Navigation

← Previous Changeset
Next Changeset →

Changeset 1961

Timestamp:

02/27/08 10:43:24 (9 months ago)

Author:

dsugar

Message:

some rough code to test the checking of accesses
some null pointer checks

Files:

Legend:

: Unmodified
: Added
: Removed
: Modified
: Copied
: Moved

branches/mls/framework-plugin/src/com/tresys/framework/compiler/mls/MLSSupport.java

r1954	r1961
329	329	public MLSLevel getLevel (String i_sLabel)
330	330	{
	331	if (i_sLabel == null)
	332	return null;
	333
331	334	return (MLSLevel) _levels.get (i_sLabel);
332	335	}

branches/mls/framework-plugin/src/com/tresys/framework/plugin/builder/FrameworkNature.java

r1955	r1961
15	15	import java.io.FileNotFoundException;
16	16	import java.io.IOException;
	17	import java.io.InputStream;
17	18	import java.io.InputStreamReader;
18	19	import java.net.URL;
…	…
21	22	import java.util.HashSet;
22	23	import java.util.Iterator;
	24	import java.util.Map;
23	25	import java.util.Set;
24	26	import java.util.Vector;
…	…
35	37	import org.eclipse.core.resources.IResourceDelta;
36	38	import org.eclipse.core.resources.IResourceDeltaVisitor;
	39	import org.eclipse.core.resources.IWorkspaceRoot;
37	40	import org.eclipse.core.resources.ProjectScope;
38	41	import org.eclipse.core.resources.ResourcesPlugin;
…	…
49	52	import com.tresys.framework.compiler.Utility;
50	53	import com.tresys.framework.compiler.dictionary.Dictionary;
	54	import com.tresys.framework.compiler.dictionary.Rdef;
51	55	import com.tresys.framework.compiler.linkage.flnkage.FLNKParser;
	56	import com.tresys.framework.compiler.linkage.libselinuxjava.policy_file_t;
	57	import com.tresys.framework.compiler.linkage.libselinuxjava.policydb_t;
	58	import com.tresys.framework.compiler.linkage.libselinuxjava.sepol_access_vector_t;
	59	import com.tresys.framework.compiler.linkage.libselinuxjava.sepol_decision;
	60	import com.tresys.framework.compiler.linkage.libselinuxjava.sepol_security_class_t;
	61	import com.tresys.framework.compiler.linkage.libselinuxjava.sepol_security_id_t;
	62	import com.tresys.framework.compiler.linkage.libselinuxjava.sidtab_t;
52	63	import com.tresys.framework.compiler.mls.MLSInitializationException;
53	64	import com.tresys.framework.compiler.mls.MLSLevel;
54	65	import com.tresys.framework.compiler.mls.MLSSupport;
	66	import com.tresys.framework.compiler.policy.Access;
	67	import com.tresys.framework.compiler.policy.IDomain;
	68	import com.tresys.framework.compiler.policy.Policy;
	69	import com.tresys.framework.compiler.policy.Resource;
55	70	import com.tresys.framework.plugin.SEFramework_Plugin;
56	71	import com.tresys.framework.plugin.builder.FrameworkBuilder;
…	…
752	767	IResource res = delta.getResource ();
753	768
754		if (~~!(res instanceof IFolder)~~)
	769	if (res instanceof IWorkspaceRoot)
755	770	return true;
756	771
757		if (res~~.getName ().equals(m_srcDir)~~)
	772	if (res instanceof IProject)
758	773	return true;
759	774
760		if (!res.getName().startsWith(SystemProjectNature.DIR_SYSTEM_PREFIX))
	775	FrameworkNature nat = null;
	776	try
	777	{
	778	IProject proj = res.getProject ();
	779	if (proj == null)
	780	return true;
	781
	782	nat = (FrameworkNature) proj.getNature(NATURE_ID);
	783	}
	784	catch (CoreException e1)
	785	{
761	786	return false;
	787	}
	788
	789	if (nat == null)
	790	return false;
	791
	792	// if (!(res instanceof IFolder))
	793	// return true;
	794
	795	if (res instanceof IFolder)
	796	{
	797	if (res.getName ().equals(m_srcDir))
	798	return true;
	799
	800	if (res.getName().startsWith(SystemProjectNature.DIR_SYSTEM_PREFIX))
	801	{
	802	SELinuxSystem existingSystem = nat.getSystem(res);
	803	switch (delta.getKind())
	804	{
	805	case IResourceDelta.REMOVED:
	806	if (existingSystem != null)
	807	nat.removeSystem (existingSystem);
	808	break;
	809
	810	case IResourceDelta.ADDED:
	811	if (existingSystem == null)
	812	{
	813	SELinuxSystem sys = new SELinuxSystem ((IFolder) res);
	814	nat.addSystem(sys);
	815	}
	816	break;
	817	}
	818
	819	return true;
	820	}
	821	}
	822	else if (res instanceof IFile)
	823	{
	824	if (delta.getKind () == IResourceDelta.REMOVED)
	825	return false;
	826
	827	String sExtension = res.getFileExtension ();
	828	if (sExtension == null)
	829	return false;
	830
	831	String sName = res.getName ().substring (0, res.getName ().length () - sExtension.length () -1);
	832	if (sName.equals ("policy") && Integer.valueOf (sExtension) != null)
	833	{
	834	checkAccesses ((IFile) res);
	835
	836	}
	837
	838	}
	839
	840	return false;
	841	}
	842
	843	//TODO - this functions but is very unstable at this point - I just want to get it committed in a rough working state
	844	private void checkAccesses (IFile i_policy)
	845	{
	846	boolean bRunCheckAccess = false;
	847	if (!bRunCheckAccess)
	848	return;
762	849
763	850	try
764	851	{
765		FrameworkNature nat = (FrameworkNature) res.getProject().getNature(NATURE_ID);
766		if (nat == null)
767		return false;
768		SELinuxSystem existingSystem = nat.getSystem(res);
769		switch (delta.getKind())
	852	InputStream policyStream = i_policy.getContents ();
	853	byte [] policyData = new byte [policyStream.available ()];
	854	policyStream.read (policyData);
	855
	856	policy_file_t pFile = new policy_file_t(policyData);
	857	policydb_t policydb = new policydb_t (pFile);
	858
	859	sidtab_t sidtab = new sidtab_t();
	860
	861
	862	SELinuxSystem sys = getSystem (i_policy);
	863	Policy policy = sys.getPolicy ();
	864
	865	Collection accesses = policy.getAllAccesses ();
	866	for (Iterator itr = accesses.iterator (); itr.hasNext (); )
770	867	{
771		case IResourceDelta.REMOVED:
	868	Access access = (Access) itr.next ();
	869	IDomain dom = access.getDomain ();
	870	sepol_security_id_t ssid = new sepol_security_id_t ("system_u:object_r:" + dom.getType () + ":s0");
	871
	872	com.tresys.framework.compiler.policy.IResource res = access.getResource ();
	873
	874	if (res instanceof Resource)
772	875	{
773		if (existingSystem != null)
774		nat.removeSystem (existingSystem);
775		}
776		break;
777
778		case IResourceDelta.ADDED:
779		{
780		if (existingSystem == null)
	876	Map rdefs = ((Resource) res).GetRdefs ();
	877	for (Iterator itr2 = rdefs.values ().iterator (); itr2.hasNext (); )
781	878	{
782		SELinuxSystem sys = new SELinuxSystem ((IFolder) res);
783		nat.addSystem(sys);
	879	Rdef rdef = (Rdef) itr2.next ();
	880
	881	String sType = res.getName () + "_" + rdef.GetName () + "_t";
	882	sepol_security_id_t tsid = new sepol_security_id_t ("system_u:object_r:" + sType + ":s0");
	883
	884	sepol_security_class_t seclass = new sepol_security_class_t ("file");
	885	sepol_access_vector_t seav = new sepol_access_vector_t (seclass, "read");
	886
	887	sepol_decision accessDecision = new sepol_decision (ssid, tsid, seclass, seav);
	888
	889	int nAllowed = accessDecision.getAllowed ();
	890
	891	System.out.println("Source ID : " + ssid.toString ());
	892	System.out.println("Target ID: " + tsid.toString ());
	893
	894	System.out.println("Allowed: " + nAllowed);
	895
784	896	}
785	897	}
786		~~break;~~
787	898	}
788	899	}
789		catch (Exception e)
790		{}
791
792		return false;
793		}
	900	catch (CoreException e)
	901	{
	902	e.printStackTrace();
	903	}
	904	catch (IOException e)
	905	{
	906	e.printStackTrace();
	907	}
	908
	909	}
	910
794	911	}
795	912	}

branches/mls/framework-plugin/src/com/tresys/framework/plugin/builder/SELinuxSystem.java

r1954	r1961
95	95
96	96	public SELinuxSystem(IFolder folder)
97		throws Exception
	97	throws IllegalArgumentException
98	98	{
99	99	if (DEBUG)
…	…
106	106	}
107	107	else
108		throw new Exception("System folder must be of the format: selinux-policy-(system name)");
	108	throw new IllegalArgumentException("System folder must be of the format: selinux-policy-(system name)");
109	109
110	110	AnalysisContainer.getContainer ().addListener (m_folder, this);

branches/mls/framework-plugin/src/com/tresys/framework/plugin/editor/policy/graphic/parts/DomainEditPart.java

r1953	r1961
136	136	IMLSSetting ims = (IMLSSetting)is.getComponent ();
137	137	MLSLevel level = mlss.getLevel (ims.getMLSLabel ());
138		domFig.setBackgroundColor (MLSEclipseLevel.getColorInstance (level));
	138
	139	if (level != null)
	140	domFig.setBackgroundColor (MLSEclipseLevel.getColorInstance (level));
139	141	}
140	142	m_connectionAnchor = new ConnectionAnchorFigure (domFig);

branches/mls/framework-plugin/src/com/tresys/framework/plugin/editor/policy/graphic/parts/ShapeEditPart.java

r1953	r1961
139	139	IMLSSetting ims = (IMLSSetting)is.getComponent ();
140	140	MLSLevel level = mlss.getLevel (ims.getMLSLabel ());
141		retValue.setBackgroundColor (MLSEclipseLevel.getColorInstance (level));
	141	if (level != null)
	142	retValue.setBackgroundColor (MLSEclipseLevel.getColorInstance (level));
142	143	}
143	144	}

Download in other formats:

Unified Diff
Zip Disabled

* Generating other formats may take time.