1 /*
2 *
3 * Authors: Michael LeMay, <mdlemay@epoch.ncsc.mil>
4 * George Coker, <gscoker@alpha.ncsc.mil>
5 *
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License version 2,
8 * as published by the Free Software Foundation.
9 */
10
11 #include <stdlib.h>
12 #include <errno.h>
13 #include <stdio.h>
14 #include <xenctrl.h>
15 #include <fcntl.h>
16 #include <sys/mman.h>
17 #include <sys/stat.h>
18 #include <string.h>
19 #include <unistd.h>
20
21 #define USE_MMAP
22
usage(int argCnt,const char * args[])23 static void usage (int argCnt, const char *args[])
24 {
25 fprintf(stderr, "Usage: %s <policy.file>\n", args[0]);
26 exit(1);
27 }
28
main(int argCnt,const char * args[])29 int main (int argCnt, const char *args[])
30 {
31 const char *polFName;
32 int polFd = 0;
33 void *polMem = NULL;
34 void *polMemCp = NULL;
35 struct stat info;
36 int ret;
37 xc_interface *xch = 0;
38
39 if (argCnt != 2)
40 usage(argCnt, args);
41
42 polFName = args[1];
43 polFd = open(polFName, O_RDONLY);
44 if ( polFd < 0 )
45 {
46 fprintf(stderr, "Error occurred opening policy file '%s': %s\n",
47 polFName, strerror(errno));
48 ret = -1;
49 goto cleanup;
50 }
51
52 ret = stat(polFName, &info);
53 if ( ret < 0 )
54 {
55 fprintf(stderr, "Error occurred retrieving information about"
56 "policy file '%s': %s\n", polFName, strerror(errno));
57 goto cleanup;
58 }
59
60 polMemCp = malloc(info.st_size);
61
62 #ifdef USE_MMAP
63 polMem = mmap(NULL, info.st_size, PROT_READ, MAP_SHARED, polFd, 0);
64 if ( polMem == MAP_FAILED )
65 {
66 fprintf(stderr, "Error occurred mapping policy file in memory: %s\n",
67 strerror(errno));
68 ret = -1;
69 goto cleanup;
70 }
71
72 xch = xc_interface_open(0,0,0);
73 if ( !xch )
74 {
75 fprintf(stderr, "Unable to create interface to xenctrl: %s\n",
76 strerror(errno));
77 ret = -1;
78 goto cleanup;
79 }
80
81 memcpy(polMemCp, polMem, info.st_size);
82 #else
83 ret = read(polFd, polMemCp, info.st_size);
84 if ( ret < 0 )
85 {
86 fprintf(stderr, "Unable to read new Flask policy file: %s\n",
87 strerror(errno));
88 goto cleanup;
89 }
90 else
91 {
92 printf("Read %d bytes from policy file '%s'.\n", ret, polFName);
93 }
94 #endif
95
96 ret = xc_flask_load(xch, polMemCp, info.st_size);
97 if ( ret < 0 )
98 {
99 errno = -ret;
100 fprintf(stderr, "Unable to load new Flask policy: %s\n",
101 strerror(errno));
102 ret = -1;
103 goto cleanup;
104 }
105 else
106 {
107 printf("Successfully loaded policy.\n");
108 }
109
110 done:
111 free(polMemCp);
112 if ( polMem )
113 {
114 ret = munmap(polMem, info.st_size);
115 if ( ret < 0 )
116 fprintf(stderr, "Unable to unmap policy memory: %s\n", strerror(errno));
117 }
118 if ( polFd >= 0 )
119 close(polFd);
120 if ( xch )
121 xc_interface_close(xch);
122
123 return ret;
124
125 cleanup:
126 goto done;
127 }
128