOM0_UUID,
+ vm_label_red,
+ vm_label_sys)
+if int(ssidref) <= 0:
+ FAIL("Could not label domain-0 '%s'" % vm_label_red)
+
+# Moving the guest domain to 'blue' should not work due to conflict set
+try:
+ ssidref = session.xenapi.VM.set_security_label(vm_uuid,
+ vm_label_blue,
+ vm_label_red)
+ FAIL("Could label guest domain with '%s', although this is in a conflict "
+ "set. ssidref=%x" % (vm_label_blue,int(ssidref)))
+except:
+ pass
+
+label = session.xenapi.VM.get_security_label(vm_uuid)
+if label != vm_label_red:
+ FAIL("User domain has wrong label '%s', expected '%s'." %
+ (label, vm_label_red))
+
+label = session.xenapi.VM.get_security_label(DOM0_UUID)
+if label != vm_label_red:
+ FAIL("Domain-0 has wrong label '%s'; expected '%s'." %
+ (label, vm_label_red))
+
+ssidref = session.xenapi.VM.set_security_label(DOM0_UUID,
+ vm_label_sys,
+ vm_label_red)
+if int(ssidref) < 0:
+ FAIL("Could not set the domain-0 security label to '%s'." %
+ (vm_label_sys))
+
+# pause the domain and relabel it...
+session.xenapi.VM.pause(vm_uuid)
+
+label = session.xenapi.VM.get_security_label(vm_uuid)
+if label != vm_label_red:
+ FAIL("User domain has wrong label '%s', expected '%s'." %
+ (label, vm_label_red))
+
+ssidref = session.xenapi.VM.set_security_label(vm_uuid,
+ vm_label_blue,
+ vm_label_red)
+print "guest domain new label '%s'; ssidref is 0x%08x" % \
+ (vm_label_blue, int(ssidref))
+if int(ssidref) <= 0:
+ FAIL("Could not label guest domain with '%s'" % (vm_label_blue))
+
+label = session.xenapi.VM.get_security_label(vm_uuid)
+if label != vm_label_blue:
+ FAIL("User domain has wrong label '%s', expected '%s'." %
+ (label, vm_label_blue))
+
+session.xenapi.VM.unpause(vm_uuid)
+
+rc = session.xenapi.VM.suspend(vm_uuid)
+
+ssidref = session.xenapi.VM.set_security_label(vm_uuid,
+ vm_label_green,
+ vm_label_blue)
+print "guest domain new label '%s'; ssidref is 0x%08x" % \
+ (vm_label_green, int(ssidref))
+if int(ssidref) < 0:
+ FAIL("Could not label suspended guest domain with '%s'" % (vm_label_blue))
+
+label = session.xenapi.VM.get_security_label(vm_uuid)
+if label != vm_label_green:
+ FAIL("User domain has wrong label '%s', expected '%s'." %
+ (label, vm_label_green))
+
+
+rc = session.xenapi.VM.resume(vm_uuid, False)
+
+label = session.xenapi.VM.get_security_label(vm_uuid)
+if label != vm_label_green:
+ FAIL("User domain has wrong label '%s', expected '%s'." %
+ (label, vm_label_green))
diff -r ad87a4912874 -r e1f74a5a09cb
tools/xm-test/tests/security-acm/08_security-acm_xapi.py
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/tools/xm-test/tests/security-acm/08_security-acm_xapi.py Wed Jul 18
13:56:21 2007 +0100
@@ -0,0 +1,354 @@
+#!/usr/bin/python
+
+# Copyright (C) International Business Machines Corp., 2007
+# Author: Stefan Berger <stefanb@xxxxxxxxxx>
+
+# VM creation test with labeled VM and labeled VDI
+
+from XmTestLib import xapi
+from XmTestLib.XenAPIDomain import XmTestAPIDomain
+from XmTestLib import *
+from xen.xend import XendAPIConstants
+from xen.util import acmpolicy, security, xsconstants
+import commands
+import os
+
+vm_label_red = xsconstants.ACM_POLICY_ID + ":xm-test:red"
+vm_label_green = xsconstants.ACM_POLICY_ID + ":xm-test:green"
+vdi_label_red = xsconstants.ACM_POLICY_ID + ":xm-test:red"
+vdi_label_green = xsconstants.ACM_POLICY_ID + ":xm-test:green"
+
+vdi_file = "/dev/ram0"
+vdi_path = "phy:" + vdi_file
+
+#Note:
+# If during the suspend/resume operations 'red' instead of 'green' is
+# used, the Chinese Wall policy goes into effect and disallows the
+# suspended VM from being resumed...
+
+try:
+ # XmTestAPIDomain tries to establish a connection to XenD
+ domain = XmTestAPIDomain(extraConfig={ 'security_label' : vm_label_red })
+except Exception, e:
+ SKIP("Skipping test. Error: %s" % str(e))
+
+vm_uuid = domain.get_uuid()
+
+session = xapi.connect()
+xstype = session.xenapi.XSPolicy.get_xstype()
+if int(xstype) & xsconstants.XS_POLICY_ACM == 0:
+ SKIP("ACM not enabled/compiled in Xen")
+
+f = open("xm-test-security_policy.xml", 'r')
+if f:
+ newpolicyxml = f.read()
+ f.close()
+else:
+ FAIL("Could not read 'xm-test' policy")
+
+policystate = session.xenapi.XSPolicy.get_xspolicy()
+if int(policystate['type']) == 0:
+ policystate = session.xenapi.XSPolicy.set_xspolicy(
+ xsconstants.XS_POLICY_ACM,
+ newpolicyxml,
+ xsconstants.XS_INST_BOOT | xsconstants.XS_INST_LOAD,
+ True)
+ if int(policystate['flags']) == -1:
+ FAIL("Could not set the new policy.")
+
+policystate = session.xenapi.XSPolicy.get_xspolicy()
+print "policystate = %s" % policystate
+acm_ref = policystate['xs_ref']
+
+
+#
+# Some tests with labeling of resources
+#
+labels = session.xenapi.XSPolicy.get_labeled_resources()
+print "labeled resources are:\n%s" % labels
+
+oldlabel = session.xenapi.XSPolicy.get_resource_label("phy:/dev/ram0")
+
+rc = session.xenapi.XSPolicy.set_resource_label("phy:/dev/ram0", "",
+ oldlabel)
+
+rc = session.xenapi.XSPolicy.set_resource_label("phy:/dev/ram0",
+ vdi_label_green,
+ "")
+
+res = session.xenapi.XSPolicy.get_resource_label("phy:/dev/ram0")
+if res != vdi_label_green:
+ FAIL("(1) get_resource_label returned unexpected result %s, wanted %s" %
+ (res, vdi_label_green))
+
+
+#
+# Some test with labeling of VMs
+#
+
+res = session.xenapi.VM.get_security_label(vm_uuid)
+
+if res != vm_label_red:
+ FAIL("VM.get_security_label returned wrong security label '%s'." % res)
+
+res = session.xenapi.VM.set_security_label(vm_uuid, vm_label_green,
+ vm_label_red)
+
+res = session.xenapi.VM.get_security_label(vm_uuid)
+if res != vm_label_green:
+ FAIL("VM does not show expected label '%s' but '%s'." %
+ (vm_label_green, res))
+
+res = session.xenapi.VM.set_security_label(vm_uuid, "", vm_label_green)
+if int(res) != 0:
+ FAIL("Should be able to unlabel the domain while it's halted.")
+
+res = session.xenapi.VM.get_security_label(vm_uuid)
+if res != "":
+ FAIL("Unexpected VM security label after removal: %s" % res)
+
+res = session.xenapi.VM.set_security_label(vm_uuid, vm_label_red, res)
+if int(res) != 0:
+ FAIL("Could not label the VM to '%s'" % vm_label_red)
+
+res = session.xenapi.VM.get_security_label(vm_uuid)
+if res != vm_label_red:
+ FAIL("VM has wrong label '%s', expected '%s'." % (res, vm_label_red))
+
+sr_uuid = session.xenapi.SR.get_by_name_label("Local")
+if len(sr_uuid) == 0:
+ FAIL("Could not get a handle on SR 'Local'")
+
+
+vdi_rec = { 'name_label' : "My disk",
+ 'SR' : sr_uuid[0],
+ 'virtual_size': 0,
+ 'sector_size' : 512,
+ 'parent' : '',
+ 'SR_name' : 'Local',
+ 'type' : 'system',
+ 'shareable' : False,
+ 'read-only' : False,
+ 'other_config': {'location': vdi_path}
+}
+
+vdi_ref = session.xenapi.VDI.create(vdi_rec)
+
+res = session.xenapi.VDI.get_name_label(vdi_ref)
+if res != vdi_rec['name_label']:
+ print "Destroying VDI now"
+ session.xenapi.VDI.destroy(vdi_ref)
+ FAIL("VDI_get_name_label return wrong information")
+
+res = session.xenapi.VDI.get_record(vdi_ref)
+print "vdi_record : %s" % res
+
+oldlabel = session.xenapi.XSPolicy.get_resource_label(vdi_path)
+
+#Remove label from VDI device
+rc = session.xenapi.XSPolicy.set_resource_label(vdi_path,
+ "",
+ oldlabel)
+
+
+# Attach a VBD to the VM
+
+vbd_rec = { 'VM' : vm_uuid,
+ 'VDI' : vdi_ref,
+ 'device' : "xvda1",
+ 'mode' : 1,
+ 'bootable': 0,
+}
+
+vbd_ref = session.xenapi.VBD.create(vbd_rec)
+
+res = session.xenapi.VBD.get_record(vbd_ref)
+
+try:
+ domain.start(noConsole=True)
+ # Should not get here.
+ print "Destroying VDI now"
+ session.xenapi.VDI.destroy(vdi_ref)
+ FAIL("Could start VM with a VBD that it is not allowed to access.")
+except:
+ pass
+ print "Could not create domain -- that's good"
+
+
+#
+# Label the VDI now
+#
+
+rc = session.xenapi.VDI.set_security_label(vdi_ref, vdi_label_red, "")
+if int(rc) != 0:
+ FAIL("Could not set the VDI label to '%s'" % vdi_label_red)
+
+label = session.xenapi.VDI.get_security_label(vdi_ref)
+if label != vdi_label_red:
+ session.xenapi.VDI.destroy(vdi_ref)
+ FAIL("Unexpected label '%s' on VDI, wanted '%s'" %
+ (label, vdi_label_red))
+
+rc = session.xenapi.VDI.set_security_label(vdi_ref, "", label)
+if int(rc) != 0:
+ session.xenapi.VDI.destroy(vdi_ref)
+ FAIL("Should be able to unlabel VDI.")
+
+rc = session.xenapi.VDI.set_security_label(vdi_ref, vdi_label_red, "")
+if int(rc) != 0:
+ session.xenapi.VDI.destroy(vdi_ref)
+ FAIL("Should be able to label VDI with label '%s'" % vid_label_red)
+
+res = session.xenapi.XSPolicy.get_resource_label(vdi_path)
+if res != vdi_label_red:
+ session.xenapi.VDI.destroy(vdi_ref)
+ FAIL("(2) get_resource_label on %s returned unexpected result %s, wanted
'%s'" %
+ (vdi_path, res, vdi_label_red))
+
+res = session.xenapi.VDI.get_security_label(vdi_ref)
+if res != vdi_label_red:
+ session.xenapi.VDI.destroy(vdi_ref)
+ FAIL("get_security_label returned unexpected result %s, wanted '%s'" %
+ (res, vdi_label_red))
+
+domain.start(noConsole=True)
+
+console = domain.getConsole()
+
+domName = domain.getName()
+
+try:
+ run = console.runCmd("cat /proc/interrupts")
+except ConsoleError, e:
+ saveLog(console.getHistory())
+ FAIL("Could not access proc-filesystem")
+
+# Try to relabel while VM is running
+try:
+ res = session.xenapi.VM.set_security_label(vm_uuid, vm_label_green,
+ vm_label_red)
+except:
+ pass
+
+lab = session.xenapi.VM.get_security_label(vm_uuid)
+if lab == vm_label_green:
+ FAIL("Should not be able to reset the security label while running."
+ "tried to set to %s, got %s, old: %s" %(vm_label_green, lab,
+ vm_label_red))
+
+
+#
+# Suspend the domain and relabel it
+#
+
+try:
+ status, output = traceCommand("xm suspend %s" % domName,
+ timeout=30)
+except TimeoutError, e:
+ session.xenapi.VDI.destroy(vdi_ref)
+ FAIL("Failure from suspending VM: %s." % str(e))
+
+# Try to relabel while VM is suspended -- this should work
+
+rc = session.xenapi.VM.set_security_label(vm_uuid, vm_label_green,
+ vm_label_red)
+if int(rc) != 0:
+ FAIL("VM security label could not be set to %s" % vm_label_green)
+
+res = session.xenapi.VM.get_security_label(vm_uuid)
+if res != vm_label_green:
+ session.xenapi.VDI.destroy(vdi_ref)
+ FAIL("VM (suspended) has label '%s', expected '%s'." %
+ (res, vm_label_green))
+
+status, output = traceCommand("xm list")
+
+#Try to resume now -- should fail due to denied access to block device
+try:
+ status, output = traceCommand("xm resume %s" % domName,
+ timeout=30)
+ if status == 0:
+ session.xenapi.VDI.destroy(vdi_ref)
+ FAIL("Could resume re-labeled VM: %s" % output)
+except Exception, e:
+ session.xenapi.VDI.destroy(vdi_ref)
+ FAIL("1. Error resuming the VM: %s." % str(e))
+
+# Relabel VM so it would resume
+res = session.xenapi.VM.set_security_label(vm_uuid, vm_label_red,
+ vm_label_green)
+if int(res) != 0:
+ session.xenapi.VDI.destroy(vdi_ref)
+ FAIL("Could not relabel VM to have it resume.")
+
+res = session.xenapi.VM.get_security_label(vm_uuid)
+if res != vm_label_red:
+ session.xenapi.VDI.destroy(vdi_ref)
+ FAIL("VM (suspended) has label '%s', expected '%s'." %
+ (res, vm_label_red))
+
+
+# Relabel the resource so VM should not resume
+try:
+ session.xenapi.XSPolicy.set_resource_label(vdi_path,
+ vdi_label_green,
+ "")
+except Exception, e:
+ session.xenapi.VDI.destroy(vdi_ref)
+ FAIL("Could not label the VDI to '%s': %x" %
+ (vdi_label_green, int(rc)))
+
+#Try to resume now -- should fail due to denied access to block device
+try:
+ status, output = traceCommand("xm resume %s" % domName,
+ timeout=30)
+ if status == 0:
+ session.xenapi.VDI.destroy(vdi_ref)
+ FAIL("Could resume re-labeled VM: %s" % output)
+except Exception, e:
+ session.xenapi.VDI.destroy(vdi_ref)
+ FAIL("2. Error resuming the VM: %s." % str(e))
+
+
+status, output = traceCommand("xm list")
+
+# Relabel the resource so VM can resume
+try:
+ session.xenapi.XSPolicy.set_resource_label(vdi_path,
+ vdi_label_red,
+ vdi_label_green)
+except Exception, e:
+ session.xenapi.VDI.destroy(vdi_ref)
+ FAIL("Could not label the resource to '%s'" % vid_label_red)
+
+res = session.xenapi.XSPolicy.get_resource_label(vdi_path)
+if res != vdi_label_red:
+ session.xenapi.VDI.destroy(vdi_ref)
+ FAIL("'%s' has label '%s', expected '%s'." %
+ (vdi_path, res, vdi_label_red))
+
+#Try to resume now -- should work
+try:
+ status, output = traceCommand("xm resume %s" % domName,
+ timeout=30)
+ if status != 0:
+ session.xenapi.VDI.destroy(vdi_ref)
+ FAIL("Could not resume re-labeled VM: %s" % output)
+except Exception, e:
+ session.xenapi.VDI.destroy(vdi_ref)
+ FAIL("3. Error resuming the VM: %s." % str(e))
+
+
+status, output = traceCommand("xm list")
+
+console = domain.getConsole()
+
+try:
+ run = console.runCmd("cat /proc/interrupts")
+except ConsoleError, e:
+ saveLog(console.getHistory())
+ session.xenapi.VDI.destroy(vdi_ref)
+ FAIL("Could not access proc-filesystem")
+
+domain.stop()
+domain.destroy()
diff -r ad87a4912874 -r e1f74a5a09cb
tools/xm-test/tests/security-acm/09_security-acm_pol_update.py
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/tools/xm-test/tests/security-acm/09_security-acm_pol_update.py Wed Jul
18 13:56:21 2007 +0100
@@ -0,0 +1,427 @@
+#!/usr/bin/python
+
+# Copyright (C) International Business Machines Corp., 2007
+# Author: Stefan Berger <stefanb@xxxxxxxxxx>
+
+# Test to exercise the xspolicy and acmpolicy classes
+
+from XmTestLib import xapi
+from XmTestLib.XenAPIDomain import XmTestAPIDomain
+from XmTestLib import *
+from xen.xend import XendAPIConstants
+from xen.util import security, xsconstants
+from xen.util.acmpolicy import ACMPolicy
+from xen.xend.XendDomain import DOM0_UUID
+import base64
+import struct
+import time
+
+def typestoxml(types):
+ res = ""
+ for t in types:
+ res += "<Type>" + t + "</Type>\n"
+ return res
+
+def cfstoxml(cfss):
+ res = ""
+ for cfs in cfss:
+ res += "<Conflict name=\"" + cfs['name'] + "\">\n" + \
+ typestoxml(cfs['chws']) + \
+ "</Conflict>\n"
+ return res
+
+def vmlabelstoxml(vmlabels, vmfrommap):
+ res = ""
+ for vmlabel in vmlabels:
+ res += "<VirtualMachineLabel>\n"
+ if vmlabel['name'] in vmfrommap:
+ res += "<Name from=\""+ vmfrommap[vmlabel['name']] +"\">"
+ else:
+ res += "<Name>"
+ res += vmlabel['name'] + "</Name>\n"
+ res += "<SimpleTypeEnforcementTypes>\n" + \
+ typestoxml(vmlabel['stes']) + \
+ "</SimpleTypeEnforcementTypes>\n"
+ if vmlabel.has_key('chws'):
+ res += "<ChineseWallTypes>\n" + \
+ typestoxml(vmlabel['chws']) + \
+ "</ChineseWallTypes>\n"
+ res += "</VirtualMachineLabel>\n"
+ return res
+
+
+def reslabelstoxml(reslabels, resfrommap):
+ res = ""
+ for reslabel in reslabels:
+ res += "<ResourceLabel>\n"
+ if resfrommap.has_key(reslabel['name']):
+ res += "<Name from=\""+ resfrommap[reslabel['name']] +"\">"
+ else:
+ res += "<Name>"
+ res += reslabel['name'] + "</Name>\n"
+ res += "<SimpleTypeEnforcementTypes>\n" + \
+ typestoxml(reslabel['stes']) + \
+ "</SimpleTypeEnforcementTypes>\n"
+ res += "</ResourceLabel>\n"
+ return res
+
+def create_xml_policy(hdr, stes, chws,
+ vmlabels, vmfrommap, bootstrap,
+ reslabels, resfrommap,
+ cfss):
+ hdr_xml ="<PolicyHeader>\n" + \
+ " <PolicyName>" + hdr['name'] + "</PolicyName>\n" + \
+ " <Version>" + hdr['version'] + "</Version>\n" + \
+ " <FromPolicy>\n" + \
+ " <PolicyName>" + hdr['oldname'] + "</PolicyName>\n" + \
+ " <Version>" + hdr['oldversion'] + "</Version>\n" + \
+ " </FromPolicy>\n" + \
+ "</PolicyHeader>\n"
+
+ stes_xml = "<SimpleTypeEnforcement>\n" + \
+ " <SimpleTypeEnforcementTypes>\n" + \
+ typestoxml(stes) + \
+ " </SimpleTypeEnforcementTypes>\n" + \
+ "</SimpleTypeEnforcement>\n"
+
+ chws_xml = "<ChineseWall>\n" + \
+ " <ChineseWallTypes>\n" + \
+ typestoxml(chws) + \
+ " </ChineseWallTypes>\n" + \
+ " <ConflictSets>\n" + \
+ cfstoxml(cfss) + \
+ " </ConflictSets>\n" + \
+ "</ChineseWall>\n"
+
+ subjlabel_xml = "<SubjectLabels bootstrap=\""+ bootstrap +"\">\n" + \
+ vmlabelstoxml(vmlabels, vmfrommap) + \
+ "</SubjectLabels>\n"
+ objlabel_xml = "<ObjectLabels>\n" + \
+ reslabelstoxml(reslabels, resfrommap) + \
+ "</ObjectLabels>\n"
+
+ policyxml = "<?xml version=\"1.0\" ?>\n" + \
+ "<SecurityPolicyDefinition xmlns=\"http://www.ibm.com\"
xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\"
xsi:schemaLocation=\"http://www.ibm.com ../../security_policy.xsd \">\n" + \
+ hdr_xml + \
+ stes_xml + \
+ chws_xml + \
+ "<SecurityLabelTemplate>\n" + \
+ subjlabel_xml + \
+ objlabel_xml + \
+ "</SecurityLabelTemplate>\n" + \
+ "</SecurityPolicyDefinition>\n"
+ return policyxml
+
+
+def update_hdr(hdr):
+ """ Update the version information in the header """
+ hdr['oldversion'] = hdr['version']
+ hdr['oldname'] = hdr['name']
+ vers = hdr['version']
+ tmp = vers.split('.')
+ if len(tmp) == 1:
+ rev = 1
+ else:
+ rev = int(tmp[1]) + 1
+ hdr['version'] = "%s.%s" % (tmp[0],rev)
+ return hdr
+
+session = xapi.connect()
+
+policystate = session.xenapi.XSPolicy.get_xspolicy()
+
+if policystate['repr'] != "":
+ print "%s" % policystate['repr']
+ try:
+ acmpol = ACMPolicy(xml=policystate['repr'])
+ except Exception, e:
+ FAIL("Failure from creating ACMPolicy object: %s" % str(e))
+ oldname = acmpol.policy_dom_get_hdr_item("PolicyName")
+ oldvers = acmpol.policy_dom_get_hdr_item("Version")
+ tmp = oldvers.split(".")
+ if len(tmp) == 1:
+ rev = 1
+ else:
+ rev = int(tmp[1]) + 1
+ newvers = "%s.%s" % (tmp[0], str(rev))
+ print "old name/version = %s/%s" % (oldname, oldvers)
+else:
+ oldname = None
+ oldvers = None
+ newvers = "1.0"
+
+# Initialize the header of the policy
+hdr = {}
+hdr['name'] = "xm-test"
+hdr['version'] = newvers
+
+if oldname:
+ hdr['oldname'] = oldname
+ if oldvers and oldvers != "":
+ hdr['oldversion'] = oldvers
+
+stes = [ "SystemManagement", "red", "green", "blue" ]
+
+chws = [ "SystemManagement", "red", "green", "blue" ]
+
+bootstrap = "SystemManagement"
+
+vm_sysmgt = { 'name' : bootstrap,
+ 'stes' : stes,
+ 'chws' : [ "SystemManagement" ] }
+
+vm_red = { 'name' : "red" ,
+ 'stes' : ["red"] ,
+ 'chws' : ["red"] }
+
+vm_green = { 'name' : "green" ,
+ 'stes' : ["green"] ,
+ 'chws' : ["green"] }
+
+vm_blue = { 'name' : "blue" ,
+ 'stes' : ["blue"] ,
+ 'chws' : ["blue"] }
+
+res_red = { 'name' : "red" ,
+ 'stes' : ["red"] }
+
+res_green = { 'name' : "green" ,
+ 'stes' : ["green"] }
+
+res_blue = { 'name' : "blue" ,
+ 'stes' : ["blue"] }
+
+cfs_1 = { 'name' : "CFS1",
+ 'chws' : [ "red" , "blue" ] }
+
+vmlabels = [ vm_sysmgt, vm_red, vm_green, vm_blue ]
+vmfrommap = {}
+reslabels = [ res_red, res_green, res_blue ]
+resfrommap = {}
+cfss = [ cfs_1 ]
+
+vm_label_red = xsconstants.ACM_POLICY_ID + ":xm-test:red"
+vm_label_green = xsconstants.ACM_POLICY_ID + ":xm-test:green"
+vm_label_blue = xsconstants.ACM_POLICY_ID + ":xm-test:blue"
+
+xml = create_xml_policy(hdr, stes, chws,
+ vmlabels, vmfrommap, bootstrap,
+ reslabels, resfrommap,
+ cfss)
+
+xml_good = xml
+
+policystate = session.xenapi.XSPolicy.set_xspolicy(xsconstants.XS_POLICY_ACM,
+ xml,
+ xsconstants.XS_INST_LOAD,
+ True)
+
+print "\n\npolicystate = %s" % policystate
+
+policystate = session.xenapi.XSPolicy.get_xspolicy()
+
+#
+# Create two non-conflicting domains and start them
+#
+try:
+ # XmTestAPIDomain tries to establish a connection to XenD
+ domain1 = XmTestAPIDomain(extraConfig={ 'security_label' : vm_label_red })
+except Exception, e:
+ SKIP("Skipping test. Error: %s" % str(e))
+
+
+vm1_uuid = domain1.get_uuid()
+
+try:
+ domain1.start(noConsole=True)
+except:
+ FAIL("Could not start domain1")
+
+print "Domain 1 started"
+
+try:
+ # XmTestAPIDomain tries to establish a connection to XenD
+ domain2 = XmTestAPIDomain(extraConfig={'security_label': vm_label_green })
+except Exception, e:
+ SKIP("Skipping test. Error: %s" % str(e))
+
+vm2_uuid = domain2.get_uuid()
+
+try:
+ domain2.start(noConsole=True)
+except:
+ FAIL("Could not start domain1")
+
+
+print "Domain 2 started"
+
+# Try a policy that would put the two domains into conflict
+cfs_2 = { 'name' : "CFS1",
+ 'chws' : [ "red" , "green" ] }
+cfss = [ cfs_2 ]
+
+hdr = update_hdr(hdr)
+xml = create_xml_policy(hdr, stes, chws,
+ vmlabels, vmfrommap, bootstrap,
+ reslabels, resfrommap,
+ cfss)
+
+policystate = session.xenapi.XSPolicy.set_xspolicy(xsconstants.XS_POLICY_ACM,
+ xml,
+ xsconstants.XS_INST_LOAD,
+ True)
+
+print "policystate %s" % policystate
+
+if int(policystate['xserr']) == 0:
+ FAIL("(1) Should not have been able to set this policy.")
+
+if len(policystate['errors']) == 0:
+ FAIL("Hypervisor should have reported errros.")
+
+errors = base64.b64decode(policystate['errors'])
+
+print "Length of errors: %d" % len(errors)
+a,b = struct.unpack("!ii",errors)
+
+print "%08x , %08x" % (a,b)
+
+#
+# Create a faulty policy with 'red' STE missing
+#
+
+cfss = [ cfs_1 ]
+stes = [ "SystemManagement", "green", "blue" ]
+
+xml = create_xml_policy(hdr, stes, chws,
+ vmlabels, vmfrommap, bootstrap,
+ reslabels, resfrommap,
+ cfss)
+policystate = session.xenapi.XSPolicy.set_xspolicy(xsconstants.XS_POLICY_ACM,
+ xml,
+ xsconstants.XS_INST_LOAD,
+ True)
+
+print "Result from setting faulty(!) policy with STE 'red' missing:"
+print "policystate %s" % policystate
+
+if int(policystate['xserr']) == 0:
+ FAIL("(2) Should not have been able to set this policy.")
+
+#
+# Create a policy with 'red' VMLabel missing -- should not work since it is
+# in use.
+#
+stes = [ "SystemManagement", "red", "green", "blue" ]
+
+vmlabels = [ vm_sysmgt, vm_green, vm_blue ]
+
+xml = create_xml_policy(hdr, stes, chws,
+ vmlabels, vmfrommap, bootstrap,
+ reslabels, resfrommap,
+ cfss)
+policystate = session.xenapi.XSPolicy.set_xspolicy(xsconstants.XS_POLICY_ACM,
+ xml,
+ xsconstants.XS_INST_LOAD,
+ True)
+print "Result from setting faulty(!) policy with VMlabel 'red' missing:"
+print "policystate %s" % policystate
+
+if int(policystate['xserr']) == 0:
+ FAIL("(3) Should not have been able to set this policy.")
+
+#
+# Create a policy with 'blue' VMLabel missing -- should work since it is NOT
+# in use.
+#
+vmlabels = [ vm_sysmgt, vm_red, vm_green ]
+
+xml = create_xml_policy(hdr, stes, chws,
+ vmlabels, vmfrommap, bootstrap,
+ reslabels, resfrommap,
+ cfss)
+policystate = session.xenapi.XSPolicy.set_xspolicy(xsconstants.XS_POLICY_ACM,
+ xml,
+ xsconstants.XS_INST_LOAD,
+ True)
+
+print "Result from setting (good) policy with VMlabel 'blue' missing:"
+print "policystate %s" % policystate
+
+if int(policystate['xserr']) != 0:
+ FAIL("(4) Should have been able to set this policy: %s" % xml)
+
+#
+# Move the green VMLabel towards blue which should put the running
+# domain with label blue into a conflict set
+#
+vmlabels = [ vm_sysmgt, vm_red, vm_blue ]
+
+vmfrommap = { "blue" : "green" } # new : old
+
+hdr = update_hdr(hdr) #Needed, since last update was successful
+xml = create_xml_policy(hdr, stes, chws,
+ vmlabels, vmfrommap, bootstrap,
+ reslabels, resfrommap,
+ cfss)
+
+policystate = session.xenapi.XSPolicy.set_xspolicy(xsconstants.XS_POLICY_ACM,
+ xml,
+ xsconstants.XS_INST_LOAD,
+ True)
+
+print "policystate %s" % policystate
+
+if int(policystate['xserr']) == 0:
+ FAIL("(5) Should not have been able to set this policy.")
+
+#
+# Try to install a policy where a VM label has a faulty VM label name
+#
+vmfrommap = {}
+
+vm_blue_bad = { 'name' : "blue:x" , # ':' no allowed
+ 'stes' : ["blue"],
+ 'chws' : ["blue"] }
+
+vmlabels = [ vm_sysmgt, vm_red, vm_green, vm_blue_bad ]
+
+xml = create_xml_policy(hdr, stes, chws,
+ vmlabels, vmfrommap, bootstrap,
+ reslabels, resfrommap,
+ cfss)
+
+policystate = session.xenapi.XSPolicy.set_xspolicy(xsconstants.XS_POLICY_ACM,
+ xml,
+ xsconstants.XS_INST_LOAD,
+ True)
+
+print "policystate %s" % policystate
+
+if int(policystate['xserr']) == 0:
+ FAIL("(6) Should not have been able to set this policy.")
+
+#
+# End the test by installing the initial policy again
+#
+
+cur_version = hdr['version']
+(maj, min) = cur_version.split(".")
+cur_version = "%s.%s" % (maj, str(int(min)-1) )
+
+orig_acmpol = ACMPolicy(xml=xml_good)
+orig_acmpol.set_frompolicy_version(cur_version)
+orig_acmpol.set_policy_version(hdr['version'])
+
+policystate = session.xenapi.XSPolicy.set_xspolicy(xsconstants.XS_POLICY_ACM,
+ orig_acmpol.toxml(),
+ xsconstants.XS_INST_LOAD,
+ True)
+
+if int(policystate['xserr']) != 0:
+ FAIL("(END) Should have been able to set this policy.")
+
+domain1.stop()
+domain2.stop()
+domain1.destroy()
+domain2.destroy()
diff -r ad87a4912874 -r e1f74a5a09cb
tools/xm-test/tests/security-acm/Makefile.am
--- a/tools/xm-test/tests/security-acm/Makefile.am Wed Jul 18 13:56:00
2007 +0100
+++ b/tools/xm-test/tests/security-acm/Makefile.am Wed Jul 18 13:56:21
2007 +0100
@@ -5,7 +5,10 @@ TESTS = 01_security-acm_basic.test \
03_security-acm_dom_conflict.test \
04_security-acm_dom_res.test \
05_security-acm_dom_res_conf.test \
- 06_security-acm_dom_block_attach.test
+ 06_security-acm_dom_block_attach.test \
+ 07_security-acm_pol_update.test \
+ 08_security-acm_xapi.test \
+ 09_security-acm_pol_update.test
XFAIL_TESTS =
diff -r ad87a4912874 -r e1f74a5a09cb
tools/xm-test/tests/security-acm/xm-test-new-security_policy.xml
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/tools/xm-test/tests/security-acm/xm-test-new-security_policy.xml Wed Jul
18 13:56:21 2007 +0100
@@ -0,0 +1,97 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!-- Auto-generated by ezPolicy -->
+<SecurityPolicyDefinition xmlns="http://www.ibm.com"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.ibm.com ../../security_policy.xsd ">
+ <PolicyHeader>
+ <PolicyName>xm-test</PolicyName>
+ <Date>Fri Sep 29 14:44:38 2006</Date>
+ <Version>1.1</Version>
+ <FromPolicy>
+ <PolicyName>xm-test</PolicyName>
+ <Version>1.0</Version>
+ </FromPolicy>
+ </PolicyHeader>
+
+ <SimpleTypeEnforcement>
+ <SimpleTypeEnforcementTypes>
+ <Type>SystemManagement</Type>
+ <Type>green</Type>
+ <Type>red</Type>
+ </SimpleTypeEnforcementTypes>
+ </SimpleTypeEnforcement>
+
+ <ChineseWall priority="PrimaryPolicyComponent">
+ <ChineseWallTypes>
+ <Type>SystemManagement</Type>
+ <Type>green</Type>
+ <Type>red</Type>
+ </ChineseWallTypes>
+
+ <ConflictSets>
+ <Conflict name="RER">
+ <Type>green</Type>
+ <Type>red</Type>
+ </Conflict>
+ </ConflictSets>
+ </ChineseWall>
+
+ <SecurityLabelTemplate>
+ <SubjectLabels bootstrap="SystemManagement">
+ <VirtualMachineLabel>
+ <Name>SystemManagement</Name>
+ <SimpleTypeEnforcementTypes>
+ <Type>SystemManagement</Type>
+ <Type>green</Type>
+ <Type>red</Type>
+ </SimpleTypeEnforcementTypes>
+ <ChineseWallTypes>
+ <Type>SystemManagement</Type>
+ </ChineseWallTypes>
+ </VirtualMachineLabel>
+
+ <VirtualMachineLabel>
+ <Name>green</Name>
+ <SimpleTypeEnforcementTypes>
+ <Type>green</Type>
+ </SimpleTypeEnforcementTypes>
+ <ChineseWallTypes>
+ <Type>green</Type>
+ </ChineseWallTypes>
+ </VirtualMachineLabel>
+
+ <VirtualMachineLabel>
+ <Name>red</Name>
+ <SimpleTypeEnforcementTypes>
+ <Type>red</Type>
+ </SimpleTypeEnforcementTypes>
+ <ChineseWallTypes>
+ <Type>red</Type>
+ </ChineseWallTypes>
+ </VirtualMachineLabel>
+
+ </SubjectLabels>
+
+ <ObjectLabels>
+ <ResourceLabel>
+ <Name>SystemManagement</Name>
+ <SimpleTypeEnforcementTypes>
+ <Type>SystemManagement</Type>
+ </SimpleTypeEnforcementTypes>
+ </ResourceLabel>
+
+ <ResourceLabel>
+ <Name>green</Name>
+ <SimpleTypeEnforcementTypes>
+ <Type>green</Type>
+ </SimpleTypeEnforcementTypes>
+ </ResourceLabel>
+
+ <ResourceLabel>
+ <Name>red</Name>
+ <SimpleTypeEnforcementTypes>
+ <Type>red</Type>
+ </SimpleTypeEnforcementTypes>
+ </ResourceLabel>
+
+ </ObjectLabels>
+ </SecurityLabelTemplate>
+</SecurityPolicyDefinition>
diff -r ad87a4912874 -r e1f74a5a09cb xen/arch/x86/hvm/vpt.c
--- a/xen/arch/x86/hvm/vpt.c Wed Jul 18 13:56:00 2007 +0100
+++ b/xen/arch/x86/hvm/vpt.c Wed Jul 18 13:56:21 2007 +0100
@@ -261,13 +261,15 @@ void create_periodic_time(
pt->enabled = 1;
pt->pending_intr_nr = 0;
- if ( period < 900000 ) /* < 0.9 ms */
+ /* Periodic timer must be at least 0.9ms. */
+ if ( (period < 900000) && !one_shot )
{
gdprintk(XENLOG_WARNING,
"HVM_PlatformTime: program too small period %"PRIu64"\n",
period);
- period = 900000; /* force to 0.9ms */
- }
+ period = 900000;
+ }
+
pt->period = period;
pt->vcpu = v;
pt->last_plt_gtime = hvm_get_guest_time(pt->vcpu);
_______________________________________________
Xen-changelog mailing list
Xen-changelog@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-changelog
|