This patch to the Xen access control module (ACM) and tools:
1. adapts ACM hooks to the slightly changed event channel structure
2. introduces an ACM_GETDECISION command, which enables authorized
domains to retrieve policy decisions regarding the sharing of resources
(STE policy) from the Xen hypervisor
3. includes cleanup (warnings I found when applying analysis tools such
as beam or flawfinder to the ACM code)
The get_decision function is useful to enforce:
* the security policy on network traffic in the network backends in
domain 0; currently there is no enforcement in Dom0 and all packets flow
freely
* the security policy in block device backends to control which
domains can access which vdisk resources
I have added a small test program that shows how to use the get_decision
ACM interface call, it is in tools/security/get_decision.c and will be
compiled together with the policy tools. As usual, the ACM is unconfigured
until you switch on a security policy on in Config.mk.
Signed-off: Reiner Sailer <sailer@us.ibm.com>
16 files changed:
projects / xen.git / commit