# HG changeset patch
# User awilliam@xxxxxxxxxxx
# Node ID 3e4fa8b5b245889a89a894faf6f5b8398a8f9907
# Parent 73cdbd909a8d457cbaf8c74682157ad569cacd1b
# Parent 7d4def53936c4c5a8a0a1e82dac42a96aae0d1c1
merge with xen-unstable.hg
---
patches/linux-2.6.16.13/x86_64-put-note-sections-into-a-pt_note-segment-in-vmlinux.patch
| 27 +++++--
tools/python/xen/web/SrvBase.py
| 1
tools/python/xen/xm/addlabel.py
| 6 -
tools/python/xen/xm/cfgbootpolicy.py
| 6 -
tools/python/xen/xm/create.py
| 4 -
tools/python/xen/xm/dry-run.py
| 13 ++-
tools/python/xen/xm/dumppolicy.py
| 8 +-
tools/python/xen/xm/getlabel.py
| 38 ++++------
tools/python/xen/xm/labels.py
| 4 -
tools/python/xen/xm/loadpolicy.py
| 5 -
tools/python/xen/xm/makepolicy.py
| 3
tools/python/xen/xm/resources.py
| 21 +++--
tools/python/xen/xm/rmlabel.py
| 10 +-
13 files changed, 84 insertions(+), 62 deletions(-)
diff -r 73cdbd909a8d -r 3e4fa8b5b245
patches/linux-2.6.16.13/x86_64-put-note-sections-into-a-pt_note-segment-in-vmlinux.patch
---
a/patches/linux-2.6.16.13/x86_64-put-note-sections-into-a-pt_note-segment-in-vmlinux.patch
Tue Sep 12 11:42:27 2006 -0600
+++
b/patches/linux-2.6.16.13/x86_64-put-note-sections-into-a-pt_note-segment-in-vmlinux.patch
Tue Sep 12 11:43:22 2006 -0600
@@ -1,5 +1,3 @@ diff --git a/arch/x86_64/kernel/vmlinux.
-diff --git a/arch/x86_64/kernel/vmlinux.lds.S
b/arch/x86_64/kernel/vmlinux.lds.S
-index 7c4de31..ef418b3 100644
--- a/arch/x86_64/kernel/vmlinux.lds.S
+++ b/arch/x86_64/kernel/vmlinux.lds.S
@@ -13,6 +13,12 @@ OUTPUT_FORMAT("elf64-x86-64", "elf64-x86
@@ -24,7 +22,7 @@ index 7c4de31..ef418b3 100644
/* out-of-line lock text */
.text.lock : AT(ADDR(.text.lock) - LOAD_OFFSET) { *(.text.lock) }
-@@ -57,7 +63,7 @@ #endif
+@@ -57,17 +63,10 @@ #endif
.data : AT(ADDR(.data) - LOAD_OFFSET) {
*(.data)
CONSTRUCTORS
@@ -33,7 +31,17 @@ index 7c4de31..ef418b3 100644
_edata = .; /* End of data section */
-@@ -89,7 +95,7 @@ #define VVIRT_OFFSET (VSYSCALL_ADDR - VS
+- __bss_start = .; /* BSS */
+- .bss : AT(ADDR(.bss) - LOAD_OFFSET) {
+- *(.bss.page_aligned)
+- *(.bss)
+- }
+- __bss_stop = .;
+-
+ . = ALIGN(PAGE_SIZE);
+ . = ALIGN(CONFIG_X86_L1_CACHE_BYTES);
+ .data.cacheline_aligned : AT(ADDR(.data.cacheline_aligned) - LOAD_OFFSET) {
+@@ -89,7 +88,7 @@ #define VVIRT_OFFSET (VSYSCALL_ADDR - VS
#define VVIRT(x) (ADDR(x) - VVIRT_OFFSET)
. = VSYSCALL_ADDR;
@@ -42,7 +50,7 @@ index 7c4de31..ef418b3 100644
__vsyscall_0 = VSYSCALL_VIRT_ADDR;
. = ALIGN(CONFIG_X86_L1_CACHE_BYTES);
-@@ -132,7 +138,7 @@ #undef VVIRT
+@@ -132,7 +131,7 @@ #undef VVIRT
. = ALIGN(8192); /* init_task */
.data.init_task : AT(ADDR(.data.init_task) - LOAD_OFFSET) {
*(.data.init_task)
@@ -51,7 +59,22 @@ index 7c4de31..ef418b3 100644
. = ALIGN(4096);
.data.page_aligned : AT(ADDR(.data.page_aligned) - LOAD_OFFSET) {
-@@ -235,4 +241,6 @@ #endif
+@@ -222,6 +221,14 @@ SECTIONS
+ . = ALIGN(4096);
+ __nosave_end = .;
+
++ __bss_start = .; /* BSS */
++ . = ALIGN(4096);
++ .bss : AT(ADDR(.bss) - LOAD_OFFSET) {
++ *(.bss.page_aligned)
++ *(.bss)
++ }
++ __bss_stop = .;
++
+ _end = . ;
+
+ /* Sections to be discarded */
+@@ -235,4 +242,6 @@ #endif
STABS_DEBUG
DWARF_DEBUG
diff -r 73cdbd909a8d -r 3e4fa8b5b245 tools/python/xen/web/SrvBase.py
--- a/tools/python/xen/web/SrvBase.py Tue Sep 12 11:42:27 2006 -0600
+++ b/tools/python/xen/web/SrvBase.py Tue Sep 12 11:43:22 2006 -0600
@@ -84,6 +84,7 @@ class SrvBase(resource.Resource):
try:
return op_method(op, req)
except Exception, exn:
+ req.setResponseCode(http.INTERNAL_SERVER_ERROR, "Request
failed: " + op)
log.exception("Request %s failed.", op)
if req.useSxp():
return ['xend.err', str(exn)]
diff -r 73cdbd909a8d -r 3e4fa8b5b245 tools/python/xen/xm/addlabel.py
--- a/tools/python/xen/xm/addlabel.py Tue Sep 12 11:42:27 2006 -0600
+++ b/tools/python/xen/xm/addlabel.py Tue Sep 12 11:43:22 2006 -0600
@@ -20,8 +20,6 @@
"""Labeling a domain configuration file or a resoruce.
"""
import sys, os
-import string
-import traceback
from xen.util import dictio
from xen.util import security
@@ -33,6 +31,7 @@ def usage():
print " resource. It derives the policy from the running hypervisor"
print " if it is not given (optional parameter). If a label already"
print " exists for the given domain or resource, then addlabel fails.\n"
+ security.err("Usage")
def validate_config_file(configfile):
@@ -134,7 +133,6 @@ def main (argv):
for prefix in [".", "/etc/xen"]:
configfile = prefix + "/" + configfile
if os.path.isfile(configfile):
- fd = open(configfile, "rb")
break
if not validate_config_file(configfile):
usage()
@@ -147,7 +145,7 @@ def main (argv):
usage()
except security.ACMError:
- traceback.print_exc(limit=1)
+ sys.exit(-1)
if __name__ == '__main__':
diff -r 73cdbd909a8d -r 3e4fa8b5b245 tools/python/xen/xm/cfgbootpolicy.py
--- a/tools/python/xen/xm/cfgbootpolicy.py Tue Sep 12 11:42:27 2006 -0600
+++ b/tools/python/xen/xm/cfgbootpolicy.py Tue Sep 12 11:43:22 2006 -0600
@@ -70,7 +70,7 @@ def determine_kernelversion(user_specifi
within_xen_title = 0
within_xen_entry = 0
if len(version_list) > 1:
- err("Cannot decide between entries for kernels: " + version_list)
+ err("Cannot decide between entries for kernels %s" % version_list)
elif len(version_list) == 0:
err("Cannot find a boot entry candidate (please create a Xen boot
entry first).")
else:
@@ -87,7 +87,6 @@ def insert_policy(boot_file, kernel_vers
within_xen_entry = 0
insert_at_end_of_entry = 0
path_prefix = ''
- done = False
(tmp_fd, tmp_grub) = tempfile.mkstemp()
#follow symlink since menue.lst might be linked to grub.conf
if stat.S_ISLNK(os.lstat(boot_file)[stat.ST_MODE]):
@@ -175,9 +174,10 @@ def main(argv):
print "Boot entry created and \'%s\' copied to /boot" % (policy +
".bin")
except ACMError:
- pass
+ sys.exit(-1)
except:
traceback.print_exc(limit=1)
+ sys.exit(-1)
diff -r 73cdbd909a8d -r 3e4fa8b5b245 tools/python/xen/xm/create.py
--- a/tools/python/xen/xm/create.py Tue Sep 12 11:42:27 2006 -0600
+++ b/tools/python/xen/xm/create.py Tue Sep 12 11:43:22 2006 -0600
@@ -1155,7 +1155,7 @@ def create_security_check(config):
else:
print "Checking resources: (skipped)"
except security.ACMError:
- traceback.print_exc(limit=1)
+ sys.exit(-1)
return passed
@@ -1176,7 +1176,7 @@ def main(argv):
PrettyPrint.prettyprint(config)
else:
if not create_security_check(config):
- print "Security configuration prevents domain from starting"
+ err("Security configuration prevents domain from starting.")
else:
dom = make_domain(opts, config)
if opts.vals.console_autoconnect:
diff -r 73cdbd909a8d -r 3e4fa8b5b245 tools/python/xen/xm/dry-run.py
--- a/tools/python/xen/xm/dry-run.py Tue Sep 12 11:42:27 2006 -0600
+++ b/tools/python/xen/xm/dry-run.py Tue Sep 12 11:43:22 2006 -0600
@@ -18,6 +18,7 @@
"""Tests the security settings for a domain and its resources.
"""
+import sys
from xen.util import security
from xen.xm import create
from xen.xend import sxp
@@ -28,14 +29,14 @@ def usage():
print "to see if the domain created by the configfile can access"
print "the resources. The status of each resource is listed"
print "individually along with the final security decision.\n"
+ security.err("Usage")
def main (argv):
- if len(argv) != 2:
- usage()
- return
+ try:
+ if len(argv) != 2:
+ usage()
- try:
passed = 0
(opts, config) = create.parseCommandLine(argv)
if create.check_domain_label(config, verbose=1):
@@ -48,8 +49,10 @@ def main (argv):
print "Dry Run: PASSED"
else:
print "Dry Run: FAILED"
+ sys.exit(-1)
+
except security.ACMError:
- pass
+ sys.exit(-1)
if __name__ == '__main__':
diff -r 73cdbd909a8d -r 3e4fa8b5b245 tools/python/xen/xm/dumppolicy.py
--- a/tools/python/xen/xm/dumppolicy.py Tue Sep 12 11:42:27 2006 -0600
+++ b/tools/python/xen/xm/dumppolicy.py Tue Sep 12 11:43:22 2006 -0600
@@ -18,7 +18,6 @@
"""Display currently enforced policy (low-level hypervisor representation).
"""
import sys
-import traceback
from xen.util.security import ACMError, err, dump_policy
@@ -31,12 +30,13 @@ def usage():
def main(argv):
try:
+ if len(argv) != 1:
+ usage()
+
dump_policy()
except ACMError:
- pass
- except:
- traceback.print_exc(limit=1)
+ sys.exit(-1)
if __name__ == '__main__':
diff -r 73cdbd909a8d -r 3e4fa8b5b245 tools/python/xen/xm/getlabel.py
--- a/tools/python/xen/xm/getlabel.py Tue Sep 12 11:42:27 2006 -0600
+++ b/tools/python/xen/xm/getlabel.py Tue Sep 12 11:43:22 2006 -0600
@@ -19,8 +19,6 @@
"""Show the label for a domain or resoruce.
"""
import sys, os, re
-import string
-import traceback
from xen.util import dictio
from xen.util import security
@@ -28,6 +26,7 @@ def usage():
print "\nUsage: xm getlabel dom <configfile>"
print " xm getlabel res <resource>\n"
print " This program shows the label for a domain or resource.\n"
+ security.err("Usage")
def get_resource_label(resource):
@@ -38,8 +37,7 @@ def get_resource_label(resource):
try:
access_control = dictio.dict_read("resources", file)
except:
- print "Resource label file not found"
- return
+ security.err("Resource label file not found")
# get the entry and print label
if access_control.has_key(resource):
@@ -47,7 +45,7 @@ def get_resource_label(resource):
label = access_control[resource][1]
print "policy="+policy+",label="+label
else:
- print "Resource not labeled"
+ security.err("Resource not labeled")
def get_domain_label(configfile):
@@ -63,8 +61,7 @@ def get_domain_label(configfile):
fd = open(file, "rb")
break
if not fd:
- print "Configuration file '"+configfile+"' not found."
- return
+ security.err("Configuration file '"+configfile+"' not found.")
# read in the domain config file, finding the label line
ac_entry_re = re.compile("^access_control\s*=.*", re.IGNORECASE)
@@ -82,8 +79,7 @@ def get_domain_label(configfile):
# send error message if we didn't find anything
if acline == "":
- print "Label does not exist in domain configuration file."
- return
+ security.err("Domain not labeled")
# print out the label
(title, data) = acline.split("=", 1)
@@ -94,19 +90,21 @@ def get_domain_label(configfile):
def main (argv):
- if len(argv) != 3:
- usage()
- return
+ try:
+ if len(argv) != 3:
+ usage()
- if argv[1].lower() == "dom":
- configfile = argv[2]
- get_domain_label(configfile)
- elif argv[1].lower() == "res":
- resource = argv[2]
- get_resource_label(resource)
- else:
- usage()
+ if argv[1].lower() == "dom":
+ configfile = argv[2]
+ get_domain_label(configfile)
+ elif argv[1].lower() == "res":
+ resource = argv[2]
+ get_resource_label(resource)
+ else:
+ usage()
+ except security.ACMError:
+ sys.exit(-1)
if __name__ == '__main__':
main(sys.argv)
diff -r 73cdbd909a8d -r 3e4fa8b5b245 tools/python/xen/xm/labels.py
--- a/tools/python/xen/xm/labels.py Tue Sep 12 11:42:27 2006 -0600
+++ b/tools/python/xen/xm/labels.py Tue Sep 12 11:43:22 2006 -0600
@@ -70,10 +70,12 @@ def main(argv):
labels.sort()
for label in labels:
print label
+
except ACMError:
- pass
+ sys.exit(-1)
except:
traceback.print_exc(limit=1)
+ sys.exit(-1)
if __name__ == '__main__':
diff -r 73cdbd909a8d -r 3e4fa8b5b245 tools/python/xen/xm/loadpolicy.py
--- a/tools/python/xen/xm/loadpolicy.py Tue Sep 12 11:42:27 2006 -0600
+++ b/tools/python/xen/xm/loadpolicy.py Tue Sep 12 11:43:22 2006 -0600
@@ -34,11 +34,12 @@ def main(argv):
if len(argv) != 2:
usage()
load_policy(argv[1])
+
except ACMError:
- pass
+ sys.exit(-1)
except:
traceback.print_exc(limit=1)
-
+ sys.exit(-1)
if __name__ == '__main__':
diff -r 73cdbd909a8d -r 3e4fa8b5b245 tools/python/xen/xm/makepolicy.py
--- a/tools/python/xen/xm/makepolicy.py Tue Sep 12 11:42:27 2006 -0600
+++ b/tools/python/xen/xm/makepolicy.py Tue Sep 12 11:43:22 2006 -0600
@@ -37,9 +37,10 @@ def main(argv):
make_policy(argv[1])
except ACMError:
- pass
+ sys.exit(-1)
except:
traceback.print_exc(limit=1)
+ sys.exit(-1)
diff -r 73cdbd909a8d -r 3e4fa8b5b245 tools/python/xen/xm/resources.py
--- a/tools/python/xen/xm/resources.py Tue Sep 12 11:42:27 2006 -0600
+++ b/tools/python/xen/xm/resources.py Tue Sep 12 11:43:22 2006 -0600
@@ -18,8 +18,7 @@
"""List the resource label information from the global resource label file
"""
-import sys, os
-import string
+import sys
from xen.util import dictio
from xen.util import security
@@ -27,6 +26,7 @@ def usage():
print "\nUsage: xm resource\n"
print " This program lists information for each resource in the"
print " global resource label file\n"
+ security.err("Usage")
def print_resource_data(access_control):
@@ -41,14 +41,19 @@ def print_resource_data(access_control):
def main (argv):
try:
- file = security.res_label_filename
- access_control = dictio.dict_read("resources", file)
- except:
- print "Resource file not found."
- return
+ if len(argv) != 1:
+ usage()
- print_resource_data(access_control)
+ try:
+ file = security.res_label_filename
+ access_control = dictio.dict_read("resources", file)
+ except:
+ security.err("Error reading resource file.")
+ print_resource_data(access_control)
+
+ except security.ACMError:
+ sys.exit(-1)
if __name__ == '__main__':
main(sys.argv)
diff -r 73cdbd909a8d -r 3e4fa8b5b245 tools/python/xen/xm/rmlabel.py
--- a/tools/python/xen/xm/rmlabel.py Tue Sep 12 11:42:27 2006 -0600
+++ b/tools/python/xen/xm/rmlabel.py Tue Sep 12 11:43:22 2006 -0600
@@ -19,8 +19,6 @@
"""Remove a label from a domain configuration file or a resoruce.
"""
import sys, os, re
-import string
-import traceback
from xen.util import dictio
from xen.util import security
@@ -31,6 +29,7 @@ def usage():
print " for a domain or from the global resource label file for a"
print " resource. If the label does not exist for the given domain or"
print " resource, then rmlabel fails.\n"
+ security.err("Usage")
def rm_resource_label(resource):
@@ -48,7 +47,7 @@ def rm_resource_label(resource):
del access_control[resource]
dictio.dict_write(access_control, "resources", file)
else:
- security.err("Label does not exist in resource label file.")
+ security.err("Resource not labeled.")
def rm_domain_label(configfile):
@@ -85,7 +84,7 @@ def rm_domain_label(configfile):
# send error message if we didn't find anything to remove
if not removed:
- security.err("Label does not exist in domain configuration file.")
+ security.err("Domain not labeled.")
# write the data back out to the file
fd = open(file, "wb")
@@ -97,7 +96,6 @@ def main (argv):
try:
if len(argv) != 3:
usage()
- return
if argv[1].lower() == "dom":
configfile = argv[2]
@@ -109,7 +107,7 @@ def main (argv):
usage()
except security.ACMError:
- traceback.print_exc(limit=1)
+ sys.exit(-1)
if __name__ == '__main__':
_______________________________________________
Xen-changelog mailing list
Xen-changelog@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-changelog
|
Home