Manuals
/
IBM
/
Computer Equipment
/
Server
IBM
10 SP1 EAL4
manual
114
Models:
10 SP1 EAL4
1
126
246
246
Download
246 pages
443 b
123
124
125
126
127
128
129
130
Signals
Login
Operation and administration
Configfs
Access Control Lists
Batch processing user commands
TOE services
Boot methods
Process switch
Real mode addressing
Page 126
Image 126
Figure
5-55:
64-bit
Dynamic Address Translation with page table protection
114
Page 125
Page 127
Page 126
Image 126
Page 125
Page 127
Contents
Page
EJR
Table of Contents
2.1 DAC AppArmor Programs with software privilege
Permission bits Access Control Lists
100
142
175
207
250
252
269
Conventions used in this document
Purpose of this document
Document overview
Terminology
System Overview
EServer systems
Product history
Suse Linux Enterprise Server
High-level product overview
EServer host computer structure
Overall structure of the TOE
Page
TOE services
EServer system structure
Local and network services provided by Sles
Security policy
Operation and administration
TSF interfaces
Approach to TSF identification
Page
Page
System
System x hardware overview System x hardware architecture
System p
System p hardware overview
System p hardware architecture
System z
System z hardware overview System z hardware architecture
EServer
EServer 326 hardware overview
EServer 326 hardware architecture
AMD x86-64 architecture in compatibility mode
Page
Hardware and software privilege
Hardware privilege
Privilege level
Levels of Privilege
Software privilege
2.1 DAC
AppArmor
TOE Security Functions software structure
Programs with software privilege
Kernel TSF software
Logical components
Logical kernel subsystems and their interactions
Execution components
Base kernel
Kernel threads
Non-kernel TSF software
Kernel modules and device drivers
Page
TSF databases
Definition of subsystems for the CC evaluation
Kernel subsystems
Hardware
Firmware
Trusted process subsystems
User-level audit subsystem
Page
Functional descriptions
File and I/O management
Virtual File System
Ext3 and CD-ROM file systems before mounting
Ext3 and CD-ROM file systems after mounting
Pathname translation
VFS pathname translation and access control checks
Open
Write
Mount
Shared subtrees
Disk-based file systems
2.1 Ext3 file system
Extended Attributes
Data structures
Page
Page
ISO 9660 file system for CD-ROM
Data structures and algorithms
Pseudo file systems
Procfs
Tmpfs
Sysfs
Devpts
Rootfs
Inotify
Discretionary Access Control DAC
Configfs
Binfmtmisc
Permission bits
Indicates read
Access Control Lists
Types of ACL tags
ACL qualifier
Relationship to file permission bits
Default ACLs and ACL inheritance
ACL permissions
Aclmask
ACL enforcement
Asynchronous I/O
7 I/O scheduler
Deadline I/O scheduler
Anticipatory I/O scheduler
Completely Fair Queuing scheduler
Top halves
8 I/O interrupts
Noop I/O scheduler
Bottom halves
Tasklets
Processor interrupts
Machine check
Work queue
Process control and management
Data structures
Page
Process creation and destruction
Control of child processes
DAC controls
Setresuidand setresgid
Process switch
Kernel threads
Execve
Scheduling
Hyperthreading scheduler
Kernel preemption
14 Hyperthreaded scheduling
Inter-process communication
Pipes
Data structures and algorithms
First-In First-Out Named pipes
Fifo creation
System V IPC
Fifo open
Common data structures
Common functions
Message queues
Semaphores
Shared memory regions
Data structures
Signals
Sockets
Algorithms
Network subsystem
16 Object reuse handling in socket allocation
Overview of the network protocol stack
18 How data travels through the Network protocol stack
Transport layer protocols
Network layer protocols
Addressing
3.2.2 IPv6 Header
Transition between IPv4 and IPv6
Flow Labels
Security
IP Security IPsec
Functional Description of IPsec
AH Header
An IP Packet with tunnel mode AH
An IP Packet with tunnel mode ESP
Internet Control Message Protocol Icmp
Link layer protocols
Network services interface
Address Resolution Protocol ARP
Socket
Bind
Listen
Accept
Connect
Access control
Memory management
Generic calls
Page
Four-Level Page Tables
24 Previous three-level page-tables architecture
Memory addressing
System
26 System x virtual addressing space
28 Access control through segmentation
Segmentation
Paging
30 Regular paging
32 Access control through paging
For more information about call gates, refer to
33 Paging data structures
System p
34 Logical partitions
Privilege State
36 Determination of processor mode in Lpar
Real mode addressing
Address Translation on LPARs
Hypervisor
Virtual mode addressing
Access to I/O address space
Direct Memory Access addressing
Run-Time Abstraction Services
Preventing denial of service
System p native mode
39 Effective address
41 Block address
Machine State Register
Descriptor
Segment descriptor
Block descriptor
45 Block Address Translation entry
Address translation mechanisms
47 Block Address Translation access control
Address Translation and access control
Page
48 Page Address Translation and access control
2.4.3 z/VM Guest mode
Native hardware mode
Lpar mode
System z
Address sizes
Address spaces
Address translations
49 System z address types and their translation
51 Address translation modes
52 64-bit or 31-bit Dynamic Address Translation
Memory protection mechanisms
53 Low-address protection on effective address
Table protection
113
114
56 Key match logic for key-controlled protection
EServer
Logical address
Effective address
Linear address
Physical address
59 Data access privilege checks
Access control through type check
Page
121
63 Page map level four entry
Kernel memory management
Translation Lookaside Buffers
Support for Numa servers
Reverse map Virtual Memory
65 Rmap VM
Huge Translation Lookaside Buffers
66 TLB Operation
Remapfilepages
Frame management
Process address space
Memory area management
Noncontiguous memory area management
68 Object reuse handling while allocating new linear address
Symmetric multiprocessing and synchronization
Atomic operations
Memory barriers
Spin locks
Audit subsystem
Audit components
Kernel semaphores
Audit kernel components
Kernel-userspace interface
Syscall auditing
Filesystem watches
Task structure
71 Task Structure
Audit context fields
File system audit components
User space audit components
Audit operation and configuration options
Configuration
Option Description Possible values
Operation
Audit records
Audit record generation
Kernel record generation
73 Audit Record Generation
Syscall audit record generation
74 Extension to system calls interface
File system audit record generation
Socket call and IPC audit record generation
Record generation by trusted programs
Audit record format
Page
Event Description LAF audit events
Kernel modules
Login uid association
Audit tools
Auditctl
Linux Security Module framework
Structure
LSM capabilities module
LSM AppArmor module
AppArmor
AppArmor administrative utilities
Var/log/boot.msg Rwl Var/run/klogd.pid
AppArmor access control functions
Securityfs
Device drivers
1 I/O virtualization on System z
Interpretive-execution facility
State description
Character device driver
Hardware virtualization and simulation
Block device driver
System initialization
Init
System
Boot methods
Boot loader
Boot process
Linuxrc
79 System x Sles boot sequence
System p
Page
80 System p Sles boot sequence
System p in Lpar
Etc/sysconfig/init script
81 System p Lpar Sles boot sequence
System z
Control program
82describes the boot process for Sles as a z/VM guest
82 System z Sles boot sequence
EServer
169
83schematically describes the boot process of eServer 170
Identification and authentication
83 eServer 326 Sles boot sequence
Pluggable Authentication Module
Overview
Configuration terminology
Modules
Etc/security/pamenv.conf
Protected databases
11.2.1.1 DAC
Trusted commands and trusted processes
Access control rules
Agetty
Login
Gpasswd
Mingetty
Newgrp
Passwd
11.3.7 su
Interaction with audit
Network applications
OpenSSL Secure socket-layer interface
84 SSL location in the network stack
Concepts
Encryption
87 Encryption Algorithm and Key
88 Asymmetric keys
Digital certificates and certificate authority
Message Authentication Code MAC
Message digest
SSL architecture
90 SSL Protocol
SSL handshake protocol
187
OpenSSL algorithms
Symmetric ciphers
Asymmetric ciphers
Certificates
Hash functions
Secure Shell
SSH client
SSH server daemon
Very Secure File Transfer Protocol daemon
Cups
Cupsd
Ping
Ping6
Openssl
Stunnel
Xinetd
System management
Account Management
Chage
Chfn
Chsh
User management
Useradd
Usermod
Userdel
Group management
Groupadd
Groupmod
Groupdel
202
Date
System Time management
Other System Management
Hwclock
Memory separation
Supervisor mode instructions
Memory
13.5.1.3 I/O controller and network
System p
Amtu output
Star
207
Batch processing user commands
13.6 I&A support
Batch processing
14.1.2 at
Batch processing daemons
Cron
14.2.2 atd
Audit utilities
User-level audit subsystem
Audit daemon
Aureport
Audit configuration files
Audit logs
Autrace
Supporting functions
TSF libraries
LibraryDescription
Library linking mechanism
System call linking mechanism
System call argument verification
Pageoffset
Audit
Discretionary Access Control
Object reuse
Security management
Secure communications
TSF protection
TSF Databases TP.5
Testing the TOE protection mechanisms TP.7
Trusted processes TP.4
Internal TOE protection mechanisms TP.6
Summary of kernel subsystem interfaces
Kernel subsystem file and I/O
External Interfaces
Internal Interfaces 1.1.3
Internal function Interfaces defined
Kernel subsystem process control and management
External interfaces system calls
Internal Interfaces
Kernel subsystem inter-process communication
Dopipe
Kernel subsystem networking
Kernel subsystem memory management
Kernel subsystem audit
Internal interfaces
Kernel subsystem device drivers
Other functions
Summary of trusted processes interfaces
Kernel subsystems kernel modules
References
RSA
234
Top
Page
Image
Contents