From a10e171a41877f0acaadee7d7dfe7840244b0068 Mon Sep 17 00:00:00 2001
From: "kfraser@localhost.localdomain" <kfraser@localhost.localdomain>
Date: Wed, 28 Mar 2007 14:00:56 +0100
Subject: [PATCH] [ACM] Allow version information to be embedded in the XML
 representation of the ACM policy. The translation tool has been adapted to
 parse the version found in the XML representation and put it into the binary
 policy. Xen has been adapted to remember the version information and report
 it when asked for the current policy.

Signed-off-by: Stefan Berger <stefanb@us.ibm.com>
---
 tools/security/policies/security_policy.xsd | 15 ++++
 tools/security/secpol_tool.c                |  3 +
 tools/security/secpol_xml2bin.c             | 77 ++++++++++++++-------
 tools/security/secpol_xml2bin.h             | 64 +++++++++--------
 xen/acm/acm_policy.c                        | 10 ++-
 xen/include/acm/acm_core.h                  |  1 +
 xen/include/public/acm.h                    | 26 ++++---
 7 files changed, 136 insertions(+), 60 deletions(-)

diff --git a/tools/security/policies/security_policy.xsd b/tools/security/policies/security_policy.xsd
index f2e9b67e97..8789adb9de 100644
--- a/tools/security/policies/security_policy.xsd
+++ b/tools/security/policies/security_policy.xsd
@@ -22,6 +22,8 @@
 				<xsd:element name="Reference" type="xsd:string" minOccurs="0" maxOccurs="1" />
 				<xsd:element name="Date" minOccurs="0" maxOccurs="1" type="xsd:string"></xsd:element>
 				<xsd:element name="NameSpaceUrl" minOccurs="0" maxOccurs="1" type="xsd:string"></xsd:element>
+				<xsd:element name="Version" minOccurs="0" maxOccurs="1" type="VersionFormat"/>
+				<xsd:element ref="FromPolicy" minOccurs="0" maxOccurs="1"/>
 			</xsd:sequence>
 		</xsd:complexType>
 	</xsd:element>
@@ -116,4 +118,17 @@
 			<xsd:enumeration value="PrimaryPolicyComponent"></xsd:enumeration>
 		</xsd:restriction>
 	</xsd:simpleType>
+	<xsd:element name="FromPolicy">
+		<xsd:complexType>
+			<xsd:sequence>
+				<xsd:element name="PolicyName" minOccurs="1" maxOccurs="1" type="xsd:string"/>
+				<xsd:element name="Version" minOccurs="1" maxOccurs="1" type="VersionFormat"/>
+			</xsd:sequence>
+		</xsd:complexType>
+	</xsd:element>
+	<xsd:simpleType name="VersionFormat">
+		<xsd:restriction base="xsd:string">
+			<xsd:pattern value="[0-9]{1,8}.[0-9]{1,8}"></xsd:pattern>
+		</xsd:restriction>
+	</xsd:simpleType>
 </xsd:schema>
diff --git a/tools/security/secpol_tool.c b/tools/security/secpol_tool.c
index 470de4f25b..0b9c3e4acd 100644
--- a/tools/security/secpol_tool.c
+++ b/tools/security/secpol_tool.c
@@ -172,6 +172,9 @@ void acm_dump_policy_buffer(void *buf, int buflen)
     printf("============\n");
     printf("POLICY REFERENCE = %s.\n", policy_reference_name);
     printf("PolicyVer = %x.\n", ntohl(pol->policy_version));
+    printf("XML Vers. = %d.%d\n",
+           ntohl(pol->xml_pol_version.major),
+           ntohl(pol->xml_pol_version.minor));
     printf("Magic     = %x.\n", ntohl(pol->magic));
     printf("Len       = %x.\n", ntohl(pol->len));
     printf("Primary   = %s (c=%x, off=%x).\n",
diff --git a/tools/security/secpol_xml2bin.c b/tools/security/secpol_xml2bin.c
index c316250e41..581ede1b64 100644
--- a/tools/security/secpol_xml2bin.c
+++ b/tools/security/secpol_xml2bin.c
@@ -108,26 +108,25 @@ char *policy_filename = NULL,
 
 char *policy_reference_name = NULL;
 
+char *policy_version_string = NULL;
+
 void walk_labels(xmlNode * start, xmlDocPtr doc, unsigned long state);
 
 void usage(char *prg)
 {
-    printf("Usage: %s [OPTIONS] POLICYNAME\n", prg);
-    printf
-        ("POLICYNAME is the directory name within the policy directory\n");
-    printf
-        ("that contains the policy files.  The default policy directory\n");
-    printf("is '%s' (see the '-d' option below to change it)\n",
-           POLICY_DIR);
-    printf
-        ("The policy files contained in the POLICYNAME directory must be named:\n");
-    printf("\tPOLICYNAME-security_policy.xml\n");
-    printf("\tPOLICYNAME-security_label_template.xml\n\n");
-    printf("OPTIONS:\n");
-    printf("\t-d POLICYDIR\n");
-    printf
-        ("\t\tUse POLICYDIR as the policy directory. This directory must contain\n");
-    printf("\t\tthe policy schema file 'security_policy.xsd'\n");
+    printf(
+    "Usage: %s [OPTIONS] POLICYNAME\n"
+    "POLICYNAME is the directory name within the policy directory\n"
+    "that contains the policy files.  The default policy directory\n"
+    "is '%s' (see the '-d' option below to change it)\n"
+    "The policy files contained in the POLICYNAME directory must be named:\n"
+    "\tPOLICYNAME-security_policy.xml\n"
+    "\tPOLICYNAME-security_label_template.xml\n\n"
+    "OPTIONS:\n"
+    "\t-d POLICYDIR\n"
+    "\t\tUse POLICYDIR as the policy directory. This directory must \n"
+    "\t\tcontain the policy schema file 'security_policy.xsd'\n",
+    prg, POLICY_DIR);
     exit(EXIT_FAILURE);
 }
 
@@ -300,25 +299,50 @@ void walk_policy(xmlNode * start, xmlDocPtr doc, unsigned long state)
         case XML2BIN_CHWALLTYPES:
         case XML2BIN_CONFLICTSETS:
         case XML2BIN_POLICYHEADER:
+        case XML2BIN_FROMPOLICY:
             walk_policy(cur_node->children, doc, state | (1 << code));
             break;
 
         case XML2BIN_POLICYNAME:       /* get policy reference name .... */
-            if (state != XML2BIN_PN_S) {
+            if (state != XML2BIN_PN_S &&
+                state != XML2BIN_PN_frompolicy_S) {
                 printf("ERROR: >Url< >%s< out of context.\n",
                        (char *) xmlNodeListGetString(doc,
                                                      cur_node->
                                                      xmlChildrenNode, 1));
                 exit(EXIT_FAILURE);
             }
-            policy_reference_name = (char *)
-                xmlNodeListGetString(doc, cur_node->xmlChildrenNode, 1);
-            if (!policy_reference_name) {
-                printf("ERROR: empty >policy reference name (Url)<!\n");
+            if (state == XML2BIN_PN_S) {
+                policy_reference_name = (char *)
+                    xmlNodeListGetString(doc, cur_node->xmlChildrenNode, 1);
+                if (!policy_reference_name) {
+                    printf("ERROR: empty >policy reference name (Url)<!\n");
+                    exit(EXIT_FAILURE);
+                } else
+                    printf("Policy Reference name (Url): %s\n",
+                           policy_reference_name);
+            }
+            break;
+
+        case XML2BIN_VERSION:         /* get policy version number .... */
+            if (state != XML2BIN_PN_S &&
+                state != XML2BIN_PN_frompolicy_S) {
+                printf("ERROR: >Url< >%s< out of context.\n",
+                       (char *) xmlNodeListGetString(doc,
+                                                     cur_node->
+                                                     xmlChildrenNode, 1));
                 exit(EXIT_FAILURE);
-            } else
-                printf("Policy Reference name (Url): %s\n",
-                       policy_reference_name);
+            }
+            if (state == XML2BIN_PN_S) {
+                policy_version_string = (char *)
+                    xmlNodeListGetString(doc, cur_node->xmlChildrenNode, 1);
+                if (!policy_version_string) {
+                    printf("ERROR: empty >policy version string <!\n");
+                    exit(EXIT_FAILURE);
+                } else
+                    printf("Policy version string: %s\n",
+                           policy_version_string);
+            }
             break;
 
         case XML2BIN_STE:
@@ -1135,9 +1159,12 @@ int write_binary(char *filename)
         NULL, *policy_reference_buffer = NULL;
     u_int32_t len;
     int fd, ret = 0;
+    uint32_t major = 0, minor = 0;
 
     u_int32_t len_ste = 0, len_chwall = 0, len_pr = 0;  /* length of policy components */
 
+    sscanf(policy_version_string,"%d.%d", &major, &minor);
+
     /* open binary file */
     if ((fd =
          open(filename, O_WRONLY | O_CREAT | O_TRUNC,
@@ -1152,6 +1179,8 @@ int write_binary(char *filename)
     /* determine primary component (default chwall) */
     header.policy_version = htonl(ACM_POLICY_VERSION);
     header.magic = htonl(ACM_MAGIC);
+    header.xml_pol_version.major = htonl(major);
+    header.xml_pol_version.minor = htonl(minor);
 
     len = sizeof(struct acm_policy_buffer);
     if (have_chwall)
diff --git a/tools/security/secpol_xml2bin.h b/tools/security/secpol_xml2bin.h
index cb4e9023dc..0afb85505c 100644
--- a/tools/security/secpol_xml2bin.h
+++ b/tools/security/secpol_xml2bin.h
@@ -22,31 +22,35 @@
 #define SCHEMA_FILENAME     			"security_policy.xsd"
 
 /* basic states (used as 1 << X) */
-#define ENDOFLIST_POS           22  /* ADAPT!! this position will be NULL; stay below 32 (bit) */
-#define XML2BIN_SECPOL          0   /* policy tokens */
-#define XML2BIN_STE             1
-#define XML2BIN_CHWALL          2
-#define XML2BIN_CONFLICTSETS    3
-#define XML2BIN_CSTYPE          4
-#define XML2BIN_POLICYHEADER    5
-#define XML2BIN_NSURL           6
-#define XML2BIN_POLICYNAME      7
-#define XML2BIN_URL             8
-#define XML2BIN_REFERENCE       9
-#define XML2BIN_DATE            10
-
-#define XML2BIN_LABELTEMPLATE   11  /* label tokens */
-#define XML2BIN_SUBJECTS        12
-#define XML2BIN_OBJECTS         13
-#define XML2BIN_VM              14
-#define XML2BIN_RES             15
-#define XML2BIN_NAME            16
-
-#define XML2BIN_STETYPES        17  /* shared tokens */
-#define XML2BIN_CHWALLTYPES     18
-#define XML2BIN_TYPE            19
-#define XML2BIN_TEXT            20
-#define XML2BIN_COMMENT         21
+enum {
+    XML2BIN_SECPOL = 0,   /* policy tokens */
+    XML2BIN_STE,
+    XML2BIN_CHWALL,
+    XML2BIN_CONFLICTSETS,
+    XML2BIN_CSTYPE,
+    XML2BIN_POLICYHEADER,
+    XML2BIN_NSURL,
+    XML2BIN_POLICYNAME,
+    XML2BIN_URL,
+    XML2BIN_REFERENCE,
+    XML2BIN_DATE,
+    XML2BIN_VERSION,
+    XML2BIN_FROMPOLICY,
+
+    XML2BIN_LABELTEMPLATE,  /* label tokens */
+    XML2BIN_SUBJECTS,
+    XML2BIN_OBJECTS,
+    XML2BIN_VM,
+    XML2BIN_RES,
+    XML2BIN_NAME,
+
+    XML2BIN_STETYPES,
+    XML2BIN_CHWALLTYPES,
+    XML2BIN_TYPE,
+    XML2BIN_TEXT,
+    XML2BIN_COMMENT,
+    ENDOFLIST_POS /* keep last ! */
+};
 
 /* type "data type" (currently 16bit) */
 typedef u_int16_t type_t;
@@ -68,6 +72,8 @@ char *token[32] =                       /* parser triggers */
     [XML2BIN_URL]           = "PolicyUrl",
     [XML2BIN_REFERENCE]     = "Reference",
     [XML2BIN_DATE]          = "Date",
+    [XML2BIN_VERSION]       = "Version",
+    [XML2BIN_FROMPOLICY]    = "FromPolicy",
 
     [XML2BIN_LABELTEMPLATE] = "SecurityLabelTemplate", /* label-template xml */
     [XML2BIN_SUBJECTS]      = "SubjectLabels",
@@ -79,7 +85,7 @@ char *token[32] =                       /* parser triggers */
     [XML2BIN_STETYPES]      = "SimpleTypeEnforcementTypes", /* common tags */
     [XML2BIN_CHWALLTYPES]   = "ChineseWallTypes",
     [XML2BIN_TYPE]          = "Type",
-	[XML2BIN_TEXT]          = "text",
+    [XML2BIN_TEXT]          = "text",
     [XML2BIN_COMMENT]       = "comment",
     [ENDOFLIST_POS]         = NULL  /* End of LIST, adapt ENDOFLIST_POS
                                        when adding entries */
@@ -112,6 +118,10 @@ char *token[32] =                       /* parser triggers */
 #define XML2BIN_PN_S ((1 << XML2BIN_SECPOL) | \
                  (1 << XML2BIN_POLICYHEADER))
 
+#define XML2BIN_PN_frompolicy_S ((1 << XML2BIN_SECPOL) | \
+                 (1 << XML2BIN_POLICYHEADER) | \
+                 (1 << XML2BIN_FROMPOLICY))
+
 /* label xml states */
 #define XML2BIN_VM_S ((1 << XML2BIN_SECPOL) | \
                  (1 << XML2BIN_LABELTEMPLATE) |	\
@@ -147,7 +157,7 @@ char *token[32] =                       /* parser triggers */
  */
 
 /* protects from unnoticed changes in struct acm_policy_buffer */
-#define WRITTEN_AGAINST_ACM_POLICY_VERSION  2
+#define WRITTEN_AGAINST_ACM_POLICY_VERSION  3
 
 /* protects from unnoticed changes in struct acm_chwall_policy_buffer */
 #define WRITTEN_AGAINST_ACM_CHWALL_VERSION  1
diff --git a/xen/acm/acm_policy.c b/xen/acm/acm_policy.c
index 5125454962..694bd9daa1 100644
--- a/xen/acm/acm_policy.c
+++ b/xen/acm/acm_policy.c
@@ -116,6 +116,10 @@ do_acm_set_policy(void *buf, u32 buf_size)
          acm_secondary_ops->set_binary_policy(buf + offset, length))
         goto error_lock_free;
 
+    memcpy(&acm_bin_pol.xml_pol_version,
+           &pol->xml_pol_version,
+           sizeof(acm_bin_pol.xml_pol_version));
+
     write_unlock(&acm_bin_pol_rwlock);
     return ACM_OK;
 
@@ -132,7 +136,7 @@ acm_get_policy(XEN_GUEST_HANDLE(void) buf, u32 buf_size)
     u8 *policy_buffer;
     int ret;
     struct acm_policy_buffer *bin_pol;
- 
+
     if (buf_size < sizeof(struct acm_policy_buffer))
         return -EFAULT;
 
@@ -151,6 +155,10 @@ acm_get_policy(XEN_GUEST_HANDLE(void) buf, u32 buf_size)
     bin_pol->primary_buffer_offset = cpu_to_be32(be32_to_cpu(bin_pol->len));
     bin_pol->secondary_buffer_offset = cpu_to_be32(be32_to_cpu(bin_pol->len));
      
+    memcpy(&bin_pol->xml_pol_version,
+           &acm_bin_pol.xml_pol_version,
+           sizeof(struct acm_policy_version));
+
     ret = acm_dump_policy_reference(policy_buffer + be32_to_cpu(bin_pol->policy_reference_offset),
                                     buf_size - be32_to_cpu(bin_pol->policy_reference_offset));
     if (ret < 0)
diff --git a/xen/include/acm/acm_core.h b/xen/include/acm/acm_core.h
index 1922a2b8ae..033a1fd418 100644
--- a/xen/include/acm/acm_core.h
+++ b/xen/include/acm/acm_core.h
@@ -29,6 +29,7 @@ struct acm_binary_policy {
     char *policy_reference_name;
     u16 primary_policy_code;
     u16 secondary_policy_code;
+    struct acm_policy_version xml_pol_version;
 };
 
 struct chwall_binary_policy {
diff --git a/xen/include/public/acm.h b/xen/include/public/acm.h
index 23078837fb..3f7a1c9e82 100644
--- a/xen/include/public/acm.h
+++ b/xen/include/public/acm.h
@@ -78,7 +78,7 @@
  * whenever the interpretation of the related
  * policy's data structure changes
  */
-#define ACM_POLICY_VERSION 2
+#define ACM_POLICY_VERSION 3
 #define ACM_CHWALL_VERSION 1
 #define ACM_STE_VERSION  1
 
@@ -119,6 +119,14 @@ typedef uint16_t domaintype_t;
 /* each offset in bytes from start of the struct they
  * are part of */
 
+/* V3 of the policy buffer aded a version structure */
+struct acm_policy_version
+{
+    uint32_t major;
+    uint32_t minor;
+} __attribute__((packed));
+
+
 /* each buffer consists of all policy information for
  * the respective policy given in the policy code
  *
@@ -136,11 +144,13 @@ struct acm_policy_buffer {
     uint32_t primary_buffer_offset;
     uint32_t secondary_policy_code;
     uint32_t secondary_buffer_offset;
-};
+    struct acm_policy_version xml_pol_version; /* add in V3 */
+} __attribute__((packed));
+
 
 struct acm_policy_reference_buffer {
     uint32_t len;
-};
+} __attribute__((packed));
 
 struct acm_chwall_policy_buffer {
     uint32_t policy_version; /* ACM_CHWALL_VERSION */
@@ -152,7 +162,7 @@ struct acm_chwall_policy_buffer {
     uint32_t chwall_conflict_sets_offset;
     uint32_t chwall_running_types_offset;
     uint32_t chwall_conflict_aggregate_offset;
-};
+} __attribute__((packed));
 
 struct acm_ste_policy_buffer {
     uint32_t policy_version; /* ACM_STE_VERSION */
@@ -160,7 +170,7 @@ struct acm_ste_policy_buffer {
     uint32_t ste_max_types;
     uint32_t ste_max_ssidrefs;
     uint32_t ste_ssid_offset;
-};
+} __attribute__((packed));
 
 struct acm_stats_buffer {
     uint32_t magic;
@@ -169,7 +179,7 @@ struct acm_stats_buffer {
     uint32_t primary_stats_offset;
     uint32_t secondary_policy_code;
     uint32_t secondary_stats_offset;
-};
+} __attribute__((packed));
 
 struct acm_ste_stats_buffer {
     uint32_t ec_eval_count;
@@ -178,7 +188,7 @@ struct acm_ste_stats_buffer {
     uint32_t gt_denied_count;
     uint32_t ec_cachehit_count;
     uint32_t gt_cachehit_count;
-};
+} __attribute__((packed));
 
 struct acm_ssid_buffer {
     uint32_t len;
@@ -190,7 +200,7 @@ struct acm_ssid_buffer {
     uint32_t secondary_policy_code;
     uint32_t secondary_max_types;
     uint32_t secondary_types_offset;
-};
+} __attribute__((packed));
 
 #endif
 
-- 
2.30.2