ia64/xen-unstable

view tools/security/secpol_xml2bin.h @ 6812:26cf3cfd3bed

Switch vcpu hotplugging to use xstransact.
Signed-off-by: Christian Limpach <Christian.Limpach@cl.cam.ac.uk>
author cl349@firebug.cl.cam.ac.uk
date Tue Sep 13 17:31:13 2005 +0000 (2005-09-13)
parents dd668f7527cb
children b2f4823b6ff0 b35215021b32 9af349b055e5 3233e7ecfa9f
line source
1 /****************************************************************
2 * secpol_xml2bin.h
3 *
4 * Copyright (C) 2005 IBM Corporation
5 *
6 * Authors:
7 * Reiner Sailer <sailer@watson.ibm.com>
8 *
9 * This program is free software; you can redistribute it and/or
10 * modify it under the terms of the GNU General Public License as
11 * published by the Free Software Foundation, version 2 of the
12 * License.
13 *
14 */
15 #define POLICY_SUBDIR "policies/"
16 #define POLICY_EXTENSION "-security_policy.xml"
17 #define LABEL_EXTENSION "-security_label_template.xml"
18 #define BINARY_EXTENSION ".bin"
19 #define MAPPING_EXTENSION ".map"
20 #define PRIMARY_COMPONENT_ATTR_NAME "order"
21 #define BOOTSTRAP_LABEL_ATTR_NAME "bootstrap"
22 #define PRIMARY_COMPONENT "PrimaryPolicyComponent"
23 #define SCHEMA_FILENAME "policies/security_policy.xsd"
25 /* basic states (used as 1 << X) */
26 #define XML2BIN_SECPOL 0 /* policy tokens */
27 #define XML2BIN_STE 1
28 #define XML2BIN_CHWALL 2
29 #define XML2BIN_CONFLICTSETS 3
30 #define XML2BIN_CSTYPE 4
32 #define XML2BIN_SECTEMPLATE 5 /* label tokens */
33 #define XML2BIN_POLICYHEADER 6
34 #define XML2BIN_LABELHEADER 7
35 #define XML2BIN_SUBJECTS 8
36 #define XML2BIN_OBJECTS 9
37 #define XML2BIN_VM 10
38 #define XML2BIN_RES 11
40 #define XML2BIN_STETYPES 12 /* shared tokens */
41 #define XML2BIN_CHWALLTYPES 13
42 #define XML2BIN_TYPE 14
43 #define XML2BIN_NAME 15
44 #define XML2BIN_TEXT 16
45 #define XML2BIN_COMMENT 17
47 /* type "data type" (currently 16bit) */
48 typedef u_int16_t type_t;
50 /* list of known elements and token equivalent *
51 * state constants and token positions must be *
52 * in sync for correct state recognition */
54 char *token[20] = /* parser triggers */
55 {
56 [0] = "SecurityPolicyDefinition", /* policy xml */
57 [1] = "SimpleTypeEnforcement",
58 [2] = "ChineseWall",
59 [3] = "ConflictSets",
60 [4] = "Conflict", /* label-template xml */
61 [5] = "SecurityLabelTemplate",
62 [6] = "PolicyHeader",
63 [7] = "LabelHeader",
64 [8] = "SubjectLabels",
65 [9] = "ObjectLabels",
66 [10] = "VirtualMachineLabel",
67 [11] = "ResourceLabel",
68 [12] = "SimpleTypeEnforcementTypes", /* common tags */
69 [13] = "ChineseWallTypes",
70 [14] = "Type",
71 [15] = "Name",
72 [16] = "text",
73 [17] = "comment",
74 [18] = NULL,
75 };
77 /* important combined states */
78 #define XML2BIN_NULL 0
80 /* policy xml parsing states _S */
82 /* e.g., here we are in a <secpol,ste,stetypes> environment, *
83 * so when finding a type element, we know where to put it */
84 #define XML2BIN_stetype_S ((1 << XML2BIN_SECPOL) | \
85 (1 << XML2BIN_STE) | \
86 (1 << XML2BIN_STETYPES))
88 #define XML2BIN_chwalltype_S ((1 << XML2BIN_SECPOL) | \
89 (1 << XML2BIN_CHWALL) | \
90 (1 << XML2BIN_CHWALLTYPES))
92 #define XML2BIN_conflictset_S ((1 << XML2BIN_SECPOL) | \
93 (1 << XML2BIN_CHWALL) | \
94 (1 << XML2BIN_CONFLICTSETS))
96 #define XML2BIN_conflictsettype_S ((1 << XML2BIN_SECPOL) | \
97 (1 << XML2BIN_CHWALL) | \
98 (1 << XML2BIN_CONFLICTSETS) | \
99 (1 << XML2BIN_CSTYPE))
102 /* label xml states */
103 #define XML2BIN_VM_S ((1 << XML2BIN_SECTEMPLATE) | \
104 (1 << XML2BIN_SUBJECTS) | \
105 (1 << XML2BIN_VM))
107 #define XML2BIN_RES_S ((1 << XML2BIN_SECTEMPLATE) | \
108 (1 << XML2BIN_OBJECTS) | \
109 (1 << XML2BIN_RES))
111 #define XML2BIN_VM_STE_S ((1 << XML2BIN_SECTEMPLATE) | \
112 (1 << XML2BIN_SUBJECTS) | \
113 (1 << XML2BIN_VM) | \
114 (1 << XML2BIN_STETYPES))
116 #define XML2BIN_VM_CHWALL_S ((1 << XML2BIN_SECTEMPLATE) | \
117 (1 << XML2BIN_SUBJECTS) | \
118 (1 << XML2BIN_VM) | \
119 (1 << XML2BIN_CHWALLTYPES))
121 #define XML2BIN_RES_STE_S ((1 << XML2BIN_SECTEMPLATE) | \
122 (1 << XML2BIN_OBJECTS) | \
123 (1 << XML2BIN_RES) | \
124 (1 << XML2BIN_STETYPES))
128 /* check versions of headers against which the
129 * xml2bin translation tool was written
130 */
132 /* protects from unnoticed changes in struct acm_policy_buffer */
133 #define WRITTEN_AGAINST_ACM_POLICY_VERSION 1
135 /* protects from unnoticed changes in struct acm_chwall_policy_buffer */
136 #define WRITTEN_AGAINST_ACM_CHWALL_VERSION 1
138 /* protects from unnoticed changes in struct acm_ste_policy_buffer */
139 #define WRITTEN_AGAINST_ACM_STE_VERSION 1