Manuals
/
IBM
/
Computer Equipment
/
Server
IBM
10 SP1 EAL4
manual
113
Models:
10 SP1 EAL4
1
125
246
246
Download
246 pages
443 b
122
123
124
125
126
127
128
129
Signals
Login
Operation and administration
Configfs
Access Control Lists
Batch processing user commands
TOE services
Boot methods
Process switch
Real mode addressing
Page 125
Image 125
Figure
5-54:
31-bit
Dynamic Address Translation with page table protection
113
Page 124
Page 126
Page 125
Image 125
Page 124
Page 126
Contents
Page
EJR
Table of Contents
2.1 DAC AppArmor Programs with software privilege
Permission bits Access Control Lists
100
142
175
207
250
252
269
Document overview
Purpose of this document
Conventions used in this document
Terminology
System Overview
Suse Linux Enterprise Server
Product history
EServer systems
High-level product overview
Overall structure of the TOE
EServer host computer structure
Page
EServer system structure
TOE services
Security policy
Local and network services provided by Sles
TSF interfaces
Operation and administration
Approach to TSF identification
Page
Page
System x hardware overview System x hardware architecture
System
System p hardware architecture
System p
System p hardware overview
System z hardware overview System z hardware architecture
System z
EServer 326 hardware architecture
EServer
EServer 326 hardware overview
AMD x86-64 architecture in compatibility mode
Page
Privilege level
Hardware and software privilege
Hardware privilege
Levels of Privilege
Software privilege
AppArmor
2.1 DAC
Programs with software privilege
TOE Security Functions software structure
Kernel TSF software
Logical kernel subsystems and their interactions
Logical components
Kernel threads
Execution components
Base kernel
Kernel modules and device drivers
Non-kernel TSF software
Page
Definition of subsystems for the CC evaluation
TSF databases
Firmware
Hardware
Kernel subsystems
Trusted process subsystems
User-level audit subsystem
Page
File and I/O management
Functional descriptions
Ext3 and CD-ROM file systems before mounting
Virtual File System
Ext3 and CD-ROM file systems after mounting
Pathname translation
VFS pathname translation and access control checks
Open
Shared subtrees
Write
Mount
Extended Attributes
Disk-based file systems
2.1 Ext3 file system
Data structures
Page
Page
Data structures and algorithms
ISO 9660 file system for CD-ROM
Tmpfs
Pseudo file systems
Procfs
Rootfs
Sysfs
Devpts
Configfs
Discretionary Access Control DAC
Inotify
Binfmtmisc
Indicates read
Permission bits
ACL qualifier
Access Control Lists
Types of ACL tags
ACL permissions
Default ACLs and ACL inheritance
Relationship to file permission bits
Aclmask
ACL enforcement
7 I/O scheduler
Asynchronous I/O
Completely Fair Queuing scheduler
Deadline I/O scheduler
Anticipatory I/O scheduler
Noop I/O scheduler
8 I/O interrupts
Top halves
Bottom halves
Machine check
Processor interrupts
Tasklets
Work queue
Data structures
Process control and management
Page
DAC controls
Process creation and destruction
Control of child processes
Kernel threads
Process switch
Setresuidand setresgid
Execve
Hyperthreading scheduler
Scheduling
14 Hyperthreaded scheduling
Kernel preemption
Inter-process communication
Data structures and algorithms
Pipes
Fifo creation
First-In First-Out Named pipes
Common data structures
System V IPC
Fifo open
Message queues
Common functions
Semaphores
Shared memory regions
Sockets
Signals
Data structures
Algorithms
16 Object reuse handling in socket allocation
Network subsystem
Overview of the network protocol stack
18 How data travels through the Network protocol stack
Network layer protocols
Transport layer protocols
3.2.2 IPv6 Header
Addressing
Security
Flow Labels
Transition between IPv4 and IPv6
IP Security IPsec
AH Header
Functional Description of IPsec
An IP Packet with tunnel mode AH
An IP Packet with tunnel mode ESP
Link layer protocols
Internet Control Message Protocol Icmp
Address Resolution Protocol ARP
Network services interface
Bind
Socket
Connect
Listen
Accept
Generic calls
Access control
Memory management
Page
24 Previous three-level page-tables architecture
Four-Level Page Tables
System
Memory addressing
26 System x virtual addressing space
Segmentation
28 Access control through segmentation
Paging
30 Regular paging
32 Access control through paging
For more information about call gates, refer to
System p
33 Paging data structures
34 Logical partitions
Privilege State
36 Determination of processor mode in Lpar
Hypervisor
Real mode addressing
Address Translation on LPARs
Direct Memory Access addressing
Virtual mode addressing
Access to I/O address space
System p native mode
Run-Time Abstraction Services
Preventing denial of service
39 Effective address
Machine State Register
41 Block address
Block descriptor
Descriptor
Segment descriptor
Address translation mechanisms
45 Block Address Translation entry
Address Translation and access control
47 Block Address Translation access control
Page
48 Page Address Translation and access control
Lpar mode
Native hardware mode
2.4.3 z/VM Guest mode
System z
Address translations
Address sizes
Address spaces
49 System z address types and their translation
51 Address translation modes
52 64-bit or 31-bit Dynamic Address Translation
53 Low-address protection on effective address
Memory protection mechanisms
Table protection
113
114
56 Key match logic for key-controlled protection
Logical address
EServer
Physical address
Effective address
Linear address
59 Data access privilege checks
Access control through type check
Page
121
63 Page map level four entry
Translation Lookaside Buffers
Kernel memory management
Reverse map Virtual Memory
Support for Numa servers
Huge Translation Lookaside Buffers
65 Rmap VM
66 TLB Operation
Frame management
Remapfilepages
Noncontiguous memory area management
Process address space
Memory area management
68 Object reuse handling while allocating new linear address
Memory barriers
Symmetric multiprocessing and synchronization
Atomic operations
Audit components
Audit subsystem
Spin locks
Kernel semaphores
Kernel-userspace interface
Audit kernel components
Task structure
Syscall auditing
Filesystem watches
Audit context fields
71 Task Structure
File system audit components
User space audit components
Configuration
Audit operation and configuration options
Option Description Possible values
Operation
Kernel record generation
Audit records
Audit record generation
Syscall audit record generation
73 Audit Record Generation
File system audit record generation
74 Extension to system calls interface
Audit record format
Socket call and IPC audit record generation
Record generation by trusted programs
Page
Event Description LAF audit events
Audit tools
Login uid association
Kernel modules
Auditctl
Linux Security Module framework
Structure
AppArmor
LSM capabilities module
LSM AppArmor module
Var/log/boot.msg Rwl Var/run/klogd.pid
AppArmor administrative utilities
Securityfs
AppArmor access control functions
Interpretive-execution facility
Device drivers
1 I/O virtualization on System z
State description
Hardware virtualization and simulation
Character device driver
Block device driver
Init
System initialization
System
Boot process
Boot methods
Boot loader
Linuxrc
79 System x Sles boot sequence
System p
Page
System p in Lpar
80 System p Sles boot sequence
Etc/sysconfig/init script
81 System p Lpar Sles boot sequence
Control program
System z
82describes the boot process for Sles as a z/VM guest
EServer
82 System z Sles boot sequence
169
83schematically describes the boot process of eServer 170
83 eServer 326 Sles boot sequence
Identification and authentication
Overview
Pluggable Authentication Module
Modules
Configuration terminology
Etc/security/pamenv.conf
Protected databases
Access control rules
Trusted commands and trusted processes
11.2.1.1 DAC
Agetty
Gpasswd
Login
Newgrp
Mingetty
11.3.7 su
Passwd
OpenSSL Secure socket-layer interface
Interaction with audit
Network applications
84 SSL location in the network stack
Encryption
Concepts
87 Encryption Algorithm and Key
88 Asymmetric keys
Message digest
Message Authentication Code MAC
Digital certificates and certificate authority
SSL architecture
SSL handshake protocol
90 SSL Protocol
187
Symmetric ciphers
OpenSSL algorithms
Hash functions
Asymmetric ciphers
Certificates
Secure Shell
SSH server daemon
SSH client
Cups
Very Secure File Transfer Protocol daemon
Cupsd
Openssl
Ping
Ping6
Stunnel
Account Management
System management
Xinetd
Chage
Chsh
Chfn
Usermod
User management
Useradd
Userdel
Groupadd
Group management
Groupdel
Groupmod
202
Other System Management
System Time management
Date
Hwclock
Memory
Supervisor mode instructions
Memory separation
13.5.1.3 I/O controller and network
System p
Star
Amtu output
207
Batch processing
Batch processing user commands
13.6 I&A support
14.1.2 at
14.2.2 atd
Batch processing daemons
Cron
Audit daemon
User-level audit subsystem
Audit utilities
Aureport
Autrace
Audit configuration files
Audit logs
TSF libraries
Supporting functions
LibraryDescription
System call linking mechanism
Library linking mechanism
System call argument verification
Pageoffset
Audit
Security management
Discretionary Access Control
Object reuse
TSF protection
Secure communications
Trusted processes TP.4
Testing the TOE protection mechanisms TP.7
TSF Databases TP.5
Internal TOE protection mechanisms TP.6
External Interfaces
Summary of kernel subsystem interfaces
Kernel subsystem file and I/O
Internal function Interfaces defined
Internal Interfaces 1.1.3
External interfaces system calls
Kernel subsystem process control and management
Kernel subsystem inter-process communication
Internal Interfaces
Dopipe
Kernel subsystem memory management
Kernel subsystem networking
Internal interfaces
Kernel subsystem audit
Kernel subsystem device drivers
Other functions
Kernel subsystems kernel modules
Summary of trusted processes interfaces
References
RSA
234
Top
Page
Image
Contents