ia64/xen-unstable

changeset 5516:3699b115059d

bitkeeper revision 1.1718.1.9 (42b7443fk-ybxUDza1p_kN1D8hzjRw)

Many files:
new file
author smh22@firebug.cl.cam.ac.uk
date Mon Jun 20 22:33:35 2005 +0000 (2005-06-20)
parents 228f78f614cb
children 10e9028c8e3d
files .rootkeys tools/misc/policyprocessor/SecurityLabel.java tools/misc/policyprocessor/SecurityPolicySpec.xsd tools/misc/policyprocessor/SsidsEntry.java tools/misc/policyprocessor/XmlToBin.java tools/misc/policyprocessor/XmlToBinInterface.java tools/misc/policyprocessor/myHandler.java tools/misc/policyprocessor/readme.install tools/misc/policyprocessor/readme.xen tools/misc/policyprocessor/xen_sample_def.xml tools/misc/policyprocessor/xen_sample_policy.xml
line diff
     1.1 --- a/.rootkeys	Mon Jun 20 22:30:03 2005 +0000
     1.2 +++ b/.rootkeys	Mon Jun 20 22:33:35 2005 +0000
     1.3 @@ -778,6 +778,16 @@ 3f6dc142IHaf6XIcAYGmhV9nNSIHFQ tools/mis
     1.4  40c9c469kT0H9COWzA4XzPBjWK0WsA tools/misc/netfix
     1.5  4022a73cEKvrYe_DVZW2JlAxobg9wg tools/misc/nsplitd/Makefile
     1.6  4022a73cKms4Oq030x2JBzUB426lAQ tools/misc/nsplitd/nsplitd.c
     1.7 +42b74436oXEaaUH_dPcGFviMiwNgCQ tools/misc/policyprocessor/SecurityLabel.java
     1.8 +42b74436fIW8ZI3pUpu13-Ox6G2cOA tools/misc/policyprocessor/SecurityPolicySpec.xsd
     1.9 +42b74436T4CN4HMWsuaHD2zS8jY1BA tools/misc/policyprocessor/SsidsEntry.java
    1.10 +42b74436Dk3WKJl6-SyP3LEBo3DXkQ tools/misc/policyprocessor/XmlToBin.java
    1.11 +42b74436ABj4SOVBWqY_IEIboFUkeA tools/misc/policyprocessor/XmlToBinInterface.java
    1.12 +42b7443684kBOrEBKFod4fGvnJ-rdA tools/misc/policyprocessor/myHandler.java
    1.13 +42b74436JjvZmOp2DfMb-TnpGZXQ8w tools/misc/policyprocessor/readme.install
    1.14 +42b74436-0Ig0yb-w1BYyCAFVTwqUg tools/misc/policyprocessor/readme.xen
    1.15 +42b74436WAJ6lmTO3foadk2527PFBQ tools/misc/policyprocessor/xen_sample_def.xml
    1.16 +42b744365VrTALmqRroQOBZ9EopUsw tools/misc/policyprocessor/xen_sample_policy.xml
    1.17  42308df9dv_ZuP49nNPIROEMQ3F_LA tools/misc/xc_shadow.c
    1.18  3f5ef5a2ir1kVAthS14Dc5QIRCEFWg tools/misc/xen-clone
    1.19  3f5ef5a2dTZP0nnsFoeq2jRf3mWDDg tools/misc/xen-clone.README
     2.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
     2.2 +++ b/tools/misc/policyprocessor/SecurityLabel.java	Mon Jun 20 22:33:35 2005 +0000
     2.3 @@ -0,0 +1,34 @@
     2.4 +/**
     2.5 + * (C) Copyright IBM Corp. 2005
     2.6 + *
     2.7 + * $Id: SecurityLabel.java,v 1.2 2005/06/17 20:00:04 rvaldez Exp $
     2.8 + *
     2.9 + * Author: Ray Valdez
    2.10 + *
    2.11 + * This program is free software; you can redistribute it and/or
    2.12 + * modify it under the terms of the GNU General Public License as
    2.13 + * published by the Free Software Foundation, version 2 of the
    2.14 + * License.
    2.15 + *
    2.16 + * SecurityLabel Class.  
    2.17 + *
    2.18 + * <p>
    2.19 + *
    2.20 + * Keeps track of types.
    2.21 + *
    2.22 + * <p>
    2.23 + *
    2.24 + *
    2.25 + */
    2.26 +import java.util.*;
    2.27 +public class SecurityLabel
    2.28 +{
    2.29 + Vector ids;
    2.30 + Vector vlans;
    2.31 + Vector slots;
    2.32 + Vector steTypes;
    2.33 + int steSsidPosition;
    2.34 + Vector chwIDs;
    2.35 + Vector chwTypes;
    2.36 + int chwSsidPosition;
    2.37 +}
     3.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
     3.2 +++ b/tools/misc/policyprocessor/SecurityPolicySpec.xsd	Mon Jun 20 22:33:35 2005 +0000
     3.3 @@ -0,0 +1,115 @@
     3.4 +<?xml version="1.0" encoding="UTF-8"?>
     3.5 +<!-- Author: Ray Valdez, rvaldez@us.ibm.com -->
     3.6 +<!-- xml schema definition for xen xml policies -->
     3.7 +<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema"
     3.8 +targetNamespace="http://www.ibm.com"
     3.9 +xmlns="http://www.ibm.com" 
    3.10 +elementFormDefault="qualified">
    3.11 +
    3.12 +<xsd:element name="TE" type="xsd:string" />
    3.13 +<xsd:element name="ChWall" type="xsd:string" />
    3.14 +
    3.15 +<xsd:element name="Definition">
    3.16 +  <xsd:complexType>
    3.17 + 	<xsd:sequence>
    3.18 +
    3.19 +	  <!-- simple type enforcement -->
    3.20 +	  <xsd:element name="Types" minOccurs ="0" maxOccurs="1">
    3.21 +		<xsd:complexType>
    3.22 +		  <xsd:sequence>
    3.23 +			<xsd:element ref="TE" minOccurs ="1" maxOccurs ="unbounded"/>
    3.24 +		  </xsd:sequence>
    3.25 +		</xsd:complexType>
    3.26 +	  </xsd:element>
    3.27 +
    3.28 +	  <!-- chinese wall -->
    3.29 +	  <!--   type definition -->
    3.30 +	  <xsd:element name="ChWallTypes" minOccurs ="0" maxOccurs="1">
    3.31 +		<xsd:complexType>
    3.32 +		  <xsd:sequence>
    3.33 +			<xsd:element ref="ChWall"  minOccurs ="1" maxOccurs ="unbounded"/>
    3.34 +
    3.35 +      	   	</xsd:sequence>
    3.36 +          </xsd:complexType>
    3.37 +	</xsd:element>
    3.38 +
    3.39 +  	<!--   conflict set -->
    3.40 +	  <xsd:element name="ConflictSet" minOccurs ="0" maxOccurs="unbounded">
    3.41 +		<xsd:complexType>
    3.42 +		  <xsd:sequence>
    3.43 +			<xsd:element ref="ChWall"  minOccurs ="2" maxOccurs ="unbounded"/>
    3.44 +		  </xsd:sequence>
    3.45 +		</xsd:complexType>
    3.46 +	</xsd:element>
    3.47 +
    3.48 +	</xsd:sequence>
    3.49 +  </xsd:complexType>
    3.50 +</xsd:element>
    3.51 +
    3.52 +<xsd:element name="Policy">
    3.53 +    <xsd:complexType>
    3.54 +      <xsd:sequence>
    3.55 +
    3.56 +	<xsd:element name="PolicyHeader">
    3.57 +    	<xsd:complexType>
    3.58 +      	   <xsd:all>
    3.59 +		<xsd:element name = "Name" type="xsd:string"/>
    3.60 +		<xsd:element name = "DateTime" type="xsd:dateTime"/>
    3.61 +		<xsd:element name = "Tag" minOccurs ="1" maxOccurs ="1" type="xsd:string"/>
    3.62 +		<xsd:element name = "TypeDefinition">
    3.63 +    		<xsd:complexType>
    3.64 +      	   	  <xsd:all>
    3.65 +			<xsd:element name = "url" type="xsd:string"/>
    3.66 +			<xsd:element name = "hash" minOccurs ="0" maxOccurs ="1" type="xsd:string"/>
    3.67 +      	   	  </xsd:all>
    3.68 +    		</xsd:complexType>
    3.69 +		</xsd:element>
    3.70 +
    3.71 +      	   </xsd:all>
    3.72 +    	</xsd:complexType>
    3.73 +	</xsd:element>
    3.74 +
    3.75 +	<xsd:element name="VM" minOccurs ="1" maxOccurs="unbounded">
    3.76 +    	  <xsd:complexType>
    3.77 +      	   <xsd:sequence>
    3.78 +		<xsd:element name="id" type="xsd:integer"/>
    3.79 +		<xsd:element ref="TE" minOccurs="0" maxOccurs="unbounded" />
    3.80 +		<xsd:element ref="ChWall" minOccurs ="0" maxOccurs="unbounded"/>
    3.81 +      	   </xsd:sequence>
    3.82 +    	  </xsd:complexType>
    3.83 +	</xsd:element>
    3.84 +
    3.85 +	<xsd:element name="Vlan" minOccurs ="0" maxOccurs="unbounded">
    3.86 +    	  <xsd:complexType>
    3.87 +      	   <xsd:sequence>
    3.88 +		<xsd:element name="vid" type="xsd:integer"/>
    3.89 +		<xsd:element ref="TE" minOccurs="1" maxOccurs="unbounded" />
    3.90 +      	   </xsd:sequence>
    3.91 +    	  </xsd:complexType>
    3.92 +	</xsd:element>
    3.93 +
    3.94 +	<xsd:element name="Slot" minOccurs ="0" maxOccurs="unbounded">
    3.95 +    	  <xsd:complexType>
    3.96 +      	   <xsd:sequence>
    3.97 +		<xsd:element name="bus" type="xsd:integer"/>
    3.98 +		<xsd:element name="slot" type="xsd:integer"/>
    3.99 +		<xsd:element ref="TE" minOccurs="1" maxOccurs="unbounded" />
   3.100 +      	   </xsd:sequence>
   3.101 +    	  </xsd:complexType>
   3.102 +	</xsd:element>
   3.103 +
   3.104 +
   3.105 +      </xsd:sequence>
   3.106 +    </xsd:complexType>
   3.107 +</xsd:element>
   3.108 +
   3.109 +<!-- root element -->
   3.110 +<xsd:element name="SecurityPolicySpec">
   3.111 +    <xsd:complexType>
   3.112 +      <xsd:choice>
   3.113 +		<xsd:element ref="Definition" minOccurs ="1" maxOccurs="unbounded"/>
   3.114 +		<xsd:element ref="Policy" minOccurs ="1" maxOccurs="unbounded"/>
   3.115 +      </xsd:choice>
   3.116 +    </xsd:complexType>
   3.117 +</xsd:element>
   3.118 +</xsd:schema>
     4.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
     4.2 +++ b/tools/misc/policyprocessor/SsidsEntry.java	Mon Jun 20 22:33:35 2005 +0000
     4.3 @@ -0,0 +1,29 @@
     4.4 +/**
     4.5 + * (C) Copyright IBM Corp. 2005
     4.6 + *
     4.7 + * $Id: SsidsEntry.java,v 1.2 2005/06/17 20:02:40 rvaldez Exp $
     4.8 + *
     4.9 + * Author: Ray Valdez
    4.10 + * 
    4.11 + * This program is free software; you can redistribute it and/or
    4.12 + * modify it under the terms of the GNU General Public License as
    4.13 + * published by the Free Software Foundation, version 2 of the
    4.14 + * License.
    4.15 + *
    4.16 + * SsidsEntry Class.  
    4.17 + * <p>
    4.18 + *
    4.19 + * Holds ssid information.
    4.20 + *
    4.21 + * <p>
    4.22 + *
    4.23 + *
    4.24 + */
    4.25 +public class SsidsEntry 
    4.26 + {
    4.27 +  int id;	/* used for partition and vlan */
    4.28 +  int bus;	/* used for slots */
    4.29 +  int slot;
    4.30 +  int ste = 0xffffffff;
    4.31 +  int chw = 0xffffffff;
    4.32 + }
     5.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
     5.2 +++ b/tools/misc/policyprocessor/XmlToBin.java	Mon Jun 20 22:33:35 2005 +0000
     5.3 @@ -0,0 +1,1588 @@
     5.4 +/**
     5.5 + * (C) Copyright IBM Corp. 2005
     5.6 + *
     5.7 + * $Id: XmlToBin.java,v 1.2 2005/06/17 20:00:04 rvaldez Exp $
     5.8 + *
     5.9 + * Author: Ray Valdez
    5.10 + *
    5.11 + * This program is free software; you can redistribute it and/or
    5.12 + * modify it under the terms of the GNU General Public License as
    5.13 + * published by the Free Software Foundation, version 2 of the
    5.14 + * License.
    5.15 + *
    5.16 + * XmlToBin  Class.  
    5.17 + * <p>
    5.18 + *
    5.19 + * Translates a xml representation of a SHYPE policy into a binary  
    5.20 + * format.  The class processes an xml policy file based on elment tags 
    5.21 + * defined in a schema definition files: SecurityPolicySpec.xsd.
    5.22 + *
    5.23 + * XmlToBin Command line Options: 
    5.24 + *
    5.25 + *      -i              inputFile:      name of policyfile (.xml)
    5.26 + *      -o              outputFile:     name of binary policy file (Big Endian)
    5.27 + *      -xssid          SsidFile:       xen ssids to types text file
    5.28 + *      -xssidconf      SsidConf:   	xen conflict ssids to types text file
    5.29 + *      -debug                          turn on debug messages
    5.30 + *      -help                           help. This printout
    5.31 + *
    5.32 + * <p>
    5.33 + *
    5.34 + *
    5.35 + */
    5.36 +import java.util.*;
    5.37 +import java.io.*;
    5.38 +import java.io.IOException;
    5.39 +import java.io.FileNotFoundException;
    5.40 +import org.w3c.dom.Document;
    5.41 +import org.w3c.dom.Element;
    5.42 +import org.w3c.dom.Node;
    5.43 +import org.w3c.dom.Attr;
    5.44 +import org.w3c.dom.NodeList;
    5.45 +import org.w3c.dom.NamedNodeMap;
    5.46 +import org.xml.sax.*;
    5.47 +import javax.xml.parsers.*;
    5.48 +import org.xml.sax.helpers.*;
    5.49 +
    5.50 +public class XmlToBin 
    5.51 + implements XmlToBinInterface
    5.52 +{
    5.53 +  class SlotInfo {
    5.54 +	String bus;
    5.55 +	String slot;
    5.56 +  }
    5.57 +
    5.58 + boolean LittleEndian = false;
    5.59 + boolean debug = false;
    5.60 +
    5.61 + static final String JAXP_SCHEMA_LANGUAGE = "http://java.sun.com/xml/jaxp/properties/schemaLanguage";
    5.62 +
    5.63 + static final String W3C_XML_SCHEMA = "http://www.w3.org/2001/XMLSchema";
    5.64 +
    5.65 + public static void printUsage()
    5.66 + {
    5.67 +  System.out.println("XmlToBin Command line Options: ");
    5.68 +  System.out.println("\t-i\t\tinputFile:\tname of policyfile (.xml)");
    5.69 +  System.out.println("\t-o\t\toutputFile:\tname of binary policy file (Big Endian)");
    5.70 +  System.out.println("\t-xssid\t\tSsidFile:\tXen ssids to named types text file");
    5.71 +  System.out.println("\t-xssidconf\tSsidConfFile:\tXen conflict ssids to named types text file");
    5.72 +  System.out.println("\t-debug\t\t\t\tturn on debug messages");
    5.73 +  System.out.println("\t-help\t\t\t\thelp. This printout");
    5.74 +  return;
    5.75 + }
    5.76 +
    5.77 + public void printDebug(String message) 
    5.78 + {
    5.79 +  if (debug)
    5.80 +    System.out.println(message);
    5.81 + }
    5.82 +
    5.83 + public void writeBinPolicy(byte[] binPolicy, String outputFileName)
    5.84 +  throws Exception
    5.85 + {
    5.86 +    if (debug) 
    5.87 +    	printHex(binPolicy,binPolicy.length);
    5.88 +
    5.89 +    DataOutputStream writeObj = new DataOutputStream(
    5.90 +                                new FileOutputStream(outputFileName));
    5.91 +
    5.92 +    writeObj.write(binPolicy);
    5.93 +    writeObj.flush();
    5.94 +    writeObj.close();
    5.95 +    System.out.println(" wBP:: wrote outputfile: " + outputFileName);
    5.96 +
    5.97 +    return; 
    5.98 + }  
    5.99 +
   5.100 + public void writeXenTypeVectorFile(Vector list, String outputFileName)
   5.101 +  throws Exception
   5.102 + {
   5.103 +  PrintWriter out;
   5.104 +
   5.105 +  if (0 == list.size())
   5.106 +  {
   5.107 +   	printDebug(" wSTF : size of input is zero when writing :" + outputFileName); 
   5.108 +	return;
   5.109 +  }
   5.110 + out = new PrintWriter(
   5.111 +	 	new BufferedWriter(
   5.112 +                      new FileWriter(outputFileName)));
   5.113 +
   5.114 +
   5.115 +  for (int i = 0; i < list.size(); i++)
   5.116 +  {
   5.117 +	Vector	ee = (Vector) list.elementAt(i);
   5.118 +   	out.println(i + " " +ee.toString());
   5.119 +  } 
   5.120 +    out.close();
   5.121 +   
   5.122 +    return; 
   5.123 + }
   5.124 +
   5.125 + public void writeXenTypeFile(Vector list, String outputFileName, boolean slabel)
   5.126 +  throws Exception
   5.127 + {
   5.128 +  Vector entry; 
   5.129 +  String strTypes = "";
   5.130 +  SecurityLabel ee;
   5.131 +  PrintWriter out;
   5.132 +
   5.133 +  if (0 == list.size())
   5.134 +  {
   5.135 +   	printDebug(" wSTF : size of input is zero when writing :" + outputFileName); 
   5.136 +	return;
   5.137 +  }
   5.138 +  out = new PrintWriter(
   5.139 +	 	new BufferedWriter(
   5.140 +                      new FileWriter(outputFileName)));
   5.141 +
   5.142 +  for (int i = 0; i < list.size(); i++)
   5.143 +  {
   5.144 +	ee = (SecurityLabel) list.elementAt(i);
   5.145 +
   5.146 +	if (slabel)
   5.147 +	{
   5.148 +		entry = ee.steTypes; 
   5.149 +	} else {
   5.150 +
   5.151 +		entry = ee.chwTypes; 
   5.152 +	}
   5.153 +	if (null == entry) continue;
   5.154 +
   5.155 +	Enumeration e = entry.elements(); 
   5.156 +	while (e.hasMoreElements())
   5.157 +	{
   5.158 +  	  String typeName = (String) e.nextElement(); 
   5.159 +	  strTypes = strTypes + " " + typeName;
   5.160 +        }
   5.161 +    	  printDebug(" WXTF:: ssid : "+i +" :"+strTypes); 
   5.162 +   	  out.println(i +" "+strTypes);
   5.163 +	  strTypes = "";
   5.164 +  } 
   5.165 +  out.close();
   5.166 +   
   5.167 +  return; 
   5.168 + }
   5.169 +
   5.170 + public void setDebug(boolean value)
   5.171 + {
   5.172 +  debug=value;
   5.173 + }
   5.174 +
   5.175 + public void setEndian(boolean value)
   5.176 + {
   5.177 +  LittleEndian = value;
   5.178 + }
   5.179 +
   5.180 + public byte[] generateVlanSsids(Vector bagOfSsids)
   5.181 +  throws Exception
   5.182 + {
   5.183 +  /**
   5.184 +        typedef struct {
   5.185 +        u16 vlan;
   5.186 +        u16 ssid_ste;
   5.187 +        } acm_vlan_entry_t;
   5.188 +  **/
   5.189 +
   5.190 +  Hashtable  vlanSsid = new Hashtable();
   5.191 +  printDebug(" gVS::Size of bagOfSsids: "+ bagOfSsids.size());
   5.192 +
   5.193 +  /* Get the number of partitions */
   5.194 +  for (int i = 0; i < bagOfSsids.size(); i++)
   5.195 +  {
   5.196 +	SecurityLabel entry = (SecurityLabel) bagOfSsids.elementAt(i);
   5.197 +
   5.198 +	if (null == entry.vlans)
   5.199 +	  continue;
   5.200 +
   5.201 +	Enumeration e = entry.vlans.elements(); 
   5.202 +	while (e.hasMoreElements())
   5.203 +	{
   5.204 +  	  String id = (String) e.nextElement(); 
   5.205 +      	  printDebug(" gVS:: vlan: " + id + "has ste ssid: " + entry.steSsidPosition);
   5.206 +	  if (-1 == entry.steSsidPosition)
   5.207 +		continue;  
   5.208 +
   5.209 +	  /* Only use ste for vlan */
   5.210 +	  SsidsEntry  ssidsObj = new SsidsEntry();
   5.211 +
   5.212 +	  ssidsObj.id = Integer.parseInt(id); 
   5.213 +	  ssidsObj.ste = entry.steSsidPosition;
   5.214 +
   5.215 +	  if (vlanSsid.contains(id))
   5.216 +      	  	printDebug(" gVS:: Error already in the Hash part:" + ssidsObj.id);
   5.217 +	  else 
   5.218 + 		vlanSsid.put(id, ssidsObj);
   5.219 +      	  	printDebug(" gVS:: added part: " + id + "has ste ssid: " + entry.steSsidPosition);
   5.220 +	}
   5.221 +  }
   5.222 +
   5.223 +  /* allocate array */ 
   5.224 +  int numOfVlan = vlanSsid.size();
   5.225 +  int totalSize = (numOfVlan * vlanEntrySz);  
   5.226 +
   5.227 +  if (0 == numOfVlan) 
   5.228 +  {
   5.229 +  	printDebug(" gVS:: vlan: binary ==> zero");
   5.230 +        return new byte[0];
   5.231 +  }
   5.232 +
   5.233 +  byte[] vlanArray = new byte[totalSize];
   5.234 +
   5.235 +  int index = 0;
   5.236 +
   5.237 +  Enumeration e = vlanSsid.elements(); 
   5.238 +  while (e.hasMoreElements())
   5.239 +  {
   5.240 +  	SsidsEntry entry = (SsidsEntry) e.nextElement(); 
   5.241 +      	printDebug(" gVS:: part: " + entry.id + " ste ssid: " + entry.ste);
   5.242 +
   5.243 +	/* Write id */
   5.244 +   	writeShortToStream(vlanArray,(short)entry.id,index);
   5.245 +	index = index + u16Size;
   5.246 +
   5.247 +	/* write ste ssid */
   5.248 +   	writeShortToStream(vlanArray,(short) entry.ste,index);
   5.249 +	index = index + u16Size;
   5.250 +  }
   5.251 +
   5.252 +  printDebug(" gVS:: vlan: num of vlans  " + numOfVlan);
   5.253 +  printDebug(" gVS:: vlan: binary ==> Length "+ vlanArray.length);
   5.254 +
   5.255 +  if (debug) 
   5.256 +	printHex(vlanArray,vlanArray.length);
   5.257 +  printDebug("\n");
   5.258 +
   5.259 +  return vlanArray; 
   5.260 + }  
   5.261 +
   5.262 + public byte[] generateSlotSsids(Vector bagOfSsids)
   5.263 +  throws Exception
   5.264 + {
   5.265 +  /**
   5.266 +        typedef struct {
   5.267 +        u16 slot_max;
   5.268 +        u16 slot_offset;
   5.269 +        } acm_slot_buffer_t;
   5.270 +
   5.271 +        typedef struct {
   5.272 +        u16 bus;
   5.273 +        u16 slot;
   5.274 +        u16 ssid_ste;
   5.275 +        } acm_slot_entry_t;
   5.276 +  **/
   5.277 +  Hashtable  slotSsid = new Hashtable();
   5.278 +  printDebug(" gSS::Size of bagOfSsids: "+ bagOfSsids.size());
   5.279 +
   5.280 +  /* Find the number of VMs */ 
   5.281 +  for (int i = 0; i < bagOfSsids.size(); i++)
   5.282 +  {
   5.283 +	SecurityLabel entry = (SecurityLabel) bagOfSsids.elementAt(i);
   5.284 +
   5.285 +	if (null == entry.slots)
   5.286 +	  continue;
   5.287 +
   5.288 +	Enumeration e = entry.slots.elements(); 
   5.289 +	while (e.hasMoreElements())
   5.290 +	{
   5.291 +  	  SlotInfo item = (SlotInfo) e.nextElement(); 
   5.292 +      	  printDebug(" gSS:: bus slot: " + item.bus + " "+ item.slot + " " +  entry.steSsidPosition);
   5.293 +	  if (-1 == entry.steSsidPosition)
   5.294 +		continue;  
   5.295 +
   5.296 +	  SsidsEntry  ssidsObj = new SsidsEntry();
   5.297 +
   5.298 +	  String id = item.bus +" "+item.slot;
   5.299 +	  ssidsObj.bus = Integer.parseInt(item.bus); 
   5.300 +	  ssidsObj.slot = Integer.parseInt(item.slot); 
   5.301 +	  /* set ste ssid */
   5.302 +	  ssidsObj.ste = entry.steSsidPosition;
   5.303 +
   5.304 +	  if (slotSsid.contains(id))
   5.305 +      	  	printDebug(" gSS:: Error already in the Hash part:" + id);
   5.306 +	  else 
   5.307 +	  	slotSsid.put(id, ssidsObj);
   5.308 +
   5.309 +      	  	printDebug(" gSS:: added slot: " + id + "has ste ssid: " + entry.steSsidPosition);
   5.310 +	}
   5.311 +  }
   5.312 +
   5.313 +  /* allocate array */
   5.314 +  int numOfSlot = slotSsid.size();
   5.315 +
   5.316 +  if (0 == numOfSlot) 
   5.317 +  {
   5.318 +  	printDebug(" gVS:: slot: binary ==> zero");
   5.319 +        return new byte[0];
   5.320 +  }
   5.321 +
   5.322 +  int totalSize = (numOfSlot * slotEntrySz);  
   5.323 +
   5.324 +  byte[] slotArray = new byte[totalSize];
   5.325 +
   5.326 +  int index = 0;
   5.327 +
   5.328 +  Enumeration e = slotSsid.elements(); 
   5.329 +  while (e.hasMoreElements())
   5.330 +  {
   5.331 +  	SsidsEntry entry = (SsidsEntry) e.nextElement(); 
   5.332 +      	System.out.println(" gSS:: bus slot: " + entry.bus + " " + entry.slot + " ste ssid: " + entry.ste);
   5.333 +
   5.334 +	/* Write bus */
   5.335 +   	writeShortToStream(slotArray,(short)entry.bus,index);
   5.336 +	index = index + u16Size;
   5.337 +
   5.338 +	/* Write slot */ 
   5.339 +   	writeShortToStream(slotArray,(short)entry.slot,index);
   5.340 +	index = index + u16Size;
   5.341 +
   5.342 +	/* Write ste ssid */
   5.343 +   	writeShortToStream(slotArray,(short) entry.ste,index);
   5.344 +	index = index + u16Size;
   5.345 +
   5.346 +  }
   5.347 +   
   5.348 +  printDebug(" gSS:: slot: num of vlans  " + numOfSlot);
   5.349 +  printDebug(" gSS:: slot: binary ==> Length "+ slotArray.length);
   5.350 +
   5.351 +  if (debug) 
   5.352 + 	 printHex(slotArray,slotArray.length);
   5.353 +  printDebug("\n");
   5.354 +
   5.355 +  return slotArray; 
   5.356 +
   5.357 + }  
   5.358 +
   5.359 + public byte[] generatePartSsids(Vector bagOfSsids, Vector bagOfChwSsids)
   5.360 +  throws Exception
   5.361 + {
   5.362 +  /**
   5.363 +        typedef struct {
   5.364 +        u16 id;
   5.365 +        u16 ssid_ste;
   5.366 +        u16 ssid_chwall;
   5.367 +        } acm_partition_entry_t;
   5.368 +
   5.369 +  **/
   5.370 +  Hashtable  partSsid = new Hashtable();
   5.371 +  printDebug(" gPS::Size of bagOfSsids: "+ bagOfSsids.size());
   5.372 +
   5.373 +  /* Find the number of VMs */ 
   5.374 +  for (int i = 0; i < bagOfSsids.size(); i++)
   5.375 +  {
   5.376 +	SecurityLabel entry = (SecurityLabel) bagOfSsids.elementAt(i);
   5.377 +
   5.378 +	if (null == entry.ids)
   5.379 +	  continue;
   5.380 +
   5.381 +	Enumeration e = entry.ids.elements(); 
   5.382 +	while (e.hasMoreElements())
   5.383 +	{
   5.384 +  	  String id = (String) e.nextElement(); 
   5.385 +      	  printDebug(" gPS:: part: " + id + "has ste ssid: " + entry.steSsidPosition);
   5.386 +	  if (-1 == entry.steSsidPosition)
   5.387 +		continue;  
   5.388 +
   5.389 +	  SsidsEntry  ssidsObj = new SsidsEntry();
   5.390 +
   5.391 +	  ssidsObj.id = Integer.parseInt(id); 
   5.392 +	  ssidsObj.ste = entry.steSsidPosition;
   5.393 +
   5.394 +	  if (partSsid.contains(id))
   5.395 +      	  	printDebug(" gPS:: Error already in the Hash part:" + ssidsObj.id);
   5.396 +	  else 
   5.397 + 		partSsid.put(id, ssidsObj);
   5.398 +      	  	printDebug(" gPS:: added part: " + id + "has ste ssid: " + entry.steSsidPosition);
   5.399 +	}
   5.400 +
   5.401 +  }
   5.402 +
   5.403 +  for (int i = 0; i < bagOfChwSsids.size(); i++)
   5.404 +  {
   5.405 +	SecurityLabel entry = (SecurityLabel) bagOfChwSsids.elementAt(i);
   5.406 +
   5.407 +	Enumeration e = entry.chwIDs.elements(); 
   5.408 +	while (e.hasMoreElements())
   5.409 +	{
   5.410 +  	  String id = (String) e.nextElement(); 
   5.411 +      	  printDebug(" gPS:: part: " + id + "has chw ssid: " + entry.chwSsidPosition);
   5.412 +	  if (partSsid.containsKey(id))
   5.413 +	  {
   5.414 +		SsidsEntry item = (SsidsEntry) partSsid.get(id);
   5.415 +		item.chw = entry.chwSsidPosition;
   5.416 +      	  	printDebug(" gPS:: added :" + item.id +" chw: " + item.chw);
   5.417 +	  }
   5.418 +	  else 
   5.419 +	  {
   5.420 +      	  	printDebug(" gPS:: creating :" + id +" chw: " + entry.chwSsidPosition);
   5.421 +	  	SsidsEntry  ssidsObj = new SsidsEntry();
   5.422 +	  	ssidsObj.id = Integer.parseInt(id); 
   5.423 +	  	ssidsObj.chw = entry.chwSsidPosition;
   5.424 + 		partSsid.put(id, ssidsObj);
   5.425 +
   5.426 +	  }
   5.427 +	}
   5.428 +  }	  
   5.429 +
   5.430 +  /* Allocate array */
   5.431 +  int numOfPar = partSsid.size();
   5.432 +  int totalSize =  (numOfPar * partitionEntrySz);  
   5.433 +
   5.434 +  if (0 == numOfPar) 
   5.435 +  {
   5.436 +  	printDebug(" gPS:: part: binary ==> zero");
   5.437 +        return new byte[0];
   5.438 +  }
   5.439 +
   5.440 +  byte[] partArray = new byte[totalSize];
   5.441 +
   5.442 +  int index = 0;
   5.443 +
   5.444 +  Enumeration e = partSsid.elements(); 
   5.445 +  while (e.hasMoreElements())
   5.446 +  {
   5.447 +  	SsidsEntry entry = (SsidsEntry) e.nextElement(); 
   5.448 +      	printDebug(" gPS:: part: " + entry.id + " ste ssid: " + entry.ste + " chw ssid: "+ entry.chw);
   5.449 +
   5.450 +	/* Write id */
   5.451 +   	writeShortToStream(partArray,(short)entry.id,index);
   5.452 +	index = index + u16Size;
   5.453 +
   5.454 +	/* Write ste ssid */
   5.455 +   	writeShortToStream(partArray,(short) entry.ste,index);
   5.456 +	index = index + u16Size;
   5.457 +
   5.458 +	/* Write chw ssid */
   5.459 +   	writeShortToStream(partArray,(short) entry.chw,index);
   5.460 +	index = index + u16Size;
   5.461 +  }
   5.462 +
   5.463 +  printDebug(" gPS:: part: num of partitions  " + numOfPar);
   5.464 +  printDebug(" gPS:: part: binary ==> Length " + partArray.length);
   5.465 +
   5.466 +  if (debug) 
   5.467 +	printHex(partArray,partArray.length);
   5.468 +  printDebug("\n");
   5.469 +   
   5.470 +   return partArray; 
   5.471 + }
   5.472 +
   5.473 + public  byte[] GenBinaryPolicyBuffer(byte[] chwPolicy, byte[] stePolicy, byte [] partMap, byte[] vlanMap, byte[] slotMap)
   5.474 + {
   5.475 +  byte[] binBuffer;
   5.476 +  short chwSize =0;
   5.477 +  short steSize =0;
   5.478 +  int	index = 0;
   5.479 +
   5.480 +  /* Builds data structure acm_policy_buffer_t */
   5.481 +  /* Get number of colorTypes */
   5.482 +  if (null != chwPolicy)
   5.483 +	chwSize = (short) chwPolicy.length;
   5.484 +
   5.485 +  if (null != stePolicy)
   5.486 +    	steSize = (short) stePolicy.length;
   5.487 +
   5.488 +  int totalDataSize = chwSize + steSize + resourceOffsetSz +  3 *(2 * u16Size);
   5.489 +
   5.490 +  /*  Add vlan and slot */ 
   5.491 +  totalDataSize = totalDataSize +partMap.length + vlanMap.length + slotMap.length; 
   5.492 +  binBuffer = new byte[binaryBufferHeaderSz +totalDataSize];
   5.493 +	
   5.494 +
   5.495 +  try {
   5.496 +	/* Write magic */
   5.497 +	writeIntToStream(binBuffer,ACM_MAGIC,index);
   5.498 +	index = u32Size;
   5.499 +
   5.500 +	/* Write policy version */
   5.501 +	writeIntToStream(binBuffer,POLICY_INTERFACE_VERSION,index);
   5.502 +  	index = index + u32Size;
   5.503 +
   5.504 +	/* write len */
   5.505 +	writeIntToStream(binBuffer,binBuffer.length,index);
   5.506 +  	index = index + u32Size;
   5.507 +
   5.508 +  } catch (IOException ee) {
   5.509 +    	System.out.println(" GBPB:: got exception : " + ee); 
   5.510 +	return null;
   5.511 +  }
   5.512 +
   5.513 +  int offset, address;
   5.514 +  address = index;
   5.515 +
   5.516 +  if (null != partMap) 
   5.517 +	offset = binaryBufferHeaderSz + resourceOffsetSz; 
   5.518 +  else
   5.519 +	offset = binaryBufferHeaderSz; 
   5.520 +
   5.521 +  try {
   5.522 +
   5.523 +	if (null == chwPolicy || null == stePolicy) 
   5.524 +	{
   5.525 +	  writeShortToStream(binBuffer,ACM_NULL_POLICY,index);
   5.526 +  	  index = index + u16Size;
   5.527 +
   5.528 +	  writeShortToStream(binBuffer,(short) 0,index);
   5.529 +  	  index = index + u16Size;
   5.530 +
   5.531 +	  writeShortToStream(binBuffer,ACM_NULL_POLICY,index);
   5.532 +  	  index = index + u16Size;
   5.533 +
   5.534 +	  writeShortToStream(binBuffer,(short) 0,index);
   5.535 +  	  index = index + u16Size;
   5.536 +
   5.537 +	}
   5.538 +    	index = address;
   5.539 +	if (null != chwPolicy) 
   5.540 +	{
   5.541 +	  
   5.542 +	  /* Write policy name */
   5.543 +	  writeShortToStream(binBuffer,ACM_CHINESE_WALL_POLICY,index);
   5.544 +  	  index = index + u16Size;
   5.545 +
   5.546 +	  /* Write offset */
   5.547 +	  writeShortToStream(binBuffer,(short) offset,index);
   5.548 +  	  index = index + u16Size;
   5.549 +
   5.550 +	  /* Write payload. No need increment index */
   5.551 +	  address = offset;
   5.552 +	  System.arraycopy(chwPolicy, 0, binBuffer,address, chwPolicy.length);
   5.553 +	  address = address + chwPolicy.length;
   5.554 +	  
   5.555 +	  if (null != stePolicy) 
   5.556 +	  {	
   5.557 +	  	/* Write policy name */
   5.558 +	  	writeShortToStream(binBuffer,ACM_SIMPLE_TYPE_ENFORCEMENT_POLICY,index);
   5.559 +  	  	index = index + u16Size;
   5.560 +
   5.561 +	  	/* Write offset */
   5.562 +	  	writeShortToStream(binBuffer,(short) address,index);
   5.563 +  	  	index = index + u16Size;
   5.564 +
   5.565 +		/* Copy array */
   5.566 +	  	System.arraycopy(stePolicy, 0, binBuffer,address, stePolicy.length);
   5.567 +		/* Update address */
   5.568 +		address = address + stePolicy.length;
   5.569 +	  } else {
   5.570 +	  	/* Skip writing policy name and offset */
   5.571 +  	  	index = index +  2 * u16Size;
   5.572 +
   5.573 +          }
   5.574 +
   5.575 +	} else {
   5.576 +
   5.577 +	  if (null != stePolicy) 
   5.578 +	  {	
   5.579 +	  	/* Write policy name */
   5.580 +	  	writeShortToStream(binBuffer,ACM_SIMPLE_TYPE_ENFORCEMENT_POLICY,index);
   5.581 +  	  	index = index + u16Size;
   5.582 +
   5.583 +	  	/* Write offset */
   5.584 +		address = offset;
   5.585 +	  	writeShortToStream(binBuffer, (short) offset,index);
   5.586 +  	  	index = index + u16Size;
   5.587 +		
   5.588 +		/* Copy array */
   5.589 +	  	System.arraycopy(stePolicy, 0, binBuffer,address, stePolicy.length);
   5.590 +		/* Update address */
   5.591 +		address = address + stePolicy.length;
   5.592 +
   5.593 +		/* Increment index, since there is no secondary */
   5.594 +  	  	index = index + secondaryPolicyCodeSz + secondaryBufferOffsetSz;
   5.595 +		
   5.596 +	  } 
   5.597 +
   5.598 +	}
   5.599 +   	int size;
   5.600 +	/* Assumes that you will always have a partition defined in policy */ 
   5.601 +	if ( 0 < partMap.length)
   5.602 +	{
   5.603 +	  writeShortToStream(binBuffer, (short) address,index);
   5.604 +	  index = address;
   5.605 +
   5.606 +	  /* Compute num of VMs */
   5.607 +	  size = partMap.length / (3 * u16Size);
   5.608 +
   5.609 +	  writeShortToStream(binBuffer, (short)size,index);
   5.610 +  	  index = index + u16Size;
   5.611 +
   5.612 +	  /* part, vlan and slot: each one consists of two entries */
   5.613 +	  offset = 3 * (2 * u16Size); 
   5.614 +	  writeShortToStream(binBuffer, (short) offset,index);
   5.615 +
   5.616 +	  /* Write partition array at offset */
   5.617 +	  System.arraycopy(partMap, 0, binBuffer,(offset + address), partMap.length);
   5.618 +  	  index = index + u16Size;
   5.619 +	  offset = offset + partMap.length;
   5.620 +	}
   5.621 +
   5.622 +	if ( 0 < vlanMap.length)
   5.623 +	{
   5.624 +	  size = vlanMap.length / (2 * u16Size);
   5.625 +	  writeShortToStream(binBuffer, (short) size,index);
   5.626 +  	  index = index + u16Size;
   5.627 +
   5.628 +	  writeShortToStream(binBuffer, (short) offset,index);
   5.629 +  	  index = index + u16Size;
   5.630 +	  System.arraycopy(vlanMap, 0, binBuffer,(offset + address), vlanMap.length);
   5.631 +	} else {
   5.632 +	  /* Write vlan max */
   5.633 +	  writeShortToStream(binBuffer, (short) 0,index);
   5.634 +  	  index = index + u16Size;
   5.635 + 
   5.636 +	  /* Write vlan offset */
   5.637 +	  writeShortToStream(binBuffer, (short) 0,index);
   5.638 +  	  index = index + u16Size;
   5.639 +	  
   5.640 +   	}
   5.641 +
   5.642 +	offset = offset + vlanMap.length;
   5.643 +	if ( 0 < slotMap.length)
   5.644 +	{
   5.645 +	  size = slotMap.length / (3 * u16Size);
   5.646 +	  writeShortToStream(binBuffer, (short) size,index);
   5.647 +  	  index = index + u16Size;
   5.648 +
   5.649 +	  writeShortToStream(binBuffer, (short) offset,index);
   5.650 +  	  index = index + u16Size;
   5.651 +	  System.arraycopy(slotMap, 0, binBuffer,(offset + address), slotMap.length);
   5.652 +	}
   5.653 +
   5.654 +     } catch (IOException ee)
   5.655 +    {
   5.656 +    	System.out.println(" GBPB:: got exception : " + ee); 
   5.657 +	return null; 
   5.658 +    }
   5.659 +
   5.660 +    printDebug(" GBP:: Binary Policy ==> length " + binBuffer.length); 
   5.661 +    if (debug) 
   5.662 +   	printHex(binBuffer,binBuffer.length);
   5.663 +
   5.664 +   return  binBuffer;   
   5.665 + } 
   5.666 +
   5.667 + public  byte[] generateChwBuffer(Vector Ssids, Vector ConflictSsids, Vector ColorTypes)
   5.668 + {
   5.669 +  byte[] chwBuffer;
   5.670 +  int index = 0;
   5.671 +  int position = 0;
   5.672 +
   5.673 +  /* Get number of rTypes */
   5.674 +  short maxTypes = (short) ColorTypes.size();
   5.675 +
   5.676 +  /* Get number of SSids entry */
   5.677 +  short maxSsids = (short) Ssids.size();
   5.678 +
   5.679 +  /* Get number of conflict sets */
   5.680 +  short maxConflict = (short) ConflictSsids.size();
   5.681 +
   5.682 +   
   5.683 +  if (maxTypes * maxSsids == 0)
   5.684 +	return null; 
   5.685 +  /*
   5.686 +     data structure acm_chwall_policy_buffer_t;
   5.687 +    
   5.688 +     uint16 policy_code;
   5.689 +     uint16 chwall_max_types;
   5.690 +     uint16 chwall_max_ssidrefs;
   5.691 +     uint16 chwall_max_conflictsets;
   5.692 +     uint16 chwall_ssid_offset;
   5.693 +     uint16 chwall_conflict_sets_offset;
   5.694 +     uint16 chwall_running_types_offset;
   5.695 +     uint16 chwall_conflict_aggregate_offset;
   5.696 +  */
   5.697 +  int totalBytes = chwHeaderSize  + u16Size *(maxTypes * (maxSsids + maxConflict)); 
   5.698 +
   5.699 +  chwBuffer = new byte[ totalBytes ];
   5.700 +  int address = chwHeaderSize + (u16Size * maxTypes * maxSsids );
   5.701 +
   5.702 +  printDebug(" gCB:: chwall totalbytes : "+totalBytes); 
   5.703 +
   5.704 +  try {
   5.705 +	index = 0;
   5.706 +	writeShortToStream(chwBuffer,ACM_CHINESE_WALL_POLICY,index);
   5.707 +	index = u16Size; 
   5.708 +
   5.709 +	writeShortToStream(chwBuffer,maxTypes,index);
   5.710 +	index = index + u16Size; 
   5.711 +
   5.712 +	writeShortToStream(chwBuffer,maxSsids,index);
   5.713 +	index = index + u16Size; 
   5.714 +
   5.715 +	writeShortToStream(chwBuffer,maxConflict,index);
   5.716 +	index = index + u16Size; 
   5.717 +
   5.718 +        /*  Write chwall_ssid_offset */
   5.719 +	writeShortToStream(chwBuffer,chwHeaderSize,index);
   5.720 +	index = index + u16Size; 
   5.721 +
   5.722 +	/* Write chwall_conflict_sets_offset */
   5.723 +	writeShortToStream(chwBuffer,(short) address,index);
   5.724 +	index = index + u16Size; 
   5.725 +
   5.726 +	/*  Write chwall_running_types_offset */
   5.727 +	writeShortToStream(chwBuffer,(short) 0,index);
   5.728 +	index = index + u16Size; 
   5.729 +
   5.730 +	/*  Write chwall_conflict_aggregate_offset */
   5.731 +	writeShortToStream(chwBuffer,(short) 0,index);
   5.732 +	index = index + u16Size; 
   5.733 +
   5.734 +  } catch (IOException ee) {
   5.735 +    	System.out.println(" gCB:: got exception : " + ee); 
   5.736 +	return null;
   5.737 +  }
   5.738 +  int markPos = 0;
   5.739 +
   5.740 +  /* Create the SSids entry */
   5.741 +  for (int i = 0; i < maxSsids; i++)
   5.742 +  {
   5.743 +	
   5.744 +	SecurityLabel ssidEntry = (SecurityLabel) Ssids.elementAt(i);
   5.745 +   	/* Get chwall types */
   5.746 +	ssidEntry.chwSsidPosition = i;
   5.747 +	Enumeration e = ssidEntry.chwTypes.elements(); 
   5.748 +	while (e.hasMoreElements())
   5.749 +	{
   5.750 +  	  String typeName = (String) e.nextElement(); 
   5.751 +      	  printDebug(" gCB:: Ssid "+ i+ ": has type : " + typeName);
   5.752 +	  position = ColorTypes.indexOf(typeName);
   5.753 +
   5.754 +	  if (position < 0) 
   5.755 +	  {
   5.756 +      	  	System.out.println (" gCB:: Error type : " + typeName + " not found in ColorTypes"); 
   5.757 +		return null; 
   5.758 +	  }
   5.759 +   	  printDebug(" GCB:: type : " + typeName + "  found in ColorTypes at position: " + position); 
   5.760 +	  markPos = ((i * maxTypes + position) * u16Size) + index;	
   5.761 +
   5.762 +	  try {
   5.763 +	  	writeShortToStream(chwBuffer,markSymbol,markPos);
   5.764 +  	  } catch (IOException ee) {
   5.765 +   	  	System.out.println(" gCB:: got exception : "); 
   5.766 +		return null; 
   5.767 +  	  }
   5.768 +	}
   5.769 +  }
   5.770 +
   5.771 +  if (debug) 
   5.772 +      printHex(chwBuffer,chwBuffer.length);
   5.773 +
   5.774 +  /* Add conflict set */
   5.775 +  index = address;
   5.776 +  for (int i = 0; i < maxConflict; i++)
   5.777 +  {
   5.778 +   	/* Get ste types */
   5.779 +	Vector entry = (Vector) ConflictSsids.elementAt(i);
   5.780 +	Enumeration e = entry.elements(); 
   5.781 +	while (e.hasMoreElements())
   5.782 +	{
   5.783 +  	  String typeName = (String) e.nextElement(); 
   5.784 +      	  printDebug (" GCB:: conflict Ssid "+ i+ ": has type : " + typeName);
   5.785 +	  position = ColorTypes.indexOf(typeName);
   5.786 +
   5.787 +	  if (position < 0) 
   5.788 +	  {
   5.789 +      	  	System.out.println (" GCB:: Error type : " + typeName + " not found in ColorTypes"); 
   5.790 +		return null; 
   5.791 +	  }
   5.792 +   	  printDebug(" GCB:: type : " + typeName + "  found in ColorTypes at position: " + position); 
   5.793 +	  markPos = ((i * maxTypes + position) * u16Size) + index;	
   5.794 +
   5.795 +	  try {
   5.796 +	  	writeShortToStream(chwBuffer,markSymbol,markPos);
   5.797 +  	  } catch (IOException ee) {
   5.798 +   	  	System.out.println(" GCB:: got exception : "); 
   5.799 +		return null; 
   5.800 +  	  }
   5.801 +	}
   5.802 +		
   5.803 +  } 
   5.804 +  printDebug(" gSB:: chw binary  ==> Length " + chwBuffer.length); 
   5.805 +  if (debug) 
   5.806 +   	printHex(chwBuffer,chwBuffer.length);
   5.807 +  printDebug("\n");
   5.808 +
   5.809 +  return chwBuffer;
   5.810 + }
   5.811 +
   5.812 +/**********************************************************************
   5.813 + Generate byte representation of policy using type information
   5.814 + <p>
   5.815 + @param Ssids    	      	Vector
   5.816 + @param ColorTypes         	Vector
   5.817 + <p>
   5.818 + @return bytes represenation of simple type enforcement policy 
   5.819 +**********************************************************************/
   5.820 + public  byte[] generateSteBuffer(Vector Ssids, Vector ColorTypes)
   5.821 + {
   5.822 +  byte[] steBuffer;
   5.823 +  int index = 0;
   5.824 +  int position = 0;
   5.825 +
   5.826 +  /* Get number of colorTypes */
   5.827 +  short numColorTypes = (short) ColorTypes.size();
   5.828 +
   5.829 +  /* Get number of SSids entry */
   5.830 +  short numSsids = (short) Ssids.size();
   5.831 +   
   5.832 +  if (numColorTypes * numSsids == 0)
   5.833 +	return null; 
   5.834 +
   5.835 +  /* data structure: acm_ste_policy_buffer_t
   5.836 +   * 
   5.837 +   * policy code  (uint16)    >
   5.838 +   *  max_types    (uint16)    >
   5.839 +   * max_ssidrefs (uint16)    >  steHeaderSize
   5.840 +   * ssid_offset  (uint16)    >
   5.841 +   * DATA 	(colorTypes(size) * Ssids(size) *unit16)
   5.842 +   * 
   5.843 +   * total bytes: steHeaderSize * 2B + colorTypes(size) * Ssids(size)
   5.844 +   * 
   5.845 +  */
   5.846 +  steBuffer = new byte[ steHeaderSize + (numColorTypes * numSsids) * 2];
   5.847 +
   5.848 +  try {
   5.849 +	
   5.850 +	index = 0;
   5.851 +	writeShortToStream(steBuffer,ACM_SIMPLE_TYPE_ENFORCEMENT_POLICY,index);
   5.852 +	index = u16Size; 
   5.853 +
   5.854 +	writeShortToStream(steBuffer,numColorTypes,index);
   5.855 +	index = index + u16Size; 
   5.856 +
   5.857 +	writeShortToStream(steBuffer,numSsids,index);
   5.858 +	index = index + u16Size; 
   5.859 +
   5.860 +	writeShortToStream(steBuffer,(short)steHeaderSize,index);
   5.861 +	index = index + u16Size; 
   5.862 +
   5.863 +  } catch (IOException ee) {
   5.864 +	System.out.println(" gSB:: got exception : " + ee); 
   5.865 +	return null; 
   5.866 +  }
   5.867 +  int markPos = 0;
   5.868 +  for (int i = 0; i < numSsids; i++)
   5.869 +  {
   5.870 +	
   5.871 +	SecurityLabel ssidEntry = (SecurityLabel) Ssids.elementAt(i);
   5.872 +	ssidEntry.steSsidPosition = i;
   5.873 +   	/* Get ste types */
   5.874 +	Enumeration e = ssidEntry.steTypes.elements(); 
   5.875 +	while (e.hasMoreElements())
   5.876 +	{
   5.877 +  	  String typeName = (String) e.nextElement(); 
   5.878 +      	  printDebug (" gSB:: Ssid "+ i+ ": has type : " + typeName);
   5.879 +	  position = ColorTypes.indexOf(typeName);
   5.880 +
   5.881 +	  if (position < 0) 
   5.882 +	  {
   5.883 +      	  	printDebug(" gSB:: Error type : " + typeName + " not found in ColorTypes"); 
   5.884 +		return null; 
   5.885 +	  }
   5.886 +   	  printDebug(" gSB:: type : " + typeName + "  found in ColorTypes at position: " + position); 
   5.887 +	  markPos = ((i * numColorTypes + position) * u16Size) + index;	
   5.888 +
   5.889 +	  try {
   5.890 +	  	writeShortToStream(steBuffer,markSymbol,markPos);
   5.891 +  	  } catch (IOException ee)
   5.892 +  	  {
   5.893 +   	  	System.out.println(" gSB:: got exception : "); 
   5.894 +		return null; 
   5.895 +  	  }
   5.896 +	}
   5.897 +		
   5.898 +  } 
   5.899 +
   5.900 +  printDebug(" gSB:: ste binary  ==> Length " + steBuffer.length); 
   5.901 +  if (debug) 
   5.902 + 	printHex(steBuffer,steBuffer.length);
   5.903 +  printDebug("\n");
   5.904 +
   5.905 +  return steBuffer;
   5.906 + }
   5.907 +
   5.908 + public static  void printHex(byte [] dataArray, int length)
   5.909 + {
   5.910 +  char[] hexChars = {'0', '1', '2', '3', '4', '5', '6', '7',
   5.911 +                '8', '9', 'a', 'b', 'c', 'd', 'e', 'f'};
   5.912 +  int hexIndex;
   5.913 +  int value;
   5.914 +  int arraylength;
   5.915 +
   5.916 +  arraylength = length;
   5.917 +
   5.918 +  if (dataArray == null)
   5.919 +  {
   5.920 +        System.err.print("printHex: input byte array is null");
   5.921 +  }
   5.922 +
   5.923 +  if (length > dataArray.length || length < 0)
   5.924 +        arraylength = dataArray.length;
   5.925 +
   5.926 +  System.out.print("\n\t");
   5.927 +
   5.928 +  int i;
   5.929 +  for(i = 0; i < arraylength; )
   5.930 +  {
   5.931 +        value = dataArray[i] & 0xFF;
   5.932 +        hexIndex = (value >>> 4);
   5.933 +        System.out.print(hexChars[hexIndex]);
   5.934 +        hexIndex = (value & 0x0F);
   5.935 +        System.out.print(hexChars[hexIndex]);
   5.936 +
   5.937 +        i++;
   5.938 +        /* if done, print a final newline */
   5.939 +        if (i == arraylength) {
   5.940 +            if (arraylength < dataArray.length) {
   5.941 +                System.out.print("...");
   5.942 +            }
   5.943 +            System.out.println();
   5.944 +        }
   5.945 +        else if ((i % 24) == 0) {
   5.946 +            System.out.print("\n\t");
   5.947 +        }
   5.948 +        else if ((i % 4) == 0) {
   5.949 +                System.out.print(" ");
   5.950 +        }
   5.951 +  }
   5.952 +
   5.953 +  return;
   5.954 + }
   5.955 +
   5.956 +  
   5.957 + private void writeShortToStream(byte[] stream, short value, int index)
   5.958 +  throws IOException
   5.959 + {
   5.960 +  int littleEndian = 0;
   5.961 +  int byteVal;
   5.962 +
   5.963 +  if (index + 2 > stream.length)
   5.964 +  {
   5.965 +      throw new IOException("Writing beyond stream length: " +
   5.966 +                            stream.length + " writing at locations from: " + index + " to " + (index + 4));
   5.967 +  }
   5.968 +
   5.969 +  if (!LittleEndian)
   5.970 +  {
   5.971 +
   5.972 +	byteVal = value >> 8;
   5.973 +	stream[index ] = (byte) byteVal;
   5.974 +
   5.975 +	byteVal = value;
   5.976 +	stream[index + 1] = (byte) byteVal;
   5.977 +  } else {
   5.978 +	stream[index]  = (byte) ((value & 0x00ff) );
   5.979 +	stream[index + 1]  = (byte) ((value & 0xff00) >> 8);
   5.980 + }
   5.981 +  return;
   5.982 + }
   5.983 +
   5.984 + private void writeIntToStream(byte[] stream, int value, int index)
   5.985 +  throws IOException
   5.986 + {
   5.987 +  int littleEndian = 0;
   5.988 +  int byteVal;
   5.989 +
   5.990 +  if (4 > stream.length)
   5.991 +  {
   5.992 +      throw new IOException("writeIntToStream: stream length less than 4 bytes " +
   5.993 +                            stream.length);
   5.994 +  }
   5.995 +
   5.996 +  /* Do not Write beyond range */
   5.997 +  if (index + 4 > stream.length)
   5.998 +  {
   5.999 +      throw new IOException("writeIntToStream: writing beyond stream length: " +
  5.1000 +                            stream.length + " writing at locations from: " + index + " to " + (index + 4));
  5.1001 +  }
  5.1002 +  if (!LittleEndian)
  5.1003 +  {
  5.1004 +	byteVal = value >>> 24;
  5.1005 +	stream[index] = (byte) byteVal;
  5.1006 +
  5.1007 +	byteVal = value >> 16;
  5.1008 +	stream[index + 1] = (byte) byteVal;
  5.1009 +
  5.1010 +	byteVal = value >> 8;
  5.1011 +	stream[index + 2] = (byte) byteVal;
  5.1012 +
  5.1013 +	byteVal = value;
  5.1014 +	stream[index + 3] = (byte) byteVal;
  5.1015 +  } else {
  5.1016 +	stream[index] = (byte) value;
  5.1017 +	stream[index + 1]  = (byte) ((value & 0x0000ff00) >> 8);
  5.1018 +	stream[index + 2]  = (byte) ((value & 0x00ff0000) >> 16);
  5.1019 +	stream[index + 3] = (byte) ( value >>> 24);
  5.1020 +  }
  5.1021 +  return;
  5.1022 + }
  5.1023 +
  5.1024 + public Document getDomTree(String xmlFileName)
  5.1025 +  throws Exception, SAXException, ParserConfigurationException
  5.1026 + {
  5.1027 +  javax.xml.parsers.DocumentBuilderFactory dbf = 
  5.1028 +	javax.xml.parsers.DocumentBuilderFactory.newInstance();
  5.1029 +
  5.1030 +  /* Turn on namespace aware and validation */
  5.1031 +  dbf.setNamespaceAware(true);	
  5.1032 +  dbf.setValidating(true);	
  5.1033 +  dbf.setAttribute(JAXP_SCHEMA_LANGUAGE,W3C_XML_SCHEMA);
  5.1034 +
  5.1035 +  /* Checks that the document is well-formed */
  5.1036 +  javax.xml.parsers.DocumentBuilder db = dbf.newDocumentBuilder();
  5.1037 +
  5.1038 +  myHandler errHandler= new myHandler();
  5.1039 +  db.setErrorHandler(errHandler);
  5.1040 +  Document doc = db.parse(xmlFileName);
  5.1041 +
  5.1042 +  /* Checks for validation errors */
  5.1043 +  if (errHandler.isValid)
  5.1044 +       printDebug(" gDT:: Xml file: " + xmlFileName + " is valid");
  5.1045 +   else
  5.1046 +      throw new Exception("Xml file: " + xmlFileName + " is NOT valid");
  5.1047 +
  5.1048 +  return doc;
  5.1049 + }  
  5.1050 +
  5.1051 + public void processDomTree(
  5.1052 +	Document doc,
  5.1053 +	Vector bagOfSsids, 	
  5.1054 +	Vector bagOfTypes, 
  5.1055 +	Vector bagOfChwSsids, 
  5.1056 +	Vector bagOfChwTypes, 
  5.1057 +	Vector bagOfConflictSsids)
  5.1058 +  throws Exception, SAXException, ParserConfigurationException
  5.1059 + {
  5.1060 +  boolean found;
  5.1061 +
  5.1062 +  /* print the root Element */
  5.1063 +  Element root = doc.getDocumentElement();
  5.1064 +  printDebug ("\n pDT:: Document Element: Name = " + root.getNodeName() + ",Value = " + root.getNodeValue());
  5.1065 +
  5.1066 +  /* Go through the list of the root Element's Attributes */
  5.1067 +  NamedNodeMap nnm = root.getAttributes();
  5.1068 +  printDebug (" pDT:: # of Attributes: " + nnm.getLength());
  5.1069 +  for (int i = 0; i < nnm.getLength(); i++)
  5.1070 +  {
  5.1071 +         Node n = nnm.item (i);
  5.1072 +        printDebug (" pDT:: Attribute: Name = " + n.getNodeName() + ", Value = " 
  5.1073 +             + n.getNodeValue());
  5.1074 +  }
  5.1075 +
  5.1076 +  /* Retrieve the policy definition */ 
  5.1077 +  NodeList elementList = root.getElementsByTagName ("url");
  5.1078 +  String definitionFileName = elementList.item(0).getFirstChild().getNodeValue();  
  5.1079 +
  5.1080 +  String definitionHash = null;
  5.1081 +
  5.1082 +  /* Note that SecurityPolicySpec.xsd allows for 0 hash value! */
  5.1083 +  elementList = root.getElementsByTagName ("hash");
  5.1084 +  if (0 != elementList.getLength())
  5.1085 +      	definitionHash = elementList.item(0).getFirstChild().getNodeValue();  
  5.1086 +
  5.1087 +  Document definitionDoc = pGetDomDefinition(definitionFileName,definitionHash);
  5.1088 +  pGetTypes(definitionDoc,bagOfTypes, bagOfChwTypes, bagOfConflictSsids);
  5.1089 +
  5.1090 +
  5.1091 +  /* Get VM security information */
  5.1092 +  elementList = root.getElementsByTagName ("VM");
  5.1093 +  printDebug ("\n pDT:: partition length of NodeList:" + elementList.getLength());
  5.1094 +
  5.1095 +
  5.1096 +  for (int x = 0; x < elementList.getLength(); x++)
  5.1097 +  {
  5.1098 +	found = false;
  5.1099 +
  5.1100 +        Node node = elementList.item (x);          
  5.1101 +
  5.1102 +	if (node.getNodeType() == Node.ELEMENT_NODE)
  5.1103 +	{
  5.1104 +	  printDebug (" pDT:: child: " + x + " is an element node" );
  5.1105 +	  Element e1 = (Element) node;
  5.1106 +
  5.1107 +  	  /* Get id */
  5.1108 +      	  NodeList elist = e1.getElementsByTagName ("id");
  5.1109 +      	  String idStr = elist.item(0).getFirstChild().getNodeValue();  
  5.1110 +      	  printDebug (" pDT:: id:" + idStr);
  5.1111 +
  5.1112 +	  /* Get TE */
  5.1113 +	  Vector colorTypes = new Vector();
  5.1114 +	  pConflictEntries(e1, "TE", bagOfTypes, colorTypes);
  5.1115 +
  5.1116 +	  Enumeration e = bagOfSsids.elements();
  5.1117 +	  while (e.hasMoreElements())
  5.1118 +	  {
  5.1119 +		SecurityLabel elem = (SecurityLabel) e.nextElement(); 
  5.1120 +		if ( elem.steTypes.size() == colorTypes.size() && elem.steTypes.containsAll(colorTypes))
  5.1121 +		{
  5.1122 +		  found = true;
  5.1123 +		  elem.ids.add(idStr);
  5.1124 +		}
  5.1125 +		
  5.1126 +	  }
  5.1127 +		if (!found && (0 < colorTypes.size()))
  5.1128 +		{
  5.1129 +		 SecurityLabel entry = new SecurityLabel();
  5.1130 +		 entry.steTypes = colorTypes;
  5.1131 +		 entry.ids = new Vector();
  5.1132 +		 entry.ids.add(idStr);
  5.1133 +		 bagOfSsids.add(entry);
  5.1134 +		}
  5.1135 +
  5.1136 +		/* Get Chinese wall type */
  5.1137 +	 	Vector chwTypes = new Vector();
  5.1138 +		pConflictEntries(e1, "ChWall", bagOfChwTypes, chwTypes);
  5.1139 +
  5.1140 +	        found = false;
  5.1141 +		e = bagOfChwSsids.elements();
  5.1142 +
  5.1143 +		while (e.hasMoreElements())
  5.1144 +		{
  5.1145 +  		  SecurityLabel elem = (SecurityLabel) e.nextElement(); 
  5.1146 +		  if ( elem.chwTypes.size() == chwTypes.size() && elem.chwTypes.containsAll(chwTypes))
  5.1147 +		  {
  5.1148 +		    found = true;
  5.1149 +		    elem.chwIDs.add(idStr);
  5.1150 +		  }
  5.1151 +		
  5.1152 +		}
  5.1153 +
  5.1154 +		if (!found && (0 < chwTypes.size()))
  5.1155 +		{
  5.1156 +		 SecurityLabel entry = new SecurityLabel();
  5.1157 +		 entry.chwTypes = chwTypes;
  5.1158 +		 entry.chwIDs = new Vector();
  5.1159 +		 entry.chwIDs.add(idStr);
  5.1160 +		 bagOfChwSsids.add(entry);
  5.1161 +		}
  5.1162 +      }
  5.1163 +  } 
  5.1164 +  return;
  5.1165 + }
  5.1166 +
  5.1167 + public Document pGetDomDefinition(
  5.1168 +	String definitionFileName, 
  5.1169 +	String definitionHash) 
  5.1170 +  throws Exception, SAXException, ParserConfigurationException
  5.1171 + {
  5.1172 +  printDebug("\n pGDD:: definition file name: " + definitionFileName);
  5.1173 +  printDebug("\n pGDD:: definition file hash: " + definitionHash);
  5.1174 +  
  5.1175 +  Document doc =  getDomTree(definitionFileName);
  5.1176 +  return doc; 
  5.1177 + }
  5.1178 +
  5.1179 + public void pGetTypes(
  5.1180 +	Document defDoc,
  5.1181 +	Vector bagOfTypes, 
  5.1182 +	Vector bagOfChwTypes, 
  5.1183 +	Vector bagOfConflictSsids)
  5.1184 +  throws Exception
  5.1185 + {
  5.1186 +
  5.1187 +
  5.1188 +  if (null == defDoc)
  5.1189 +      throw new Exception(" pGT:: definition file DOM is null ");
  5.1190 +
  5.1191 +  Element root = defDoc.getDocumentElement();
  5.1192 +
  5.1193 +  /* Get list of TE types */
  5.1194 +  NodeList elementList = root.getElementsByTagName ("Types");
  5.1195 +  printDebug ("\n pGT:: Types length of NodeList:" + elementList.getLength());
  5.1196 +  Element e1 = (Element) elementList.item (0);          
  5.1197 +  pGetEntries(e1,"TE",bagOfTypes);
  5.1198 +
  5.1199 +  /* Get list of Chinese types */
  5.1200 +  elementList = root.getElementsByTagName ("ChWallTypes");
  5.1201 +  printDebug ("\n pGT:: ChwTypes length of NodeList:" + elementList.getLength());
  5.1202 +  if (0 ==  elementList.getLength())
  5.1203 +  {
  5.1204 +  	printDebug ("\n pGT:: ChWallTypes has zero length: :" + elementList.getLength());
  5.1205 +  } else {
  5.1206 +	e1 = (Element) elementList.item (0);          
  5.1207 +	pGetEntries(e1,"ChWall",bagOfChwTypes);
  5.1208 +  }
  5.1209 +  printDebug (" pGT:: Total number of unique chw types: " + bagOfChwTypes.size());
  5.1210 +
  5.1211 +  /* Get Chinese type conflict sets */
  5.1212 +  elementList = root.getElementsByTagName ("ConflictSet");
  5.1213 +  printDebug ("\n pGT:: Conflict sets length of NodeList:" + elementList.getLength());
  5.1214 +  for (int x = 0; x < elementList.getLength(); x++)
  5.1215 +  {
  5.1216 + 	Vector conflictEntry  = new Vector();
  5.1217 +  	e1 = (Element) elementList.item (x);          
  5.1218 +  	printDebug ("\n pGT:: Conflict sets : " + x);
  5.1219 +
  5.1220 +	pConflictEntries(e1, "ChWall", bagOfChwTypes, conflictEntry);
  5.1221 +
  5.1222 +	if (conflictEntry.size() > 0)
  5.1223 +	{
  5.1224 +	  boolean found = false;
  5.1225 +	  Enumeration e = bagOfConflictSsids.elements();
  5.1226 +	
  5.1227 +	  while (e.hasMoreElements())
  5.1228 +	  {
  5.1229 +		Vector elem = (Vector) e.nextElement(); 
  5.1230 +		if (elem.size() == conflictEntry.size() && elem.containsAll(conflictEntry))
  5.1231 +	  	{
  5.1232 +	    	  found = true;
  5.1233 +	  	}
  5.1234 +		
  5.1235 +	  }
  5.1236 +	  if (!found)
  5.1237 +	  {
  5.1238 +		bagOfConflictSsids.add(conflictEntry);
  5.1239 +	  }
  5.1240 +  	}
  5.1241 +  }
  5.1242 +
  5.1243 + }
  5.1244 +
  5.1245 + public void  pGetEntries(Element doc, String tag, Vector typeBag)
  5.1246 +  throws Exception
  5.1247 + {
  5.1248 +
  5.1249 +  if (null == doc)
  5.1250 +      throw new Exception(" pGE:: Element doc is null");
  5.1251 +
  5.1252 +  if (null == typeBag)
  5.1253 +      throw new Exception(" pGE:: typeBag  is null");
  5.1254 +
  5.1255 +  NodeList elist = doc.getElementsByTagName (tag);
  5.1256 +  for (int j = 0; j < elist.getLength(); j++)
  5.1257 +  {
  5.1258 +  	Node knode = elist.item (j);          
  5.1259 +       	Node childNode = knode.getFirstChild();     
  5.1260 +       	String value = childNode.getNodeValue();
  5.1261 +
  5.1262 +	printDebug (" pGT:: "+ tag +" type: " + value);
  5.1263 +
  5.1264 +        /* Check if value is known */
  5.1265 +	if (!typeBag.contains(value))
  5.1266 +		typeBag.addElement(value);
  5.1267 +  }
  5.1268 + }
  5.1269 +
  5.1270 + public void  pConflictEntries(Element doc, String tag, Vector typeBag, Vector conflictEntry)
  5.1271 +  throws Exception
  5.1272 + {
  5.1273 +
  5.1274 +  if (null == doc)
  5.1275 +      throw new Exception(" pGE:: Element doc is null");
  5.1276 +
  5.1277 +  if (null == typeBag)
  5.1278 +      throw new Exception(" pGE:: typeBag  is null");
  5.1279 +
  5.1280 +  if (null == conflictEntry)
  5.1281 +      throw new Exception(" pGE:: typeBag  is null");
  5.1282 +
  5.1283 +
  5.1284 +  NodeList elist = doc.getElementsByTagName (tag);
  5.1285 +
  5.1286 +  for (int j = 0; j < elist.getLength(); j++)
  5.1287 +  {
  5.1288 +  	Node knode = elist.item (j);          
  5.1289 +       	Node childNode = knode.getFirstChild();     
  5.1290 +       	String value = childNode.getNodeValue();
  5.1291 +
  5.1292 +	printDebug (" pGE:: "+ tag +" type: " + value);
  5.1293 +
  5.1294 +        /* Check if value is known */
  5.1295 +	if (!typeBag.contains(value))
  5.1296 +      		throw new Exception(" pCE:: found undefined type set " + value);
  5.1297 +
  5.1298 +	if (!conflictEntry.contains(value))
  5.1299 +		conflictEntry.addElement(value);
  5.1300 +
  5.1301 +  }
  5.1302 + }
  5.1303 +
  5.1304 +  public void processDomTreeVlanSlot(
  5.1305 +	Document doc,
  5.1306 +	Vector bagOfSsids, 	
  5.1307 +	Vector bagOfTypes) 	
  5.1308 +  throws Exception
  5.1309 + {
  5.1310 +      boolean found;
  5.1311 +
  5.1312 +  printDebug(" pDTVS::Size of bagOfSsids: "+ bagOfSsids.size());
  5.1313 +  Element root = doc.getDocumentElement();
  5.1314 +
  5.1315 +  NodeList elementList = root.getElementsByTagName ("Vlan");
  5.1316 +  printDebug("\n pDTVS:: Vlan length of NodeList:" + elementList.getLength());
  5.1317 +
  5.1318 +  for (int x = 0; x < elementList.getLength(); x++)
  5.1319 +  {
  5.1320 +	found = false;
  5.1321 +
  5.1322 +        Node node = elementList.item (x);          
  5.1323 +
  5.1324 +	if (node.getNodeType() == Node.ELEMENT_NODE)
  5.1325 +	{
  5.1326 +	  printDebug(" pDTVS:: child: " + x + " is an element node" );
  5.1327 +	  Element e1 = (Element) node;
  5.1328 +
  5.1329 +	  /* Get vid */
  5.1330 +      	  NodeList elist = e1.getElementsByTagName ("vid");
  5.1331 +      	  String idStr = elist.item(0).getFirstChild().getNodeValue();  
  5.1332 +      	  printDebug ("pDTVS:: vid:" + idStr);
  5.1333 +
  5.1334 +	  /* Get TE */
  5.1335 +      	  elist = e1.getElementsByTagName ("TE");
  5.1336 +          printDebug ("pDTVS:: Total ste types: " + elist.getLength());
  5.1337 +
  5.1338 +	  Vector colorTypes = new Vector();
  5.1339 +	  for (int j = 0; j < elist.getLength(); j++)
  5.1340 +	  {
  5.1341 +		Node knode = elist.item (j);          
  5.1342 +        	Node childNode = knode.getFirstChild();     
  5.1343 +        	String value = childNode.getNodeValue();
  5.1344 +
  5.1345 +		printDebug (" pDT:: My color is: " + value);
  5.1346 +		if (!bagOfTypes.contains(value))
  5.1347 +		{
  5.1348 +      		  throw new IOException("pDT:: Vlan: " + idStr+ " has unknown type : "+ value);
  5.1349 +		}
  5.1350 +
  5.1351 +		if (!colorTypes.contains(value))
  5.1352 +		  colorTypes.addElement(value);
  5.1353 +	  }
  5.1354 +	  Enumeration e = bagOfSsids.elements();
  5.1355 +	  while (e.hasMoreElements())
  5.1356 +	  {
  5.1357 +		SecurityLabel elem = (SecurityLabel) e.nextElement(); 
  5.1358 +		if ( elem.steTypes.size() == colorTypes.size() && elem.steTypes.containsAll(colorTypes))
  5.1359 +		{
  5.1360 +		  found = true;
  5.1361 +		  if (null == elem.vlans)
  5.1362 +			elem.vlans = new Vector();
  5.1363 +		   elem.vlans.add(idStr);
  5.1364 +		}
  5.1365 +		
  5.1366 +	  }
  5.1367 +	  if (!found && (0 < colorTypes.size()))
  5.1368 +	  {
  5.1369 +		 SecurityLabel entry = new SecurityLabel();
  5.1370 +		 entry.steTypes = colorTypes;
  5.1371 +		 entry.vlans = new Vector();
  5.1372 +		 entry.vlans.add(idStr);
  5.1373 +		 bagOfSsids.add(entry);
  5.1374 +	  }
  5.1375 +
  5.1376 +	}
  5.1377 +  } 
  5.1378 +  printDebug(" pDTVS::After slot Size of bagOfSsids: "+ bagOfSsids.size());
  5.1379 +
  5.1380 +  elementList = root.getElementsByTagName ("Slot");
  5.1381 +  printDebug ("\n pDTVS:: Slot length of NodeList:" + elementList.getLength());
  5.1382 +
  5.1383 +  for (int x = 0; x < elementList.getLength(); x++)
  5.1384 +  {
  5.1385 +	found = false;
  5.1386 +
  5.1387 +        Node node = elementList.item (x);          
  5.1388 +
  5.1389 +	if (node.getNodeType() == Node.ELEMENT_NODE)
  5.1390 +	{
  5.1391 +	  printDebug(" pDT:: child: " + x + " is an element node" );
  5.1392 +	  Element e1 = (Element) node;
  5.1393 +
  5.1394 +
  5.1395 +	  /* Get slot and bus */
  5.1396 +	  SlotInfo item = new SlotInfo();
  5.1397 +
  5.1398 +	  NodeList elist = e1.getElementsByTagName ("bus");
  5.1399 +	  item.bus = elist.item(0).getFirstChild().getNodeValue();  
  5.1400 +      	  elist = e1.getElementsByTagName ("slot");
  5.1401 +      	  item.slot = elist.item(0).getFirstChild().getNodeValue();  
  5.1402 +      	  printDebug ("pDT:: bus and slot:" + item.bus + " "+ item.slot);
  5.1403 +
  5.1404 +	  /* Get TE */
  5.1405 +      	  elist = e1.getElementsByTagName ("TE");
  5.1406 +          printDebug ("pDT:: Total ste types: " + elist.getLength());
  5.1407 +
  5.1408 +	  Vector colorTypes = new Vector();
  5.1409 +	  for (int j = 0; j < elist.getLength(); j++)
  5.1410 +	  {
  5.1411 +        	Node knode = elist.item (j);          
  5.1412 +        	Node childNode = knode.getFirstChild();     
  5.1413 +        	String value = childNode.getNodeValue();
  5.1414 +
  5.1415 +		printDebug ("pDT:: My color is: " + value);
  5.1416 +		if (!bagOfTypes.contains(value))
  5.1417 +		{
  5.1418 +		  throw new IOException("pDT:: bus: " + item.bus + " slot: "+ item.slot + " has unknown type : "+ value);
  5.1419 +		}
  5.1420 +
  5.1421 +		if (!colorTypes.contains(value))
  5.1422 +		  colorTypes.addElement(value);
  5.1423 +		}
  5.1424 +
  5.1425 +		Enumeration e = bagOfSsids.elements();
  5.1426 +		while (e.hasMoreElements())
  5.1427 +		{
  5.1428 +  		  SecurityLabel elem = (SecurityLabel) e.nextElement(); 
  5.1429 +		  if ( elem.steTypes.size() == colorTypes.size() && elem.steTypes.containsAll(colorTypes))
  5.1430 +		  {
  5.1431 +			found = true;
  5.1432 +			if (null == elem.slots)
  5.1433 +			  elem.slots = new Vector();
  5.1434 +			elem.slots.add(item);
  5.1435 +
  5.1436 +		  }
  5.1437 +		
  5.1438 +		}
  5.1439 +
  5.1440 +		if (!found && (0 < colorTypes.size()))
  5.1441 +		{
  5.1442 +		  SecurityLabel entry = new SecurityLabel();
  5.1443 +		  entry.steTypes = colorTypes;
  5.1444 +		  entry.slots = new Vector();
  5.1445 +		  entry.slots.add(item);
  5.1446 +		  bagOfSsids.add(entry);
  5.1447 +		}
  5.1448 +
  5.1449 +	}
  5.1450 +  }
  5.1451 +  return;
  5.1452 + }
  5.1453 +
  5.1454 + public static void main (String[] args) 
  5.1455 + {
  5.1456 +  String xmlFileName = null;        	/* policy file */ 
  5.1457 +  String outputFileName = null;     	/* binary policy file */
  5.1458 +  String xenSsidOutputFileName = null; 	/* outputfile ssid to named types */	
  5.1459 +					/* outputfile conflicts ssid to named types */	
  5.1460 +  String xenSsidConfOutputFileName = null; 	
  5.1461 +
  5.1462 +  XmlToBin genObj = new XmlToBin(); 
  5.1463 +
  5.1464 +
  5.1465 +  for (int i = 0 ; i < args.length ; i++) {
  5.1466 +
  5.1467 +	if ( args[i].equals("-help"))  {
  5.1468 +          printUsage();
  5.1469 +          System.exit(1);
  5.1470 +
  5.1471 +        } else if ( args[i].equals("-i"))  {
  5.1472 +          i++;
  5.1473 +          if (i < args.length) {
  5.1474 +               xmlFileName = args[i];   
  5.1475 +          } else  {
  5.1476 +                System.out.println("-i argument needs parameter");
  5.1477 +                System.exit(1);
  5.1478 +          }
  5.1479 +
  5.1480 +	} else if ( args[i].equals("-o"))  {
  5.1481 +          i++;
  5.1482 +          if (i < args.length) {
  5.1483 +                outputFileName = args[i];   
  5.1484 +          } else {
  5.1485 +                System.out.println("-o argument needs parameter");
  5.1486 +                System.exit(1);
  5.1487 +          }
  5.1488 +
  5.1489 +	} else if ( args[i].equals("-xssid"))  {
  5.1490 +          i++;
  5.1491 +          if (i < args.length) {
  5.1492 +                 xenSsidOutputFileName = args[i];   
  5.1493 +          } else {
  5.1494 +                System.out.println("-xssid argument needs parameter");
  5.1495 +                System.exit(1);
  5.1496 +          }
  5.1497 +
  5.1498 +	} else if ( args[i].equals("-xssidconf"))  {
  5.1499 +          i++;
  5.1500 +          if (i < args.length) {
  5.1501 +                xenSsidConfOutputFileName = args[i]; 
  5.1502 +          } else {
  5.1503 +                System.out.println("-xssidconf argument needs parameter");
  5.1504 +                System.exit(1);
  5.1505 +          }
  5.1506 +	} else if ( args[i].equals("-debug"))  { /* turn on debug msg */
  5.1507 +	 	genObj.setDebug(true);
  5.1508 +        } else {
  5.1509 +          System.out.println("bad command line argument: " + args[i]);
  5.1510 +          printUsage();
  5.1511 +          System.exit(1);
  5.1512 +        }
  5.1513 +
  5.1514 +  }
  5.1515 +
  5.1516 +  if (xmlFileName == null)
  5.1517 +  { 
  5.1518 +	System.out.println("Need to specify input file -i option");
  5.1519 +        printUsage();
  5.1520 +        System.exit(1);
  5.1521 +  }
  5.1522 +
  5.1523 +
  5.1524 +  try 
  5.1525 +  {
  5.1526 +	/* Parse and validate */
  5.1527 + 	Document doc =  genObj.getDomTree(xmlFileName);
  5.1528 +
  5.1529 +	/* Vectors to hold sets of types */
  5.1530 +	Vector bagOfSsids = new Vector();
  5.1531 +	Vector bagOfTypes = new Vector();
  5.1532 +	Vector bagOfChwSsids = new Vector();
  5.1533 +	Vector bagOfChwTypes = new Vector();
  5.1534 +	Vector bagOfConflictSsids = new Vector();
  5.1535 +
  5.1536 +	Vector vlanMapSsids = new Vector();
  5.1537 +	Vector slotMapSsids = new Vector();
  5.1538 +
  5.1539 +	genObj.processDomTree(doc, bagOfSsids, bagOfTypes, bagOfChwSsids, bagOfChwTypes, bagOfConflictSsids);
  5.1540 +
  5.1541 +	genObj.processDomTreeVlanSlot(doc, bagOfSsids, bagOfTypes);
  5.1542 +
  5.1543 +	/* Get binary representation of policies */
  5.1544 +  	byte[] stePolicy = genObj.generateSteBuffer(bagOfSsids, bagOfTypes);
  5.1545 +  	byte[] chwPolicy = genObj.generateChwBuffer(bagOfChwSsids, bagOfConflictSsids,bagOfChwTypes);
  5.1546 +
  5.1547 +  	byte[] binPolicy = null;
  5.1548 + 	byte[] binaryPartionSsid = null;
  5.1549 +  	byte[] binaryVlanSsid = null;
  5.1550 +  	byte[] binarySlotSsid = null;
  5.1551 +
  5.1552 +	/* Get binary representation of partition to ssid mapping */
  5.1553 +  	binaryPartionSsid = genObj.generatePartSsids(bagOfSsids,bagOfChwSsids);
  5.1554 +
  5.1555 +	/* Get binary representation of vlan to ssid mapping */
  5.1556 +  	binaryVlanSsid = genObj.generateVlanSsids(bagOfSsids);
  5.1557 +
  5.1558 +	/* Get binary representation of slot to ssid mapping */
  5.1559 +  	binarySlotSsid = genObj.generateSlotSsids(bagOfSsids);
  5.1560 +
  5.1561 +	/* Generate binary representation: policy, partition, slot and vlan */
  5.1562 +  	binPolicy = genObj.GenBinaryPolicyBuffer(chwPolicy,stePolicy, binaryPartionSsid, binaryVlanSsid, binarySlotSsid);
  5.1563 +
  5.1564 +
  5.1565 +	/* Write binary policy into file */
  5.1566 +	if (null != outputFileName)
  5.1567 +	{
  5.1568 +  		genObj.writeBinPolicy(binPolicy, outputFileName);
  5.1569 +	} else {
  5.1570 +		System.out.println (" No binary policy generated, outputFileName:  " + outputFileName);
  5.1571 +	}
  5.1572 +
  5.1573 +	/* Print total number of types */
  5.1574 +	System.out.println (" Total number of unique ste types: " + bagOfTypes.size());
  5.1575 +	System.out.println (" Total number of Ssids : " + bagOfSsids.size());
  5.1576 +	System.out.println (" Total number of unique chw types: " + bagOfChwTypes.size());
  5.1577 +	System.out.println (" Total number of conflict ssids : " + bagOfConflictSsids.size());
  5.1578 +	System.out.println (" Total number of chw Ssids : " + bagOfChwSsids.size());
  5.1579 +
  5.1580 +   	if (null != xenSsidOutputFileName)
  5.1581 +  		genObj.writeXenTypeFile(bagOfSsids, xenSsidOutputFileName, true);
  5.1582 +
  5.1583 +   	if (null != xenSsidConfOutputFileName)
  5.1584 +  		genObj.writeXenTypeFile(bagOfChwSsids, xenSsidConfOutputFileName, false);
  5.1585 +    } 
  5.1586 +    catch (Exception e) 
  5.1587 +    {
  5.1588 +      e.printStackTrace();
  5.1589 +    }
  5.1590 +  }
  5.1591 +}
     6.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
     6.2 +++ b/tools/misc/policyprocessor/XmlToBinInterface.java	Mon Jun 20 22:33:35 2005 +0000
     6.3 @@ -0,0 +1,135 @@
     6.4 +/**
     6.5 + * (C) Copyright IBM Corp. 2005
     6.6 + *
     6.7 + * $Id: XmlToBinInterface.java,v 1.2 2005/06/17 20:00:04 rvaldez Exp $
     6.8 + *
     6.9 + * Author: Ray Valdez
    6.10 + *
    6.11 + * This program is free software; you can redistribute it and/or
    6.12 + * modify it under the terms of the GNU General Public License as
    6.13 + * published by the Free Software Foundation, version 2 of the
    6.14 + * License.
    6.15 + *
    6.16 + * XmlToBinInterface Class.  
    6.17 + * <p>
    6.18 + *
    6.19 + * Defines constants used by XmToBin.
    6.20 + *
    6.21 + * <p>
    6.22 + *
    6.23 + *	policy binary structures
    6.24 + *
    6.25 + *	typedef struct {
    6.26 + *        u32 magic;
    6.27 + *
    6.28 + *        u32 policyversion;
    6.29 + *        u32 len;
    6.30 + *
    6.31 + *        u16 primary_policy_code;
    6.32 + *        u16 primary_buffer_offset;
    6.33 + *        u16 secondary_policy_code;
    6.34 + *        u16 secondary_buffer_offset;
    6.35 + *	u16 resource_offset;
    6.36 + *
    6.37 + *	} acm_policy_buffer_t;
    6.38 + *
    6.39 + *	typedef struct {
    6.40 + *        u16 policy_code;
    6.41 + *        u16 ste_max_types;
    6.42 + *        u16 ste_max_ssidrefs;
    6.43 + *        u16 ste_ssid_offset;
    6.44 + *	} acm_ste_policy_buffer_t;
    6.45 + *
    6.46 + *  	typedef struct {
    6.47 + *        uint16 policy_code;
    6.48 + *        uint16 chwall_max_types;
    6.49 + *        uint16 chwall_max_ssidrefs;
    6.50 + *        uint16 chwall_max_conflictsets;
    6.51 + *        uint16 chwall_ssid_offset;
    6.52 + *        uint16 chwall_conflict_sets_offset;
    6.53 + *        uint16 chwall_running_types_offset;
    6.54 + *        uint16 chwall_conflict_aggregate_offset;
    6.55 + *	} acm_chwall_policy_buffer_t;
    6.56 + *
    6.57 + *	typedef struct {
    6.58 + *	u16 partition_max;
    6.59 + *	u16 partition_offset;
    6.60 + *	u16 vlan_max;
    6.61 + *	u16 vlan_offset;
    6.62 + *	u16 slot_max;
    6.63 + *	u16 slot_offset;
    6.64 + *	} acm_resource_buffer_t;
    6.65 + *
    6.66 + *	typedef struct {
    6.67 + *	u16 id;
    6.68 + *	u16 ssid_ste;
    6.69 + *	u16 ssid_chwall;
    6.70 + *	} acm_partition_entry_t;
    6.71 + *
    6.72 + *	typedef struct {
    6.73 + *	u16 vlan;
    6.74 + *	u16 ssid_ste;
    6.75 + *	} acm_vlan_entry_t;
    6.76 + *
    6.77 + *	typedef struct {
    6.78 + *	u16 bus;
    6.79 + *	u16 slot;
    6.80 + *	u16 ssid_ste;
    6.81 + *	} acm_slot_entry_t;
    6.82 + *
    6.83 + *       
    6.84 + *
    6.85 + */
    6.86 +public interface XmlToBinInterface
    6.87 +{
    6.88 +  /* policy code  (uint16) */
    6.89 +  final int policyCodeSize = 2;
    6.90 +
    6.91 +  /* max_types    (uint16) */
    6.92 +  final int maxTypesSize = 2;
    6.93 +
    6.94 +  /* max_ssidrefs (uint16) */
    6.95 +  final int maxSsidrefSize = 2;
    6.96 +
    6.97 +  /* ssid_offset  (uint32) */
    6.98 +  final int ssidOffsetSize = 2;
    6.99 +
   6.100 +  final short markSymbol = 0x0001;
   6.101 +
   6.102 +  final int u32Size = 4;
   6.103 +  final int u16Size = 2;
   6.104 +
   6.105 +  /* num of bytes for acm_ste_policy_buffer_t */
   6.106 +  final short steHeaderSize = (4 * u16Size); 
   6.107 +  /* byte for acm_chinese_wall_policy_buffer_t */
   6.108 +  final short chwHeaderSize = (8 * u16Size); 
   6.109 +
   6.110 +  final short primaryPolicyCodeSize = u16Size;
   6.111 +  final short primaryBufferOffsetSize = u16Size ;
   6.112 +
   6.113 +  final int secondaryPolicyCodeSz = u16Size;
   6.114 +  final int secondaryBufferOffsetSz = u16Size;
   6.115 +  final short resourceOffsetSz = u16Size;
   6.116 +
   6.117 +  final short partitionBufferSz = (2 * u16Size);
   6.118 +  final short partitionEntrySz = (3 * u16Size);
   6.119 +
   6.120 +  final short slotBufferSz = (2 * u16Size);
   6.121 +  final short slotEntrySz = (3 * u16Size);
   6.122 +
   6.123 +  final short vlanBufferSz = (2 * u16Size);
   6.124 +  final short vlanEntrySz = (2 * u16Size);
   6.125 +
   6.126 +  final short binaryBufferHeaderSz = (3 * u32Size + 4* u16Size);
   6.127 +
   6.128 +  /* copied directlty from policy_ops.h */
   6.129 +  final int POLICY_INTERFACE_VERSION = 0xAAAA0000;
   6.130 +
   6.131 +  /* copied directly from acm.h */
   6.132 +  final int ACM_MAGIC  =  0x0001debc;
   6.133 +  final short ACM_NULL_POLICY = 0;
   6.134 +  final short ACM_CHINESE_WALL_POLICY = 1;
   6.135 +  final short ACM_SIMPLE_TYPE_ENFORCEMENT_POLICY = 2;
   6.136 +  final short ACM_CHINESE_WALL_AND_SIMPLE_TYPE_ENFORCEMENT_POLICY = 3;
   6.137 +  final short ACM_EMPTY_POLICY = 4;
   6.138 +}
     7.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
     7.2 +++ b/tools/misc/policyprocessor/myHandler.java	Mon Jun 20 22:33:35 2005 +0000
     7.3 @@ -0,0 +1,47 @@
     7.4 +/**
     7.5 + * (C) Copyright IBM Corp. 2005
     7.6 + *
     7.7 + * $Id: myHandler.java,v 1.2 2005/06/17 20:00:04 rvaldez Exp $
     7.8 + *
     7.9 + * Author: Ray Valdez
    7.10 + *
    7.11 + * This program is free software; you can redistribute it and/or
    7.12 + * modify it under the terms of the GNU General Public License as
    7.13 + * published by the Free Software Foundation, version 2 of the
    7.14 + * License.
    7.15 + *
    7.16 + * myHandler Class.  
    7.17 + *
    7.18 + * <p>
    7.19 + *
    7.20 + * A dummy class used for detecting XML validating/parsing errors.
    7.21 + *
    7.22 + * <p>
    7.23 + *
    7.24 + *
    7.25 + */
    7.26 +import org.xml.sax.helpers.*;
    7.27 +import org.xml.sax.SAXParseException;
    7.28 +
    7.29 +class myHandler extends DefaultHandler 
    7.30 +{ 
    7.31 + public boolean isValid = true;
    7.32 +
    7.33 + /* Notification of a recoverable error. */
    7.34 + public void error(SAXParseException se) 
    7.35 + { 
    7.36 +  isValid = false;
    7.37 + } 
    7.38 +
    7.39 + /* Notification of a non-recoverable error. */
    7.40 + public void fatalError(SAXParseException se) 
    7.41 + { 
    7.42 +  isValid = false;
    7.43 + } 
    7.44 +
    7.45 + /* Notification of a warning. */
    7.46 + public void warning(SAXParseException se) 
    7.47 + {
    7.48 +  isValid = false;
    7.49 + }
    7.50 +}
     8.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
     8.2 +++ b/tools/misc/policyprocessor/readme.install	Mon Jun 20 22:33:35 2005 +0000
     8.3 @@ -0,0 +1,33 @@
     8.4 +# Author: Ray Valdez, rvaldez@us.ibm.com 
     8.5 +# Version: 1.0
     8.6 +#
     8.7 +# install readme
     8.8 +#
     8.9 +PREREQUISITES:
    8.10 +
    8.11 +Prior to installation of the policy processor tool (XmlToBin) you must have...
    8.12 +
    8.13 + 1. Java version 1.4.2
    8.14 + 2. xmlParserAPIs.jar and xercesImpl.jar
    8.15 +
    8.16 +The above can be obtained from the Sun Developer Network web site at
    8.17 +http://java.sun.com/j2se/1.4.2/download.html.
    8.18 +
    8.19 +XmlParserAPIs and xercesImpl jars can be obtained from
    8.20 +http://www.apache.org/dist/xml/xerces-j (Xerces-J-bin.2.6.2.tar.gz,
    8.21 +for example).
    8.22 +
    8.23 +The tool has been tested with J2SE v1.4.2_08 JRE on Linux (32-bit
    8.24 +INTEL).
    8.25 +
    8.26 +INSTALLATION
    8.27 +
    8.28 +1. Set PATH to include $HOME_JAVA/bin and $HOME_JAVA/jre/bin
    8.29 +   where $HOME_JAVA is your java installation directory
    8.30 +
    8.31 +2. Compile XmlToBin:
    8.32 +   javac XmlToBin.java
    8.33 +	
    8.34 +USAGE
    8.35 +
    8.36 + See readme.xen
     9.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
     9.2 +++ b/tools/misc/policyprocessor/readme.xen	Mon Jun 20 22:33:35 2005 +0000
     9.3 @@ -0,0 +1,65 @@
     9.4 +# Author: Ray Valdez, rvaldez@us.ibm.com 
     9.5 +# Version: 1.0
     9.6 +#
     9.7 +# This readme describes the policy processor tool for sHype.
     9.8 +#
     9.9 +
    9.10 +Java program:
    9.11 +
    9.12 + java XmlToBin -i [file.xml] -o <file.bin> -xssid <SsidFile> -xssidconf <SsidConf>
    9.13 +
    9.14 + Command line options:
    9.15 +
    9.16 +        -i              inputFile:      name of policyfile (.xml)
    9.17 +        -o              outputFile:     name of binary policy file (Big Endian)
    9.18 +        -xssid          SsidFile:       xen ssids to named types text file
    9.19 +        -xssidconf      SsidConf:   	xen conflict ssids to types text file
    9.20 +        -debug                          turn on debug messages
    9.21 +        -help                           help. This printout
    9.22 +
    9.23 +Where:
    9.24 +
    9.25 +file.xml is the (input) xml policy file to be parsed and validated.
    9.26 +The syntax for file.xml is defined in the SecurityPolicySpec.xsd file.
    9.27 +file.bin is the (output) binary policy file generated by XmlToBin.
    9.28 +This binary policy can be activated in sHype. The binary policy file
    9.29 +is laid out in network byte order (i.e., big endian).  The SsidFile
    9.30 +file contains the mapping of type enforcement (TE) ssids to the "named
    9.31 +types".  Similarly, the SsidConf file contains the mapping of Chinese
    9.32 +Wall (ChWall) ssids to conflict named types. The ssidFile and SsidConf
    9.33 +files are used by Xen.
    9.34 +
    9.35 +Xml Schema and policy:
    9.36 +
    9.37 +The SecurityPolicySpec.xsd defines the syntax of a policy file. It
    9.38 +declares the tags that are used by XmlToBin to generate the binary
    9.39 +policy file. The tags that XmlToBin keys on are TE, ChWall, id, vid,
    9.40 +etc.  The xml files that describe a policy are simple.  Semantic
    9.41 +checking of a policy is performed mostly by XmlToBin.  A type, for
    9.42 +example, is a string. No fixed values are defined for types in Xml.
    9.43 +  
    9.44 +A policy consists of two Xml files: definition and policy. The
    9.45 +definition Xml declares the types that are permitted in the policy
    9.46 +Xml.  The policy Xml contains the assignment of labels to
    9.47 +subject/object (e.g., vm). This Xml file contains an explicit
    9.48 +reference to the definition Xml (e.g., <url>xen_sample_def.xml</url>).
    9.49 +The policy Xml is the one provided as a command line argument.
    9.50 +
    9.51 +
    9.52 +Files:
    9.53 +
    9.54 +*.java		      	- policy processor source 
    9.55 +xen_sample_policy.xml	- sample xml policy file
    9.56 +xen_sample_def.xml	- sample user defined types
    9.57 +SecurityPolicySpec.xsd 	- schema definition file
    9.58 +
    9.59 +
    9.60 +To generate the sample binary policy: 
    9.61 +
    9.62 +export CLASSPATH=$XERCES_HOME/xercesImpl.jar:$XERCES_HOME/xmlParserAPIs.jar:.
    9.63 +
    9.64 +java XmlToBin -i xen_sample_policy.xml -o xen_sample_policy.bin
    9.65 +
    9.66 +where $XERCES_HOME is the installation directory of the Apache Xerces-J
    9.67 +
    9.68 +
    10.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    10.2 +++ b/tools/misc/policyprocessor/xen_sample_def.xml	Mon Jun 20 22:33:35 2005 +0000
    10.3 @@ -0,0 +1,46 @@
    10.4 +<?xml version="1.0"?>
    10.5 +<!-- Author: Ray Valdez, rvaldez@us.ibm.com -->
    10.6 +<!-- example policy type definition -->
    10.7 +<SecurityPolicySpec
    10.8 +xmlns="http://www.ibm.com"
    10.9 +xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
   10.10 +xsi:schemaLocation="http://www.ibm.com SecurityPolicySpec.xsd">
   10.11 +
   10.12 +<Definition>
   10.13 +<!-- an example of a simple type enforcement type definition -->
   10.14 +  <Types>
   10.15 +        <TE>LOCAL-management</TE>
   10.16 +        <TE>R-Company-development</TE>
   10.17 +        <TE>S-Company-order</TE>
   10.18 +        <TE>T-Company-advertising</TE>
   10.19 +        <TE>U-Company-computing</TE>
   10.20 +		 <!-- TE nondevelopment  -->
   10.21 +  </Types>
   10.22 +
   10.23 +<!-- an example of a chinese wall type definition along with conflict sets-->
   10.24 +  <ChWallTypes>
   10.25 +		 <ChWall>Q-Company</ChWall>
   10.26 +		 <ChWall>R-Company</ChWall>
   10.27 +		 <ChWall>S-Company</ChWall>
   10.28 +		 <ChWall>T-Company</ChWall>
   10.29 +		 <ChWall>U-Company</ChWall>
   10.30 +		 <ChWall>V-Company</ChWall>
   10.31 +		 <ChWall>W-Company</ChWall>
   10.32 +		 <ChWall>X-Company</ChWall>
   10.33 +		 <ChWall>Y-Company</ChWall>
   10.34 +		 <ChWall>Z-Company</ChWall>
   10.35 +  </ChWallTypes>
   10.36 +
   10.37 +  <ConflictSet>
   10.38 +		 <ChWall>T-Company</ChWall>
   10.39 +		 <ChWall>S-Company</ChWall>
   10.40 +   </ConflictSet>
   10.41 +
   10.42 +   <ConflictSet>
   10.43 +		 <ChWall>Q-Company</ChWall>
   10.44 +		 <ChWall>V-Company</ChWall>
   10.45 +		 <ChWall>W-Company</ChWall>
   10.46 +   </ConflictSet>
   10.47 +
   10.48 +</Definition>
   10.49 +</SecurityPolicySpec>
    11.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    11.2 +++ b/tools/misc/policyprocessor/xen_sample_policy.xml	Mon Jun 20 22:33:35 2005 +0000
    11.3 @@ -0,0 +1,58 @@
    11.4 +<?xml version="1.0"?>
    11.5 +<!-- Author: Ray Valdez, rvaldez@us.ibm.com -->
    11.6 +<!-- example xen policy file -->
    11.7 +
    11.8 +<SecurityPolicySpec
    11.9 +xmlns="http://www.ibm.com"
   11.10 +xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
   11.11 +xsi:schemaLocation="http://www.ibm.com SecurityPolicySpec.xsd">
   11.12 +<Policy>
   11.13 + <PolicyHeader>
   11.14 +        <Name>xen sample policy</Name>
   11.15 +        <DateTime>2005-05-20T16:56:00</DateTime>
   11.16 +        <Tag>foobar</Tag>
   11.17 +        <TypeDefinition>
   11.18 +          <url>xen_sample_def.xml</url>
   11.19 +          <hash>abcdef123456abcdef</hash>
   11.20 +        </TypeDefinition>
   11.21 + </PolicyHeader>
   11.22 +
   11.23 + <VM>
   11.24 +        <id> 0 </id>
   11.25 +        <TE>LOCAL-management</TE>
   11.26 +        <TE>R-Company-development</TE>
   11.27 +        <TE>S-Company-order</TE>
   11.28 +        <TE>T-Company-advertising</TE>
   11.29 +        <TE>U-Company-computing</TE>
   11.30 +		 <ChWall>Q-Company</ChWall>
   11.31 + </VM>
   11.32 +
   11.33 + <VM>
   11.34 +        <id> 1 </id>
   11.35 +        <TE>R-Company-development</TE>
   11.36 +		 <ChWall>R-Company</ChWall>
   11.37 + </VM>
   11.38 +
   11.39 + <VM>
   11.40 +        <id> 2 </id>
   11.41 +        <TE>S-Company-order</TE>
   11.42 +		 <ChWall>S-Company</ChWall>
   11.43 +
   11.44 + </VM>
   11.45 +
   11.46 + <VM>
   11.47 +        <id> 3 </id>
   11.48 +        <TE>T-Company-advertising</TE>
   11.49 +		 <ChWall>T-Company</ChWall>
   11.50 + </VM>
   11.51 +
   11.52 +
   11.53 + <VM>
   11.54 +        <id> 4 </id>
   11.55 +        <TE>U-Company-computing</TE>
   11.56 +		 <ChWall>U-Company</ChWall>
   11.57 + </VM>
   11.58 +
   11.59 +
   11.60 +</Policy>
   11.61 +</SecurityPolicySpec>