debuggers.hg

view xen/xsm/xsm_core.c @ 22848:6341fe0f4e5a

Added tag 4.1.0-rc2 for changeset 9dca60d88c63
author Keir Fraser <keir@xen.org>
date Tue Jan 25 14:06:55 2011 +0000 (2011-01-25)
parents 426f3a265784
children
line source
1 /*
2 * This work is based on the LSM implementation in Linux 2.6.13.4.
3 *
4 * Author: George Coker, <gscoker@alpha.ncsc.mil>
5 *
6 * Contributors: Michael LeMay, <mdlemay@epoch.ncsc.mil>
7 *
8 * This program is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License version 2,
10 * as published by the Free Software Foundation.
11 */
13 #include <xen/init.h>
14 #include <xen/errno.h>
15 #include <xen/lib.h>
17 #include <xen/hypercall.h>
18 #include <xsm/xsm.h>
20 #ifdef XSM_ENABLE
22 #define XSM_FRAMEWORK_VERSION "1.0.0"
24 extern struct xsm_operations dummy_xsm_ops;
25 extern void xsm_fixup_ops(struct xsm_operations *ops);
27 struct xsm_operations *xsm_ops;
29 static inline int verify(struct xsm_operations *ops)
30 {
31 /* verify the security_operations structure exists */
32 if ( !ops )
33 return -EINVAL;
34 xsm_fixup_ops(ops);
35 return 0;
36 }
38 static void __init do_xsm_initcalls(void)
39 {
40 xsm_initcall_t *call;
41 call = __xsm_initcall_start;
42 while ( call < __xsm_initcall_end )
43 {
44 (*call) ();
45 call++;
46 }
47 }
49 int __init xsm_init(unsigned int *initrdidx, const multiboot_info_t *mbi,
50 void *(*bootstrap_map)(const module_t *))
51 {
52 int ret = 0;
54 printk("XSM Framework v" XSM_FRAMEWORK_VERSION " initialized\n");
56 if ( XSM_MAGIC )
57 {
58 ret = xsm_policy_init(initrdidx, mbi, bootstrap_map);
59 if ( ret )
60 {
61 bootstrap_map(NULL);
62 printk("%s: Error initializing policy.\n", __FUNCTION__);
63 return -EINVAL;
64 }
65 }
67 if ( verify(&dummy_xsm_ops) )
68 {
69 bootstrap_map(NULL);
70 printk("%s could not verify "
71 "dummy_xsm_ops structure.\n", __FUNCTION__);
72 return -EIO;
73 }
75 xsm_ops = &dummy_xsm_ops;
76 do_xsm_initcalls();
77 bootstrap_map(NULL);
79 return 0;
80 }
82 int register_xsm(struct xsm_operations *ops)
83 {
84 if ( verify(ops) )
85 {
86 printk("%s could not verify "
87 "security_operations structure.\n", __FUNCTION__);
88 return -EINVAL;
89 }
91 if ( xsm_ops != &dummy_xsm_ops )
92 return -EAGAIN;
94 xsm_ops = ops;
96 return 0;
97 }
100 int unregister_xsm(struct xsm_operations *ops)
101 {
102 if ( ops != xsm_ops )
103 {
104 printk("%s: trying to unregister "
105 "a security_opts structure that is not "
106 "registered, failing.\n", __FUNCTION__);
107 return -EINVAL;
108 }
110 xsm_ops = &dummy_xsm_ops;
112 return 0;
113 }
115 #endif
117 long do_xsm_op (XEN_GUEST_HANDLE(xsm_op_t) op)
118 {
119 return __do_xsm_op(op);
120 }