[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[PATCH] xsm: also panic upon "flask=enforcing" when XSM_FLASK=n

While the behavior to ignore this option without FLASK support was
properly documented, it is still somewhat surprising to someone using
this option and then still _not_ getting the assumed security. Add a
2nd handler for the command line option for the XSM_FLASK=n case, and
invoke panic() when the option is specified (and not subsequently
overridden by "flask=disabled").

Suggested-by: Ian Jackson <ian.jackson@xxxxxxxxxx>
Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx>

--- a/docs/misc/xen-command-line.pandoc
+++ b/docs/misc/xen-command-line.pandoc
@@ -998,8 +998,9 @@ to use the default.
 > Default: `enforcing`
 Specify how the FLASK security server should be configured.  This option is 
-available if the hypervisor was compiled with FLASK support.  This can be
-enabled by running either:
+available if the hypervisor was compiled with FLASK support, except that
+`flask=enforcing` will still keep the hypervisor from successfully booting even
+without FLASK support.  FLASK support can be enabled by running either:
 - make -C xen config and enabling XSM and FLASK.
 - make -C xen menuconfig and enabling 'FLux Advanced Security Kernel support' 
and 'Xen Security Modules support'
--- a/xen/xsm/xsm_core.c
+++ b/xen/xsm/xsm_core.c
@@ -211,7 +211,33 @@ int __init register_xsm(struct xsm_opera
     return 0;
+#endif /* CONFIG_XSM */
+static bool __initdata _flask_enforcing;
+static int __init parse_flask_param(const char *s)
+    if ( !strcmp(s, "enforcing") )
+        _flask_enforcing = true;
+    else if ( !strcmp(s, "disabled") )
+        _flask_enforcing = false;
+    else
+        return -EINVAL;
+    return 0;
+custom_param("flask", parse_flask_param);
+static int __init check_flask_enforcing(void)
+    if ( _flask_enforcing )
+        panic("\"flask=enforcing\" specified without FLASK support\n");
+    return 0;
+#endif /* !CONFIG_XSM_FLASK */
 long do_xsm_op (XEN_GUEST_HANDLE_PARAM(xsm_op_t) op)



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.