Changeset 1948
- Timestamp:
- 02/22/08 11:54:07 (9 months ago)
- Files:
-
- branches/dictionary_changes/src/com/tresys/framework/compiler/Compiler.java (modified) (4 diffs)
- branches/dictionary_changes/src/com/tresys/framework/compiler/ErrorHandler.java (modified) (2 diffs)
- branches/dictionary_changes/src/com/tresys/framework/compiler/policy/BaseDomain.java (modified) (1 diff)
- branches/dictionary_changes/src/com/tresys/framework/compiler/policy/ComponentWithDictObjects.java (modified) (3 diffs)
- branches/dictionary_changes/src/com/tresys/framework/compiler/policy/EntrypointResource.java (modified) (2 diffs)
- branches/dictionary_changes/src/com/tresys/framework/compiler/policy/IDomain.java (modified) (1 diff)
- branches/dictionary_changes/src/com/tresys/framework/compiler/policy/PolicyValidator.java (modified) (5 diffs)
- branches/dictionary_changes/src/com/tresys/framework/compiler/policy/SystemResourceValidator.java (added)
- branches/dictionary_changes/src/com/tresys/framework/compiler/policy/UserDomain.java (modified) (1 diff)
- branches/dictionary_changes/src/com/tresys/framework/compiler/systemResources/SystemResources.java (modified) (2 diffs)
- branches/dictionary_changes/src/com/tresys/framework/plugin/builder/SELinuxSystem.java (modified) (2 diffs)
Legend:
- Unmodified
- Added
- Removed
- Modified
- Copied
- Moved
branches/dictionary_changes/src/com/tresys/framework/compiler/Compiler.java
r1947 r1948 27 27 import com.tresys.framework.compiler.policy.Policy; 28 28 import com.tresys.framework.compiler.policy.PolicyValidator; 29 import com.tresys.framework.compiler.policy.SystemResourceValidator; 29 30 import com.tresys.framework.compiler.systemResources.SystemResources; 30 31 import com.tresys.framework.compiler.translator.SELinuxDictionary; … … 366 367 367 368 System.out.println ("Validating dictionary..."); 369 { 370 DictionaryValidator validator = new DictionaryValidator (linkage, new CLIProjectErrorHandler ()); 371 dictionary.Accept (validator); 368 372 369 DictionaryValidator validator = new DictionaryValidator (linkage, new CLIProjectErrorHandler ()); 370 dictionary.Accept (validator); 373 if (validator.hasError ()) 374 { 375 ErrorExit ("Dictionary validation failed, exiting..."); 376 } 377 } 371 378 372 // if (!dictionary.Validate (linkage))373 if (validator.hasError ())374 {375 ErrorExit ("Dictionary validation failed, exiting...");376 }377 378 379 /* 379 380 * only attempt to create policy if -p and -s flags were given note: … … 411 412 } 412 413 413 { 414 System.out.println ("Validating policy..."); 415 414 System.out.println ("Validating policy..."); 415 { 416 416 CLIErrorHandler policyHandler = new CLIErrorHandler ("policy_validator"); 417 417 PolicyValidator policyValidator = new PolicyValidator (policy, policyHandler); 418 418 policy.Accept (policyValidator); 419 419 420 421 // if (!policy.Validate ())422 420 if (policyValidator.hasErrors ()) 423 421 { … … 447 445 448 446 System.out.println ("Validating system resources..."); 449 if (!sysres.Validate ()) 450 { 451 ErrorExit ("SystemResource validation failed, exiting..."); 452 } 453 447 { 448 SystemResourceValidator validator = new SystemResourceValidator (new CLIErrorHandler ("system resources")); 449 policy.Accept (validator); 450 451 if (validator.hasErrors ()) 452 { 453 ErrorExit ("SystemResource validation failed, exiting..."); 454 } 455 } 456 454 457 File fcFile = null; 455 458 if (fcFilename != null) branches/dictionary_changes/src/com/tresys/framework/compiler/ErrorHandler.java
r1946 r1948 65 65 public void Error(String message, AbstractToken source, int i_nType, String i_sKey) 66 66 { 67 Error (message, source.beginLine, source.beginColumn, source.endColumn, i_nType, i_sKey); 67 int nBeginLine = 0; 68 int nBeginColumn = 0; 69 int nEndColumn = 0; 70 71 if (source != null) 72 { 73 nBeginLine = source.beginLine; 74 nBeginColumn = source.beginColumn; 75 nEndColumn = source.endColumn; 76 } 77 78 Error (message, nBeginLine, nBeginColumn, nEndColumn, i_nType, i_sKey); 68 79 } 69 80 … … 84 95 public void Warning (String message, AbstractToken source, int i_nType, String i_sKey) 85 96 { 86 Warning (message, source.beginLine, source.beginColumn, source.endColumn, i_nType, i_sKey); 97 int nBeginLine = 0; 98 int nBeginColumn = 0; 99 int nEndColumn = 0; 100 101 if (source != null) 102 { 103 nBeginLine = source.beginLine; 104 nBeginColumn = source.beginColumn; 105 nEndColumn = source.endColumn; 106 } 107 108 Warning (message, nBeginLine, nBeginColumn, nEndColumn, i_nType, i_sKey); 87 109 } 88 110 branches/dictionary_changes/src/com/tresys/framework/compiler/policy/BaseDomain.java
r1947 r1948 159 159 } 160 160 161 public boolean ValidateSystemResources()162 {163 return true;164 }165 166 161 public void SetType(String i_sType) 167 162 { branches/dictionary_changes/src/com/tresys/framework/compiler/policy/ComponentWithDictObjects.java
r1947 r1948 12 12 package com.tresys.framework.compiler.policy; 13 13 14 import java.util.Iterator;15 14 import java.util.Map; 16 15 import java.util.TreeMap; … … 21 20 import com.tresys.framework.compiler.ErrorHandler; 22 21 import com.tresys.framework.compiler.AbstractToken; 23 import com.tresys.framework.compiler.Utility;24 22 import com.tresys.framework.compiler.dictionary.Rdef; 25 23 import com.tresys.framework.compiler.dictionary.IDictionaryObject; 26 import com.tresys.framework.compiler.dictionary.SysResourceState;27 24 import com.tresys.framework.compiler.linkage.Linkage; 28 import com.tresys.framework.compiler.systemResources.DirResource;29 import com.tresys.framework.compiler.systemResources.FileResource;30 25 import com.tresys.framework.compiler.systemResources.SystemResource; 31 import com.tresys.framework.compiler.systemResources.SystemResourceTypes;32 26 33 27 /** … … 235 229 } 236 230 237 public boolean ValidateSystemResources()238 {239 boolean valid = true;240 241 /*for (Rdef _dobject:assocRdefs.values()) */242 for (Iterator iter = assocRdefs.values().iterator(); iter.hasNext(); )243 {244 Rdef _dobject = (Rdef) iter.next();245 IDictionaryObject dobject = _dobject;246 247 if (dobject.GetSysResourceState(SystemResourceTypes.dir) == SysResourceState.Yes248 || dobject.GetSysResourceState(SystemResourceTypes.file) == SysResourceState.Yes249 || dobject.GetSysResourceState(SystemResourceTypes.network) == SysResourceState.Yes)250 {251 boolean dirFound = false;252 boolean fileFound = false;253 boolean netFound = false;254 if (GetSystemResources(dobject) != null)255 {256 /*for (SystemResource sr:GetSystemResources(dobject)) */257 for (Iterator iter2 = GetSystemResources(dobject).iterator(); iter2.hasNext(); )258 {259 SystemResource sr = (SystemResource) iter2.next();260 if (sr instanceof DirResource)261 {262 dirFound = true;263 }264 if (sr instanceof FileResource)265 {266 fileFound = true;267 }268 }269 }270 271 // if required but not found272 if (dobject.GetSysResourceState(SystemResourceTypes.dir) == SysResourceState.Yes273 && !dirFound)274 {275 AbstractToken tok = m_sysResToken;276 if (tok == null)277 tok = m_token;278 279 String sMsg = "The Rdef \"" + dobject.GetName()280 + "\" associated with component \"" + getName()281 + "\" requires a directory resource.";282 if (tok != null)283 {284 tok.Error(sMsg, ErrorHandler.ERROR_MISSING_DIRECTORY, getName());285 }286 else287 {288 Utility.ProjectError (sMsg);289 }290 valid = false;291 }292 else if (dobject.GetSysResourceState (SystemResourceTypes.file) == SysResourceState.Yes293 && !fileFound)294 {295 AbstractToken tok = m_sysResToken;296 if (tok == null)297 tok = m_token;298 299 String sMsg = "The Rdef \"" + dobject.GetName()300 + "\" associated with component \"" + getName()301 + "\" requires a file resource.";302 if (tok != null)303 {304 tok.Error(sMsg, ErrorHandler.ERROR_MISSING_DIRECTORY, getName());305 }306 else307 {308 Utility.ProjectError (sMsg);309 }310 valid = false;311 }312 else if (dobject.GetSysResourceState(SystemResourceTypes.network) == SysResourceState.Yes313 && !netFound)314 {315 GetDictionaryObjectLocation(dobject).Error(316 "The Rdef \"" + dobject.GetName()317 + "\" associated with component \"" + getName()318 + "\" requires a network resource.",319 ErrorHandler.ERROR_MISSING_NETWORK, getName ());320 valid = false;321 }322 323 }324 }325 326 return valid;327 }328 329 231 /** 330 232 * Reset the system resource associations defined branches/dictionary_changes/src/com/tresys/framework/compiler/policy/EntrypointResource.java
r1947 r1948 14 14 import java.util.HashSet; 15 15 16 import com.tresys.framework.compiler.ErrorHandler;17 16 import com.tresys.framework.compiler.AbstractToken; 18 17 import com.tresys.framework.compiler.dictionary.Entrypoint; … … 94 93 files = i_resources; 95 94 } 96 97 public boolean ValidateSystemResources() {98 boolean valid = true;99 100 if(GetSystemResources().size() == 0) {101 valid = false;102 m_token.Error("Entrypoint \"" + getName()103 + "\" requires at least one file association",104 ErrorHandler.ERROR_ENTRYPOINT_MISSING_FILE, getName ());105 }106 107 return valid;108 }109 95 110 96 public void Accept(IPolicyVisitor i_visitor) { branches/dictionary_changes/src/com/tresys/framework/compiler/policy/IDomain.java
r1947 r1948 104 104 public Map/*<Component>*/GetChildren(); 105 105 106 public boolean ValidateSystemResources();107 108 106 public boolean equals(Object obj); 109 107 branches/dictionary_changes/src/com/tresys/framework/compiler/policy/PolicyValidator.java
r1947 r1948 1 /*\ 2 |*| Copyright (C) 2008 Tresys Technology, LLC 3 |*| License: refer to COPYING file for license information. 4 |*| Author: David Sugar <dsugar@tresys.com> 5 |*| 6 |*| $Rev$ 7 |*| $Date$ 8 |*| 9 |*| Visitor to validate all of the policy. 10 |*| Moved from the 'Validate' functions on all of the policy objects 11 \*/ 12 1 13 package com.tresys.framework.compiler.policy; 2 14 … … 33 45 34 46 public void PostVisit (Policy i_policy) 35 { 36 // TODO Auto-generated method stub 37 38 } 47 {} 39 48 40 49 public void PreVisit (Policy i_policy) 41 { 42 43 } 50 {} 44 51 45 52 public void Visit (Resource i_resource) 46 { 47 // TODO Auto-generated method stub 48 49 } 53 {} 50 54 51 55 public void Visit (Domain i_domain) … … 228 232 229 233 public void Visit (EntrypointResource point) 230 { 231 // TODO Auto-generated method stub 232 233 } 234 {} 234 235 235 236 public void Visit (AccessBaseResource i_access) … … 437 438 438 439 public void Visit (BaseDomain domain) 439 { 440 // TODO Auto-generated method stub 441 442 } 440 {} 443 441 444 442 public void Visit (BaseResource resource) … … 482 480 483 481 public void Visit (Comment i_comment) 484 { 485 // TODO Auto-generated method stub 486 487 } 482 {} 488 483 489 484 public void Visit (Conditional i_conditional) 490 { 491 // TODO Auto-generated method stub 492 493 } 485 {} 494 486 495 487 public void Visit (UserDomain dom) 496 488 { 497 // TODO Auto-generated method stub 498 489 if (dom.getType () == null) 490 { 491 m_errHandler.Error ("User Domain type undefined", dom.getToken ()); 492 } 493 494 if (dom.GetRole () == null) 495 { 496 m_errHandler.Error ("User Domain role undefined", dom.getToken ()); 497 } 499 498 } 500 499 branches/dictionary_changes/src/com/tresys/framework/compiler/policy/UserDomain.java
r1947 r1948 86 86 } 87 87 88 public boolean ValidateSystemResources() {89 return true;90 }91 92 88 public String getType() { 93 89 return getName() + "_t"; branches/dictionary_changes/src/com/tresys/framework/compiler/systemResources/SystemResources.java
r1825 r1948 10 10 11 11 import com.tresys.framework.compiler.ErrorHandler; 12 import com.tresys.framework.compiler.policy.ControlResource;13 import com.tresys.framework.compiler.policy.EntrypointResource;14 import com.tresys.framework.compiler.policy.IDomain;15 12 import com.tresys.framework.compiler.policy.Policy; 16 import com.tresys.framework.compiler.policy.Resource;17 13 18 14 import java.io.File; 19 15 import java.io.FileReader; 20 16 import java.io.Reader; 21 import java.util.Iterator;22 17 23 18 /** … … 64 59 } 65 60 } 66 67 /**68 * Test policy for complete definition. Some validation cannot69 * occur until the entire policy is constructed, e.g., searching70 * for orphaned entries and accesses. That is an access or entry71 * that enters a parent but is never used by the children. This is72 * because the SEFramework model requires that only non-decomposed73 * domains can contain active entities, or processes.74 *75 * @return <code>true</code> if policy is valid.76 */77 public final boolean Validate() {78 boolean valid = true;79 try {80 /*for (IDomain domain: policy.GetDomains().values())*/81 Iterator iter = policy.GetDomains().values().iterator();82 while(iter.hasNext()) {83 IDomain domain = (IDomain) iter.next();84 if(domain.GetChildren().size() == 0) {85 valid &= domain.ValidateSystemResources();86 }87 }88 89 /*for (Resource resource: policy.GetResources().values())*/90 iter = policy.GetResources().values().iterator();91 while(iter.hasNext()) {92 Resource resource = (Resource) iter.next();93 if(!(resource instanceof ControlResource)) {94 valid &= resource.ValidateSystemResources();95 }96 }97 98 /*for (EntrypointResource ep: policy.GetEntrypoints().values())*/99 iter = policy.GetEntrypoints().values().iterator();100 while(iter.hasNext()) {101 EntrypointResource ep = (EntrypointResource) iter.next();102 valid &= ep.ValidateSystemResources();103 }104 } catch (Exception e) {105 e.printStackTrace();106 }107 return valid;108 }109 61 } branches/dictionary_changes/src/com/tresys/framework/plugin/builder/SELinuxSystem.java
r1947 r1948 44 44 import com.tresys.framework.compiler.policy.Policy; 45 45 import com.tresys.framework.compiler.policy.PolicyValidator; 46 import com.tresys.framework.compiler.policy.SystemResourceValidator; 46 47 import com.tresys.framework.compiler.systemResources.SystemResources; 47 48 import com.tresys.framework.compiler.translator.SELinuxDictionary; … … 490 491 if (getSystemResources() != null) 491 492 { 492 return getSystemResources().Validate(); 493 SystemResourceValidator validator = new SystemResourceValidator (getFSYSErrorHandler ()); 494 getPolicy ().Accept (validator); 495 496 return validator.hasErrors (); 493 497 } 494 498 return false;
