cachepc-qemu

Fork of AMDESE/qemu with changes for cachepc side-channel attack
git clone https://git.sinitax.com/sinitax/cachepc-qemu
Log | Files | Refs | Submodules | LICENSE | sfeed.txt

dbus-vmstate-daemon.sh (3058B)

      1#!/bin/sh
      2
      3# dbus-daemon wrapper script for dbus-vmstate testing
      4#
      5# This script allows to tweak the dbus-daemon policy during the test
      6# to test different configurations.
      7#
      8# This program is free software; you can redistribute it and/or modify
      9# it under the terms of the GNU General Public License as published by
     10# the Free Software Foundation; either version 2 of the License, or
     11# (at your option) any later version.
     12#
     13# This program is distributed in the hope that it will be useful,
     14# but WITHOUT ANY WARRANTY; without even the implied warranty of
     15# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
     16# GNU General Public License for more details.
     17#
     18# You should have received a copy of the GNU General Public License
     19# along with this program; if not, see <http://www.gnu.org/licenses/>.
     20#
     21# Copyright (C) 2019 Red Hat, Inc.
     22
     23write_config()
     24{
     25    CONF="$1"
     26    cat > "$CONF" <<EOF
     27<busconfig>
     28  <type>session</type>
     29  <listen>unix:tmpdir=$DBUS_VMSTATE_TEST_TMPDIR</listen>
     30
     31  <policy context="default">
     32     <!-- Holes must be punched in service configuration files for
     33          name ownership and sending method calls -->
     34     <deny own="*"/>
     35     <deny send_type="method_call"/>
     36
     37     <!-- Signals and reply messages (method returns, errors) are allowed
     38          by default -->
     39     <allow send_type="signal"/>
     40     <allow send_requested_reply="true" send_type="method_return"/>
     41     <allow send_requested_reply="true" send_type="error"/>
     42
     43     <!-- All messages may be received by default -->
     44     <allow receive_type="method_call"/>
     45     <allow receive_type="method_return"/>
     46     <allow receive_type="error"/>
     47     <allow receive_type="signal"/>
     48
     49     <!-- Allow anyone to talk to the message bus -->
     50     <allow send_destination="org.freedesktop.DBus"
     51            send_interface="org.freedesktop.DBus" />
     52     <allow send_destination="org.freedesktop.DBus"
     53            send_interface="org.freedesktop.DBus.Introspectable"/>
     54     <allow send_destination="org.freedesktop.DBus"
     55            send_interface="org.freedesktop.DBus.Properties"/>
     56     <!-- But disallow some specific bus services -->
     57     <deny send_destination="org.freedesktop.DBus"
     58           send_interface="org.freedesktop.DBus"
     59           send_member="UpdateActivationEnvironment"/>
     60     <deny send_destination="org.freedesktop.DBus"
     61           send_interface="org.freedesktop.DBus.Debug.Stats"/>
     62     <deny send_destination="org.freedesktop.DBus"
     63           send_interface="org.freedesktop.systemd1.Activator"/>
     64
     65     <allow own="org.qemu.VMState1"/>
     66     <allow send_destination="org.qemu.VMState1"/>
     67     <allow receive_sender="org.qemu.VMState1"/>
     68
     69  </policy>
     70
     71  <include if_selinux_enabled="yes"
     72   selinux_root_relative="yes">contexts/dbus_contexts</include>
     73
     74</busconfig>
     75EOF
     76}
     77
     78ARGS=
     79for arg in "$@"
     80do
     81    case $arg in
     82        --config-file=*)
     83          CONF="${arg#*=}"
     84          write_config "$CONF"
     85          ARGS="$ARGS $1"
     86          shift
     87        ;;
     88        *)
     89          ARGS="$ARGS $1"
     90          shift
     91        ;;
     92    esac
     93done
     94
     95exec dbus-daemon $ARGS