direct-io.hg

view tools/security/secpol_xml2bin.h @ 11330:3e54734e55f3

[IA64] Remove extraneous verbose output to clean up Fedora boot.

Signed-off-by: Aron Griffis <aron@hp.com>
author awilliam@xenbuild.aw
date Wed Aug 23 13:26:46 2006 -0600 (2006-08-23)
parents ad30019015a2
children 50965ae270c9
line source
1 /****************************************************************
2 * secpol_xml2bin.h
3 *
4 * Copyright (C) 2005 IBM Corporation
5 *
6 * Authors:
7 * Reiner Sailer <sailer@watson.ibm.com>
8 *
9 * This program is free software; you can redistribute it and/or
10 * modify it under the terms of the GNU General Public License as
11 * published by the Free Software Foundation, version 2 of the
12 * License.
13 *
14 */
15 #define POLICY_DIR "/etc/xen/acm-security/policies/"
16 #define POLICY_EXTENSION "-security_policy.xml"
17 #define BINARY_EXTENSION ".bin"
18 #define MAPPING_EXTENSION ".map"
19 #define PRIMARY_COMPONENT_ATTR_NAME "order"
20 #define BOOTSTRAP_LABEL_ATTR_NAME "bootstrap"
21 #define PRIMARY_COMPONENT "PrimaryPolicyComponent"
22 #define SCHEMA_FILENAME "security_policy.xsd"
24 /* basic states (used as 1 << X) */
25 #define ENDOFLIST_POS 22 /* ADAPT!! this position will be NULL; stay below 32 (bit) */
26 #define XML2BIN_SECPOL 0 /* policy tokens */
27 #define XML2BIN_STE 1
28 #define XML2BIN_CHWALL 2
29 #define XML2BIN_CONFLICTSETS 3
30 #define XML2BIN_CSTYPE 4
31 #define XML2BIN_POLICYHEADER 5
32 #define XML2BIN_NSURL 6
33 #define XML2BIN_POLICYNAME 7
34 #define XML2BIN_URL 8
35 #define XML2BIN_REFERENCE 9
36 #define XML2BIN_DATE 10
38 #define XML2BIN_LABELTEMPLATE 11 /* label tokens */
39 #define XML2BIN_SUBJECTS 12
40 #define XML2BIN_OBJECTS 13
41 #define XML2BIN_VM 14
42 #define XML2BIN_RES 15
43 #define XML2BIN_NAME 16
45 #define XML2BIN_STETYPES 17 /* shared tokens */
46 #define XML2BIN_CHWALLTYPES 18
47 #define XML2BIN_TYPE 19
48 #define XML2BIN_TEXT 20
49 #define XML2BIN_COMMENT 21
51 /* type "data type" (currently 16bit) */
52 typedef u_int16_t type_t;
54 /* list of known elements and token equivalent *
55 * state constants and token positions must be *
56 * in sync for correct state recognition */
58 char *token[32] = /* parser triggers */
59 {
60 [XML2BIN_SECPOL] = "SecurityPolicyDefinition", /* policy xml */
61 [XML2BIN_STE] = "SimpleTypeEnforcement",
62 [XML2BIN_CHWALL] = "ChineseWall",
63 [XML2BIN_CONFLICTSETS] = "ConflictSets",
64 [XML2BIN_CSTYPE] = "Conflict",
65 [XML2BIN_POLICYHEADER] = "PolicyHeader",
66 [XML2BIN_NSURL] = "NameSpaceUrl",
67 [XML2BIN_POLICYNAME] = "PolicyName",
68 [XML2BIN_URL] = "PolicyUrl",
69 [XML2BIN_REFERENCE] = "Reference",
70 [XML2BIN_DATE] = "Date",
72 [XML2BIN_LABELTEMPLATE] = "SecurityLabelTemplate", /* label-template xml */
73 [XML2BIN_SUBJECTS] = "SubjectLabels",
74 [XML2BIN_OBJECTS] = "ObjectLabels",
75 [XML2BIN_VM] = "VirtualMachineLabel",
76 [XML2BIN_RES] = "ResourceLabel",
77 [XML2BIN_NAME] = "Name",
79 [XML2BIN_STETYPES] = "SimpleTypeEnforcementTypes", /* common tags */
80 [XML2BIN_CHWALLTYPES] = "ChineseWallTypes",
81 [XML2BIN_TYPE] = "Type",
82 [XML2BIN_TEXT] = "text",
83 [XML2BIN_COMMENT] = "comment",
84 [ENDOFLIST_POS] = NULL /* End of LIST, adapt ENDOFLIST_POS
85 when adding entries */
86 };
88 /* important combined states */
89 #define XML2BIN_NULL 0
91 /* policy xml parsing states _S */
93 /* e.g., here we are in a <secpol,ste,stetypes> environment, *
94 * so when finding a type element, we know where to put it */
95 #define XML2BIN_stetype_S ((1 << XML2BIN_SECPOL) | \
96 (1 << XML2BIN_STE) | \
97 (1 << XML2BIN_STETYPES))
99 #define XML2BIN_chwalltype_S ((1 << XML2BIN_SECPOL) | \
100 (1 << XML2BIN_CHWALL) | \
101 (1 << XML2BIN_CHWALLTYPES))
103 #define XML2BIN_conflictset_S ((1 << XML2BIN_SECPOL) | \
104 (1 << XML2BIN_CHWALL) | \
105 (1 << XML2BIN_CONFLICTSETS))
107 #define XML2BIN_conflictsettype_S ((1 << XML2BIN_SECPOL) | \
108 (1 << XML2BIN_CHWALL) | \
109 (1 << XML2BIN_CONFLICTSETS) | \
110 (1 << XML2BIN_CSTYPE))
112 #define XML2BIN_PN_S ((1 << XML2BIN_SECPOL) | \
113 (1 << XML2BIN_POLICYHEADER))
115 /* label xml states */
116 #define XML2BIN_VM_S ((1 << XML2BIN_SECPOL) | \
117 (1 << XML2BIN_LABELTEMPLATE) | \
118 (1 << XML2BIN_SUBJECTS) | \
119 (1 << XML2BIN_VM))
121 #define XML2BIN_RES_S ((1 << XML2BIN_SECPOL) | \
122 (1 << XML2BIN_LABELTEMPLATE) | \
123 (1 << XML2BIN_OBJECTS) | \
124 (1 << XML2BIN_RES))
126 #define XML2BIN_VM_STE_S ((1 << XML2BIN_SECPOL) | \
127 (1 << XML2BIN_LABELTEMPLATE) | \
128 (1 << XML2BIN_SUBJECTS) | \
129 (1 << XML2BIN_VM) | \
130 (1 << XML2BIN_STETYPES))
132 #define XML2BIN_VM_CHWALL_S ((1 << XML2BIN_SECPOL) | \
133 (1 << XML2BIN_LABELTEMPLATE) | \
134 (1 << XML2BIN_SUBJECTS) | \
135 (1 << XML2BIN_VM) | \
136 (1 << XML2BIN_CHWALLTYPES))
138 #define XML2BIN_RES_STE_S ((1 << XML2BIN_SECPOL) | \
139 (1 << XML2BIN_LABELTEMPLATE) | \
140 (1 << XML2BIN_OBJECTS) | \
141 (1 << XML2BIN_RES) | \
142 (1 << XML2BIN_STETYPES))
145 /* check versions of headers against which the
146 * xml2bin translation tool was written
147 */
149 /* protects from unnoticed changes in struct acm_policy_buffer */
150 #define WRITTEN_AGAINST_ACM_POLICY_VERSION 2
152 /* protects from unnoticed changes in struct acm_chwall_policy_buffer */
153 #define WRITTEN_AGAINST_ACM_CHWALL_VERSION 1
155 /* protects from unnoticed changes in struct acm_ste_policy_buffer */
156 #define WRITTEN_AGAINST_ACM_STE_VERSION 1