# HG changeset patch
# User gingold@virtu10
# Node ID 37c90a210d7161e6a8ed1885035738952f652232
# Parent  31e9909a722157dcc2553ba8052be9f3d6b5f00f
Makes acm_setup arch-independant.
Move module extraction code to x86/setup.c

Be sure the dump binary file is aligned.

Signed-off-by: Tristan Gingold <tristan.gingold@xxxxxxxx>

diff -r 31e9909a7221 -r 37c90a210d71 xen/acm/acm_core.c
--- a/xen/acm/acm_core.c	Tue Sep 05 07:38:00 2006 +0200
+++ b/xen/acm/acm_core.c	Tue Sep 05 07:48:49 2006 +0200
@@ -100,9 +100,11 @@ acm_dump_policy_reference(u8 *buf, u32 b
     struct acm_policy_reference_buffer *pr_buf = (struct acm_policy_reference_buffer *)buf;
     int ret = sizeof(struct acm_policy_reference_buffer) + strlen(acm_bin_pol.policy_reference_name) + 1;
 
+    ret = (ret + 7) & ~7;
     if (buf_size < ret)
         return -EINVAL;
 
+    memset(buf, 0, ret);
     pr_buf->len = htonl(strlen(acm_bin_pol.policy_reference_name) + 1); /* including stringend '\0' */
     strcpy((char *)(buf + sizeof(struct acm_policy_reference_buffer)),
            acm_bin_pol.policy_reference_name);
@@ -187,85 +189,58 @@ acm_init_binary_policy(u32 policy_code)
     return ret;
 }
 
+int
+acm_is_policy(char *buf, unsigned long len)
+{
+    struct acm_policy_buffer *pol;
+
+    if (buf == NULL || len < sizeof(struct acm_policy_buffer))
+        return 0;
+
+    pol = (struct acm_policy_buffer *)buf;
+    return ntohl(pol->magic) == ACM_MAGIC;
+}
+
+
 static int
-acm_setup(unsigned int *initrdidx,
-          const multiboot_info_t *mbi,
-          unsigned long initial_images_start)
-{
-    int i;
-    module_t *mod = (module_t *)__va(mbi->mods_addr);
+acm_setup(char *policy_start,
+          unsigned long policy_len)
+{
     int rc = ACM_OK;
-
-    if (mbi->mods_count > 1)
-        *initrdidx = 1;
-
-    /*
-     * Try all modules and see whichever could be the binary policy.
-     * Adjust the initrdidx if module[1] is the binary policy.
-     */
-    for (i = mbi->mods_count-1; i >= 1; i--)
-    {
-        struct acm_policy_buffer *pol;
-        char *_policy_start;
-        unsigned long _policy_len;
-#if defined(__i386__)
-        _policy_start = (char *)(initial_images_start + (mod[i].mod_start-mod[0].mod_start));
-#elif defined(__x86_64__)
-        _policy_start = __va(initial_images_start + (mod[i].mod_start-mod[0].mod_start));
-#else
-#error Architecture unsupported by sHype
-#endif
-        _policy_len   = mod[i].mod_end - mod[i].mod_start;
-        if (_policy_len < sizeof(struct acm_policy_buffer))
-            continue; /* not a policy */
-
-        pol = (struct acm_policy_buffer *)_policy_start;
-        if (ntohl(pol->magic) == ACM_MAGIC)
-        {
-            rc = do_acm_set_policy((void *)_policy_start,
-                                   (u32)_policy_len);
-            if (rc == ACM_OK)
-            {
-                printkd("Policy len  0x%lx, start at %p.\n",_policy_len,_policy_start);
-                if (i == 1)
-                {
-                    if (mbi->mods_count > 2)
-                    {
-                        *initrdidx = 2;
-                    }
-                    else {
-                        *initrdidx = 0;
-                    }
-                }
-                else
-                {
-                    *initrdidx = 1;
-                }
-                break;
-            }
-            else
-            {
-                printk("Invalid policy. %d.th module line.\n", i+1);
-                /* load default policy later */
-                acm_active_security_policy = ACM_POLICY_UNDEFINED;
-            }
-        } /* end if a binary policy definition, i.e., (ntohl(pol->magic) == ACM_MAGIC ) */
+    struct acm_policy_buffer *pol;
+
+    if (policy_start == NULL || policy_len < sizeof(struct acm_policy_buffer))
+        return rc;
+
+    pol = (struct acm_policy_buffer *)policy_start;
+    if (ntohl(pol->magic) != ACM_MAGIC)
+        return rc;
+
+    rc = do_acm_set_policy((void *)policy_start, (u32)policy_len);
+    if (rc == ACM_OK)
+    {
+        printkd("Policy len  0x%lx, start at %p.\n",policy_len,policy_start);
+    }
+    else
+    {
+        printk("Invalid policy.\n");
+        /* load default policy later */
+        acm_active_security_policy = ACM_POLICY_UNDEFINED;
     }
     return rc;
 }
 
 
 int
-acm_init(unsigned int *initrdidx,
-         const multiboot_info_t *mbi,
-         unsigned long initial_images_start)
+acm_init(char *policy_start,
+         unsigned long policy_len)
 {
     int ret = ACM_OK;
 
     acm_set_endian();
 
     /* first try to load the boot policy (uses its own locks) */
-    acm_setup(initrdidx, mbi, initial_images_start);
+    acm_setup(policy_start, policy_len);
 
     if (acm_active_security_policy != ACM_POLICY_UNDEFINED)
     {
diff -r 31e9909a7221 -r 37c90a210d71 xen/arch/x86/setup.c
--- a/xen/arch/x86/setup.c	Tue Sep 05 07:38:00 2006 +0200
+++ b/xen/arch/x86/setup.c	Tue Sep 05 07:48:49 2006 +0200
@@ -203,6 +203,55 @@ static void __init percpu_free_unused_ar
 #endif
 }
 
+/* Fecth acm policy module from multiboot modules.  */
+static void
+extract_acm_policy(multiboot_info_t *mbi,
+                   unsigned int *initrdidx,
+                   char **_policy_start, unsigned long *_policy_len)
+{
+    int i;
+    module_t *mod = (module_t *)__va(mbi->mods_addr);
+
+    if ( mbi->mods_count > 1 )
+        *initrdidx = 1;
+
+    /*
+     * Try all modules and see whichever could be the binary policy.
+     * Adjust the initrdidx if module[1] is the binary policy.
+     */
+    for ( i = mbi->mods_count-1; i >= 1; i-- )
+    {
+        unsigned long start;
+        char *policy_start;
+        unsigned long policy_len;
+
+        start = initial_images_start + (mod[i].mod_start-mod[0].mod_start);
+#if defined(__i386__)
+        policy_start = (char *)start;
+#elif defined(__x86_64__)
+        policy_start = __va(start);
+#endif
+        policy_len   = mod[i].mod_end - mod[i].mod_start;
+        if ( acm_is_policy(policy_start, policy_len) )
+        {
+            printf("Policy len  0x%lx, start at %p - module %d.\n",
+                   policy_len, policy_start, i);
+            *_policy_start = policy_start;
+            *_policy_len = policy_len;
+            if ( i == 1 )
+            {
+                if (mbi->mods_count > 2)
+                    *initrdidx = 2;
+                else
+                    *initrdidx = 0;
+            }
+            else
+                *initrdidx = 1;
+            break;
+        }
+    }
+}
+
 static void __init init_idle_domain(void)
 {
     struct domain *idle_domain;
@@ -225,6 +274,8 @@ void __init __start_xen(multiboot_info_t
     char __cmdline[] = "", *cmdline = __cmdline;
     unsigned long _initrd_start = 0, _initrd_len = 0;
     unsigned int initrdidx = 1;
+    char *_policy_start = NULL;
+    unsigned long _policy_len = 0;
     module_t *mod = (module_t *)__va(mbi->mods_addr);
     unsigned long nr_pages, modules_length;
     paddr_t s, e;
@@ -559,8 +610,11 @@ void __init __start_xen(multiboot_info_t
     if ( opt_watchdog ) 
         watchdog_enable();
 
+    /* Extract policy from multiboot.  */
+    extract_acm_policy(mbi, &initrdidx, &_policy_start, &_policy_len);
+
     /* initialize access control security module */
-    acm_init(&initrdidx, mbi, initial_images_start);
+    acm_init(_policy_start, _policy_len);
 
     /* Create initial domain 0. */
     dom0 = domain_create(0);
diff -r 31e9909a7221 -r 37c90a210d71 xen/include/acm/acm_hooks.h
--- a/xen/include/acm/acm_hooks.h	Tue Sep 05 07:38:00 2006 +0200
+++ b/xen/include/acm/acm_hooks.h	Tue Sep 05 07:48:49 2006 +0200
@@ -369,9 +369,11 @@ static inline int acm_sharing(ssidref_t 
         return ACM_ACCESS_PERMITTED;
 }
 
-extern int acm_init(unsigned int *initrdidx,
-                    const multiboot_info_t *mbi,
-                    unsigned long start);
+
+extern int acm_init(char *policy_start, unsigned long policy_len);
+
+/* Return true iff buffer has an acm policy magic number.  */
+extern int acm_is_policy(char *buf, unsigned long len);
 
 #endif