Navigation

← Previous Changeset
Next Changeset →

Changeset 1770

Timestamp:

12/12/07 11:56:42 (1 year ago)

Author:

dsugar

Message:

Changes to support loading of the permission map file and lookup weights.
Ability to specify the permission map file to load in addition to default.

Files:

trunk/framework-plugin/META-INF/MANIFEST.MF (modified) (1 diff)
trunk/framework-plugin/src/com/tresys/framework/compiler/dictionary/PermVector.java (modified) (2 diffs)
trunk/framework-plugin/src/com/tresys/framework/compiler/linkage/BasePolicy.java (modified) (5 diffs)
trunk/framework-plugin/src/com/tresys/framework/compiler/linkage/IPermissionMap.java (added)
trunk/framework-plugin/src/com/tresys/framework/compiler/linkage/Linkage.java (modified) (3 diffs)
trunk/framework-plugin/src/com/tresys/framework/plugin/builder/SELinuxSystem.java (modified) (7 diffs)
trunk/framework-plugin/src/com/tresys/framework/plugin/builder/WeightLookup.java (added)
trunk/framework-plugin/src/com/tresys/framework/plugin/editor/dictionary/DictionaryCompletionProcessor.java (modified) (1 diff)
trunk/framework-plugin/src/com/tresys/framework/plugin/editor/policy/text/PolicyHoverController.java (modified) (12 diffs)
trunk/oss-feature/feature.xml (modified) (2 diffs)

Legend:

: Unmodified
: Added
: Removed
: Modified
: Copied
: Moved

trunk/framework-plugin/META-INF/MANIFEST.MF

r1758	r1770
18	18	org.eclipse.help,
19	19	com.tresys.cdsframework.libselinuxjava,
20		com.tresys.slide;bundle-version="1.2.4",
21		com.tresys.cdsframework.doc.user;resolution:=optional
	20	com.tresys.slide;bundle-version="1.3.4",
	21	com.tresys.cdsframework.doc.user;resolution:=optional,
	22	com.tresys.setools;bundle-version="3.3.2.1"
22	23	Eclipse-AutoStart: true
23	24	Bundle-Vendor: %providerName

trunk/framework-plugin/src/com/tresys/framework/compiler/dictionary/PermVector.java

r1396	r1770
124	124	boolean valid = true;
125	125
126		if(!linkage.~~BasePolicy~~.ObjectClassExists(objectClass.image)) {
	126	if(!linkage.getBasePolicy ().ObjectClassExists(objectClass.image)) {
127	127	objectClass.Error("The object class \"" + objectClass.image
128	128	+ "\" was not found in the base policy");
…	…
133	133	while(itr.hasNext()) {
134	134	String perm = (String) itr.next();
135		if(!linkage.~~BasePolicy~~.PermissionExists(objectClass.image, perm)) {
	135	if(!linkage.getBasePolicy ().PermissionExists(objectClass.image, perm)) {
136	136	objectClass.Error("The permission \"" + perm
137	137	+ "\" was not found in the object class \""

trunk/framework-plugin/src/com/tresys/framework/compiler/linkage/BasePolicy.java

r1396	r1770
13	13	import com.tresys.framework.compiler.dictionary.AccessTarget;
14	14	import com.tresys.framework.compiler.dictionary.PermVector;
	15	import com.tresys.setools.apol.apolConstants;
15	16	import com.tresys.slide.linkage.SELinuxObjClass;
	17	import com.tresys.slide.linkage.SELinuxPermission;
16	18	import com.tresys.slide.linkage.Weight;
17	19
…	…
23	25	* and file context.
24	26	*/
25		public class BasePolicy extends com.tresys.slide.linkage.BasePolicy {
	27	public class BasePolicy
	28	extends com.tresys.slide.linkage.BasePolicy
	29	{
	30	IPermissionMap m_permMap;
26	31
27	32	/**
…	…
36	41	* If memory allocation fails
37	42	*/
38		public BasePolicy(String flaskPath) {
	43	public BasePolicy(String flaskPath)
	44	{
39	45	super(flaskPath);
	46	}
	47
	48
	49	public void setPermMapInterface (IPermissionMap i_permMap)
	50	{
	51	m_permMap = i_permMap;
40	52	}
41	53
…	…
48	60	* from the policy else default Weight Object.
49	61	*/
50		public Weight GetWeight(AccessDefn defn) {
	62	public Weight GetWeight(AccessDefn defn)
	63	{
51	64	Weight weight = new Weight();
52	65
53	66	/for (AccessTarget at : defn.AccessTargets.values())/
54	67	Iterator iter = defn.getAccessTargets().values().iterator();
55		while(iter.hasNext()) {
	68	while (iter.hasNext())
	69	{
56	70	AccessTarget at = (AccessTarget) iter.next();
57	71	/for (PermVector pv : at.GetPermVectors().values())/
58	72	Iterator iter2 = at.GetPermVectors().values().iterator();
59		while(iter2.hasNext()) {
	73	while (iter2.hasNext())
	74	{
60	75	PermVector pv = (PermVector) iter2.next();
61		SELinuxObjClass currClass = (SELinuxObjClass) super.objClasses
62		.get(pv.getObjectClass());
63		if(currClass == null)
	76	SELinuxObjClass currClass = (SELinuxObjClass) super.objClasses.get(pv.getObjectClass());
	77	if (currClass == null)
64	78	continue;
	79
	80	String sClass = currClass.getName ();
65	81
66	82	/for (String perm : pv.Permissions)/
67	83	Iterator iter3 = pv.getPermissions().iterator();
68		while(iter3.hasNext()) {
	84	while (iter3.hasNext())
	85	{
69	86	String perm = (String) iter3.next();
70	87
71		Weight permWeight = currClass.getPermission(perm)
72		.getWeight();
	88	SELinuxPermission permission = currClass.getPermission (perm);
	89	String sPermission = permission.getName ();
	90	/*
	91	Weight permWeight = currClass.getPermission(perm).getWeight();
73	92	if(permWeight == null)
74	93	continue;
…	…
79	98	if(permWeight.Both > weight.Both)
80	99	weight.Both = permWeight.Both;
	100	*/
	101
	102	int nDirection = m_permMap.getDirection (sClass, sPermission);
	103	int nWeight = m_permMap.getWeight (sClass, sPermission);
	104
	105	if (nDirection == apolConstants.APOL_PERMMAP_READ)
	106	weight.Read = Math.max (weight.Read, nWeight);
	107	else if (nDirection == apolConstants.APOL_PERMMAP_WRITE)
	108	weight.Write = Math.max (weight.Write, nWeight);
	109	else if (nDirection == apolConstants.APOL_PERMMAP_BOTH)
	110	weight.Both = Math.max (weight.Both, nWeight);
	111
81	112	}
82	113	}

trunk/framework-plugin/src/com/tresys/framework/compiler/linkage/Linkage.java

r1764	r1770
45	45	private final HashMap /<String, Ability> /capabilities;
46	46
47		p~~ublic~~ BasePolicy BasePolicy;
	47	private final BasePolicy BasePolicy;
48	48
49	49	/**
…	…
54	54	* @throws Exception If memory allocation fails
55	55	*/
56		public Linkage(String flaskPath) {
	56	public Linkage(String flaskPath)
	57	{
57	58	BasePolicy = new BasePolicy(flaskPath);
58	59	availableBaseDomains = new HashMap/<String, BaseDomain>/();
…	…
60	61	capabilities = new HashMap();
61	62	}
62
63		public boolean SetPermMapFile(String fileName)
64		{
65		try
66		{
67		BasePolicy.LoadPermMapFile(fileName);
68		return true;
69		}
70		catch (Exception ioe)
71		{
72		return false;
73		}
	63
	64	public BasePolicy getBasePolicy ()
	65	{
	66	return BasePolicy;
74	67	}
75	68

trunk/framework-plugin/src/com/tresys/framework/plugin/builder/SELinuxSystem.java

r1765	r1770
48	48	import com.tresys.framework.plugin.preferences.SEFPreferencePage;
49	49
	50	import com.tresys.setools.analysis.IAnalysisListener;
	51	import com.tresys.setools.analysis.PolicyContainer;
	52	import com.tresys.setools.apol.apol_policy_t;
	53	import com.tresys.slide.plugin.nature.AnalysisContainer;
50	54	import com.tresys.slide.plugin.nature.PolicyXMLContainer;
51	55	import com.tresys.slide.plugin.nature.SLIDEProjectNature;
…	…
55	59	public class SELinuxSystem
56	60	extends PlatformObject
57		implements IWorkbenchAdapter, PolicyXMLListener
	61	implements IWorkbenchAdapter, PolicyXMLListener, IAnalysisListener
58	62	{
59	63
…	…
102	106	else
103	107	throw new Exception("System folder must be of the format: selinux-policy-(system name)");
	108
	109	AnalysisContainer.getContainer ().addListener (m_folder, this);
104	110	}
105	111
…	…
415	421	IFolder flaskFolder = getFolder().getFolder("policy" + File.separatorChar + "flask");
416	422	String flaskPath = flaskFolder.getLocation().toString();
417		~~String permWeightPath = null;~~
418
419		~~if (!SEFramework_Plugin.getDefault ().getPreferenceStore ().getString (~~
420		~~SEFPreferencePage.PERM_WEIGHT_PATH).equals (""))~~
421		{
422		~~permWeightPath = SEFramework_Plugin.getDefault ().getPreferenceStore ().getString (SEFPreferencePage.PERM_WEIGHT_PATH);~~
423		}
424	423
425	424	m_linkage = new Linkage (flaskPath);
426		~~if (permWeightPath != null)~~
427		{
428		~~m_linkage.SetPermMapFile (permWeightPath);~~
429		}
430
431	425	m_linkage.LNFILESPATH = getProject ().getLocation ().toOSString ();
432	426
…	…
437	431	m_linkage.SetAbilites (nat.getAbilities ());
438	432
	433	PolicyContainer container = AnalysisContainer.getContainer ().getContainer (m_folder);
	434	if (container != null)
	435	{
	436	String permWeightPath = SEFramework_Plugin.getDefault ().getPreferenceStore ().getString (SEFPreferencePage.PERM_WEIGHT_PATH);
	437	if (permWeightPath != null && permWeightPath.length () > 0)
	438	container.setPermissionMapFile (permWeightPath);
	439	container.setLoadPermissionMap (true);
	440	m_linkage.getBasePolicy ().setPermMapInterface (new WeightLookup (container));
	441
	442	}
439	443	}
440	444
…	…
667	671	}
668	672
	673	/**
	674	* @deprecated use the builder now - passing in argument SLIDEProjectNature.m_sBUILD_TYPE_KEY = SLIDEProjectNature.m_sBUILD_RPM
	675	HashMap args = new HashMap ();
	676	args.put(SLIDEProjectNature.m_sBUILD_TYPE_KEY, SLIDEProjectNature.m_sBUILD_RPM);
	677	proj.build(IncrementalProjectBuilder.FULL_BUILD, nat.getBuilderID(), args, monitor);
	678	*/
669	679	public void MakeRPM()
670	680	{
…	…
716	726	});
717	727	}
	728
	729	public void analsysUpdated (apol_policy_t i_analysis)
	730	{
	731	if (m_linkage == null)
	732	return;
	733
	734	PolicyContainer container = AnalysisContainer.getContainer ().getContainer (m_folder);
	735	if (container != null)
	736	{
	737	String permWeightPath = SEFramework_Plugin.getDefault ().getPreferenceStore ().getString (SEFPreferencePage.PERM_WEIGHT_PATH);
	738	if (permWeightPath != null && permWeightPath.length () > 0)
	739	container.setPermissionMapFile (permWeightPath);
	740	container.setLoadPermissionMap (true);
	741
	742	m_linkage.getBasePolicy ().setPermMapInterface (new WeightLookup (container));
	743	}
	744	}
718	745	}

trunk/framework-plugin/src/com/tresys/framework/plugin/editor/dictionary/DictionaryCompletionProcessor.java

r1692	r1770
214	214	return new String [] {};
215	215
	216	Collection list = null;
	217
216	218	if (!preWord && (access.equals("resource") \|\| access.equals("self")
217	219	\|\| access.equals("other") \|\| access.equals("start")
218	220	\|\| access.equals("end")) \|\| access.equals("}"))
219	221	{
220		~~return link.BasePolicy.GetObjectClasses~~();
	222	list = link.getBasePolicy ().GetObjectClassesCollection ();
221	223	}
222
223		return link.BasePolicy.GetObjectClassPerms (access);
	224	else
	225	{
	226	list = link.getBasePolicy ().GetObjectClassPermsCollection (access);
	227	}
	228
	229	if (list != null)
	230	return (String []) list.toArray (new String [list.size ()]);
224	231	}
225	232	}

trunk/framework-plugin/src/com/tresys/framework/plugin/editor/policy/text/PolicyHoverController.java

r1502	r1770
30	30	import com.tresys.framework.compiler.dictionary.Verb;
31	31	import com.tresys.framework.compiler.linkage.Linkage;
	32	import com.tresys.framework.compiler.linkage.flnkage.BaseAccessDefn;
	33	import com.tresys.framework.compiler.policy.AccessBaseResource;
32	34	import com.tresys.framework.compiler.policy.BaseResource;
33	35	import com.tresys.framework.compiler.policy.ComponentWithDictObjects;
…	…
147	149	}
148	150
149		try {
	151	try
	152	{
150	153	int /Verb/ verb = Verb.valueOf(currWord);
151	154	int i = hoverRegion.getOffset() - 1;
…	…
154	157	while (i > 0
155	158	&& (Character.isLetterOrDigit(currArea.charAt(i)) \|\| currArea
156		.charAt(i) == '_')) {
	159	.charAt(i) == '_'))
	160	{
157	161	i--;
158	162	}
159	163
160		while (i > 0 && Character.isWhitespace(currArea.charAt(i))) {
	164	while (i > 0 && Character.isWhitespace(currArea.charAt(i)))
	165	{
161	166	i--;
162	167	}
…	…
165	170	&& (Character.isLetterOrDigit(currArea.charAt(i))
166	171	\|\| currArea.charAt(i) == '_' \|\| currArea
167		.charAt(i) == '.')) {
	172	.charAt(i) == '.'))
	173	{
168	174	i--;
169	175	}
…	…
172	178	ComponentWithDictObjects comp = null;
173	179
174		if (theDocProvider.getPolicy().GetDomains().containsKey(
175		~~currArea))~~ {
	180	if (theDocProvider.getPolicy().GetDomains().containsKey(currArea))
	181	{
176	182	if (theDocProvider.getPolicy().GetDomains()
177		.get(currArea) instanceof ComponentWithDictObjects) {
	183	.get(currArea) instanceof ComponentWithDictObjects)
	184	{
178	185	comp = (ComponentWithDictObjects) theDocProvider.getPolicy()
179	186	.GetDomains().get(currArea);
180	187	}
181	188	}
182		if (theDocProvider.getPolicy().GetResources().containsKey(
183		currArea)) {
184		comp = (ComponentWithDictObjects)theDocProvider.getPolicy().GetResources().get(
185		currArea);
	189	if (theDocProvider.getPolicy().GetResources().containsKey(currArea))
	190	{
	191	comp = (ComponentWithDictObjects)theDocProvider.getPolicy().GetResources().get(currArea);
	192	}
	193	if (theDocProvider.getPolicy ().GetBaseResources ().containsKey (currArea))
	194	{
	195	BaseResource res = theDocProvider.getPolicy ().GetBaseResource (currArea);
	196	return GetBaseResourceHover (res, verb);
186	197	}
187	198
188	199	return GetVerbHover(comp, verb);
189		} catch (IllegalArgumentException iae) {
190		}
191		}
192		if (theDocProvider.getPolicy() != null) {
193		if (theDocProvider.getPolicy().GetDomains()
194		.containsKey(currWord)) {
	200	}
	201	catch (IllegalArgumentException iae)
	202	{}
	203	}
	204
	205	if (theDocProvider.getPolicy() != null)
	206	{
	207	if (theDocProvider.getPolicy().GetDomains().containsKey(currWord))
	208	{
195	209	return getDomainHover((IDomain)theDocProvider.getPolicy()
196	210	.GetDomains().get(currWord));
197	211	}
198		if (theDocProvider.getPolicy().GetResources().containsKey(
199		~~currWord))~~ {
	212	if (theDocProvider.getPolicy().GetResources().containsKey(currWord))
	213	{
200	214	return getResourceHover((Resource)theDocProvider.getPolicy()
201	215	.GetResources().get(currWord));
202	216	}
203		if (theDocProvider.getPolicy().GetEntrypoints().containsKey(
204		~~currWord))~~ {
	217	if (theDocProvider.getPolicy().GetEntrypoints().containsKey(currWord))
	218	{
205	219	return getEntryPointHover((EntrypointResource)theDocProvider.getPolicy()
206	220	.GetEntrypoints().get(currWord));
207	221	}
208		if (theDocProvider.getPolicy().GetBaseResources()
209		~~.containsKey(currWord))~~ {
	222	if (theDocProvider.getPolicy().GetBaseResources().containsKey(currWord))
	223	{
210	224	return getBaseResourceHover((BaseResource)theDocProvider.getPolicy()
211	225	.GetBaseResources().get(currWord));
212	226	}
213	227	}
214		} catch (BadLocationException e) {
	228	}
	229	catch (BadLocationException e)
	230	{
215	231	return null;
216		} catch (BadPartitioningException e) {
	232	}
	233	catch (BadPartitioningException e)
	234	{
217	235	return null;
218	236	}
…	…
366	384	SELinuxSystem sys = FrameworkNature.getNature(file.getProject ()).getSystem(file);
367	385	Linkage linkage = sys.getLinkage();
368		Weight weight = linkage.~~BasePolicy~~.GetWeight((AccessDefn)ad.getValue());
	386	Weight weight = linkage.getBasePolicy().GetWeight((AccessDefn)ad.getValue());
369	387
370	388	if (weight != null)
…	…
383	401	}
384	402
	403	protected String GetBaseResourceHover (BaseResource i_res, int /Verb/ i_verb)
	404	{
	405	String toBeDisplayed = new String ();
	406	if (i_res == null)
	407	{
	408	return null;
	409	}
	410	toBeDisplayed += "Verb: " + Verb.toString(i_verb);
	411
	412	Collection accesses = i_res.GetAccesses (i_verb);
	413	for (Iterator itr = accesses.iterator (); itr.hasNext (); )
	414	{
	415	AccessBaseResource access = (AccessBaseResource) itr.next ();
	416
	417	for (Iterator itr2 = access.GetAccessDefns ().iterator (); itr2.hasNext (); )
	418	{
	419	BaseAccessDefn defaultDef = (BaseAccessDefn) itr2.next ();
	420	NameValuePair pairBackflow = defaultDef.GetNameValuePair ("backflow");
	421	if (pairBackflow != null)
	422	toBeDisplayed += "\nBackflow: " + pairBackflow.GetValue ().toString ();
	423
	424	}
	425	}
	426
	427	return toBeDisplayed;
	428
	429	}
	430
385	431	protected String GetVerbHover(ComponentWithDictObjects comp, int /Verb/ verb)
386	432	{
387		String toBeDisplayed = "";
	433	String toBeDisplayed = new String ();
388	434	Iterator iter,iter2;
389	435	if (comp == null)
…	…
394	440
395	441	IResource file = theDocProvider.getCurrentFile();
396
	442
397	443	/for (Rdef rdef : comp.GetDictionaryObjects().values()) /
398	444	iter = comp.GetDictionaryObjects().values().iterator();
…	…
402	448	if (rdef.GetAccessDefnGroup(verb) != null)
403	449	{
	450	Integer nBackflow = null;
404	451	toBeDisplayed += '\n' + "Rdef: " + rdef.GetName() + '\n'
405	452	+ " Default AccessDefs:";
…	…
410	457	{
411	458	AccessDefn defaultDef = (AccessDefn)iter2.next();
	459	NameValuePair pairBackflow = defaultDef.GetNameValuePair ("backflow");
	460	if (pairBackflow != null)
	461	{
	462	nBackflow = (Integer) pairBackflow.GetValue ();
	463	}
412	464	toBeDisplayed += " " + defaultDef.getName();
413	465	}
…	…
422	474	SELinuxSystem sys = FrameworkNature.getNature(file.getProject()).getSystem(file);
423	475	Linkage linkage = sys.getLinkage();
424		Weight linkageWeight = linkage.~~BasePolicy~~.GetWeight(defn);
	476	Weight linkageWeight = linkage.getBasePolicy().GetWeight(defn);
425	477	weight = weight.Combine (linkageWeight);
426	478	}
427	479	if (weight != null
428		&& !SEFramework_Plugin.getDefault()
429		.getPreferenceStore().getString(
430		SEFPreferencePage.PERM_WEIGHT_PATH)
431		.equals(""))
	480	&& !SEFramework_Plugin.getDefault()
	481	.getPreferenceStore().getString (SEFPreferencePage.PERM_WEIGHT_PATH).equals(""))
432	482	{
433	483	toBeDisplayed += '\n';
…	…
438	488	if (weight.Both > 0)
439	489	toBeDisplayed += " ReadWrite: " + weight.Both;
	490
	491	if (nBackflow != null)
	492	{
	493	if (verb == Verb.read && weight.Write > 0)
	494	nBackflow = new Integer (weight.Write);
	495	else if (verb == Verb.write && weight.Read > 0)
	496	nBackflow = new Integer (weight.Read);
	497	}
	498
	499	if (nBackflow != null)
	500	toBeDisplayed += "\nBackflow: " + nBackflow;
	501
	502
440	503	}
441	504	}

trunk/oss-feature/feature.xml

r1738	r1770
3	3	id="com.tresys.cdsframework"
4	4	label="CDS Framework"
5		version="2.0.0"
	5	version="2.1.0"
6	6	provider-name="Tresys Technology"
7	7	os="linux"
…	…
92	92	<import plugin="org.eclipse.ui.views"/>
93	93	<import plugin="org.eclipse.help"/>
94		<import plugin="com.tresys.cdsframework.libselinuxjava" version="1.0.1" match="greaterOrEqual"/>
95		<import plugin="com.tresys.slide" version="1.1.9" match="greaterOrEqual"/>
	94	<import plugin="com.tresys.cdsframework.libselinuxjava" version="0.0.3"/>
	95	<import plugin="com.tresys.slide" version="1.3.4" match="greaterOrEqual"/>
	96	<import plugin="com.tresys.setools" version="3.3.2.1" match="greaterOrEqual"/>
96	97	</requires>
97	98

Download in other formats:

Unified Diff
Zip Disabled

* Generating other formats may take time.