Changeset 2025

Timestamp:

04/01/08 09:03:55 (8 months ago)

Author:

apatel

Message:

merged trunk 2023

Files:

• branches/custome_policy/framework-plugin/.project (modified) (1 diff)
• branches/custome_policy/framework-plugin/.settings/org.eclipse.jdt.ui.prefs (modified) (1 diff)
• branches/custome_policy/framework-plugin/plugin.xml (modified) (2 diffs)
• branches/custome_policy/framework-plugin/resources/dictionary/dictionary.fdic (modified) (2 diffs)
• branches/custome_policy/framework-plugin/src/com/tresys/framework/compiler/ErrorHandler.java (modified) (2 diffs)
• branches/custome_policy/framework-plugin/src/com/tresys/framework/compiler/PolicyGenerator.java (modified) (14 diffs)
• branches/custome_policy/framework-plugin/src/com/tresys/framework/compiler/mls/MLSSupport.java (modified) (4 diffs)
• branches/custome_policy/framework-plugin/src/com/tresys/framework/compiler/policy/ComponentWithDictObjects.java (modified) (1 diff)
• branches/custome_policy/framework-plugin/src/com/tresys/framework/compiler/policy/Enter.java (modified) (11 diffs)
• branches/custome_policy/framework-plugin/src/com/tresys/framework/compiler/policy/Policy.java (modified) (8 diffs)
• branches/custome_policy/framework-plugin/src/com/tresys/framework/compiler/policy/PolicyParser.jj (modified) (10 diffs)
• branches/custome_policy/framework-plugin/src/com/tresys/framework/compiler/policy/PolicyValidator.java (modified) (4 diffs)
• branches/custome_policy/framework-plugin/src/com/tresys/framework/compiler/policy/SystemResourceValidator.java (modified) (11 diffs, 1 prop)
• branches/custome_policy/framework-plugin/src/com/tresys/framework/compiler/systemResources/SystemResourcesParser.jj (modified) (3 diffs)
• branches/custome_policy/framework-plugin/src/com/tresys/framework/plugin/actions/Messages.java (modified) (1 diff)
• branches/custome_policy/framework-plugin/src/com/tresys/framework/plugin/actions/ToggleBackflowArrowsAction.java (copied) (copied from trunk/framework-plugin/src/com/tresys/framework/plugin/actions/ToggleBackflowArrowsAction.java)
• branches/custome_policy/framework-plugin/src/com/tresys/framework/plugin/actions/ToggleMLSColorAction.java (copied) (copied from trunk/framework-plugin/src/com/tresys/framework/plugin/actions/ToggleMLSColorAction.java)
• branches/custome_policy/framework-plugin/src/com/tresys/framework/plugin/actions/messages.properties (modified) (1 diff)
• branches/custome_policy/framework-plugin/src/com/tresys/framework/plugin/builder/AccessCheckBuilder.java (modified) (21 diffs)
• branches/custome_policy/framework-plugin/src/com/tresys/framework/plugin/builder/FrameworkBuilder.java (modified) (2 diffs)
• branches/custome_policy/framework-plugin/src/com/tresys/framework/plugin/builder/FrameworkNature.java (modified) (4 diffs)
• branches/custome_policy/framework-plugin/src/com/tresys/framework/plugin/builder/SELinuxSystem.java (modified) (7 diffs)
• branches/custome_policy/framework-plugin/src/com/tresys/framework/plugin/builder/messages.properties (modified) (2 diffs)
• branches/custome_policy/framework-plugin/src/com/tresys/framework/plugin/editor/policy/graphic/GraphicPolicyEditor.java (modified) (11 diffs)
• branches/custome_policy/framework-plugin/src/com/tresys/framework/plugin/editor/policy/graphic/GraphicPolicyEditorActionBarContributor.java (modified) (3 diffs)
• branches/custome_policy/framework-plugin/src/com/tresys/framework/plugin/editor/policy/graphic/Messages.java (modified) (1 diff)
• branches/custome_policy/framework-plugin/src/com/tresys/framework/plugin/editor/policy/graphic/messages.properties (modified) (1 diff)
• branches/custome_policy/framework-plugin/src/com/tresys/framework/plugin/editor/policy/graphic/model/ControlResourceShape.java (modified) (1 diff)
• branches/custome_policy/framework-plugin/src/com/tresys/framework/plugin/editor/policy/graphic/model/DomainShape.java (modified) (2 diffs)
• branches/custome_policy/framework-plugin/src/com/tresys/framework/plugin/editor/policy/graphic/model/EntryConnection.java (modified) (4 diffs)
• branches/custome_policy/framework-plugin/src/com/tresys/framework/plugin/editor/policy/graphic/model/EntryPointShape.java (modified) (2 diffs)
• branches/custome_policy/framework-plugin/src/com/tresys/framework/plugin/editor/policy/graphic/model/ResourceShape.java (modified) (2 diffs)
• branches/custome_policy/framework-plugin/src/com/tresys/framework/plugin/editor/policy/graphic/model/Shape.java (modified) (2 diffs)
• branches/custome_policy/framework-plugin/src/com/tresys/framework/plugin/editor/policy/graphic/model/UserDomainShape.java (modified) (1 diff)
• branches/custome_policy/framework-plugin/src/com/tresys/framework/plugin/editor/policy/graphic/parts/AccessEditPart.java (modified) (9 diffs)
• branches/custome_policy/framework-plugin/src/com/tresys/framework/plugin/editor/policy/graphic/parts/DomainEditPart.java (modified) (2 diffs)
• branches/custome_policy/framework-plugin/src/com/tresys/framework/plugin/editor/policy/graphic/parts/PolicyEditPart.java (modified) (9 diffs)
• branches/custome_policy/framework-plugin/src/com/tresys/framework/plugin/editor/properties/ComboFieldEditor.java (modified) (2 diffs)
• branches/custome_policy/framework-plugin/src/com/tresys/framework/plugin/preferences/GraphicEditorPreferences.java (modified) (4 diffs)
• branches/custome_policy/framework-plugin/src/com/tresys/framework/plugin/preferences/Messages.java (modified) (1 diff)
• branches/custome_policy/framework-plugin/src/com/tresys/framework/plugin/preferences/PreferenceInitializer.java (modified) (1 diff)
• branches/custome_policy/framework-plugin/src/com/tresys/framework/plugin/preferences/messages.properties (modified) (1 diff)
• branches/custome_policy/framework-plugin/src/com/tresys/framework/plugin/views/action/TranslateSystem.java (modified) (1 diff)
• branches/custome_policy/framework-plugin/src/com/tresys/framework/plugin/views/properties/PolicyPropertySorter.java (modified) (3 diffs)
• branches/custome_policy/framework-plugin/src/com/tresys/framework/plugin/wizards/shape/ResourceShapePropertyPage.java (modified) (2 diffs)

branches/custome_policy/framework-plugin/.project

@@ -4 +4 @@
-        <comment>JavaCC Nature</comment>
-        <projects>
+                <project>libselinuxjava</project>
-        </projects>
-        <buildSpec>

branches/custome_policy/framework-plugin/.settings/org.eclipse.jdt.ui.prefs

@@ -1 @@
-Mon Mar 03 14:34:58 ES
+Thu Mar 13 15:53:52 ED
-eclipse.preferences.version=1
-formatter_profile=_Project Format

branches/custome_policy/framework-plugin/plugin.xml

@@ -328 +328 @@
-            name="%MLSSettingsProperties"
-            objectClass="org.eclipse.core.resources.IProject">
+         <filter
+               name="nature"
+               value="com.tresys.cdsframework.FrameworkNature">
+         </filter>
-      </page>
-   </extension>
@@ -536 +540 @@
-                  id="com.tresys.slide.perspective">
-            </perspectiveShortcut>
+            <view
+                  closeable="true"
+                  id="com.tresys.slide.plugin.views.PolicyExplorerView"
+                  minimized="false"
+                  moveable="true"
+                  relationship="stack"
+                  relative="com.tresys.cdsframework.plugin.views.navigator.FrameworkNavigator"
+                  showTitle="true"
+                  standalone="false"
+                  visible="false">
+            </view>
-         </perspectiveExtension>
-      </extension>

branches/custome_policy/framework-plugin/resources/dictionary/dictionary.fdic

@@ -75 +75 @@
-                        }
-                }
-
-
-
-
-
-
-
-
-
-
-
-
-
-
+#
+#
+#
+#
+#
+#
+#
+#
+#
+#
+#
+#
+#
+#
-        }
-}
@@ -98 +98 @@
-        owner {
-                resource {
-
-
+create
+create
-                }
-        }

branches/custome_policy/framework-plugin/src/com/tresys/framework/compiler/ErrorHandler.java

@@ -28 +28 @@
-        static final public int ERROR_INVALID_ACCESS = 19;
-        static final public int ERROR_BOOLEAN_WRAP = 20;
-        static final public int ERROR_MISSING_DIRECTORY = 21;
-        static final public int ERROR_MISSING_NETWORK = 22;
-        static final public int ERROR_MISSING_ENTER = 23;
-        static final public int ERROR_DOMAIN_HAS_CHILDREN_AND_RDEF = 24;
-        static final public int ERROR_UNDEFINED_COMPONENT = 25;
-        static final public int ERROR_NO_PARENT_PATH = 26;
-        static final public int ERROR_RDEF_NOT_DEFINED = 27;
-        static final public int ERROR_ENTRYPOINT_MISSING_FILE = 28;
-        static final public int ERROR_DUPLICATE_ACCESS = 29;
-        static final public int ERROR_UNABLE_TO_GET_TYPE_FROM_PATH = 30;
@@ -42 +38 @@
-        static final public int ERROR_CONSTRAINT_ACCESS_DENIED = 32;
-        static final public int ERROR_RBAC_ACCESS_DENIED = 33;
+
+        static final public int ERROR_MISSING_DIRECTORY = 40;
+        static final public int ERROR_DUPLICATE_DIRECTORY = 41;
+        static final public int ERROR_MISSING_FILE = 42;
+        static final public int ERROR_DUPLICATE_FILE = 43;
+        static final public int ERROR_MISSING_ENTER = 44;
+        static final public int ERROR_DUPLICATE_ENTER_PATH = 45;
+        static final public int ERROR_ENTRYPOINT_MISSING_FILE = 45;
+        static final public int ERROR_MISSING_NETWORK = 49;
-        
-        protected int warningCount = 0;

branches/custome_policy/framework-plugin/src/com/tresys/framework/compiler/PolicyGenerator.java

@@ -47 +47 @@
-        private StringBuffer m_bufConnection;
-
-char newLine = '\n'
+String newLine = System.getProperty("line.separator")
-
-        public PolicyGenerator() 
@@ -58 +58 @@
-        public void Visit(Resource i_resource) 
-        {
-
+150
-                buf.append("resource " + i_resource.getName());
-
@@ -86 +86 @@
-        public void Visit(Domain i_domain) 
-        {
-
+150
-                buf.append("domain " + i_domain.getName());
-
@@ -131 +131 @@
-        public void Visit(EntrypointResource i_ep) 
-        {
-
+100
-
-                buf.append("entrypoint ");
@@ -146 +146 @@
-        public void Visit(AccessResource i_access) 
-        {
-
+150
-
-                AbstractToken bool = i_access.getBool();
@@ -195 +195 @@
-        public void Visit(AccessBaseResource i_access) 
-        {
-
+100
-
-                AbstractToken bool = i_access.getBool();
@@ -242 +242 @@
-        public void Visit(BaseDomain i_baseDomain) 
-        {
-
+50
-
-                buf.append("basedomain " + i_baseDomain.getName());
@@ -254 +254 @@
-        public void Visit(UserDomain i_userDom) 
-        {
-
+50
-
-                buf.append("userdomain " + i_userDom.getName());
@@ -283 +283 @@
-        public void Visit(BaseResource i_baseResource) 
-        {
-
+50
-
-                buf.append("baseresource " + i_baseResource.getName());
@@ -297 +297 @@
-        public void Visit(Enter i_enter) 
-        {
-
+150
-
-                AbstractToken bool = i_enter.getBool();
@@ -313 +313 @@
-                }
-
-
-
-
-
-
-
-
-
-
-
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
-                
-                buf.append("enter ");
@@ -330 +336 @@
-                buf.append(" ");
-                buf.append(i_enter.getEntryPoint().getName());
-
+.toString ()
-                buf.append(";");
-
@@ -359 +365 @@
-        public void Visit(Conditional i_conditional) 
-        {
-
+50
-
-                buf.append("boolean ");
@@ -375 +381 @@
-        public void Visit(ControlResource i_resource) 
-        {
-
+50
-                Rdef rdef = i_resource.getRdef();
-                if (rdef == null)

branches/custome_policy/framework-plugin/src/com/tresys/framework/compiler/mls/MLSSupport.java

@@ -21 +21 @@
-package com.tresys.framework.compiler.mls;
-
+import java.io.ByteArrayOutputStream;
-import java.io.File;
-import java.io.FileInputStream;
+import java.io.FileNotFoundException;
-import java.io.FileOutputStream;
-import java.io.IOException;
-import java.io.InputStream;
+import java.io.PrintStream;
-import java.util.Collection;
-import java.util.Enumeration;
@@ -68 +71 @@
-{
-        
+        public static final String MLS_SystemHigh = "mls_systemhigh";
+        public static final String MLS_SystemLow = "mls_systemlow";
+
-        private static final String MLS_ELEMENT_NAME = "mls";
-
-        private static final String LEVEL_ELEMENT_NAME = "level";
-        
-        private static final String DEFAULT_MLS_SYSTEM_HIGH_RANGE = "mls_systemhigh";
-        
-        private static final String DEFAULT_MLS_SYSTEM_LOW_RANGE = "mls_systemlow";
-        
-        private static final String DEFAULT_MLS_HIGH_COLOR_VALUE = "0xff0000";
@@ -137 +139 @@
-                _file = new File(fileName);
-                
-DEFAULT_MLS_SYSTEM_LOW_RANGE
+MLS_SystemLow
-                mls.setColor (DEFAULT_MLS_LOW_COLOR_VALUE);
-                mls.setOrder (this.size ());            
-                this.add (mls);
-                
-DEFAULT_MLS_SYSTEM_HIGH_RANGE
+MLS_SystemHigh
-                mls.setColor (DEFAULT_MLS_HIGH_COLOR_VALUE);
-                mls.setOrder (this.size ());            
@@ -298 +300 @@
-        
-        /**
+         * Generate the setrans.conf file from the MLSSupport
+         * @param i_nNumSensitivites - max number of sensitivities that are available
+         * @param i_nNumCategories - max number of categories that are available
+         * @throws FileNotFoundException
+         */
+        public ByteArrayOutputStream generateSETransConf (Integer i_nNumSensitivites, Integer i_nNumCategories)
+        {
+                ByteArrayOutputStream outStream = new ByteArrayOutputStream ();
+                
+                PrintStream output = new PrintStream (outStream);
+                
+                output.println ("#");
+                output.println ("# Multi-Category Security translation table for SELinux");
+                output.println ("#");
+                output.println ("# This file was generated by CDS Framework from the settings in the MLS project property sheet");
+                output.println ("#");
+                output.println ("# Uncomment the following to disable translation library");
+                output.println ("# disable=1");
+                output.println ("#");
+                
+                for (Iterator itr = iterator (); itr.hasNext (); )
+                {
+                        MLSLevel level = (MLSLevel) itr.next ();
+                        String sRange = level.getRange ();
+                        String sName = level.getName ();
+                        
+                        output.print (fixSensitivity (sRange, i_nNumSensitivites, i_nNumCategories));
+                        output.print ('=');
+                        output.println (sName);
+                }
+                output.flush ();
+                
+                return outStream;
+        }
+
+        /**
+         * Return the real MLS/MCS sensitivity based on the one passed in at the max numbers
+         * @param i_sSensitivity - sensitivity string mls_systemlow, mls_systemhigh, 
+         * @param i_nNumSensitivites - max number of sensitivities that are available
+         * @param i_nNumCategories - max number of categories that are available
+         * @return string converted to real sensitivity
+         */
+        public static final String fixSensitivity (String i_sSensitivity, Integer i_nNumSensitivites, Integer i_nNumCategories)
+        {
+                StringBuffer sResult = new StringBuffer (i_sSensitivity);
+                if (i_nNumCategories != null && i_nNumSensitivites != null)
+                {
+                        if (MLS_SystemHigh.equals (i_sSensitivity))
+                        {
+                                sResult = new StringBuffer (25);
+                                sResult.append ("s").append (Math.max (0, i_nNumSensitivites.intValue () -1));
+                                sResult.append (":c0.c").append (Math.max (0, i_nNumCategories.intValue () -1));
+                        }
+                        else if (MLS_SystemLow.equals (i_sSensitivity))
+                        {
+                                sResult = new StringBuffer ("s0");
+                        }
+                }
+                else if (i_nNumCategories != null)
+                {
+                        sResult = new StringBuffer ("s0");
+                        if (MLS_SystemHigh.equals (i_sSensitivity))
+                        {
+                                        sResult.append (":c0.c").append (Math.max (0, i_nNumCategories.intValue () -1));
+                        }                               
+                }
+                return sResult.toString ();
+        }
+
+        /**
-         * getNames
-         * 

branches/custome_policy/framework-plugin/src/com/tresys/framework/compiler/policy/ComponentWithDictObjects.java

@@ -44 +44 @@
-        implements IMLSSetting, ICustomPolicy
-{
-otected
-
-otected
-
-otected
-
-otected
+ivate
+
+ivate
+
+ivate
+
+ivate
-        
-        /**

branches/custome_policy/framework-plugin/src/com/tresys/framework/compiler/policy/Enter.java

@@ -55 +55 @@
-         * The individual entrypoint accesses that will combine to form the enter.
-         */
-
-
-
+
-
-        protected final AbstractToken m_token;
@@ -74 +72 @@
-         */
-        public Enter(IDomain i_start, Domain i_end, EntrypointResource i_ep,
-
+
+
-                m_domain_start = i_start;
-                m_domain_end = i_end;
-                m_entrypoint_resource = i_ep;
-                m_token = i_token;
-
-
+
-                m_bool = i_bool;
-                m_onOrOff = i_activeOnBool;
@@ -91 +89 @@
-         *                      keyed by name
-         */
-
+
+
-                return m_accessDefs;
-        }
@@ -112 +111 @@
-         *                                      <code>false</code> otherwise
-         */
-
-
-
-
-
+
+
-                return m_accessDefs.add(i_defn);
-        }
@@ -125 +121 @@
-        }
-        
+        public void ClearEntryAccessDefns ()
+        {
+                m_accessDefs.clear ();
+        }
-        
-        /**
@@ -131 +131 @@
-         * @return String representation of instance.
-         */
-
+
+
-                return m_domain_start.toString() + Utility.DELIM
-                        + m_domain_end.toString() + Utility.DELIM
@@ -143 +144 @@
-         * @return True if this enter is a subset, false otherwise.
-         */
-{
-       Set/*<EntryAccessDefn>*/otherAccessDefs = i_other
-       
+
+{
+Set/*<EntryAccessDefn>*/otherAccessDefs = i_other
-
-                /*for (EntryAccessDefn defn : accessDefs)*/
-Iterator iter = m_accessDefs.iterator();
-while(iter.hasNext()) 
+for (Iterator iter = m_accessDefs.iterator(); iter.hasNext(); ) 
+
-                        EntryAccessDefn defn = (EntryAccessDefn) iter.next();
-
+
+
-                                return false;
-                        }
@@ -158 +160 @@
-        }
-
-
+
+
-                return m_token;
-        }
-
-
+
+
-                return m_domain_start;
-        }
-
-
+
+
-                return m_domain_end;
-        }
-
-
+
+
-                return m_entrypoint_resource;
-        }
-
-
+
+
-                i_visitor.Visit(this);
-        }
-
-
+
+
-                return m_bool;
-        }
@@ -186 +194 @@
-        }
-
-
+
+
-                m_onOrOff = i_orOff;
-        }
-
-{
-
+
+
-                if(!(i_obj instanceof Enter))
-                        return false;
@@ -210 +219 @@
-                return true;
-        }
-
-
-
+
+
+
+
+
+
+
+
+
+
-        }
-        
@@ -239 +255 @@
-                mIsModified = false;
-        }
-
-
-}

branches/custome_policy/framework-plugin/src/com/tresys/framework/compiler/policy/Policy.java

@@ -210 +210 @@
-        public boolean Add(Resource res) 
-        {
-
-
-
-
+
+
+
-                        return false;                           
-                }
-                
-
+ 
-                {
-                        res.getParent().AddChild(res);
@@ -237 +236 @@
-         *                              <code>false</code> otherwise.
-         */
-
-
-
-
-
-
+
+
+
+
+
-                        return false;                           
-                }
@@ -270 +268 @@
-                if(axx.getResource().IsDescendant(axx.getDomain ())) 
-                {
-
-
+
-                        return false;
-                }
@@ -279 +276 @@
-                if(resourceParent != null && !axx.getDomain ().IsDescendant(resourceParent)) 
-                {
-
-
+
-                        return false;
-                }
@@ -401 +397 @@
-         * @param dobj          The dictionary object the system resource is associated with.
-         * @param sysres        The system resource.
-c
+
-         *                                      already associated with specified resource on failure.
-         */
-(ComponentWithDictObjects comp, IDictionaryObject dobj,
-                                       SystemResource sysres) 
-{
-(sysResources.containsKey
+ (ComponentWithDictObjects comp, IDictionaryObject dobj, SystemResource sysres) 
+{
+       comp.AddSystemResource (dobj, sysres);
+ (sysResources.containsKey 
-                {
-                        return false;
@@ -413 +409 @@
-                sysResources.put(sysres, comp);
-
-                comp.AddSystemResource(dobj, sysres);
-                return true;
-        }
@@ -423 +418 @@
-         * @param dobj          The dictionary object the system resource is associated with.
-         * @param sysres        The file resource.
-c
+
-         *                                      already associated with specified resource on failure.
-         */
-
-
-
+ 
+
+ 
-                {
-                        return false;
-                }
-
-
-
+ 
+
+ 
-                return true;
-        }
@@ -443 +438 @@
-         * @return the map of components
-         */
-
-
-
-
-
+ 
+
+ 
+