projects / xen.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 559f439) | patch
flask: improve unknown permission handling
authorDaniel De Graaf <dgdegra@tycho.nsa.gov>
Mon, 20 Jun 2016 14:04:20 +0000 (10:04 -0400)
committerAndrew Cooper <andrew.cooper3@citrix.com>
Tue, 21 Jun 2016 14:56:00 +0000 (15:56 +0100)
commit56fef9e367b250a3c6ff16b6c4494c5103ac4871
tree07b0cd6f65916d89a7a6c29837b4bc7d79b70465tree | snapshot
parent559f439bfa3bf931414534ec0c46e5e8a21fa3bacommit | diff
flask: improve unknown permission handling

When an unknown domctl, sysctl, or other operation is encountered in the
FLASK security server, use the allow_unknown bit in the security policy
to decide if the permission should be allowed or denied.  This allows
new operations to be tested without needing to immediately add security
checks; however, it is not flexible enough to avoid adding the actual
permission checks.  An error message is printed to the hypervisor
console when this fallback is encountered.

This patch will allow operations that are not handled by the existing
hooks only if the policy was compiled with "checkpolicy -U allow".  In
previous releases, this bit did nothing, and the default remains to deny
the unknown operations.

Signed-off-by: Daniel De Graaf <dgdegra@tycho.nsa.gov>
Reviewed-by: Doug Goldstein <cardoe@cardoe.com>
xen/xsm/flask/hooks.c diff | blob | history
xen/xsm/flask/include/security.h diff | blob | history
xen/xsm/flask/ss/policydb.c diff | blob | history
xen/xsm/flask/ss/policydb.h diff | blob | history
xen/xsm/flask/ss/services.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.