ia64/xen-unstable
changeset 8350:62d9ac63e7f5
Merged.
| author | emellor@leeni.uk.xensource.com |
|---|---|
| date | Tue Dec 13 18:08:26 2005 +0000 (2005-12-13) |
| parents | 8c5b7b6772ae 89e0dfa3a089 |
| children | 455b2b93542c f85f52b508c3 |
| files |
line diff
1.1 --- a/tools/ioemu/sdl.c Tue Dec 13 18:08:17 2005 +0000 1.2 +++ b/tools/ioemu/sdl.c Tue Dec 13 18:08:26 2005 +0000 1.3 @@ -592,7 +592,8 @@ void sdl_display_init(DisplayState *ds, 1.4 1.5 sdl_resize(ds, 640, 400); 1.6 sdl_update_caption(); 1.7 - SDL_EnableKeyRepeat(250, 50); 1.8 + if(repeat_key) 1.9 + SDL_EnableKeyRepeat(250, 50); 1.10 SDL_EnableUNICODE(1); 1.11 gui_grab = 0; 1.12
2.1 --- a/tools/ioemu/vl.c Tue Dec 13 18:08:17 2005 +0000 2.2 +++ b/tools/ioemu/vl.c Tue Dec 13 18:08:26 2005 +0000 2.3 @@ -145,6 +145,7 @@ int graphic_width = 800; 2.4 int graphic_height = 600; 2.5 int graphic_depth = 15; 2.6 int full_screen = 0; 2.7 +int repeat_key = 1; 2.8 TextConsole *vga_console; 2.9 CharDriverState *serial_hds[MAX_SERIAL_PORTS]; 2.10 int xc_handle; 2.11 @@ -2250,6 +2251,7 @@ void help(void) 2.12 "-std-vga simulate a standard VGA card with VESA Bochs Extensions\n" 2.13 " (default is CL-GD5446 PCI VGA)\n" 2.14 "-vgaacc [0|1] 1 to accelerate CL-GD5446 speed, default is 1\n" 2.15 + "-no-repeatkey disable key repeat feature for SDL keyboard simulation" 2.16 #endif 2.17 "-loadvm file start right away with a saved state (loadvm in monitor)\n" 2.18 "\n" 2.19 @@ -2342,6 +2344,7 @@ enum { 2.20 QEMU_OPTION_loadvm, 2.21 QEMU_OPTION_full_screen, 2.22 QEMU_OPTION_vgaacc, 2.23 + QEMU_OPTION_repeatkey, 2.24 }; 2.25 2.26 typedef struct QEMUOption { 2.27 @@ -2421,6 +2424,7 @@ const QEMUOption qemu_options[] = { 2.28 { "nic-ne2000", 0, QEMU_OPTION_nic_ne2000 }, 2.29 { "cirrusvga", 0, QEMU_OPTION_cirrusvga }, 2.30 { "vgaacc", HAS_ARG, QEMU_OPTION_vgaacc }, 2.31 + { "no-repeatkey", 0, QEMU_OPTION_repeatkey }, 2.32 { NULL }, 2.33 }; 2.34 2.35 @@ -2976,6 +2980,9 @@ int main(int argc, char **argv) 2.36 } 2.37 } 2.38 break; 2.39 + case QEMU_OPTION_repeatkey: 2.40 + repeat_key = 0; 2.41 + break; 2.42 case QEMU_OPTION_std_vga: 2.43 cirrus_vga_enabled = 0; 2.44 break;
3.1 --- a/tools/ioemu/vl.h Tue Dec 13 18:08:17 2005 +0000 3.2 +++ b/tools/ioemu/vl.h Tue Dec 13 18:08:26 2005 +0000 3.3 @@ -612,6 +612,7 @@ void pci_pcnet_init(PCIBus *bus, NetDriv 3.4 3.5 void kbd_init(void); 3.6 extern const char* keyboard_layout; 3.7 +extern int repeat_key; 3.8 3.9 /* mc146818rtc.c */ 3.10
4.1 --- a/tools/security/Makefile Tue Dec 13 18:08:17 2005 +0000 4.2 +++ b/tools/security/Makefile Tue Dec 13 18:08:26 2005 +0000 4.3 @@ -35,7 +35,7 @@ OBJS_XML2BIN := $(patsubst %.c,%.o,$(fil 4.4 SRCS_GETD = get_decision.c 4.5 OBJS_GETD := $(patsubst %.c,%.o,$(filter %.c,$(SRCS_GETD))) 4.6 4.7 -ACM_INST_TOOLS = xensec_tool xensec_xml2bin 4.8 +ACM_INST_TOOLS = xensec_tool xensec_xml2bin xensec_gen 4.9 ACM_NOINST_TOOLS = get_decision 4.10 ACM_OBJS = $(OBJS_TOOL) $(OBJS_XML2BIN) $(OBJS_GETD) 4.11 ACM_SCRIPTS = getlabel.sh setlabel.sh updategrub.sh labelfuncs.sh 4.12 @@ -44,6 +44,12 @@ ACM_CONFIG_DIR = /etc/xen/acm-securit 4.13 ACM_POLICY_DIR = $(ACM_CONFIG_DIR)/policies 4.14 ACM_SCRIPT_DIR = $(ACM_CONFIG_DIR)/scripts 4.15 4.16 +ACM_INST_HTML = python/xensec_gen/index.html 4.17 +ACM_INST_CGI = python/xensec_gen/cgi-bin/policy.cgi \ 4.18 + python/xensec_gen/cgi-bin/policylabel.cgi 4.19 +ACM_SECGEN_HTMLDIR= /var/lib/xensec_gen 4.20 +ACM_SECGEN_CGIDIR = $(ACM_SECGEN_HTMLDIR)/cgi-bin 4.21 + 4.22 ACM_SCHEMA = security_policy.xsd 4.23 ACM_EXAMPLES = null chwall ste chwall_ste 4.24 ACM_POLICY_SUFFIX = security_policy.xml 4.25 @@ -65,6 +71,15 @@ install: all $(ACM_CONFIG_FILE) 4.26 done 4.27 $(INSTALL_DIR) -p $(DESTDIR)$(ACM_SCRIPT_DIR) 4.28 $(INSTALL_PROG) -p $(ACM_SCRIPTS) $(DESTDIR)$(ACM_SCRIPT_DIR) 4.29 + $(INSTALL_DIR) -p $(DESTDIR)$(ACM_SECGEN_HTMLDIR) 4.30 + $(INSTALL_DATA) -p $(ACM_INST_HTML) $(DESTDIR)$(ACM_SECGEN_HTMLDIR) 4.31 + $(INSTALL_DIR) -p $(DESTDIR)$(ACM_SECGEN_CGIDIR) 4.32 + $(INSTALL_PROG) -p $(ACM_INST_CGI) $(DESTDIR)$(ACM_SECGEN_CGIDIR) 4.33 +ifndef XEN_PYTHON_NATIVE_INSTALL 4.34 + python python/setup.py install --home="$(DESTDIR)/usr" 4.35 +else 4.36 + python python/setup.py install --root="$(DESTDIR)" 4.37 +endif 4.38 else 4.39 all: 4.40 4.41 @@ -72,22 +87,27 @@ install: 4.42 endif 4.43 4.44 build: mk-symlinks $(ACM_INST_TOOLS) $(ACM_NOINST_TOOLS) 4.45 + python python/setup.py build 4.46 chmod 700 $(ACM_SCRIPTS) 4.47 4.48 xensec_tool: $(OBJS_TOOL) 4.49 - $(CC) $(CFLAGS) $(LDFLAGS) -o $@ $< 4.50 + $(CC) $(CFLAGS) $(LDFLAGS) -o $@ $^ 4.51 4.52 xensec_xml2bin: $(OBJS_XML2BIN) 4.53 - $(CC) $(CFLAGS) $(LDFLAGS) -o $@ $< 4.54 + $(CC) $(CFLAGS) $(LDFLAGS) -o $@ $^ 4.55 4.56 get_decision: $(OBJS_GETD) 4.57 - $(CC) $(CFLAGS) $(LDFLAGS) -o $@ $< 4.58 + $(CC) $(CFLAGS) $(LDFLAGS) -o $@ $^ 4.59 + 4.60 +xensec_gen: xensec_gen.py 4.61 + cp -f $^ $@ 4.62 4.63 clean: 4.64 $(RM) $(ACM_INST_TOOLS) $(ACM_NOINST_TOOLS) 4.65 $(RM) $(ACM_OBJS) 4.66 $(RM) $(PROG_DEPS) 4.67 $(RM) -r xen 4.68 + $(RM) -r build 4.69 4.70 mrproper: clean 4.71
5.1 --- a/tools/security/example.txt Tue Dec 13 18:08:17 2005 +0000 5.2 +++ b/tools/security/example.txt Tue Dec 13 18:08:26 2005 +0000 5.3 @@ -271,3 +271,112 @@ xensec_xml2bin is written against this s 5.4 5.5 If you keep to the security policy schema, then you can use all the 5.6 tools described above. Refer to install.txt to install it. 5.7 + 5.8 +You can hand-edit the xml files to create your policy or you can use the 5.9 +xensec_gen utility. 5.10 + 5.11 + 5.12 +5. Generating policy files using xensec_gen: 5.13 +============================================ 5.14 + 5.15 +The xensec_gen utility starts a web-server that can be used to generate the 5.16 +XML policy files needed to create a policy. 5.17 + 5.18 +By default, xensec_gen runs as a daemon and listens on port 7777 for HTTP 5.19 +requests. The xensec_gen command supports command line options to change the 5.20 +listen port, run in the foreground, and a few others. Type 'xensec_gen -h' 5.21 +to see the full list of options available. 5.22 + 5.23 +Once the xensec_gen utility is running, point a browser at the host and port 5.24 +on which the utility is running (e.g. http://localhost:7777/). You will be 5.25 +presented with a web page that allows you to create or modify the XML policy 5.26 +files: 5.27 + 5.28 + - The Security Policy section allows you to create or modify a policy 5.29 + definition file 5.30 + 5.31 + - The Security Policy Labeling section allows you to create or modify a 5.32 + label template definition file 5.33 + 5.34 + Security Policy: 5.35 + ---------------- 5.36 + The Security Policy section allows you to modify an existing policy definition 5.37 + file or create a new policy definition file. To modify an existing policy 5.38 + definition, enter the full path to the existing file (the "Browse" button can 5.39 + be used to aid in this) in the Policy File entry field. To create a new 5.40 + policy definition file leave the Policy File entry field blank. At this point 5.41 + click the "Create" button to begin modifying or creating your policy definition. 5.42 + 5.43 + You will then be presented with a web page that will allow you to create either 5.44 + Simple Type Enforcement types or Chinese Wall types or both. 5.45 + 5.46 + As an example: 5.47 + - To add a Simple Type Enforcement type: 5.48 + - Enter the name of a new type under the Simple Type Enforcement Types 5.49 + section in the entry field above the "New" button. 5.50 + - Click the "New" button and the type will be added to the list of defined 5.51 + Simple Type Enforcement types. 5.52 + - To remove a Simple Type Enforcement type: 5.53 + - Click on the type to be removed in the list of defined Simple Type 5.54 + Enforcement types. 5.55 + - Click the "Delete" button to remove the type. 5.56 + 5.57 + Follow the same process to add Chinese Wall types. If you define Chinese Wall 5.58 + types you need to define at least one Chinese Wall Conflict Set. The Chinese 5.59 + Wall Conflict Set will allow you to add Chinese Wall types from the list of 5.60 + defined Chinese Wall types. 5.61 + 5.62 + To create your policy definition file, click on the "Generate XML" button on 5.63 + the top of the page. This will present you with a dialog box to save the 5.64 + generated XML file on your system. The default name will be security_policy.xml 5.65 + which you should change to follow the policy file naming conventions based on 5.66 + the policy name that you choose to use. 5.67 + 5.68 + To get a feel for the tool, you could use one of the example policy definition 5.69 + files from /etc/xen/acm-security/policies as input. 5.70 + 5.71 + 5.72 + Security Policy Labeling: 5.73 + ------------------------- 5.74 + The Security Policy Labeling section allows you to modify an existing label 5.75 + template definition file or create a new label template definition file. To 5.76 + modify an existing label template definition, enter the full path to the 5.77 + existing file (the "Browse" button can be used to aid in this) in the Policy 5.78 + Labeling File entry field. Whether creating a new label template definition 5.79 + file or modifying an existing one, you will need to specify the policy 5.80 + definition file that is or will be associated with this label template 5.81 + definition file. At this point click the "Create" button to begin modifying 5.82 + or creating your label template definition file. 5.83 + 5.84 + You will then be presented with a web page that will allow you to create labels 5.85 + for classes of virtual machines. The input policy definition file will provide 5.86 + the available types (Simple Type Enforcement and/or Chinese Wall) that can be 5.87 + assigned to a virtual machine class. 5.88 + 5.89 + As an example: 5.90 + - To add a Virtual Machine class (the name entered will become the label 5.91 + that will be used to identify the class): 5.92 + - Enter the name of a new class under the Virtual Machine Classes section 5.93 + in the entry field above the "New" button. 5.94 + - Click the "New" button and the class will be added to the table of defined 5.95 + Virtual Machine classes. 5.96 + - To remove a Virtual Machine class: 5.97 + - Click the "Delete" link associated with the class in the table of Virtual 5.98 + Machine classes. 5.99 + 5.100 + Once you have defined one or more Virtual Machine classes, you will be able to 5.101 + add any of the defined Simple Type Enforcement types or Chinese Wall types to a 5.102 + particular Virtual Machine. 5.103 + 5.104 + You must also define which Virtual Machine class is to be associated with the 5.105 + bootstrap domain (or Dom0 domain). By default, the first Virtual Machine class 5.106 + created will be associated as the bootstrap domain. 5.107 + 5.108 + To create your label template definition file, click on the "Generate XML" button 5.109 + on the top of the page. This will present you with a dialog box to save the 5.110 + generated XML file on your system. The default name will be 5.111 + security_label_template.xml which you should change to follow the policy file 5.112 + naming conventions based on the policy name that you choose to use. 5.113 + 5.114 + To get a feel for the tool, you could use one of the example policy definition 5.115 + and label template definition files from /etc/xen/acm-security/policies as input.
6.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 6.2 +++ b/tools/security/python/setup.py Tue Dec 13 18:08:26 2005 +0000 6.3 @@ -0,0 +1,30 @@ 6.4 +#!/usr/bin/python 6.5 +# 6.6 +# This program is free software; you can redistribute it and/or modify 6.7 +# it under the terms of the GNU General Public License as published by 6.8 +# the Free Software Foundation; either version 2 of the License, 6.9 +# or (at your option) any later version. 6.10 +# 6.11 +# This program is distributed in the hope that it will be useful, 6.12 +# but WITHOUT ANY WARRANTY; without even the implied warranty of 6.13 +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 6.14 +# GNU General Public License for more details. 6.15 +# 6.16 +# You should have received a copy of the GNU General Public License 6.17 +# along with this program; if not, write to the Free Software 6.18 +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA 6.19 +# 6.20 + 6.21 +from distutils.core import setup 6.22 +import os 6.23 + 6.24 +# This setup script is invoked from the parent directory, so base 6.25 +# everything as if executing from there. 6.26 +XEN_ROOT = "../.." 6.27 + 6.28 +setup(name = 'xensec_gen', 6.29 + version = '3.0', 6.30 + description = 'Xen XML Security Policy Generator', 6.31 + package_dir = { 'xen' : 'python' }, 6.32 + packages = ['xen.xensec_gen'], 6.33 + )
7.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 7.2 +++ b/tools/security/python/xensec_gen/cgi-bin/policy.cgi Tue Dec 13 18:08:26 2005 +0000 7.3 @@ -0,0 +1,1325 @@ 7.4 +#!/usr/bin/python 7.5 +# 7.6 +# The Initial Developer of the Original Code is International 7.7 +# Business Machines Corporation. Portions created by IBM 7.8 +# Corporation are Copyright (C) 2005 International Business 7.9 +# Machines Corporation. All Rights Reserved. 7.10 +# 7.11 +# This program is free software; you can redistribute it and/or modify 7.12 +# it under the terms of the GNU General Public License as published by 7.13 +# the Free Software Foundation; either version 2 of the License, 7.14 +# or (at your option) any later version. 7.15 +# 7.16 +# This program is distributed in the hope that it will be useful, 7.17 +# but WITHOUT ANY WARRANTY; without even the implied warranty of 7.18 +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 7.19 +# GNU General Public License for more details. 7.20 +# 7.21 +# You should have received a copy of the GNU General Public License 7.22 +# along with this program; if not, write to the Free Software 7.23 +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA 7.24 +# 7.25 + 7.26 +import os 7.27 +import cgi 7.28 +import cgitb; cgitb.enable( ) 7.29 +import time 7.30 +import xml.dom.minidom 7.31 +import xml.sax 7.32 +import xml.sax.handler 7.33 +from StringIO import StringIO 7.34 +from sets import Set 7.35 + 7.36 +def getSavedData( ): 7.37 + global formData, policyXml, formVariables, formCSNames 7.38 + global templateCSMTypes, templateCSMDel, templateCSMType, templateCSMAdd 7.39 + global allCSMTypes 7.40 + 7.41 + # Process the XML upload policy file 7.42 + if formData.has_key( 'i_policy' ): 7.43 + dataList = formData.getlist( 'i_policy' ) 7.44 + if len( dataList ) > 0: 7.45 + policyXml = dataList[0] 7.46 + 7.47 + # Process all the hidden input variables (if present) 7.48 + for formVar in formVariables: 7.49 + if formVar[2] == '': 7.50 + continue 7.51 + 7.52 + if formData.has_key( formVar[2] ): 7.53 + dataList = formData.getlist( formVar[2] ) 7.54 + if len( dataList ) > 0: 7.55 + if isinstance( formVar[1], list ): 7.56 + exec 'formVar[1] = ' + dataList[0] 7.57 + else: 7.58 + formVar[1] = dataList[0] 7.59 + 7.60 + # The form can contain any number of "Conflict Sets" 7.61 + # so update the list of form variables to include 7.62 + # each conflict set (hidden input variable) 7.63 + for csName in formCSNames[1]: 7.64 + newCS( csName ) 7.65 + if formData.has_key( allCSMTypes[csName][2] ): 7.66 + dataList = formData.getlist( allCSMTypes[csName][2] ) 7.67 + if len( dataList ) > 0: 7.68 + exec 'allCSMTypes[csName][1] = ' + dataList[0] 7.69 + 7.70 +def getCurrentTime( ): 7.71 + return time.strftime( '%Y-%m-%d %H:%M:%S', time.localtime( ) ) 7.72 + 7.73 +def getName( domNode ): 7.74 + nameNodes = domNode.getElementsByTagName( 'Name' ) 7.75 + if len( nameNodes ) == 0: 7.76 + formatXmlError( '"<Name>" tag is missing' ) 7.77 + return None 7.78 + 7.79 + name = '' 7.80 + for childNode in nameNodes[0].childNodes: 7.81 + if childNode.nodeType == xml.dom.Node.TEXT_NODE: 7.82 + name = name + childNode.data 7.83 + 7.84 + return name 7.85 + 7.86 +def getDate( domNode ): 7.87 + dateNodes = domNode.getElementsByTagName( 'Date' ) 7.88 + if len( dateNodes ) == 0: 7.89 + formatXmlError( '"<Date>" tag is missing' ) 7.90 + return None 7.91 + 7.92 + date = '' 7.93 + for childNode in dateNodes[0].childNodes: 7.94 + if childNode.nodeType == xml.dom.Node.TEXT_NODE: 7.95 + date = date + childNode.data 7.96 + 7.97 + return date 7.98 + 7.99 +def getSteTypes( domNode, missingIsError = 0 ): 7.100 + steNodes = domNode.getElementsByTagName( 'SimpleTypeEnforcementTypes' ) 7.101 + if len( steNodes ) == 0: 7.102 + if missingIsError == 1: 7.103 + formatXmlError( '"<SimpleTypeEnforcementTypes>" tag is missing' ) 7.104 + return None 7.105 + else: 7.106 + return [] 7.107 + 7.108 + return getTypes( steNodes[0] ) 7.109 + 7.110 +def getChWTypes( domNode, missingIsError = 0 ): 7.111 + chwNodes = domNode.getElementsByTagName( 'ChineseWallTypes' ) 7.112 + if len( chwNodes ) == 0: 7.113 + if missingIsError == 1: 7.114 + formatXmlError( '"<ChineseWallTypes>" tag is missing' ) 7.115 + return None 7.116 + else: 7.117 + return [] 7.118 + 7.119 + return getTypes( chwNodes[0] ) 7.120 + 7.121 +def getTypes( domNode ): 7.122 + types = [] 7.123 + 7.124 + domNodes = domNode.getElementsByTagName( 'Type' ) 7.125 + if len( domNodes ) == 0: 7.126 + formatXmlError( '"<Type>" tag is missing' ) 7.127 + return None 7.128 + 7.129 + for domNode in domNodes: 7.130 + typeText = '' 7.131 + for childNode in domNode.childNodes: 7.132 + if childNode.nodeType == xml.dom.Node.TEXT_NODE: 7.133 + typeText = typeText + childNode.data 7.134 + 7.135 + if typeText == '': 7.136 + formatXmlError( 'No text associated with the "<Type>" tag' ) 7.137 + return None 7.138 + 7.139 + types.append( typeText ) 7.140 + 7.141 + return types 7.142 + 7.143 +def formatXmlError( msg, xml = '', lineNum = -1, colNum = -1 ): 7.144 + global xmlMessages, xmlError 7.145 + 7.146 + xmlError = 1 7.147 + addMsg = cgi.escape( msg ) 7.148 + 7.149 + if lineNum != -1: 7.150 + sio = StringIO( xml ) 7.151 + for xmlLine in sio: 7.152 + lineNum = lineNum - 1 7.153 + if lineNum == 0: 7.154 + break; 7.155 + 7.156 + addMsg += '<BR><PRE>' + cgi.escape( xmlLine.rstrip( ) ) 7.157 + 7.158 + if colNum != -1: 7.159 + errLine = '' 7.160 + for i in range( colNum ): 7.161 + errLine = errLine + '-' 7.162 + 7.163 + addMsg += '\n' + errLine + '^' 7.164 + 7.165 + addMsg += '</PRE>' 7.166 + 7.167 + xmlMessages.append( addMsg ) 7.168 + 7.169 +def formatXmlGenError( msg ): 7.170 + global xmlMessages, xmlIncomplete 7.171 + 7.172 + xmlIncomplete = 1 7.173 + xmlMessages.append( cgi.escape( msg ) ) 7.174 + 7.175 +def parseXml( xmlInput ): 7.176 + global xmlMessages, xmlError, xmlLine, xmlColumn 7.177 + 7.178 + xmlParser = xml.sax.make_parser( ) 7.179 + try: 7.180 + domDoc = xml.dom.minidom.parseString( xmlInput, xmlParser ) 7.181 + 7.182 + except xml.sax.SAXParseException, xmlErr: 7.183 + msg = '' 7.184 + msg = msg + 'XML parsing error occurred at line ' 7.185 + msg = msg + `xmlErr.getLineNumber( )` 7.186 + msg = msg + ', column ' 7.187 + msg = msg + `xmlErr.getColumnNumber( )` 7.188 + msg = msg + ': reason = "' 7.189 + msg = msg + xmlErr.getMessage( ) 7.190 + msg = msg + '"' 7.191 + formatXmlError( msg, xmlInput, xmlErr.getLineNumber( ), xmlErr.getColumnNumber( ) ) 7.192 + return None 7.193 + 7.194 + except xml.sax.SAXException, xmlErr: 7.195 + msg = '' 7.196 + msg = msg + 'XML Parsing error: ' + `xmlErr` 7.197 + formatXmlError( msg, xmlInput, xmlErr.getLineNumber( ), xmlErr.getColumnNumber( ) ) 7.198 + return None 7.199 + 7.200 + return domDoc 7.201 + 7.202 +def parsePolicyXml( ): 7.203 + global policyXml 7.204 + global formPolicyName, formPolicyDate, formPolicyOrder 7.205 + global formSteTypes, formChWallTypes 7.206 + global allCSMTypes 7.207 + 7.208 + domDoc = parseXml( policyXml ) 7.209 + if domDoc == None: 7.210 + return 7.211 + 7.212 + domRoot = domDoc.documentElement 7.213 + domHeaders = domRoot.getElementsByTagName( 'PolicyHeader' ) 7.214 + if len( domHeaders ) == 0: 7.215 + msg = '' 7.216 + msg = msg + '"<PolicyHeader>" tag is missing.\n' 7.217 + msg = msg + 'Please validate the Policy file used.' 7.218 + formatXmlError( msg ) 7.219 + return 7.220 + 7.221 + pName = getName( domHeaders[0] ) 7.222 + if pName == None: 7.223 + msg = '' 7.224 + msg = msg + 'Error processing the Policy header information.\n' 7.225 + msg = msg + 'Please validate the Policy file used.' 7.226 + formatXmlError( msg ) 7.227 + return 7.228 + 7.229 + formPolicyName[1] = pName 7.230 + 7.231 + pDate = getDate( domHeaders[0] ) 7.232 + if pDate == None: 7.233 + msg = '' 7.234 + msg = msg + 'Error processing the Policy header information.\n' 7.235 + msg = msg + 'Please validate the Policy file used.' 7.236 + formatXmlError( msg ) 7.237 + return 7.238 + 7.239 + formPolicyDate[1] = pDate 7.240 + 7.241 + pOrder = '' 7.242 + domStes = domRoot.getElementsByTagName( 'SimpleTypeEnforcement' ) 7.243 + if len( domStes ) > 0: 7.244 + if domStes[0].hasAttribute( 'priority' ): 7.245 + if domStes[0].getAttribute( 'priority' ) != 'PrimaryPolicyComponent': 7.246 + msg = '' 7.247 + msg = msg + 'Error processing the "<SimpleTypeEnforcement>" tag.\n' 7.248 + msg = msg + 'The "priority" attribute value is not valid.\n' 7.249 + msg = msg + 'Please validate the Policy file used.' 7.250 + formatXmlError( msg ) 7.251 + return 7.252 + 7.253 + pOrder = 'v_Ste' 7.254 + 7.255 + steTypes = getSteTypes( domStes[0], 1 ) 7.256 + if steTypes == None: 7.257 + msg = '' 7.258 + msg = msg + 'Error processing the SimpleTypeEnforcement types.\n' 7.259 + msg = msg + 'Please validate the Policy file used.' 7.260 + formatXmlError( msg ) 7.261 + return 7.262 + 7.263 + formSteTypes[1] = steTypes 7.264 + 7.265 + domChWalls = domRoot.getElementsByTagName( 'ChineseWall' ) 7.266 + if len( domChWalls ) > 0: 7.267 + if domChWalls[0].hasAttribute( 'priority' ): 7.268 + if domChWalls[0].getAttribute( 'priority' ) != 'PrimaryPolicyComponent': 7.269 + msg = '' 7.270 + msg = msg + 'Error processing the "<ChineseWall>" tag.\n' 7.271 + msg = msg + 'The "priority" attribute value is not valid.\n' 7.272 + msg = msg + 'Please validate the Policy file used.' 7.273 + formatXmlError( msg ) 7.274 + return 7.275 + 7.276 + if pOrder != '': 7.277 + msg = '' 7.278 + msg = msg + 'Error processing the "<ChineseWall>" tag.\n' 7.279 + msg = msg + 'The "priority" attribute has been previously specified.\n' 7.280 + msg = msg + 'Please validate the Policy file used.' 7.281 + formatXmlError( msg ) 7.282 + return 7.283 + 7.284 + pOrder = 'v_ChWall' 7.285 + 7.286 + chwTypes = getChWTypes( domChWalls[0], 1 ) 7.287 + if chwTypes == None: 7.288 + msg = '' 7.289 + msg = msg + 'Error processing the ChineseWall types.\n' 7.290 + msg = msg + 'Please validate the Policy file used.' 7.291 + formatXmlError( msg ) 7.292 + return 7.293 + 7.294 + formChWallTypes[1] = chwTypes 7.295 + 7.296 + csNodes = domChWalls[0].getElementsByTagName( 'ConflictSets' ) 7.297 + if len( csNodes ) == 0: 7.298 + msg = '' 7.299 + msg = msg + 'Required "<ConflictSets>" tag missing.\n' 7.300 + msg = msg + 'Please validate the Policy file used.' 7.301 + formatXmlError( msg ) 7.302 + return 7.303 + 7.304 + cNodes = csNodes[0].getElementsByTagName( 'Conflict' ) 7.305 + if len( cNodes ) == 0: 7.306 + msg = '' 7.307 + msg = msg + 'Required "<Conflict>" tag missing.\n' 7.308 + msg = msg + 'Please validate the Policy file used.' 7.309 + formatXmlError( msg ) 7.310 + return 7.311 + 7.312 + for cNode in cNodes: 7.313 + csName = cNode.getAttribute( 'name' ) 7.314 + newCS( csName, 1 ) 7.315 + 7.316 + csMemberList = getTypes( cNode ) 7.317 + if csMemberList == None: 7.318 + msg = '' 7.319 + msg = msg + 'Error processing the Conflict Set members.\n' 7.320 + msg = msg + 'Please validate the Policy file used.' 7.321 + formatXmlError( msg ) 7.322 + return 7.323 + 7.324 + # Verify the conflict set members are valid types 7.325 + ctSet = Set( formChWallTypes[1] ) 7.326 + csSet = Set( csMemberList ) 7.327 + if not csSet.issubset( ctSet ): 7.328 + msg = '' 7.329 + msg = msg + 'Error processing Conflict Set "' + csName + '".\n' 7.330 + msg = msg + 'Members of the conflict set are not valid ' 7.331 + msg = msg + 'Chinese Wall types.\n' 7.332 + msg = msg + 'Please validate the Policy file used.' 7.333 + formatXmlError( msg ) 7.334 + 7.335 + allCSMTypes[csName][1] = csMemberList 7.336 + 7.337 + if pOrder != '': 7.338 + formPolicyOrder[1] = pOrder 7.339 + else: 7.340 + if (len( domStes ) > 0) or (len( domChWalls ) > 0): 7.341 + msg = '' 7.342 + msg = msg + 'The "priority" attribute has not been specified.\n' 7.343 + msg = msg + 'It must be specified on one of the access control types.\n' 7.344 + msg = msg + 'Please validate the Policy file used.' 7.345 + formatXmlError( msg ) 7.346 + return 7.347 + 7.348 +def modFormTemplate( formTemplate, suffix ): 7.349 + formVar = [x for x in formTemplate] 7.350 + 7.351 + if formVar[2] != '': 7.352 + formVar[2] = formVar[2] + suffix 7.353 + if formVar[3] != '': 7.354 + formVar[3] = formVar[3] + suffix 7.355 + if (formVar[0] != 'button') and (formVar[4] != ''): 7.356 + formVar[4] = formVar[4] + suffix 7.357 + 7.358 + return formVar; 7.359 + 7.360 +def removeDups( curList ): 7.361 + newList = [] 7.362 + curSet = Set( curList ) 7.363 + for x in curSet: 7.364 + newList.append( x ) 7.365 + newList.sort( ) 7.366 + 7.367 + return newList 7.368 + 7.369 +def newCS( csName, addToList = 0 ): 7.370 + global formCSNames 7.371 + global templateCSDel, allCSDel 7.372 + global templateCSMTypes, templateCSMDel, templateCSMType, templateCSMAdd 7.373 + global allCSMTypes, allCSMDel, allCSMType, allCSMAdd 7.374 + 7.375 + csSuffix = '_' + csName 7.376 + 7.377 + # Make sure we have an actual name and check one of the 'all' 7.378 + # variables to be sure it hasn't been previously defined 7.379 + if (len( csName ) > 0) and (not allCSMTypes.has_key( csName )): 7.380 + allCSDel[csName] = modFormTemplate( templateCSDel, csSuffix ) 7.381 + allCSMTypes[csName] = modFormTemplate( templateCSMTypes, csSuffix ) 7.382 + allCSMDel[csName] = modFormTemplate( templateCSMDel, csSuffix ) 7.383 + allCSMType[csName] = modFormTemplate( templateCSMType, csSuffix ) 7.384 + allCSMAdd[csName] = modFormTemplate( templateCSMAdd, csSuffix ) 7.385 + if addToList == 1: 7.386 + formCSNames[1].append( csName ) 7.387 + formCSNames[1] = removeDups( formCSNames[1] ) 7.388 + 7.389 +def updateInfo( ): 7.390 + global formData, formPolicyName, formPolicyDate, formPolicyOrder 7.391 + 7.392 + if formData.has_key( formPolicyName[3] ): 7.393 + formPolicyName[1] = formData[formPolicyName[3]].value 7.394 + elif formData.has_key( formPolicyUpdate[3] ): 7.395 + formPolicyName[1] = '' 7.396 + 7.397 + if formData.has_key( formPolicyDate[3] ): 7.398 + formPolicyDate[1] = formData[formPolicyDate[3]].value 7.399 + elif formData.has_key( formPolicyUpdate[3] ): 7.400 + formPolicyDate[1] = '' 7.401 + 7.402 + if formData.has_key( formPolicyOrder[3] ): 7.403 + formPolicyOrder[1] = formData[formPolicyOrder[3]].value 7.404 + 7.405 +def addSteType( ): 7.406 + global formData, formSteType, formSteTypes 7.407 + 7.408 + if (formData.has_key( formDefaultButton[3] )) or (formData.has_key( formSteAdd[3] )): 7.409 + if formData.has_key( formSteType[3] ): 7.410 + type = formData[formSteType[3]].value 7.411 + type = type.strip( ) 7.412 + if len( type ) > 0: 7.413 + formSteTypes[1].append( type ) 7.414 + formSteTypes[1] = removeDups( formSteTypes[1] ) 7.415 + 7.416 + 7.417 +def delSteType( ): 7.418 + global formData, formSteTypes 7.419 + 7.420 + if formData.has_key( formSteTypes[3] ): 7.421 + typeList = formData.getlist( formSteTypes[3] ) 7.422 + for type in typeList: 7.423 + type = type.strip( ) 7.424 + formSteTypes[1].remove( type ) 7.425 + 7.426 +def addChWallType( ): 7.427 + global formData, formChWallType, formChWallTypes 7.428 + 7.429 + if (formData.has_key( formDefaultButton[3] )) or (formData.has_key( formChWallAdd[3] )): 7.430 + if formData.has_key( formChWallType[3] ): 7.431 + type = formData[formChWallType[3]].value 7.432 + type = type.strip( ) 7.433 + if len( type ) > 0: 7.434 + formChWallTypes[1].append( type ) 7.435 + formChWallTypes[1] = removeDups( formChWallTypes[1] ) 7.436 + 7.437 +def delChWallType( ): 7.438 + global formData, formChWallTypes 7.439 + 7.440 + if formData.has_key( formChWallTypes[3] ): 7.441 + typeList = formData.getlist( formChWallTypes[3] ) 7.442 + for type in typeList: 7.443 + type = type.strip( ) 7.444 + formChWallTypes[1].remove( type ) 7.445 + 7.446 +def addCS( ): 7.447 + global formData, formCSNames 7.448 + 7.449 + if (formData.has_key( formDefaultButton[3] )) or (formData.has_key( formCSAdd[3] )): 7.450 + if formData.has_key( formCSName[3] ): 7.451 + csName = formData[formCSName[3]].value 7.452 + csName = csName.strip( ) 7.453 + newCS( csName, 1 ) 7.454 + 7.455 +def delCS( csName ): 7.456 + global formData, formCSNames, allCSDel 7.457 + global allCSMTypes, allCSMDel, allCSMType, allCSMAdd 7.458 + 7.459 + csName = csName.strip( ) 7.460 + formCSNames[1].remove( csName ) 7.461 + del allCSDel[csName] 7.462 + del allCSMTypes[csName] 7.463 + del allCSMDel[csName] 7.464 + del allCSMType[csName] 7.465 + del allCSMAdd[csName] 7.466 + 7.467 +def addCSMember( csName ): 7.468 + global formData, allCSMType, allCSMTypes 7.469 + 7.470 + formVar = allCSMType[csName] 7.471 + if formData.has_key( formVar[3] ): 7.472 + csmList = formData.getlist( formVar[3] ) 7.473 + formVar = allCSMTypes[csName] 7.474 + for csm in csmList: 7.475 + csm = csm.strip( ) 7.476 + formVar[1].append( csm ) 7.477 + formVar[1] = removeDups( formVar[1] ) 7.478 + 7.479 +def delCSMember( csName ): 7.480 + global formData, allCSMTypes 7.481 + 7.482 + formVar = allCSMTypes[csName] 7.483 + if formData.has_key( formVar[3] ): 7.484 + csmList = formData.getlist( formVar[3] ) 7.485 + for csm in csmList: 7.486 + csm = csm.strip( ) 7.487 + formVar[1].remove( csm ) 7.488 + 7.489 +def processRequest( ): 7.490 + global policyXml 7.491 + global formData, formPolicyUpdate 7.492 + global formSteAdd, formSteDel 7.493 + global formChWallAdd, formChWallDel 7.494 + global formCSAdd, allCSDel 7.495 + global formCSNames, allCSMAdd, allCSMDel 7.496 + 7.497 + if policyXml != '': 7.498 + parsePolicyXml( ) 7.499 + 7.500 + # Allow the updating of the header information whenever 7.501 + # an action is performed 7.502 + updateInfo( ) 7.503 + 7.504 + # Allow the adding of types/sets if the user has hit the 7.505 + # enter key when attempting to add a type/set 7.506 + addSteType( ) 7.507 + addChWallType( ) 7.508 + addCS( ) 7.509 + 7.510 + if formData.has_key( formSteDel[3] ): 7.511 + delSteType( ) 7.512 + 7.513 + elif formData.has_key( formChWallDel[3] ): 7.514 + delChWallType( ) 7.515 + 7.516 + else: 7.517 + for csName in formCSNames[1]: 7.518 + if formData.has_key( allCSDel[csName][3] ): 7.519 + delCS( csName ) 7.520 + continue 7.521 + 7.522 + if formData.has_key( allCSMAdd[csName][3] ): 7.523 + addCSMember( csName ) 7.524 + 7.525 + elif formData.has_key( allCSMDel[csName][3] ): 7.526 + delCSMember( csName ) 7.527 + 7.528 +def makeName( name, suffix='' ): 7.529 + rName = name 7.530 + if suffix != '': 7.531 + rName = rName + '_' + suffix 7.532 + 7.533 + return rName 7.534 + 7.535 +def makeNameAttr( name, suffix='' ): 7.536 + return 'name="' + makeName( name, suffix ) + '"' 7.537 + 7.538 +def makeValue( value, suffix='' ): 7.539 + rValue = value 7.540 + 7.541 + if isinstance( value, list ): 7.542 + rValue = '[' 7.543 + for val in value: 7.544 + rValue = rValue + '\'' + val 7.545 + if suffix != '': 7.546 + rValue = rValue + '_' + suffix 7.547 + rValue = rValue + '\',' 7.548 + rValue = rValue + ']' 7.549 + 7.550 + else: 7.551 + if suffix != '': 7.552 + rValue = rValue + '_' + suffix 7.553 + 7.554 + return rValue 7.555 + 7.556 +def makeValueAttr( value, suffix='' ): 7.557 + return 'value="' + makeValue( value, suffix ) + '"' 7.558 + 7.559 +def sendHtmlFormVar( formVar, attrs='' ): 7.560 + nameAttr = '' 7.561 + valueAttr = '' 7.562 + htmlText = '' 7.563 + 7.564 + if formVar[0] == 'text': 7.565 + if formVar[3] != '': 7.566 + nameAttr = makeNameAttr( formVar[3] ) 7.567 + valueAttr = makeValueAttr( formVar[1] ) 7.568 + 7.569 + print '<INPUT type="text"', nameAttr, valueAttr, attrs, '>' 7.570 + 7.571 + elif formVar[0] == 'list': 7.572 + if formVar[3] != '': 7.573 + nameAttr = makeNameAttr( formVar[3] ) 7.574 + 7.575 + print '<SELECT', nameAttr, attrs, '>' 7.576 + for option in formVar[1]: 7.577 + print '<OPTION>' + option + '</OPTION>' 7.578 + print '</SELECT>' 7.579 + 7.580 + elif formVar[0] == 'button': 7.581 + if formVar[3] != '': 7.582 + nameAttr = makeNameAttr( formVar[3] ) 7.583 + if formVar[4] != '': 7.584 + valueAttr = makeValueAttr( formVar[4] ) 7.585 + 7.586 + print '<INPUT type="submit"', nameAttr, valueAttr, attrs, '>' 7.587 + 7.588 + elif formVar[0] == 'radiobutton': 7.589 + if formVar[3] != '': 7.590 + nameAttr = makeNameAttr( formVar[3] ) 7.591 + valueAttr = makeValueAttr( formVar[4][rb_select] ) 7.592 + htmlText = formVar[5][rb_select] 7.593 + if formVar[4][rb_select] == formVar[1]: 7.594 + checked = 'checked' 7.595 + else: 7.596 + checked = '' 7.597 + 7.598 + print '<INPUT type="radio"', nameAttr, valueAttr, attrs, checked, '>', htmlText 7.599 + 7.600 + elif formVar[0] == 'radiobutton-all': 7.601 + if formVar[3] != '': 7.602 + nameAttr = makeNameAttr( formVar[3] ) 7.603 + buttonVals = formVar[4] 7.604 + buttonTexts = formVar[5] 7.605 + for i, buttonVal in enumerate( buttonVals ): 7.606 + htmlText = '' 7.607 + addAttrs = '' 7.608 + checked = '' 7.609 + 7.610 + valueAttr = makeValueAttr( buttonVal ) 7.611 + if formVar[5] != '': 7.612 + htmlText = formVar[5][i] 7.613 + if attrs != '': 7.614 + addAttrs = attrs[i] 7.615 + if buttonVal == formVar[1]: 7.616 + checked = 'checked' 7.617 + 7.618 + print '<INPUT type="radio"', nameAttr, valueAttr, addAttrs, checked, '>', htmlText, '<BR>' 7.619 + 7.620 + if formVar[2] != '': 7.621 + nameAttr = makeNameAttr( formVar[2] ) 7.622 + valueAttr = makeValueAttr( formVar[1] ) 7.623 + print '<INPUT type="hidden"', nameAttr, valueAttr, '>' 7.624 + 7.625 +def sendHtmlHeaders( ): 7.626 + # HTML headers 7.627 + print 'Content-Type: text/html' 7.628 + print 7.629 + 7.630 +def sendPolicyHtml( ): 7.631 + global xmlError, xmlIncomplete, xmlMessages, formXmlGen 7.632 + 7.633 + print '<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"' 7.634 + print ' "http://www.w3.org/TR/html4/loose.dtd">' 7.635 + 7.636 + print '<HTML>' 7.637 + 7.638 + sendHtmlHead( ) 7.639 + 7.640 + print '<BODY>' 7.641 + 7.642 + # An input XML file was specified that had errors, output the 7.643 + # error information 7.644 + if xmlError == 1: 7.645 + print '<P>' 7.646 + print 'An error has been encountered while processing the input ' 7.647 + print 'XML file:' 7.648 + print '<UL>' 7.649 + for msg in xmlMessages: 7.650 + print '<LI>' 7.651 + print msg 7.652 + print '</UL>' 7.653 + print '</BODY>' 7.654 + print '</HTML>' 7.655 + return 7.656 + 7.657 + # When attempting to generate the XML output, all required data was not 7.658 + # present, output the error information 7.659 + if xmlIncomplete == 1: 7.660 + print '<P>' 7.661 + print 'An error has been encountered while validating the data' 7.662 + print 'required for the output XML file:' 7.663 + print '<UL>' 7.664 + for msg in xmlMessages: 7.665 + print '<LI>' 7.666 + print msg 7.667 + print '</UL>' 7.668 + print '</BODY>' 7.669 + print '</HTML>' 7.670 + return 7.671 + 7.672 + print '<CENTER>' 7.673 + print '<FORM action="' + os.environ['SCRIPT_NAME'] + '" method="post">' 7.674 + print '<TABLE class="container">' 7.675 + print ' <COLGROUP>' 7.676 + print ' <COL width="100%">' 7.677 + print ' </COLGROUP>' 7.678 + 7.679 + print ' <TR>' 7.680 + print ' <TD>' 7.681 + print ' <TABLE>' 7.682 + print ' <TR>' 7.683 + print ' <TD>' 7.684 + sendHtmlFormVar( formDefaultButton, 'class="hidden"' ) 7.685 + print ' </TD>' 7.686 + print ' </TR>' 7.687 + print ' <TR>' 7.688 + print ' <TD>' 7.689 + sendHtmlFormVar( formXmlGen ) 7.690 + print ' </TD>' 7.691 + print ' </TR>' 7.692 + print ' </TABLE>' 7.693 + print ' </TD>' 7.694 + print ' </TR>' 7.695 + 7.696 + # Policy header 7.697 + print ' <TR>' 7.698 + print ' <TD>' 7.699 + sendPHeaderHtml( ) 7.700 + print ' </TD>' 7.701 + print ' </TR>' 7.702 + 7.703 + # Separator 7.704 + print ' <TR><TD><HR></TD></TR>' 7.705 + 7.706 + # Policy (types) 7.707 + print ' <TR>' 7.708 + print ' <TD>' 7.709 + print ' <TABLE class="full">' 7.710 + print ' <TR>' 7.711 + print ' <TD width="49%">' 7.712 + sendPSteHtml( ) 7.713 + print ' </TD>' 7.714 + print ' <TD width="2%"> </TD>' 7.715 + print ' <TD width="49%">' 7.716 + sendPChWallHtml( ) 7.717 + print ' </TD>' 7.718 + print ' </TR>' 7.719 + print ' </TABLE>' 7.720 + print ' </TD>' 7.721 + print ' </TR>' 7.722 + 7.723 + print '</TABLE>' 7.724 + print '</FORM>' 7.725 + print '</CENTER>' 7.726 + 7.727 + print '</BODY>' 7.728 + 7.729 + print '</HTML>' 7.730 + 7.731 +def sendHtmlHead( ): 7.732 + global headTitle 7.733 + 7.734 + print '<HEAD>' 7.735 + print '<STYLE type="text/css">' 7.736 + print '<!--' 7.737 + print 'BODY {background-color: #EEEEFF;}' 7.738 + print 'TABLE.container {width: 90%; border: 1px solid black; border-collapse: seperate;}' 7.739 + print 'TABLE.fullbox {width: 100%; border: 1px solid black; border-collapse: collapse;}' 7.740 + print 'TABLE.full {width: 100%; border: 0px solid black; border-collapse: collapse;}' 7.741 + print 'THEAD {font-weight: bold; font-size: larger;}' 7.742 + print 'TD {border: 0px solid black; vertical-align: top;}' 7.743 + print 'TD.heading {border: 0px solid black; vertical-align: top; font-weight: bold; font-size: larger;}' 7.744 + print 'TD.subheading {border: 0px solid black; vertical-align: top; font-size: smaller;}' 7.745 + print 'TD.fullbox {border: 1px solid black; vertical-align: top;}' 7.746 + print 'SELECT.full {width: 100%;}' 7.747 + print 'INPUT.full {width: 100%;}' 7.748 + print 'INPUT.link {cursor: pointer; background-color: #EEEEFF; border: 0px; text-decoration: underline; color: blue;}' 7.749 + print 'INPUT.hidden {visibility: hidden; width: 1px; height: 1px;}' 7.750 + print ':link {color: blue;}' 7.751 + print ':visited {color: red;}' 7.752 + print '-->' 7.753 + print '</STYLE>' 7.754 + print '<TITLE>', headTitle, '</TITLE>' 7.755 + print '</HEAD>' 7.756 + 7.757 +def sendPHeaderHtml( ): 7.758 + global formPolicyName, formPolicyDate, formPolicyOrder, formPolicyUpdate 7.759 + 7.760 + # Policy header definition 7.761 + print '<TABLE class="full">' 7.762 + print ' <COLGROUP>' 7.763 + print ' <COL width="20%">' 7.764 + print ' <COL width="80%">' 7.765 + print ' </COLGROUP>' 7.766 + print ' <TR>' 7.767 + print ' <TD align="center" colspan="2" class="heading">Policy Information</TD>' 7.768 + print ' </TR>' 7.769 + print ' <TR>' 7.770 + print ' <TD align="right">Name:</TD>' 7.771 + print ' <TD align="left">' 7.772 + sendHtmlFormVar( formPolicyName, 'class="full"' ) 7.773 + print ' </TD>' 7.774 + print ' </TR>' 7.775 + print ' <TR>' 7.776 + print ' <TD align="right">Date:</TD>' 7.777 + print ' <TD align="left">' 7.778 + sendHtmlFormVar( formPolicyDate, 'class="full"' ) 7.779 + print ' </TD>' 7.780 + print ' </TR>' 7.781 + print ' <TR>' 7.782 + print ' <TD align="right">Primary Policy:</TD>' 7.783 + print ' <TD align="left">' 7.784 + sendHtmlFormVar( formPolicyOrder ) 7.785 + print ' </TD>' 7.786 + print ' </TR>' 7.787 + print ' <TR>' 7.788 + print ' <TD align="center" colspan="2">' 7.789 + sendHtmlFormVar( formPolicyUpdate ) 7.790 + print ' </TD>' 7.791 + print ' </TR>' 7.792 + print ' <TR>' 7.793 + print ' <TD align="center" colspan="2" class="subheading">' 7.794 + print ' (The Policy Information is updated whenever an action is performed' 7.795 + print ' or it can be updated separately using the "Update" button)' 7.796 + print ' </TD>' 7.797 + print ' </TR>' 7.798 + print '</TABLE>' 7.799 + 7.800 +def sendPSteHtml( ): 7.801 + global formSteTypes, formSteDel, formSteType, formSteAdd 7.802 + 7.803 + # Simple Type Enforcement... 7.804 + print '<TABLE class="full">' 7.805 + print ' <COLGROUP>' 7.806 + print ' <COL width="20%">' 7.807 + print ' <COL width="80%">' 7.808 + print ' </COLGROUP>' 7.809 + print ' <TR>' 7.810 + print ' <TD align="center" colspan="2" class="heading">Simple Type Enforcement Types</TD>' 7.811 + print ' </TR>' 7.812 + print ' <TR>' 7.813 + print ' <TD colspan="2">' 7.814 + sendHtmlFormVar( formSteTypes, 'class="full" size="4" multiple' ) 7.815 + print ' </TD>' 7.816 + print ' </TR>' 7.817 + print ' <TR>' 7.818 + print ' <TD>' 7.819 + sendHtmlFormVar( formSteDel, 'class="full"' ) 7.820 + print ' </TD>' 7.821 + print ' <TD>' 7.822 + print ' Delete the type(s) selected above' 7.823 + print ' </TD>' 7.824 + print ' </TR>' 7.825 + print ' <TR>' 7.826 + print ' <TD colspan="2">' 7.827 + sendHtmlFormVar( formSteType, 'class="full"' ) 7.828 + print ' </TD>' 7.829 + print ' </TR>' 7.830 + print ' <TR>' 7.831 + print ' <TD>' 7.832 + sendHtmlFormVar( formSteAdd, 'class="full"' ) 7.833 + print ' </TD>' 7.834 + print ' <TD>' 7.835 + print ' Create a new type with the above name' 7.836 + print ' </TD>' 7.837 + print ' </TR>' 7.838 + print '</TABLE>' 7.839 + 7.840 +def sendPChWallHtml( ): 7.841 + global formChWallTypes, formChWallDel, formChWallType, formChWallAdd 7.842 + global formCSNames, formCSName, formCSAdd, allCSDel 7.843 + global allCSMTypes, allCSMDel, allCSMType, allCSMAdd 7.844 + 7.845 + # Chinese Wall... 7.846 + print '<TABLE class="full">' 7.847 + print ' <COLGROUP>' 7.848 + print ' <COL width="20%">' 7.849 + print ' <COL width="80%">' 7.850 + print ' </COLGROUP>' 7.851 + print ' <TR>' 7.852 + print ' <TD align="center" colspan="2" class="heading">Chinese Wall Types</TD>' 7.853 + print ' </TR>' 7.854 + print ' <TR>' 7.855 + print ' <TD colspan="2">' 7.856 + sendHtmlFormVar( formChWallTypes, 'class="full" size="4" multiple' ) 7.857 + print ' </TD>' 7.858 + print ' </TR>' 7.859 + print ' <TR>' 7.860 + print ' <TD>' 7.861 + sendHtmlFormVar( formChWallDel, 'class="full"' ) 7.862 + print ' </TD>' 7.863 + print ' <TD>' 7.864 + print ' Delete the type(s) selected above' 7.865 + print ' </TD>' 7.866 + print ' </TR>' 7.867 + print ' <TR>' 7.868 + print ' <TD colspan="2">' 7.869 + sendHtmlFormVar( formChWallType, 'class="full"' ) 7.870 + print ' </TD>' 7.871 + print ' </TR>' 7.872 + print ' <TR>' 7.873 + print ' <TD>' 7.874 + sendHtmlFormVar( formChWallAdd, 'class="full"' ) 7.875 + print ' </TD>' 7.876 + print ' <TD>' 7.877 + print ' Create a new type with the above name' 7.878 + print ' </TD>' 7.879 + print ' </TR>' 7.880 + 7.881 + # Chinese Wall Conflict Sets... 7.882 + print ' <TR>' 7.883 + print ' <TD colspan="2">' 7.884 + print ' <TABLE class="full">' 7.885 + print ' <COLGROUP>' 7.886 + print ' <COL width="20%">' 7.887 + print ' <COL width="30%">' 7.888 + print ' <COL width="50%">' 7.889 + print ' </COLGROUP>' 7.890 + print ' <THEAD>' 7.891 + print ' <TR>' 7.892 + print ' <TD align="center" colspan="3"><HR></TD>' 7.893 + print ' </TR>' 7.894 + print ' <TR>' 7.895 + print ' <TD align="center" colspan="3">Chinese Wall Conflict Sets</TD>' 7.896 + print ' </TR>' 7.897 + print ' </THEAD>' 7.898 + print ' <TR>' 7.899 + print ' <TD colspan="3">' 7.900 + sendHtmlFormVar( formCSName, 'class="full"' ) 7.901 + sendHtmlFormVar( formCSNames ) 7.902 + print ' </TD>' 7.903 + print ' </TR>' 7.904 + print ' <TR>' 7.905 + print ' <TD>' 7.906 + sendHtmlFormVar( formCSAdd, 'class="full"' ) 7.907 + print ' </TD>' 7.908 + print ' <TD colspan="2">' 7.909 + print ' Create a new conflict set with the above name' 7.910 + print ' </TD>' 7.911 + print ' </TR>' 7.912 + print ' </TABLE>' 7.913 + print ' </TD>' 7.914 + print ' </TR>' 7.915 + if len( formCSNames[1] ) > 0: 7.916 + print ' <TR>' 7.917 + print ' <TD colspan="2">' 7.918 + print ' ' 7.919 + print ' </TD>' 7.920 + print ' </TR>' 7.921 + print ' <TR>' 7.922 + print ' <TD colspan="2">' 7.923 + print ' <TABLE class="fullbox">' 7.924 + print ' <COLGROUP>' 7.925 + print ' <COL width="50%">' 7.926 + print ' <COL width="50%">' 7.927 + print ' </COLGROUP>' 7.928 + print ' <THEAD>' 7.929 + print ' <TR>' 7.930 + print ' <TD class="fullbox">Name</TD>' 7.931 + print ' <TD class="fullbox">Actions</TD>' 7.932 + print ' </TR>' 7.933 + print ' </THEAD>' 7.934 + for i, csName in enumerate( formCSNames[1] ): 7.935 + print ' <TR>' 7.936 + print ' <TD class="fullbox">' + csName + '</TD>' 7.937 + print ' <TD class="fullbox">' 7.938 + print ' <A href="#' + csName + '">Edit</A>' 7.939 + formVar = allCSDel[csName] 7.940 + sendHtmlFormVar( formVar, 'class="link"' ) 7.941 + print ' </TD>' 7.942 + print ' </TABLE>' 7.943 + print ' </TD>' 7.944 + print ' </TR>' 7.945 + for csName in formCSNames[1]: 7.946 + print ' <TR><TD colspan="2"><HR></TD></TR>' 7.947 + print ' <TR>' 7.948 + print ' <TD align="center" colspan="2" class="heading"><A name="' + csName + '">Conflict Set: ' + csName + '</A></TD>' 7.949 + print ' </TR>' 7.950 + print ' <TR>' 7.951 + print ' <TD colspan="2">' 7.952 + formVar = allCSMTypes[csName]; 7.953 + sendHtmlFormVar( formVar, 'class="full" size="4" multiple"' ) 7.954 + print ' </TD>' 7.955 + print ' </TR>' 7.956 + print ' <TR>' 7.957 + print ' <TD>' 7.958 + formVar = allCSMDel[csName] 7.959 + sendHtmlFormVar( formVar, 'class="full"' ) 7.960 + print ' </TD>' 7.961 + print ' <TD>' 7.962 + print ' Delete the type(s) selected above' 7.963 + print ' </TD>' 7.964 + print ' </TR>' 7.965 + print ' <TR>' 7.966 + print ' <TD colspan="2">' 7.967 + ctSet = Set( formChWallTypes[1] ) 7.968 + csSet = Set( allCSMTypes[csName][1] ) 7.969 + formVar = allCSMType[csName] 7.970 + formVar[1] = [] 7.971 + for chwallType in ctSet.difference( csSet ): 7.972 + formVar[1].append( chwallType ) 7.973 + formVar[1].sort( ) 7.974 + sendHtmlFormVar( formVar, 'class="full" size="2" multiple' ) 7.975 + print ' </TD>' 7.976 + print ' </TR>' 7.977 + print ' <TR>' 7.978 + print ' <TD>' 7.979 + formVar = allCSMAdd[csName] 7.980 + sendHtmlFormVar( formVar, 'class="full"' ) 7.981 + print ' </TD>' 7.982 + print ' <TD>' 7.983 + print ' Add the type(s) selected above' 7.984 + print ' </TD>' 7.985 + print ' </TR>' 7.986 + 7.987 + print '</TABLE>' 7.988 + 7.989 +def checkXmlData( ): 7.990 + global xmlIncomplete 7.991 + 7.992 + # Validate the Policy Header requirements 7.993 + if ( len( formPolicyName[1] ) > 0 ) or ( len( formPolicyDate[1] ) > 0 ): 7.994 + if ( len( formPolicyName[1] ) == 0 ) or ( len( formPolicyDate[1] ) == 0 ): 7.995 + msg = '' 7.996 + msg = msg + 'The XML policy schema requires that the Policy ' 7.997 + msg = msg + 'Information Name and Date fields both have values ' 7.998 + msg = msg + 'or both not have values.' 7.999 + formatXmlGenError( msg ) 7.1000 + 7.1001 + if formPolicyOrder[1] == 'v_ChWall': 7.1002 + if len( formChWallTypes[1] ) == 0: 7.1003 + msg = '' 7.1004 + msg = msg + 'You have specified the primary policy to be ' 7.1005 + msg = msg + 'Chinese Wall but have not created any Chinese ' 7.1006 + msg = msg + 'Wall types. Please create some Chinese Wall ' 7.1007 + msg = msg + 'types or change the primary policy.' 7.1008 + formatXmlGenError( msg ) 7.1009 + 7.1010 + if formPolicyOrder[1] == 'v_Ste': 7.1011 + if len( formSteTypes[1] ) == 0: 7.1012 + msg = '' 7.1013 + msg = msg + 'You have specified the primary policy to be ' 7.1014 + msg = msg + 'Simple Type Enforcement but have not created ' 7.1015 + msg = msg + 'any Simple Type Enforcement types. Please create ' 7.1016 + msg = msg + 'some Simple Type Enforcement types or change the ' 7.1017 + msg = msg + 'primary policy.' 7.1018 + formatXmlGenError( msg ) 7.1019 + 7.1020 + # Validate the Chinese Wall required data 7.1021 + if len( formChWallTypes[1] ) > 0: 7.1022 + if len( formCSNames[1] ) == 0: 7.1023 + msg = '' 7.1024 + msg = msg + 'The XML policy schema for the Chinese Wall ' 7.1025 + msg = msg + 'requires at least one Conflict Set be defined.' 7.1026 + formatXmlGenError( msg ) 7.1027 + 7.1028 +def sendXmlHeaders( ): 7.1029 + # HTML headers 7.1030 + print 'Content-Type: text/xml' 7.1031 + print 'Content-Disposition: attachment; filename=security_policy.xml' 7.1032 + print 7.1033 + 7.1034 +def sendPolicyXml( ): 7.1035 + print '<?xml version="1.0"?>' 7.1036 + 7.1037 + print '<SecurityPolicyDefinition xmlns="http://www.ibm.com"' 7.1038 + print ' xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"' 7.1039 + print ' xsi:schemaLocation="http://www.ibm.com security_policy.xsd">' 7.1040 + 7.1041 + # Policy header 7.1042 + sendPHeaderXml( ) 7.1043 + 7.1044 + # Policy (types) 7.1045 + sendPSteXml( ) 7.1046 + sendPChWallXml( ) 7.1047 + 7.1048 + print '</SecurityPolicyDefinition>' 7.1049 + 7.1050 +def sendPHeaderXml( ): 7.1051 + global formPolicyName, formPolicyDate 7.1052 + 7.1053 + # Policy header definition 7.1054 + if ( len( formPolicyName[1] ) > 0 ) or ( len( formPolicyDate[1] ) > 0 ): 7.1055 + print '<PolicyHeader>' 7.1056 + print ' <Name>' + formPolicyName[1] + '</Name>' 7.1057 + print ' <Date>' + formPolicyDate[1] + '</Date>' 7.1058 + print '</PolicyHeader>' 7.1059 + 7.1060 +def sendPSteXml( ): 7.1061 + global formPolicyOrder, formSteTypes 7.1062 + 7.1063 + # Simple Type Enforcement... 7.1064 + if len( formSteTypes[1] ) == 0: 7.1065 + return 7.1066 + 7.1067 + if formPolicyOrder[1] == 'v_Ste': 7.1068 + print '<SimpleTypeEnforcement priority="PrimaryPolicyComponent">' 7.1069 + else: 7.1070 + print '<SimpleTypeEnforcement>' 7.1071 + 7.1072 + print ' <SimpleTypeEnforcementTypes>' 7.1073 + for steType in formSteTypes[1]: 7.1074 + print ' <Type>' + steType + '</Type>' 7.1075 + print ' </SimpleTypeEnforcementTypes>' 7.1076 + 7.1077 + print '</SimpleTypeEnforcement>' 7.1078 + 7.1079 +def sendPChWallXml( ): 7.1080 + global formPolicyOrder, formChWallTypes 7.1081 + global formCSNames, allCSMTypes 7.1082 + 7.1083 + # Chinese Wall... 7.1084 + if len( formChWallTypes[1] ) == 0: 7.1085 + return 7.1086 + 7.1087 + if formPolicyOrder[1] == 'v_ChWall': 7.1088 + print '<ChineseWall priority="PrimaryPolicyComponent">' 7.1089 + else: 7.1090 + print '<ChineseWall>' 7.1091 + 7.1092 + print ' <ChineseWallTypes>' 7.1093 + for chWallType in formChWallTypes[1]: 7.1094 + print ' <Type>' + chWallType + '</Type>' 7.1095 + print ' </ChineseWallTypes>' 7.1096 + 7.1097 + # Chinese Wall Conflict Sets... 7.1098 + print ' <ConflictSets>' 7.1099 + for cs in formCSNames[1]: 7.1100 + formVar = allCSMTypes[cs] 7.1101 + if len( formVar[1] ) == 0: 7.1102 + continue 7.1103 + print ' <Conflict name="' + cs + '">' 7.1104 + for csm in formVar[1]: 7.1105 + print ' <Type>' + csm + '</Type>' 7.1106 + print ' </Conflict>' 7.1107 + print ' </ConflictSets>' 7.1108 + 7.1109 + print '</ChineseWall>' 7.1110 + 7.1111 + 7.1112 +# Set up initial HTML variables 7.1113 +headTitle = 'Xen Policy Generation' 7.1114 + 7.1115 +# Form variables 7.1116 +# The format of these variables is as follows: 7.1117 +# [ p0, p1, p2, p3, p4, p5 ] 7.1118 +# p0 = input type 7.1119 +# p1 = the current value of the variable 7.1120 +# p2 = the hidden input name attribute 7.1121 +# p3 = the name attribute 7.1122 +# p4 = the value attribute 7.1123 +# p5 = text to associate with the tag 7.1124 +formPolicyName = [ 'text', 7.1125 + '', 7.1126 + 'h_policyName', 7.1127 + 'i_policyName', 7.1128 + '', 7.1129 + '', 7.1130 + ] 7.1131 +formPolicyDate = [ 'text', 7.1132 + getCurrentTime( ), 7.1133 + 'h_policyDate', 7.1134 + 'i_policyDate', 7.1135 + '', 7.1136 + '', 7.1137 + ] 7.1138 +formPolicyOrder = [ 'radiobutton-all', 7.1139 + 'v_ChWall', 7.1140 + 'h_policyOrder', 7.1141 + 'i_policyOrder', 7.1142 + [ 'v_Ste', 'v_ChWall' ], 7.1143 + [ 'Simple Type Enforcement', 'Chinese Wall' ], 7.1144 + ] 7.1145 +formPolicyUpdate = [ 'button', 7.1146 + '', 7.1147 + '', 7.1148 + 'i_PolicyUpdate', 7.1149 + 'Update', 7.1150 + '', 7.1151 + ] 7.1152 + 7.1153 +formSteTypes = [ 'list', 7.1154 + [], 7.1155 + 'h_steTypes', 7.1156 + 'i_steTypes', 7.1157 + '', 7.1158 + '', 7.1159 + ] 7.1160 +formSteDel = [ 'button', 7.1161 + '', 7.1162 + '', 7.1163 + 'i_steDel', 7.1164 + 'Delete', 7.1165 + '', 7.1166 + ] 7.1167 +formSteType = [ 'text', 7.1168 + '', 7.1169 + '', 7.1170 + 'i_steType', 7.1171 + '', 7.1172 + '', 7.1173 + ] 7.1174 +formSteAdd = [ 'button', 7.1175 + '', 7.1176 + '', 7.1177 + 'i_steAdd', 7.1178 + 'New', 7.1179 + '', 7.1180 + ] 7.1181 + 7.1182 +formChWallTypes = [ 'list', 7.1183 + [], 7.1184 + 'h_chwallTypes', 7.1185 + 'i_chwallTypes', 7.1186 + '', 7.1187 + '', 7.1188 + ] 7.1189 +formChWallDel = [ 'button', 7.1190 + '', 7.1191 + '', 7.1192 + 'i_chwallDel', 7.1193 + 'Delete', 7.1194 + '', 7.1195 + ] 7.1196 +formChWallType = [ 'text', 7.1197 + '', 7.1198 + '', 7.1199 + 'i_chwallType', 7.1200 + '', 7.1201 + '', 7.1202 + ] 7.1203 +formChWallAdd = [ 'button', 7.1204 + '', 7.1205 + '', 7.1206 + 'i_chwallAdd', 7.1207 + 'New', 7.1208 + '', 7.1209 + ] 7.1210 + 7.1211 +formCSNames = [ '', 7.1212 + [], 7.1213 + 'h_csNames', 7.1214 + '', 7.1215 + '', 7.1216 + '', 7.1217 + ] 7.1218 +formCSName = [ 'text', 7.1219 + '', 7.1220 + '', 7.1221 + 'i_csName', 7.1222 + '', 7.1223 + '', 7.1224 + ] 7.1225 +formCSAdd = [ 'button', 7.1226 + '', 7.1227 + '', 7.1228 + 'i_csAdd', 7.1229 + 'New', 7.1230 + '', 7.1231 + ] 7.1232 + 7.1233 +formXmlGen = [ 'button', 7.1234 + '', 7.1235 + '', 7.1236 + 'i_xmlGen', 7.1237 + 'Generate XML', 7.1238 + '', 7.1239 + ] 7.1240 + 7.1241 +formDefaultButton = [ 'button', 7.1242 + '', 7.1243 + '', 7.1244 + 'i_defaultButton', 7.1245 + '.', 7.1246 + '', 7.1247 + ] 7.1248 + 7.1249 +# This is a set of templates used for each conflict set 7.1250 +# Each conflict set is initially assigned these templates, 7.1251 +# then each form attribute value is changed to append 7.1252 +# "_conflict-set-name" for uniqueness 7.1253 +templateCSDel = [ 'button', 7.1254 + '', 7.1255 + '', 7.1256 + 'i_csDel', 7.1257 + 'Delete', 7.1258 + '', 7.1259 + ] 7.1260 +allCSDel = {}; 7.1261 + 7.1262 +templateCSMTypes = [ 'list', 7.1263 + [], 7.1264 + 'h_csmTypes', 7.1265 + 'i_csmTypes', 7.1266 + '', 7.1267 + '', 7.1268 + ] 7.1269 +templateCSMDel = [ 'button', 7.1270 + '', 7.1271 + '', 7.1272 + 'i_csmDel', 7.1273 + 'Delete', 7.1274 + '', 7.1275 + ] 7.1276 +templateCSMType = [ 'list', 7.1277 + [], 7.1278 + '', 7.1279 + 'i_csmType', 7.1280 + '', 7.1281 + '', 7.1282 + ] 7.1283 +templateCSMAdd = [ 'button', 7.1284 + '', 7.1285 + '', 7.1286 + 'i_csmAdd', 7.1287 + 'Add', 7.1288 + '', 7.1289 + ] 7.1290 +allCSMTypes = {}; 7.1291 +allCSMDel = {}; 7.1292 +allCSMType = {}; 7.1293 +allCSMAdd = {}; 7.1294 + 7.1295 +# A list of all form variables used for saving info across requests 7.1296 +formVariables = [ formPolicyName, 7.1297 + formPolicyDate, 7.1298 + formPolicyOrder, 7.1299 + formSteTypes, 7.1300 + formChWallTypes, 7.1301 + formCSNames, 7.1302 + ] 7.1303 + 7.1304 +policyXml = '' 7.1305 +xmlError = 0 7.1306 +xmlIncomplete = 0 7.1307 +xmlMessages = [] 7.1308 + 7.1309 + 7.1310 +# Extract any form data 7.1311 +formData = cgi.FieldStorage( ) 7.1312 + 7.1313 +# Process the form 7.1314 +getSavedData( ) 7.1315 +processRequest( ) 7.1316 + 7.1317 +if formData.has_key( formXmlGen[3] ): 7.1318 + # Generate and send the XML file 7.1319 + checkXmlData( ) 7.1320 + 7.1321 + if xmlIncomplete == 0: 7.1322 + sendXmlHeaders( ) 7.1323 + sendPolicyXml( ) 7.1324 + 7.1325 +if (not formData.has_key( formXmlGen[3] )) or (xmlIncomplete == 1 ): 7.1326 + # Send HTML to continue processing the form 7.1327 + sendHtmlHeaders( ) 7.1328 + sendPolicyHtml( )
8.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 8.2 +++ b/tools/security/python/xensec_gen/cgi-bin/policylabel.cgi Tue Dec 13 18:08:26 2005 +0000 8.3 @@ -0,0 +1,1396 @@ 8.4 +#!/usr/bin/python 8.5 +# 8.6 +# The Initial Developer of the Original Code is International 8.7 +# Business Machines Corporation. Portions created by IBM 8.8 +# Corporation are Copyright (C) 2005 International Business 8.9 +# Machines Corporation. All Rights Reserved. 8.10 +# 8.11 +# This program is free software; you can redistribute it and/or modify 8.12 +# it under the terms of the GNU General Public License as published by 8.13 +# the Free Software Foundation; either version 2 of the License, 8.14 +# or (at your option) any later version. 8.15 +# 8.16 +# This program is distributed in the hope that it will be useful, 8.17 +# but WITHOUT ANY WARRANTY; without even the implied warranty of 8.18 +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 8.19 +# GNU General Public License for more details. 8.20 +# 8.21 +# You should have received a copy of the GNU General Public License 8.22 +# along with this program; if not, write to the Free Software 8.23 +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA 8.24 +# 8.25 + 8.26 +import os 8.27 +import cgi 8.28 +import cgitb; cgitb.enable( ) 8.29 +import time 8.30 +import xml.dom.minidom 8.31 +import xml.sax 8.32 +import xml.sax.handler 8.33 +from StringIO import StringIO 8.34 +from sets import Set 8.35 + 8.36 +def getSavedData( ): 8.37 + global formData, policyXml, policyLabelXml 8.38 + global formVariables, formVmNames 8.39 + global allVmChWs, allVmStes 8.40 + 8.41 + # Process the XML upload policy file 8.42 + if formData.has_key( 'i_policy' ): 8.43 + dataList = formData.getlist( 'i_policy' ) 8.44 + if len( dataList ) > 0: 8.45 + policyXml = dataList[0].strip( ) 8.46 + 8.47 + # The XML upload policy file must be specified at the start 8.48 + if formData.has_key( 'i_policyLabelCreate' ): 8.49 + if policyXml == '': 8.50 + msg = '' 8.51 + msg = msg + 'A Policy file was not supplied. A Policy file ' 8.52 + msg = msg + 'must be supplied in order to successfully create ' 8.53 + msg = msg + 'a Policy Labeling file.' 8.54 + formatXmlError( msg ) 8.55 + 8.56 + # Process the XML upload policy label file 8.57 + if formData.has_key( 'i_policyLabel' ): 8.58 + dataList = formData.getlist( 'i_policyLabel' ) 8.59 + if len( dataList ) > 0: 8.60 + policyLabelXml = dataList[0].strip( ) 8.61 + 8.62 + # Process all the hidden input variables (if present) 8.63 + for formVar in formVariables: 8.64 + if formVar[2] == '': 8.65 + continue 8.66 + 8.67 + if formData.has_key( formVar[2] ): 8.68 + dataList = formData.getlist( formVar[2] ) 8.69 + if len( dataList ) > 0: 8.70 + if isinstance( formVar[1], list ): 8.71 + exec 'formVar[1] = ' + dataList[0] 8.72 + else: 8.73 + formVar[1] = dataList[0] 8.74 + 8.75 + # The form can contain any number of "Virtual Machines" 8.76 + # so update the list of form variables to include 8.77 + # each virtual machine (hidden input variable) 8.78 + for vmName in formVmNames[1]: 8.79 + newVm( vmName ) 8.80 + 8.81 + vmFormVar = allVmChWs[vmName] 8.82 + if (vmFormVar[2] != '') and formData.has_key( vmFormVar[2] ): 8.83 + dataList = formData.getlist( vmFormVar[2] ) 8.84 + if len( dataList ) > 0: 8.85 + if isinstance( vmFormVar[1], list ): 8.86 + exec 'vmFormVar[1] = ' + dataList[0] 8.87 + else: 8.88 + vmFormVar[1] = dataList[0] 8.89 + 8.90 + vmFormVar = allVmStes[vmName] 8.91 + if (vmFormVar[2] != '') and formData.has_key( vmFormVar[2] ): 8.92 + dataList = formData.getlist( vmFormVar[2] ) 8.93 + if len( dataList ) > 0: 8.94 + if isinstance( vmFormVar[1], list ): 8.95 + exec 'vmFormVar[1] = ' + dataList[0] 8.96 + else: 8.97 + vmFormVar[1] = dataList[0] 8.98 + 8.99 +def getCurrentTime( ): 8.100 + return time.strftime( '%Y-%m-%d %H:%M:%S', time.localtime( ) ) 8.101 + 8.102 +def getName( domNode ): 8.103 + nameNodes = domNode.getElementsByTagName( 'Name' ) 8.104 + if len( nameNodes ) == 0: 8.105 + formatXmlError( '"<Name>" tag is missing' ) 8.106 + return None 8.107 + 8.108 + name = '' 8.109 + for childNode in nameNodes[0].childNodes: 8.110 + if childNode.nodeType == xml.dom.Node.TEXT_NODE: 8.111 + name = name + childNode.data 8.112 + 8.113 + return name 8.114 + 8.115 +def getDate( domNode ): 8.116 + dateNodes = domNode.getElementsByTagName( 'Date' ) 8.117 + if len( dateNodes ) == 0: 8.118 + formatXmlError( '"<Date>" tag is missing' ) 8.119 + return None 8.120 + 8.121 + date = '' 8.122 + for childNode in dateNodes[0].childNodes: 8.123 + if childNode.nodeType == xml.dom.Node.TEXT_NODE: 8.124 + date = date + childNode.data 8.125 + 8.126 + return date 8.127 + 8.128 +def getDefUrl( domNode ): 8.129 + domNodes = domNode.getElementsByTagName( 'PolicyName' ) 8.130 + if len( domNodes ) == 0: 8.131 + formatXmlError( '"<PolicyName>" tag is missing' ) 8.132 + return None 8.133 + 8.134 + urlNodes = domNode.getElementsByTagName( 'Url' ) 8.135 + if len( urlNodes ) == 0: 8.136 + formatXmlError( '"<Url>" tag is missing' ) 8.137 + return None 8.138 + 8.139 + url = '' 8.140 + for childNode in urlNodes[0].childNodes: 8.141 + if childNode.nodeType == xml.dom.Node.TEXT_NODE: 8.142 + url = url + childNode.data 8.143 + 8.144 + return url 8.145 + 8.146 +def getDefRef( domNode ): 8.147 + domNodes = domNode.getElementsByTagName( 'PolicyName' ) 8.148 + if len( domNodes ) == 0: 8.149 + formatXmlError( '"<PolicyName>" tag is missing' ) 8.150 + return None 8.151 + 8.152 + refNodes = domNode.getElementsByTagName( 'Reference' ) 8.153 + if len( refNodes ) == 0: 8.154 + formatXmlError( '"<Reference>" tag is missing' ) 8.155 + return None 8.156 + 8.157 + ref = '' 8.158 + for childNode in refNodes[0].childNodes: 8.159 + if childNode.nodeType == xml.dom.Node.TEXT_NODE: 8.160 + ref = ref + childNode.data 8.161 + 8.162 + return ref 8.163 + 8.164 +def getSteTypes( domNode, missingIsError = 0 ): 8.165 + steNodes = domNode.getElementsByTagName( 'SimpleTypeEnforcementTypes' ) 8.166 + if len( steNodes ) == 0: 8.167 + if missingIsError == 1: 8.168 + formatXmlError( '"<SimpleTypeEnforcementTypes>" tag is missing' ) 8.169 + return None 8.170 + else: 8.171 + return [] 8.172 + 8.173 + return getTypes( steNodes[0] ) 8.174 + 8.175 +def getChWTypes( domNode, missingIsError = 0 ): 8.176 + chwNodes = domNode.getElementsByTagName( 'ChineseWallTypes' ) 8.177 + if len( chwNodes ) == 0: 8.178 + if missingIsError == 1: 8.179 + formatXmlError( '"<ChineseWallTypes>" tag is missing' ) 8.180 + return None 8.181 + else: 8.182 + return [] 8.183 + 8.184 + return getTypes( chwNodes[0] ) 8.185 + 8.186 +def getTypes( domNode ): 8.187 + types = [] 8.188 + 8.189 + domNodes = domNode.getElementsByTagName( 'Type' ) 8.190 + if len( domNodes ) == 0: 8.191 + formatXmlError( '"<Type>" tag is missing' ) 8.192 + return None 8.193 + 8.194 + for domNode in domNodes: 8.195 + typeText = '' 8.196 + for childNode in domNode.childNodes: 8.197 + if childNode.nodeType == xml.dom.Node.TEXT_NODE: 8.198 + typeText = typeText + childNode.data 8.199 + 8.200 + if typeText == '': 8.201 + formatXmlError( 'No text associated with the "<Type>" tag' ) 8.202 + return None 8.203 + 8.204 + types.append( typeText ) 8.205 + 8.206 + return types 8.207 + 8.208 +def formatXmlError( msg, xml = '', lineNum = -1, colNum = -1 ): 8.209 + global xmlMessages, xmlError 8.210 + 8.211 + xmlError = 1 8.212 + addMsg = cgi.escape( msg ) 8.213 + 8.214 + if lineNum != -1: 8.215 + sio = StringIO( xml ) 8.216 + for xmlLine in sio: 8.217 + lineNum = lineNum - 1 8.218 + if lineNum == 0: 8.219 + break; 8.220 + 8.221 + addMsg += '<BR><PRE>' + cgi.escape( xmlLine.rstrip( ) ) 8.222 + 8.223 + if colNum != -1: 8.224 + errLine = '' 8.225 + for i in range( colNum ): 8.226 + errLine = errLine + '-' 8.227 + 8.228 + addMsg += '\n' + errLine + '^' 8.229 + 8.230 + addMsg += '</PRE>' 8.231 + 8.232 + xmlMessages.append( addMsg ) 8.233 + 8.234 +def formatXmlGenError( msg ): 8.235 + global xmlMessages, xmlIncomplete 8.236 + 8.237 + xmlIncomplete = 1 8.238 + xmlMessages.append( cgi.escape( msg ) ) 8.239 + 8.240 +def parseXml( xmlInput ): 8.241 + global xmlMessages, xmlError, xmlLine, xmlColumn 8.242 + 8.243 + xmlParser = xml.sax.make_parser( ) 8.244 + try: 8.245 + domDoc = xml.dom.minidom.parseString( xmlInput, xmlParser ) 8.246 + 8.247 + except xml.sax.SAXParseException, xmlErr: 8.248 + msg = '' 8.249 + msg = msg + 'XML parsing error occurred at line ' 8.250 + msg = msg + `xmlErr.getLineNumber( )` 8.251 + msg = msg + ', column ' 8.252 + msg = msg + `xmlErr.getColumnNumber( )` 8.253 + msg = msg + ': reason = "' 8.254 + msg = msg + xmlErr.getMessage( ) 8.255 + msg = msg + '"' 8.256 + formatXmlError( msg, xmlInput, xmlErr.getLineNumber( ), xmlErr.getColumnNumber( ) ) 8.257 + return None 8.258 + 8.259 + except xml.sax.SAXException, xmlErr: 8.260 + msg = '' 8.261 + msg = msg + 'XML Parsing error: ' + `xmlErr` 8.262 + formatXmlError( msg, xmlInput, xmlErr.getLineNumber( ), xmlErr.getColumnNumber( ) ) 8.263 + return None 8.264 + 8.265 + return domDoc 8.266 + 8.267 +def parsePolicyXml( ): 8.268 + global policyXml 8.269 + global formSteTypes, formChWallTypes 8.270 + 8.271 + domDoc = parseXml( policyXml ) 8.272 + if domDoc == None: 8.273 + return 8.274 + 8.275 + domRoot = domDoc.documentElement 8.276 + domNodes = domRoot.getElementsByTagName( 'SimpleTypeEnforcement' ) 8.277 + if len( domNodes ) > 0: 8.278 + steTypes = getSteTypes( domNodes[0], 1 ) 8.279 + if steTypes == None: 8.280 + msg = '' 8.281 + msg = msg + 'Error processing the SimpleTypeEnforcement types.\n' 8.282 + msg = msg + 'Please validate the Policy Definition file used.' 8.283 + formatXmlError( msg ) 8.284 + return 8.285 + 8.286 + formSteTypes[1] = steTypes 8.287 + 8.288 + domNodes = domRoot.getElementsByTagName( 'ChineseWall' ) 8.289 + if len( domNodes ) > 0: 8.290 + chwTypes = getChWTypes( domNodes[0], 1 ) 8.291 + if chwTypes == None: 8.292 + msg = '' 8.293 + msg = msg + 'Error processing the ChineseWall types.\n' 8.294 + msg = msg + 'Please validate the Policy Definition file used.' 8.295 + formatXmlError( msg ) 8.296 + return 8.297 + 8.298 + formChWallTypes[1] = chwTypes 8.299 + 8.300 +def parsePolicyLabelXml( ): 8.301 + global policyLabelXml 8.302 + 8.303 + domDoc = parseXml( policyLabelXml ) 8.304 + if domDoc == None: 8.305 + return 8.306 + 8.307 + domRoot = domDoc.documentElement 8.308 + domHeaders = domRoot.getElementsByTagName( 'LabelHeader' ) 8.309 + if len( domHeaders ) == 0: 8.310 + msg = '' 8.311 + msg = msg + '"<LabelHeader>" tag is missing.\n' 8.312 + msg = msg + 'Please validate the Policy Labeling file used.' 8.313 + formatXmlError( msg ) 8.314 + return 8.315 + 8.316 + pName = getName( domHeaders[0] ) 8.317 + if pName == None: 8.318 + msg = '' 8.319 + msg = msg + 'Error processing the Policy Labeling header information.\n' 8.320 + msg = msg + 'Please validate the Policy Labeling file used.' 8.321 + formatXmlError( msg ) 8.322 + return 8.323 + 8.324 + formPolicyLabelName[1] = pName 8.325 + 8.326 + pDate = getDate( domHeaders[0] ) 8.327 + if pDate == None: 8.328 + msg = '' 8.329 + msg = msg + 'Error processing the Policy Labeling header information.\n' 8.330 + msg = msg + 'Please validate the Policy Labeling file used.' 8.331 + formatXmlError( msg ) 8.332 + return 8.333 + 8.334 + formPolicyLabelDate[1] = pDate 8.335 + 8.336 + pUrl = getDefUrl( domHeaders[0] ) 8.337 + if pUrl == None: 8.338 + msg = '' 8.339 + msg = msg + 'Error processing the Policy Labeling header information.\n' 8.340 + msg = msg + 'Please validate the Policy Labeling file used.' 8.341 + formatXmlError( msg ) 8.342 + return 8.343 + 8.344 + formPolicyUrl[1] = pUrl 8.345 + 8.346 + pRef = getDefRef( domHeaders[0] ) 8.347 + if pRef == None: 8.348 + msg = '' 8.349 + msg = msg + 'Error processing the Policy Labeling header information.\n' 8.350 + msg = msg + 'Please validate the Policy Labeling file used.' 8.351 + formatXmlError( msg ) 8.352 + return 8.353 + 8.354 + formPolicyRef[1] = pRef 8.355 + 8.356 + domSubjects = domRoot.getElementsByTagName( 'SubjectLabels' ) 8.357 + if len( domSubjects ) > 0: 8.358 + formVmNameDom0[1] = domSubjects[0].getAttribute( 'bootstrap' ) 8.359 + domNodes = domSubjects[0].getElementsByTagName( 'VirtualMachineLabel' ) 8.360 + for domNode in domNodes: 8.361 + vmName = getName( domNode ) 8.362 + if vmName == None: 8.363 + msg = '' 8.364 + msg = msg + 'Error processing the VirtualMachineLabel name.\n' 8.365 + msg = msg + 'Please validate the Policy Labeling file used.' 8.366 + formatXmlError( msg ) 8.367 + continue 8.368 + 8.369 + steTypes = getSteTypes( domNode ) 8.370 + if steTypes == None: 8.371 + msg = '' 8.372 + msg = msg + 'Error processing the SimpleTypeEnforcement types.\n' 8.373 + msg = msg + 'Please validate the Policy Labeling file used.' 8.374 + formatXmlError( msg ) 8.375 + return 8.376 + 8.377 + chwTypes = getChWTypes( domNode ) 8.378 + if chwTypes == None: 8.379 + msg = '' 8.380 + msg = msg + 'Error processing the ChineseWall types.\n' 8.381 + msg = msg + 'Please validate the Policy Labeling file used.' 8.382 + formatXmlError( msg ) 8.383 + return 8.384 + 8.385 + newVm( vmName, 1 ) 8.386 + allVmStes[vmName][1] = steTypes 8.387 + allVmChWs[vmName][1] = chwTypes 8.388 + 8.389 +def removeDups( curList ): 8.390 + newList = [] 8.391 + curSet = Set( curList ) 8.392 + for x in curSet: 8.393 + newList.append( x ) 8.394 + newList.sort( ) 8.395 + 8.396 + return newList 8.397 + 8.398 +def newVm( vmName, addToList = 0 ): 8.399 + global formVmNames 8.400 + global templateVmDel, allVmDel, templateVmDom0, allVmDom0 8.401 + global templateVmChWs, templateVmChWDel, templateVmChW, templateVmChWAdd 8.402 + global allVmChWs, allVmChWDel, allVmChWType, allVmChWAdd 8.403 + global templateVmStes, templateVmSteDel, templateVmSte, templateVmSteAdd 8.404 + global allVmStes, allVmSteDel, allVmSteType, allVmSteAdd 8.405 + 8.406 + # Make sure we have an actual name and check one of the 'all' 8.407 + # variables to be sure it hasn't been previously defined 8.408 + if (len( vmName ) > 0) and (not allVmDom0.has_key( vmName )): 8.409 + vmSuffix = '_' + vmName 8.410 + allVmDom0[vmName] = modFormTemplate( templateVmDom0, vmSuffix ) 8.411 + allVmDel[vmName] = modFormTemplate( templateVmDel, vmSuffix ) 8.412 + allVmChWs[vmName] = modFormTemplate( templateVmChWs, vmSuffix ) 8.413 + allVmChWDel[vmName] = modFormTemplate( templateVmChWDel, vmSuffix ) 8.414 + allVmChW[vmName] = modFormTemplate( templateVmChW, vmSuffix ) 8.415 + allVmChWAdd[vmName] = modFormTemplate( templateVmChWAdd, vmSuffix ) 8.416 + allVmStes[vmName] = modFormTemplate( templateVmStes, vmSuffix ) 8.417 + allVmSteDel[vmName] = modFormTemplate( templateVmSteDel, vmSuffix ) 8.418 + allVmSte[vmName] = modFormTemplate( templateVmSte, vmSuffix ) 8.419 + allVmSteAdd[vmName] = modFormTemplate( templateVmSteAdd, vmSuffix ) 8.420 + if addToList == 1: 8.421 + formVmNames[1].append( vmName ) 8.422 + formVmNames[1] = removeDups( formVmNames[1] ) 8.423 + 8.424 +def updateInfo( ): 8.425 + global formData, formPolicyLabelName, formPolicyLabelDate 8.426 + global formPolicyUrl, formPolicyRef 8.427 + 8.428 + if formData.has_key( formPolicyLabelName[3] ): 8.429 + formPolicyLabelName[1] = formData[formPolicyLabelName[3]].value 8.430 + elif formData.has_key( formPolicyLabelUpdate[3] ): 8.431 + formPolicyLabelName[1] = '' 8.432 + 8.433 + if formData.has_key( formPolicyLabelDate[3] ): 8.434 + formPolicyLabelDate[1] = formData[formPolicyLabelDate[3]].value 8.435 + elif formData.has_key( formPolicyLabelUpdate[3] ): 8.436 + formPolicyLabelDate[1] = '' 8.437 + 8.438 + if formData.has_key( formPolicyUrl[3] ): 8.439 + formPolicyUrl[1] = formData[formPolicyUrl[3]].value 8.440 + elif formData.has_key( formPolicyLabelUpdate[3] ): 8.441 + formPolicyUrl[1] = '' 8.442 + 8.443 + if formData.has_key( formPolicyRef[3] ): 8.444 + formPolicyRef[1] = formData[formPolicyRef[3]].value 8.445 + elif formData.has_key( formPolicyLabelUpdate[3] ): 8.446 + formPolicyRef[1] = '' 8.447 + 8.448 +def addVm( ): 8.449 + global formData, fromVmName, formVmNames, formVmNameDom0 8.450 + 8.451 + if (formData.has_key( formDefaultButton[3] )) or (formData.has_key( formVmAdd[3] )): 8.452 + if formData.has_key( formVmName[3] ): 8.453 + vmName = formData[formVmName[3]].value 8.454 + vmName = vmName.strip( ) 8.455 + newVm( vmName, 1 ) 8.456 + if formVmNameDom0[1] == '': 8.457 + formVmNameDom0[1] = vmName 8.458 + 8.459 +def delVm( vmName ): 8.460 + global formVmNames, formVmNameDom0 8.461 + global allVmDel, allVmDom0 8.462 + global allVmChWs, allVmChWDel, allVmChWType, allVmChWAdd 8.463 + global allVmStes, allVmSteDel, allVmSteType, allVmSteAdd 8.464 + 8.465 + vmName = vmName.strip( ) 8.466 + formVmNames[1].remove( vmName ) 8.467 + del allVmDom0[vmName] 8.468 + del allVmDel[vmName] 8.469 + del allVmChWs[vmName] 8.470 + del allVmChWDel[vmName] 8.471 + del allVmChW[vmName] 8.472 + del allVmChWAdd[vmName] 8.473 + del allVmStes[vmName] 8.474 + del allVmSteDel[vmName] 8.475 + del allVmSte[vmName] 8.476 + del allVmSteAdd[vmName] 8.477 + 8.478 + if formVmNameDom0[1] == vmName: 8.479 + if len( formVmNames[1] ) > 0: 8.480 + formVmNameDom0[1] = formVmNames[1][0] 8.481 + else: 8.482 + formVmNameDom0[1] = '' 8.483 + 8.484 +def makeVmDom0( vmName ): 8.485 + global formVmNameDom0 8.486 + 8.487 + vmName = vmName.strip( ) 8.488 + formVmNameDom0[1] = vmName 8.489 + 8.490 +def addVmChW( chwName ): 8.491 + global formData, allVmChW, allVmChWs 8.492 + 8.493 + formVar = allVmChW[chwName] 8.494 + if formData.has_key( formVar[3] ): 8.495 + chwList = formData.getlist( formVar[3] ) 8.496 + formVar = allVmChWs[chwName] 8.497 + for chw in chwList: 8.498 + chw = chw.strip( ) 8.499 + formVar[1].append( chw ) 8.500 + formVar[1] = removeDups( formVar[1] ) 8.501 + 8.502 +def delVmChW( chwName ): 8.503 + global formData, allVmChWs 8.504 + 8.505 + formVar = allVmChWs[chwName] 8.506 + if formData.has_key( formVar[3] ): 8.507 + chwList = formData.getlist( formVar[3] ) 8.508 + for chw in chwList: 8.509 + chw = chw.strip( ) 8.510 + formVar[1].remove( chw ) 8.511 + 8.512 +def addVmSte( steName ): 8.513 + global formData, allVmSte, allVmStes 8.514 + 8.515 + formVar = allVmSte[steName] 8.516 + if formData.has_key( formVar[3] ): 8.517 + steList = formData.getlist( formVar[3] ) 8.518 + formVar = allVmStes[steName] 8.519 + for ste in steList: 8.520 + ste = ste.strip( ) 8.521 + formVar[1].append( ste ) 8.522 + formVar[1] = removeDups( formVar[1] ) 8.523 + 8.524 +def delVmSte( steName ): 8.525 + global formData, allVmStes 8.526 + 8.527 + formVar = allVmStes[steName] 8.528 + if formData.has_key( formVar[3] ): 8.529 + steList = formData.getlist( formVar[3] ) 8.530 + for ste in steList: 8.531 + ste = ste.strip( ) 8.532 + formVar[1].remove( ste ) 8.533 + 8.534 +def processRequest( ): 8.535 + global formData, policyXml, policyLabelXml, formPolicyLabelUpdate 8.536 + global formVmAdd 8.537 + global formVmNames, allVmDel, allVmDom0 8.538 + global allVmChWAdd, allVmChWDel, allVmSteAdd, allVmSteDel 8.539 + 8.540 + if policyXml != '': 8.541 + parsePolicyXml( ) 8.542 + 8.543 + if policyLabelXml != '': 8.544 + parsePolicyLabelXml( ) 8.545 + 8.546 + # Allow the updating of the header information whenever 8.547 + # an action is performed 8.548 + updateInfo( ) 8.549 + 8.550 + # Allow the adding of labels if the user has hit the 8.551 + # enter key when attempting to add a type/set 8.552 + addVm( ) 8.553 + 8.554 + for vmName in formVmNames[1]: 8.555 + if formData.has_key( allVmDel[vmName][3] ): 8.556 + delVm( vmName ) 8.557 + continue 8.558 + 8.559 + if formData.has_key( allVmDom0[vmName][3] ): 8.560 + makeVmDom0( vmName ) 8.561 + 8.562 + if formData.has_key( allVmChWAdd[vmName][3] ): 8.563 + addVmChW( vmName ) 8.564 + 8.565 + elif formData.has_key( allVmChWDel[vmName][3] ): 8.566 + delVmChW( vmName ) 8.567 + 8.568 + elif formData.has_key( allVmSteAdd[vmName][3] ): 8.569 + addVmSte( vmName ) 8.570 + 8.571 + elif formData.has_key( allVmSteDel[vmName][3] ): 8.572 + delVmSte( vmName ) 8.573 + 8.574 +def modFormTemplate( formTemplate, suffix ): 8.575 + formVar = [x for x in formTemplate] 8.576 + 8.577 + if formVar[2] != '': 8.578 + formVar[2] = formVar[2] + suffix 8.579 + if formVar[3] != '': 8.580 + formVar[3] = formVar[3] + suffix 8.581 + if (formVar[0] != 'button') and (formVar[4] != ''): 8.582 + formVar[4] = formVar[4] + suffix 8.583 + 8.584 + return formVar; 8.585 + 8.586 +def makeName( name, suffix='' ): 8.587 + rName = name 8.588 + if suffix != '': 8.589 + rName = rName + '_' + suffix 8.590 + 8.591 + return rName 8.592 + 8.593 +def makeNameAttr( name, suffix='' ): 8.594 + return 'name="' + makeName( name, suffix ) + '"' 8.595 + 8.596 +def makeValue( value, suffix='' ): 8.597 + rValue = value 8.598 + 8.599 + if isinstance( value, list ): 8.600 + rValue = '[' 8.601 + for val in value: 8.602 + rValue = rValue + '\'' + val 8.603 + if suffix != '': 8.604 + rValue = rValue + '_' + suffix 8.605 + rValue = rValue + '\',' 8.606 + rValue = rValue + ']' 8.607 + 8.608 + else: 8.609 + if suffix != '': 8.610 + rValue = rValue + '_' + suffix 8.611 + 8.612 + return rValue 8.613 + 8.614 +def makeValueAttr( value, suffix='' ): 8.615 + return 'value="' + makeValue( value, suffix ) + '"' 8.616 + 8.617 +def sendHtmlFormVar( formVar, attrs='', rb_select=0 ): 8.618 + nameAttr = '' 8.619 + valueAttr = '' 8.620 + htmlText = '' 8.621 + 8.622 + if formVar[0] == 'text': 8.623 + if formVar[3] != '': 8.624 + nameAttr = makeNameAttr( formVar[3] ) 8.625 + valueAttr = makeValueAttr( formVar[1] ) 8.626 + 8.627 + print '<INPUT type="text"', nameAttr, valueAttr, attrs, '>' 8.628 + 8.629 + elif formVar[0] == 'list': 8.630 + if formVar[3] != '': 8.631 + nameAttr = makeNameAttr( formVar[3] ) 8.632 + 8.633 + print '<SELECT', nameAttr, attrs, '>' 8.634 + for option in formVar[1]: 8.635 + print '<OPTION>' + option + '</OPTION>' 8.636 + print '</SELECT>' 8.637 + 8.638 + elif formVar[0] == 'button': 8.639 + if formVar[3] != '': 8.640 + nameAttr = makeNameAttr( formVar[3] ) 8.641 + if formVar[4] != '': 8.642 + valueAttr = makeValueAttr( formVar[4] ) 8.643 + 8.644 + print '<INPUT type="submit"', nameAttr, valueAttr, attrs, '>' 8.645 + 8.646 + elif formVar[0] == 'radiobutton': 8.647 + if formVar[3] != '': 8.648 + nameAttr = makeNameAttr( formVar[3] ) 8.649 + valueAttr = makeValueAttr( formVar[4][rb_select] ) 8.650 + htmlText = formVar[5][rb_select] 8.651 + if formVar[4][rb_select] == formVar[1]: 8.652 + checked = 'checked' 8.653 + else: 8.654 + checked = '' 8.655 + 8.656 + print '<INPUT type="radio"', nameAttr, valueAttr, attrs, checked, '>', htmlText 8.657 + 8.658 + elif formVar[0] == 'radiobutton-all': 8.659 + if formVar[3] != '': 8.660 + nameAttr = makeNameAttr( formVar[3] ) 8.661 + buttonVals = formVar[4] 8.662 + for i, buttonVal in enumerate( buttonVals ): 8.663 + htmlText = '' 8.664 + addAttrs = '' 8.665 + checked = '' 8.666 + 8.667 + valueAttr = makeValueAttr( buttonVal ) 8.668 + if formVar[5] != '': 8.669 + htmlText = formVar[5][i] 8.670 + if attrs != '': 8.671 + addAttrs = attrs[i] 8.672 + if buttonVal == formVar[1]: 8.673 + checked = 'checked' 8.674 + 8.675 + print '<INPUT type="radio"', nameAttr, valueAttr, addAttrs, checked, '>', htmlText 8.676 + 8.677 + if ( formVar[2] != '' ) and ( rb_select == 0 ): 8.678 + nameAttr = makeNameAttr( formVar[2] ) 8.679 + valueAttr = makeValueAttr( formVar[1] ) 8.680 + print '<INPUT type="hidden"', nameAttr, valueAttr, '>' 8.681 + 8.682 +def sendHtmlHeaders( ): 8.683 + # HTML headers 8.684 + print 'Content-Type: text/html' 8.685 + print 8.686 + 8.687 +def sendPolicyLabelHtml( ): 8.688 + global xmlError, xmlIncomplete, xmlMessages, formXmlGen 8.689 + global formVmNameDom0, formSteTypes, formChWallTypes 8.690 + 8.691 + print '<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"' 8.692 + print ' "http://www.w3.org/TR/html4/loose.dtd">' 8.693 + 8.694 + print '<HTML>' 8.695 + 8.696 + sendHtmlHead( ) 8.697 + 8.698 + print '<BODY>' 8.699 + 8.700 + # An input XML file was specified that had errors, output the 8.701 + # error information 8.702 + if xmlError == 1: 8.703 + print '<P>' 8.704 + print 'An error has been encountered while processing the input' 8.705 + print 'XML file:' 8.706 + print '<UL>' 8.707 + for msg in xmlMessages: 8.708 + print '<LI>' 8.709 + print msg 8.710 + print '</UL>' 8.711 + print '</BODY>' 8.712 + print '</HTML>' 8.713 + return 8.714 + 8.715 + # When attempting to generate the XML output, all required data was not 8.716 + # present, output the error information 8.717 + if xmlIncomplete == 1: 8.718 + print '<P>' 8.719 + print 'An error has been encountered while validating the data' 8.720 + print 'required for the output XML file:' 8.721 + print '<UL>' 8.722 + for msg in xmlMessages: 8.723 + print '<LI>' 8.724 + print msg 8.725 + print '</UL>' 8.726 + print '</BODY>' 8.727 + print '</HTML>' 8.728 + return 8.729 + 8.730 + print '<CENTER>' 8.731 + print '<FORM action="' + os.environ['SCRIPT_NAME'] + '" method="post">' 8.732 + print '<TABLE class="container">' 8.733 + print ' <COLGROUP>' 8.734 + print ' <COL width="100%">' 8.735 + print ' </COLGROUP>' 8.736 + 8.737 + print ' <TR>' 8.738 + print ' <TD>' 8.739 + sendHtmlFormVar( formDefaultButton, 'class="hidden"' ) 8.740 + print ' </TD>' 8.741 + print ' </TR>' 8.742 + print ' <TR>' 8.743 + print ' <TD>' 8.744 + sendHtmlFormVar( formXmlGen ) 8.745 + print ' </TD>' 8.746 + print ' </TR>' 8.747 + 8.748 + # Policy Labeling header 8.749 + print ' <TR>' 8.750 + print ' <TD>' 8.751 + sendPLHeaderHtml( ) 8.752 + print ' </TD>' 8.753 + print ' </TR>' 8.754 + 8.755 + # Separator 8.756 + print ' <TR>' 8.757 + print ' <TD>' 8.758 + print ' <HR>' 8.759 + print ' </TD>' 8.760 + print ' </TR>' 8.761 + 8.762 + # Policy Labels (vms) 8.763 + print ' <TR>' 8.764 + print ' <TD>' 8.765 + print ' <TABLE class="full">' 8.766 + print ' <TR>' 8.767 + print ' <TD width="100%">' 8.768 + sendPLSubHtml( ) 8.769 + print ' </TD>' 8.770 + print ' </TR>' 8.771 + print ' </TABLE>' 8.772 + print ' </TD>' 8.773 + print ' </TR>' 8.774 + 8.775 + print '</TABLE>' 8.776 + 8.777 + # Send some data that needs to be available across sessions 8.778 + sendHtmlFormVar( formVmNameDom0 ) 8.779 + sendHtmlFormVar( formSteTypes ) 8.780 + sendHtmlFormVar( formChWallTypes ) 8.781 + 8.782 + print '</FORM>' 8.783 + print '</CENTER>' 8.784 + 8.785 + print '</BODY>' 8.786 + 8.787 + print '</HTML>' 8.788 + 8.789 +def sendHtmlHead( ): 8.790 + global headTitle 8.791 + 8.792 + print '<HEAD>' 8.793 + print '<STYLE type="text/css">' 8.794 + print '<!--' 8.795 + print 'BODY {background-color: #EEEEFF;}' 8.796 + print 'TABLE.container {width: 90%; border: 1px solid black; border-collapse: seperate;}' 8.797 + print 'TABLE.full {width: 100%; border: 0px solid black; border-collapse: collapse; border-spacing: 3px;}' 8.798 + print 'TABLE.fullbox {width: 100%; border: 0px solid black; border-collapse: collapse; border-spacing: 3px;}' 8.799 + print 'THEAD {font-weight: bold; font-size: larger;}' 8.800 + print 'TD {border: 0px solid black; vertical-align: top;}' 8.801 + print 'TD.heading {border: 0px solid black; vertical-align: top; font-weight: bold; font-size: larger;}' 8.802 + print 'TD.subheading {border: 0px solid black; vertical-align: top; font-size: smaller;}' 8.803 + print 'TD.fullbox {border: 1px solid black; vertical-align: top;}' 8.804 + print 'SELECT.full {width: 100%;}' 8.805 + print 'INPUT.full {width: 100%;}' 8.806 + print 'INPUT.link {cursor: pointer; background-color: #EEEEFF; border: 0px; text-decoration: underline; color: blue;}' 8.807 + print 'INPUT.hidden {visibility: hidden; width: 1px; height: 1px;}' 8.808 + print ':link {color: blue;}' 8.809 + print ':visited {color: red;}' 8.810 + print '-->' 8.811 + print '</STYLE>' 8.812 + print '<TITLE>', headTitle, '</TITLE>' 8.813 + print '</HEAD>' 8.814 + 8.815 +def sendPLHeaderHtml( ): 8.816 + global formPolicyLabelName, formPolicyLabelDate 8.817 + global formPolicyUrl, formPolicyRef 8.818 + global formPolicyLabelUpdate 8.819 + 8.820 + # Policy Labeling header definition 8.821 + print '<TABLE class="full">' 8.822 + print ' <COLGROUP>' 8.823 + print ' <COL width="20%">' 8.824 + print ' <COL width="80%">' 8.825 + print ' </COLGROUP>' 8.826 + print ' <TR>' 8.827 + print ' <TD class="heading" align="center" colspan="2">Policy Labeling Information</TD>' 8.828 + print ' </TR>' 8.829 + print ' <TR>' 8.830 + print ' <TD align="right">Name:</TD>' 8.831 + print ' <TD align="left">' 8.832 + sendHtmlFormVar( formPolicyLabelName, 'class="full"' ) 8.833 + print ' </TD>' 8.834 + print ' </TR>' 8.835 + print ' <TR>' 8.836 + print ' <TD align="right">Date:</TD>' 8.837 + print ' <TD align="left">' 8.838 + sendHtmlFormVar( formPolicyLabelDate, 'class="full"' ) 8.839 + print ' </TD>' 8.840 + print ' </TR>' 8.841 + print ' <TR>' 8.842 + print ' <TD align="right">Policy URL:</TD>' 8.843 + print ' <TD align="left">' 8.844 + sendHtmlFormVar( formPolicyUrl, 'class="full"' ) 8.845 + print ' </TD>' 8.846 + print ' </TR>' 8.847 + print ' <TR>' 8.848 + print ' <TD align="right">Policy Reference:</TD>' 8.849 + print ' <TD align="left">' 8.850 + sendHtmlFormVar( formPolicyRef, 'class="full"' ) 8.851 + print ' </TD>' 8.852 + print ' </TR>' 8.853 + print ' <TR>' 8.854 + print ' <TD align="center" colspan="2">' 8.855 + sendHtmlFormVar( formPolicyLabelUpdate ) 8.856 + print ' </TD>' 8.857 + print ' </TR>' 8.858 + print ' <TR>' 8.859 + print ' <TD align="center" colspan="2" class="subheading">' 8.860 + print ' (The Policy Labeling Information is updated whenever an action is performed' 8.861 + print ' or it can be updated separately using the "Update" button)' 8.862 + print ' </TD>' 8.863 + print ' </TR>' 8.864 + print '</TABLE>' 8.865 + 8.866 +def sendPLSubHtml( ): 8.867 + global formVmNames, formVmDel, formVmName, formVmAdd 8.868 + global allVmDel, allVmDom0 8.869 + global allVmChWs, allVmChWDel, allVmChW, allVmChWAdd 8.870 + global allVmStes, allVmSteDel, allVmSte, allVmSteAdd 8.871 + global formSteTypes, formChWallTypes 8.872 + 8.873 + print '<TABLE class="full">' 8.874 + print ' <COLGROUP>' 8.875 + print ' <COL width="100%">' 8.876 + print ' </COLGROUP>' 8.877 + 8.878 + # Virtual Machines... 8.879 + print ' <TR>' 8.880 + print ' <TD>' 8.881 + print ' <TABLE class="full">' 8.882 + print ' <COLGROUP>' 8.883 + print ' <COL width="10%">' 8.884 + print ' <COL width="40%">' 8.885 + print ' <COL width="50%">' 8.886 + print ' </COLGROUP>' 8.887 + print ' <TR>' 8.888 + print ' <TD class="heading" align="center" colspan="3">Virtual Machine Classes</TD>' 8.889 + print ' </TR>' 8.890 + print ' <TR>' 8.891 + print ' <TD colspan="2">' 8.892 + sendHtmlFormVar( formVmName, 'class="full"' ) 8.893 + sendHtmlFormVar( formVmNames ) 8.894 + print ' </TD>' 8.895 + print ' <TD> </TD>' 8.896 + print ' </TR>' 8.897 + print ' <TR>' 8.898 + print ' <TD>' 8.899 + sendHtmlFormVar( formVmAdd, 'class="full"' ) 8.900 + print ' </TD>' 8.901 + print ' <TD colspan="2">' 8.902 + print ' Create a new VM class with the above name' 8.903 + print ' </TD>' 8.904 + print ' </TR>' 8.905 + print ' </TABLE>' 8.906 + print ' </TD>' 8.907 + print ' </TR>' 8.908 + if len( formVmNames[1] ) > 0: 8.909 + print ' <TR>' 8.910 + print ' <TD colspan="1">' 8.911 + print ' ' 8.912 + print ' </TD>' 8.913 + print ' </TR>' 8.914 + print ' <TR>' 8.915 + print ' <TD>' 8.916 + print ' <TABLE class="fullbox">' 8.917 + print ' <COLGROUP>' 8.918 + print ' <COL width="10%">' 8.919 + print ' <COL width="40%">' 8.920 + print ' <COL width="50%">' 8.921 + print ' </COLGROUP>' 8.922 + print ' <THEAD>' 8.923 + print ' <TR>' 8.924 + print ' <TD class="fullbox">Dom 0?</TD>' 8.925 + print ' <TD class="fullbox">Name</TD>' 8.926 + print ' <TD class="fullbox">Actions</TD>' 8.927 + print ' </TR>' 8.928 + print ' </THEAD>' 8.929 + for i, vmName in enumerate( formVmNames[1] ): 8.930 + print ' <TR>' 8.931 + print ' <TD class="fullbox">' 8.932 + if formVmNameDom0[1] == vmName: 8.933 + print 'Yes' 8.934 + else: 8.935 + print ' ' 8.936 + print ' </TD>' 8.937 + print ' <TD class="fullbox">' + vmName + '</TD>' 8.938 + print ' <TD class="fullbox">' 8.939 + print ' <A href="#' + vmName + '">Edit</A>' 8.940 + formVar = allVmDel[vmName] 8.941 + sendHtmlFormVar( formVar, 'class="link"' ) 8.942 + formVar = allVmDom0[vmName] 8.943 + sendHtmlFormVar( formVar, 'class="link"' ) 8.944 + print ' </TD>' 8.945 + print ' </TR>' 8.946 + print ' </TABLE>' 8.947 + print ' </TD>' 8.948 + print ' </TR>' 8.949 + for vmName in formVmNames[1]: 8.950 + print ' <TR>' 8.951 + print ' <TD>' 8.952 + print ' <HR>' 8.953 + print ' </TD>' 8.954 + print ' </TR>' 8.955 + print ' <TR>' 8.956 + print ' <TD>' 8.957 + print ' <TABLE class="full">' 8.958 + print ' <COLGROUP>' 8.959 + print ' <COL width="10%">' 8.960 + print ' <COL width="39%">' 8.961 + print ' <COL width="2%">' 8.962 + print ' <COL width="10%">' 8.963 + print ' <COL width="39%">' 8.964 + print ' </COLGROUP>' 8.965 + print ' <TR>' 8.966 + print ' <TD colspan="5" align="center" class="heading">' 8.967 + print ' <A name="' + vmName + '">Virtual Machine Class: ' + vmName + '</A>' 8.968 + print ' </TD>' 8.969 + print ' </TR>' 8.970 + print ' <TR>' 8.971 + print ' <TD colspan="2" align="center">Simple Type Enforcement Types</TD>' 8.972 + print ' <TD> </TD>' 8.973 + print ' <TD colspan="2" align="center">Chinese Wall Types</TD>' 8.974 + print ' </TR>' 8.975 + print ' <TR>' 8.976 + print ' <TD colspan="2">' 8.977 + formVar = allVmStes[vmName]; 8.978 + sendHtmlFormVar( formVar, 'class="full" size="4" multiple"' ) 8.979 + print ' </TD>' 8.980 + print ' <TD> </TD>' 8.981 + print ' <TD colspan="2">' 8.982 + formVar = allVmChWs[vmName]; 8.983 + sendHtmlFormVar( formVar, 'class="full" size="4" multiple"' ) 8.984 + print ' </TD>' 8.985 + print ' </TR>' 8.986 + print ' <TR>' 8.987 + print ' <TD>' 8.988 + formVar = allVmSteDel[vmName]; 8.989 + sendHtmlFormVar( formVar, 'class="full"' ) 8.990 + print ' </TD>' 8.991 + print ' <TD>' 8.992 + print ' Delete the type(s) selected above' 8.993 + print ' </TD>' 8.994 + print ' <TD> </TD>' 8.995 + print ' <TD>' 8.996 + formVar = allVmChWDel[vmName]; 8.997 + sendHtmlFormVar( formVar, 'class="full"' ) 8.998 + print ' </TD>' 8.999 + print ' <TD>' 8.1000 + print ' Delete the type(s) selected above' 8.1001 + print ' </TD>' 8.1002 + print ' </TR>' 8.1003 + print ' <TR>' 8.1004 + print ' <TD colspan="2">' 8.1005 + stSet = Set( formSteTypes[1] ) 8.1006 + vmSet = Set( allVmStes[vmName][1] ) 8.1007 + formVar = allVmSte[vmName] 8.1008 + formVar[1] = [] 8.1009 + for steType in stSet.difference( vmSet ): 8.1010 + formVar[1].append( steType ) 8.1011 + formVar[1].sort( ) 8.1012 + sendHtmlFormVar( formVar, 'class="full" size="2" multiple"' ) 8.1013 + print ' </TD>' 8.1014 + print ' <TD> </TD>' 8.1015 + print ' <TD colspan="2">' 8.1016 + ctSet = Set( formChWallTypes[1] ) 8.1017 + vmSet = Set( allVmChWs[vmName][1] ) 8.1018 + formVar = allVmChW[vmName] 8.1019 + formVar[1] = [] 8.1020 + for chwallType in ctSet.difference( vmSet ): 8.1021 + formVar[1].append( chwallType ) 8.1022 + formVar[1].sort( ) 8.1023 + sendHtmlFormVar( formVar, 'class="full" size="2" multiple"' ) 8.1024 + print ' </TD>' 8.1025 + print ' </TR>' 8.1026 + print ' <TR>' 8.1027 + print ' <TD>' 8.1028 + formVar = allVmSteAdd[vmName]; 8.1029 + sendHtmlFormVar( formVar, 'class="full"' ) 8.1030 + print ' </TD>' 8.1031 + print ' <TD>' 8.1032 + print ' Add the type(s) selected above' 8.1033 + print ' </TD>' 8.1034 + print ' <TD> </TD>' 8.1035 + print ' <TD>' 8.1036 + formVar = allVmChWAdd[vmName]; 8.1037 + sendHtmlFormVar( formVar, 'class="full"' ) 8.1038 + print ' </TD>' 8.1039 + print ' <TD>' 8.1040 + print ' Add the type(s) selected above' 8.1041 + print ' </TD>' 8.1042 + print ' </TR>' 8.1043 + print ' </TABLE>' 8.1044 + print ' </TD>' 8.1045 + print ' </TR>' 8.1046 + 8.1047 + print '</TABLE>' 8.1048 + 8.1049 +def sendPLObjHtml( ): 8.1050 + 8.1051 + # Resources... 8.1052 + print '<TABLE class="full">' 8.1053 + print ' <COLGROUP>' 8.1054 + print ' <COL width="60%">' 8.1055 + print ' <COL width="20%">' 8.1056 + print ' <COL width="20%">' 8.1057 + print ' </COLGROUP>' 8.1058 + 8.1059 + print ' <TR>' 8.1060 + print ' <TD align="center" colspan="3" class="heading">Resources</TD>' 8.1061 + print ' </TR>' 8.1062 + print ' <TR>' 8.1063 + print ' <TD colspan="2">' 8.1064 + #sendHtmlFormVar( formVmNames, 'class="full" size="4" multiple"' ) 8.1065 + print ' </TD>' 8.1066 + print ' <TD>' 8.1067 + #sendHtmlFormVar( formVmDel, 'class="full"' ) 8.1068 + print ' </TD>' 8.1069 + print ' </TR>' 8.1070 + print ' <TR>' 8.1071 + print ' <TD colspan="2">' 8.1072 + #sendHtmlFormVar( formVmName, 'class="full"' ) 8.1073 + print ' </TD>' 8.1074 + print ' <TD>' 8.1075 + #sendHtmlFormVar( formVmAdd, 'class="full"' ) 8.1076 + print ' </TD>' 8.1077 + print ' </TR>' 8.1078 + print '</TABLE>' 8.1079 + 8.1080 +def checkXmlData( ): 8.1081 + global xmlIncomplete 8.1082 + 8.1083 + # Validate the Policy Label Header requirements 8.1084 + if ( len( formPolicyLabelName[1] ) == 0 ) or \ 8.1085 + ( len( formPolicyLabelDate[1] ) == 0 ) or \ 8.1086 + ( len( formPolicyUrl[1] ) == 0 ) or \ 8.1087 + ( len( formPolicyRef[1] ) == 0 ): 8.1088 + msg = '' 8.1089 + msg = msg + 'The XML policy label schema requires that the Policy ' 8.1090 + msg = msg + 'Labeling Information Name, Date, Policy URL and ' 8.1091 + msg = msg + 'Policy Reference fields all have values.' 8.1092 + formatXmlGenError( msg ) 8.1093 + 8.1094 +def sendXmlHeaders( ): 8.1095 + # HTML headers 8.1096 + print 'Content-Type: text/xml' 8.1097 + print 'Content-Disposition: attachment; filename=security_label_template.xml' 8.1098 + print 8.1099 + 8.1100 +def sendPolicyLabelXml( ): 8.1101 + print '<?xml version="1.0"?>' 8.1102 + 8.1103 + print '<SecurityLabelTemplate xmlns="http://www.ibm.com"' 8.1104 + print ' xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"' 8.1105 + print ' xsi:schemaLocation="http://www.ibm.com security_policy.xsd">' 8.1106 + 8.1107 + # Policy Labeling header 8.1108 + sendPLHeaderXml( ) 8.1109 + 8.1110 + # Policy Labels (subjects and objects) 8.1111 + sendPLSubXml( ) 8.1112 + #sendPLObjXml( ) 8.1113 + 8.1114 + print '</SecurityLabelTemplate>' 8.1115 + 8.1116 +def sendPLHeaderXml( ): 8.1117 + global formPolicyLabelName, formPolicyLabelDate 8.1118 + global formPolicyUrl, formPolicyRef 8.1119 + 8.1120 + # Policy Labeling header definition 8.1121 + print '<LabelHeader>' 8.1122 + print ' <Name>' + formPolicyLabelName[1] + '</Name>' 8.1123 + print ' <Date>' + formPolicyLabelDate[1] + '</Date>' 8.1124 + print ' <PolicyName>' 8.1125 + print ' <Url>' + formPolicyUrl[1] + '</Url>' 8.1126 + print ' <Reference>' + formPolicyRef[1] + '</Reference>' 8.1127 + print ' </PolicyName>' 8.1128 + print '</LabelHeader>' 8.1129 + 8.1130 +def sendPLSubXml( ): 8.1131 + global formVmNames, allVmChWs, allVmStes 8.1132 + 8.1133 + # Virtual machines... 8.1134 + if len( formVmNames[1] ) == 0: 8.1135 + return 8.1136 + 8.1137 + print '<SubjectLabels bootstrap="' + formVmNameDom0[1] + '">' 8.1138 + for vmName in formVmNames[1]: 8.1139 + print ' <VirtualMachineLabel>' 8.1140 + print ' <Name>' + vmName + '</Name>' 8.1141 + formVar = allVmStes[vmName] 8.1142 + if len( formVar[1] ) > 0: 8.1143 + print ' <SimpleTypeEnforcementTypes>' 8.1144 + for ste in formVar[1]: 8.1145 + print ' <Type>' + ste + '</Type>' 8.1146 + print ' </SimpleTypeEnforcementTypes>' 8.1147 + 8.1148 + formVar = allVmChWs[vmName] 8.1149 + if len( formVar[1] ) > 0: 8.1150 + print ' <ChineseWallTypes>' 8.1151 + for chw in formVar[1]: 8.1152 + print ' <Type>' + chw + '</Type>' 8.1153 + print ' </ChineseWallTypes>' 8.1154 + 8.1155 + print ' </VirtualMachineLabel>' 8.1156 + 8.1157 + print '</SubjectLabels>' 8.1158 + 8.1159 + 8.1160 +# Set up initial HTML variables 8.1161 +headTitle = 'Xen Policy Labeling Generation' 8.1162 + 8.1163 +# Form variables 8.1164 +# The format of these variables is as follows: 8.1165 +# [ p0, p1, p2, p3, p4, p5 ] 8.1166 +# p0 = input type 8.1167 +# p1 = the current value of the variable 8.1168 +# p2 = the hidden input name attribute 8.1169 +# p3 = the name attribute 8.1170 +# p4 = the value attribute 8.1171 +# p5 = text to associate with the tag 8.1172 +formPolicyLabelName = [ 'text', 8.1173 + '', 8.1174 + 'h_policyLabelName', 8.1175 + 'i_policyLabelName', 8.1176 + '', 8.1177 + '', 8.1178 + ] 8.1179 +formPolicyLabelDate = [ 'text', 8.1180 + getCurrentTime( ), 8.1181 + 'h_policyLabelDate', 8.1182 + 'i_policyLabelDate', 8.1183 + '', 8.1184 + '', 8.1185 + ] 8.1186 +formPolicyUrl = [ 'text', 8.1187 + '', 8.1188 + 'h_policyUrl', 8.1189 + 'i_policyUrl', 8.1190 + '', 8.1191 + '', 8.1192 + ] 8.1193 +formPolicyRef = [ 'text', 8.1194 + '', 8.1195 + 'h_policyRef', 8.1196 + 'i_policyRef', 8.1197 + '', 8.1198 + '', 8.1199 + ] 8.1200 +formPolicyLabelUpdate = [ 'button', 8.1201 + '', 8.1202 + '', 8.1203 + 'i_PolicyLabelUpdate', 8.1204 + 'Update', 8.1205 + '', 8.1206 + ] 8.1207 + 8.1208 +formVmNames = [ '', 8.1209 + [], 8.1210 + 'h_vmNames', 8.1211 + '', 8.1212 + '', 8.1213 + '', 8.1214 + ] 8.1215 +formVmDel = [ 'button', 8.1216 + '', 8.1217 + '', 8.1218 + 'i_vmDel', 8.1219 + 'Delete', 8.1220 + '', 8.1221 + ] 8.1222 +formVmName = [ 'text', 8.1223 + '', 8.1224 + '', 8.1225 + 'i_vmName', 8.1226 + '', 8.1227 + '', 8.1228 + ] 8.1229 +formVmAdd = [ 'button', 8.1230 + '', 8.1231 + '', 8.1232 + 'i_vmAdd', 8.1233 + 'New', 8.1234 + '', 8.1235 + ] 8.1236 + 8.1237 +formVmNameDom0 = [ '', 8.1238 + '', 8.1239 + 'h_vmDom0', 8.1240 + '', 8.1241 + '', 8.1242 + '', 8.1243 + ] 8.1244 + 8.1245 +formXmlGen = [ 'button', 8.1246 + '', 8.1247 + '', 8.1248 + 'i_xmlGen', 8.1249 + 'Generate XML', 8.1250 + '', 8.1251 + ] 8.1252 + 8.1253 +formDefaultButton = [ 'button', 8.1254 + '', 8.1255 + '', 8.1256 + 'i_defaultButton', 8.1257 + '.', 8.1258 + '', 8.1259 + ] 8.1260 + 8.1261 +formSteTypes = [ '', 8.1262 + [], 8.1263 + 'h_steTypes', 8.1264 + '', 8.1265 + '', 8.1266 + '', 8.1267 + ] 8.1268 +formChWallTypes = [ '', 8.1269 + [], 8.1270 + 'h_chwallTypes', 8.1271 + '', 8.1272 + '', 8.1273 + '', 8.1274 + ] 8.1275 + 8.1276 +# This is a set of templates used for each virtual machine 8.1277 +# Each virtual machine is initially assigned these templates, 8.1278 +# then each form attribute value is changed to append 8.1279 +# "_virtual-machine-name" for uniqueness. 8.1280 +templateVmDel = [ 'button', 8.1281 + '', 8.1282 + '', 8.1283 + 'i_vmDel', 8.1284 + 'Delete', 8.1285 + '', 8.1286 + ] 8.1287 +templateVmDom0 = [ 'button', 8.1288 + '', 8.1289 + '', 8.1290 + 'i_vmDom0', 8.1291 + 'SetDom0', 8.1292 + '', 8.1293 + ] 8.1294 +allVmDel = {}; 8.1295 +allVmDom0 = {}; 8.1296 + 8.1297 +templateVmChWs = [ 'list', 8.1298 + [], 8.1299 + 'h_vmChWs', 8.1300 + 'i_vmChWs', 8.1301 + '', 8.1302 + '', 8.1303 + ] 8.1304 +templateVmChWDel = [ 'button', 8.1305 + '', 8.1306 + '', 8.1307 + 'i_vmChWDel', 8.1308 + 'Delete', 8.1309 + '', 8.1310 + ] 8.1311 +templateVmChW = [ 'list', 8.1312 + [], 8.1313 + '', 8.1314 + 'i_vmChW', 8.1315 + '', 8.1316 + '', 8.1317 + ] 8.1318 +templateVmChWAdd = [ 'button', 8.1319 + '', 8.1320 + '', 8.1321 + 'i_vmChWAdd', 8.1322 + 'Add', 8.1323 + '', 8.1324 + ] 8.1325 +allVmChWs = {}; 8.1326 +allVmChWDel = {}; 8.1327 +allVmChW = {}; 8.1328 +allVmChWAdd = {}; 8.1329 + 8.1330 +templateVmStes = [ 'list', 8.1331 + [], 8.1332 + 'h_vmStes', 8.1333 + 'i_vmStes', 8.1334 + '', 8.1335 + '', 8.1336 + ] 8.1337 +templateVmSteDel = [ 'button', 8.1338 + '', 8.1339 + '', 8.1340 + 'i_vmSteDel', 8.1341 + 'Delete', 8.1342 + '', 8.1343 + ] 8.1344 +templateVmSte = [ 'list', 8.1345 + [], 8.1346 + '', 8.1347 + 'i_vmSte', 8.1348 + '', 8.1349 + '', 8.1350 + ] 8.1351 +templateVmSteAdd = [ 'button', 8.1352 + '', 8.1353 + '', 8.1354 + 'i_vmSteAdd', 8.1355 + 'Add', 8.1356 + '', 8.1357 + ] 8.1358 +allVmStes = {}; 8.1359 +allVmSteDel = {}; 8.1360 +allVmSte = {}; 8.1361 +allVmSteAdd = {}; 8.1362 + 8.1363 +# A list of all form variables used for saving info across requests 8.1364 +formVariables = [ formPolicyLabelName, 8.1365 + formPolicyLabelDate, 8.1366 + formPolicyUrl, 8.1367 + formPolicyRef, 8.1368 + formVmNames, 8.1369 + formVmNameDom0, 8.1370 + formSteTypes, 8.1371 + formChWallTypes, 8.1372 + ] 8.1373 + 8.1374 +policyXml = '' 8.1375 +policyLabelXml = '' 8.1376 +xmlError = 0 8.1377 +xmlIncomplete = 0 8.1378 +xmlMessages = [] 8.1379 + 8.1380 + 8.1381 +# Extract any form data 8.1382 +formData = cgi.FieldStorage( ) 8.1383 + 8.1384 +# Process the form 8.1385 +getSavedData( ) 8.1386 +processRequest( ) 8.1387 + 8.1388 +if formData.has_key( formXmlGen[3] ): 8.1389 + # Generate and send the XML file 8.1390 + checkXmlData( ) 8.1391 + 8.1392 + if xmlIncomplete == 0: 8.1393 + sendXmlHeaders( ) 8.1394 + sendPolicyLabelXml( ) 8.1395 + 8.1396 +if (not formData.has_key( formXmlGen[3] )) or (xmlIncomplete == 1 ): 8.1397 + # Send HTML to continue processing the form 8.1398 + sendHtmlHeaders( ) 8.1399 + sendPolicyLabelHtml( )
9.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 9.2 +++ b/tools/security/python/xensec_gen/index.html Tue Dec 13 18:08:26 2005 +0000 9.3 @@ -0,0 +1,126 @@ 9.4 +<!-- 9.5 + The Initial Developer of the Original Code is International 9.6 + Business Machines Corporation. Portions created by IBM 9.7 + Corporation are Copyright (C) 2005 International Business 9.8 + Machines Corporation. All Rights Reserved. 9.9 + --> 9.10 + 9.11 +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" 9.12 + "http://www.w3.org/TR/html4/loose.dtd"> 9.13 +<HTML> 9.14 + <HEAD> 9.15 + <META name="author" content="Tom Lendacky"> 9.16 + <META name="copyright" content="Copyright (C) 2005 International Business Machines Corporation. All rights reserved"> 9.17 + 9.18 + <STYLE type="text/css"> 9.19 + <!-- 9.20 + BODY {background-color: #EEEEFF;} 9.21 + TABLE.xen {width: 100%; border: 0px solid black;} 9.22 + TD {border: 0px solid black;} 9.23 + TD.heading {border: 0px solid black; font-weight: bold; font-size: larger;} 9.24 + --> 9.25 + </STYLE> 9.26 + <TITLE>Xen Security Policy Tool</TITLE> 9.27 + </HEAD> 9.28 + 9.29 + <BODY> 9.30 + <H1>Xen Security Policy Generation Tool</H1> 9.31 + 9.32 + <CENTER> 9.33 + <FORM action="/cgi-bin/policy.cgi" method="post" enctype="multipart/form-data"> 9.34 + <TABLE class="xen"> 9.35 + <COLGROUP> 9.36 + <COL width="25%"> 9.37 + <COL width="20%"> 9.38 + <COL width="55%"> 9.39 + </COLGROUP> 9.40 + 9.41 + <TR> 9.42 + <TD valign="top" class="heading"> 9.43 + Security Policy 9.44 + </TD> 9.45 + <TD valign="top" colspan="2"> 9.46 + To generate a new Xen Security Policy leave the 9.47 + <B>"Policy File"</B> entry field 9.48 + empty and click the "Create" button.<BR> 9.49 + To modify an existing Xen Security Policy enter the 9.50 + file name containing the policy in the 9.51 + <B>"Policy File"</B> entry field 9.52 + and click the "Create" button.<HR> 9.53 + </TD> 9.54 + </TR> 9.55 + <TR> 9.56 + <TD></TD> 9.57 + <TD> 9.58 + Policy File: 9.59 + </TD> 9.60 + <TD> 9.61 + <INPUT type="file" size="50" name="i_policy"> 9.62 + </TD> 9.63 + </TR> 9.64 + <TR> 9.65 + <TD></TD> 9.66 + <TD valign="top"> 9.67 + <INPUT type="submit" name="i_policyCreate" value="Create"> 9.68 + </TD> 9.69 + <TD></TD> 9.70 + </TR> 9.71 + </TABLE> 9.72 + </FORM> 9.73 + 9.74 + <FORM action="/cgi-bin/policylabel.cgi" method="post" enctype="multipart/form-data"> 9.75 + <TABLE class="xen"> 9.76 + <COLGROUP> 9.77 + <COL width="25%"> 9.78 + <COL width="20%"> 9.79 + <COL width="55%"> 9.80 + </COLGROUP> 9.81 + 9.82 + <TR> 9.83 + <TD valign="top" class="heading"> 9.84 + Security Policy Labeling 9.85 + </TD> 9.86 + <TD valign="top" colspan="2"> 9.87 + To generate or edit the Xen Security Policy Labeling you <B>must</B> 9.88 + specify the name of 9.89 + an existing Xen Security Policy file in the 9.90 + <B>"Policy File"</B> entry field.<BR> 9.91 + To generate new Xen Security Policy Labeling leave the 9.92 + <B>"Policy Labeling File"</B> entry field 9.93 + empty and click the "Create" button.<BR> 9.94 + To modify existing Xen Security Policy Labeling enter the 9.95 + file name containing the labeling in the 9.96 + <B>"Policy Labeling File"</B> entry field 9.97 + and click the "Create" button.<HR> 9.98 + </TD> 9.99 + </TR> 9.100 + <TR> 9.101 + <TD></TD> 9.102 + <TD> 9.103 + Policy File: 9.104 + </TD> 9.105 + <TD> 9.106 + <INPUT type="file" size="50" name="i_policy"> 9.107 + </TD> 9.108 + </TR> 9.109 + <TR> 9.110 + <TD></TD> 9.111 + <TD> 9.112 + Policy Labeling File: 9.113 + </TD> 9.114 + <TD> 9.115 + <INPUT type="file" size="50" name="i_policyLabel"> 9.116 + </TD> 9.117 + </TR> 9.118 + <TR> 9.119 + <TD></TD> 9.120 + <TD valign="top"> 9.121 + <INPUT type="submit" name="i_policyLabelCreate" value="Create"> 9.122 + </TD> 9.123 + <TD></TD> 9.124 + </TR> 9.125 + </TABLE> 9.126 + </FORM> 9.127 + </CENTER> 9.128 + </BODY> 9.129 +</HTML>
10.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 10.2 +++ b/tools/security/python/xensec_gen/main.py Tue Dec 13 18:08:26 2005 +0000 10.3 @@ -0,0 +1,185 @@ 10.4 +#!/usr/bin/python 10.5 +# 10.6 +# The Initial Developer of the Original Code is International 10.7 +# Business Machines Corporation. Portions created by IBM 10.8 +# Corporation are Copyright (C) 2005 International Business 10.9 +# Machines Corporation. All Rights Reserved. 10.10 +# 10.11 +# This program is free software; you can redistribute it and/or modify 10.12 +# it under the terms of the GNU General Public License as published by 10.13 +# the Free Software Foundation; either version 2 of the License, 10.14 +# or (at your option) any later version. 10.15 +# 10.16 +# This program is distributed in the hope that it will be useful, 10.17 +# but WITHOUT ANY WARRANTY; without even the implied warranty of 10.18 +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 10.19 +# GNU General Public License for more details. 10.20 +# 10.21 +# You should have received a copy of the GNU General Public License 10.22 +# along with this program; if not, write to the Free Software 10.23 +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA 10.24 +# 10.25 + 10.26 +"""Xen security policy generation aid 10.27 +""" 10.28 + 10.29 +import os 10.30 +import pwd 10.31 +import grp 10.32 +import sys 10.33 +import getopt 10.34 +import BaseHTTPServer 10.35 +import CGIHTTPServer 10.36 + 10.37 + 10.38 +gHttpPort = 7777 10.39 +gHttpDir = '/var/lib/xensec_gen' 10.40 +gLogFile = '/var/log/xensec_gen.log' 10.41 +gUser = 'nobody' 10.42 +gGroup = 'nobody' 10.43 + 10.44 +def usage( ): 10.45 + print >>sys.stderr, 'Usage: ' + sys.argv[0] + ' [OPTIONS]' 10.46 + print >>sys.stderr, ' OPTIONS:' 10.47 + print >>sys.stderr, ' -p, --httpport' 10.48 + print >>sys.stderr, ' The port on which the http server is to listen' 10.49 + print >>sys.stderr, ' (default: ' + str( gHttpPort ) + ')' 10.50 + print >>sys.stderr, ' -d, --httpdir' 10.51 + print >>sys.stderr, ' The directory where the http server is to serve pages from' 10.52 + print >>sys.stderr, ' (default: ' + gHttpDir + ')' 10.53 + print >>sys.stderr, ' -l, --logfile' 10.54 + print >>sys.stderr, ' The file in which to log messages generated by this command' 10.55 + print >>sys.stderr, ' (default: ' + gLogFile + ')' 10.56 + print >>sys.stderr, ' -u, --user' 10.57 + print >>sys.stderr, ' The user under which this command is to run. This parameter' 10.58 + print >>sys.stderr, ' is only used when invoked under the "root" user' 10.59 + print >>sys.stderr, ' (default: ' + gUser + ')' 10.60 + print >>sys.stderr, ' -g, --group' 10.61 + print >>sys.stderr, ' The group under which this command is to run. This parameter' 10.62 + print >>sys.stderr, ' is only used when invoked under the "root" user' 10.63 + print >>sys.stderr, ' (default: ' + gGroup + ')' 10.64 + print >>sys.stderr, ' -f' 10.65 + print >>sys.stderr, ' Run the command in the foreground. The logfile option will be' 10.66 + print >>sys.stderr, ' ignored and all output will be directed to stdout and stderr.' 10.67 + print >>sys.stderr, ' -h, --help' 10.68 + print >>sys.stderr, ' Display the command usage information' 10.69 + 10.70 +def runServer( aServerPort, 10.71 + aServerClass = BaseHTTPServer.HTTPServer, 10.72 + aHandlerClass = CGIHTTPServer.CGIHTTPRequestHandler ): 10.73 + serverAddress = ( '', aServerPort ) 10.74 + httpd = aServerClass( serverAddress, aHandlerClass ) 10.75 + httpd.serve_forever( ) 10.76 + 10.77 +def daemonize( aHttpDir, aLogFile, aUser, aGroup, aFork = 'true' ): 10.78 + # Do some pre-daemon activities 10.79 + os.umask( 027 ) 10.80 + if os.getuid( ) == 0: 10.81 + # If we are running as root, we will change that 10.82 + uid = pwd.getpwnam( aUser )[2] 10.83 + gid = grp.getgrnam( aGroup )[2] 10.84 + 10.85 + if aFork == 'true': 10.86 + # Change the owner of the log file to the user/group 10.87 + # under which the daemon is to run 10.88 + flog = open( aLogFile, 'a' ) 10.89 + flog.close( ) 10.90 + os.chown( aLogFile, uid, gid ) 10.91 + 10.92 + # Change the uid/gid of the process 10.93 + os.setgid( gid ) 10.94 + os.setuid( uid ) 10.95 + 10.96 + # Change to the HTTP directory 10.97 + os.chdir( aHttpDir ) 10.98 + 10.99 + if aFork == 'true': 10.100 + # Do first fork 10.101 + try: 10.102 + pid = os.fork( ) 10.103 + if pid: 10.104 + # Parent process 10.105 + return pid 10.106 + 10.107 + except OSError, e: 10.108 + raise Exception, e 10.109 + 10.110 + # First child process, create a new session 10.111 + os.setsid( ) 10.112 + 10.113 + # Do second fork 10.114 + try: 10.115 + pid = os.fork( ) 10.116 + if pid: 10.117 + # Parent process 10.118 + os._exit( 0 ) 10.119 + 10.120 + except OSError, e: 10.121 + raise Exception, e 10.122 + 10.123 + # Reset stdin/stdout/stderr 10.124 + fin = open( '/dev/null', 'r' ) 10.125 + flog = open( aLogFile, 'a' ) 10.126 + os.dup2( fin.fileno( ), sys.stdin.fileno( ) ) 10.127 + os.dup2( flog.fileno( ), sys.stdout.fileno( ) ) 10.128 + os.dup2( flog.fileno( ), sys.stderr.fileno( ) ) 10.129 + 10.130 +def main( ): 10.131 + httpPort = gHttpPort 10.132 + httpDir = gHttpDir 10.133 + logFile = gLogFile 10.134 + user = gUser 10.135 + group = gGroup 10.136 + doFork = 'true' 10.137 + 10.138 + shortOpts = 'd:p:l:u:g:fh' 10.139 + longOpts = [ 'httpdir=', 'httpport=', 'logfile=', 'user=', 'group=', 'help' ] 10.140 + try: 10.141 + opts, args = getopt.getopt( sys.argv[1:], shortOpts, longOpts ) 10.142 + 10.143 + except getopt.GetoptError, e: 10.144 + print >>sys.stderr, e 10.145 + usage( ) 10.146 + sys.exit( ) 10.147 + 10.148 + if len( args ) != 0: 10.149 + print >>sys.stderr, 'Error: command arguments are not supported' 10.150 + usage( ) 10.151 + sys.exit( ) 10.152 + 10.153 + for opt, opt_value in opts: 10.154 + if opt in ( '-h', '--help' ): 10.155 + usage( ) 10.156 + sys.exit( ) 10.157 + 10.158 + if opt in ( '-d', '--httpdir' ): 10.159 + httpDir = opt_value 10.160 + 10.161 + if opt in ( '-p', '--httpport' ): 10.162 + try: 10.163 + httpPort = int( opt_value ) 10.164 + except: 10.165 + print >>sys.stderr, 'Error: HTTP port is not valid' 10.166 + usage( ) 10.167 + sys.exit( ) 10.168 + 10.169 + if opt in ( '-l', '--logfile' ): 10.170 + logFile = opt_value 10.171 + 10.172 + if opt in ( '-u', '--user' ): 10.173 + user = opt_value 10.174 + 10.175 + if opt in ( '-g', '--group' ): 10.176 + group = opt_value 10.177 + 10.178 + if opt in ( '-f' ): 10.179 + doFork = 'false' 10.180 + 10.181 + pid = daemonize( httpDir, logFile, user, group, doFork ) 10.182 + if pid > 0: 10.183 + sys.exit( ) 10.184 + 10.185 + runServer( httpPort ) 10.186 + 10.187 +if __name__ == '__main__': 10.188 + main( )
11.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 11.2 +++ b/tools/security/xensec_gen.py Tue Dec 13 18:08:26 2005 +0000 11.3 @@ -0,0 +1,26 @@ 11.4 +#!/usr/bin/python 11.5 +# 11.6 +# This program is free software; you can redistribute it and/or modify 11.7 +# it under the terms of the GNU General Public License as published by 11.8 +# the Free Software Foundation; either version 2 of the License, 11.9 +# or (at your option) any later version. 11.10 +# 11.11 +# This program is distributed in the hope that it will be useful, 11.12 +# but WITHOUT ANY WARRANTY; without even the implied warranty of 11.13 +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 11.14 +# GNU General Public License for more details. 11.15 +# 11.16 +# You should have received a copy of the GNU General Public License 11.17 +# along with this program; if not, write to the Free Software 11.18 +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA 11.19 +# 11.20 + 11.21 +import sys 11.22 + 11.23 +# Add fallback path for non-native python path installs if needed 11.24 +sys.path.append( '/usr/lib/python' ) 11.25 +sys.path.append( '/usr/lib64/python' ) 11.26 + 11.27 +from xen.xensec_gen import main 11.28 + 11.29 +main.main( )
12.1 --- a/tools/xm-test/lib/XmTestLib/XenDomain.py Tue Dec 13 18:08:17 2005 +0000 12.2 +++ b/tools/xm-test/lib/XmTestLib/XenDomain.py Tue Dec 13 18:08:26 2005 +0000 12.3 @@ -30,18 +30,140 @@ from config import * 12.4 12.5 BLOCK_ROOT_DEV = "hda" 12.6 12.7 -def XmTestDomain(name=None, extraOpts=None, config="/dev/null"): 12.8 - if ENABLE_VMX_SUPPORT: 12.9 - return XmTestVmxDomain(name, extraOpts, config) 12.10 +def getDeviceModel(): 12.11 + """Get the path to the device model based on 12.12 + the architecture reported in uname""" 12.13 + arch = os.uname()[4] 12.14 + if re.search("64", arch): 12.15 + return "/usr/lib64/xen/bin/qemu-dm" 12.16 else: 12.17 - return XmTestPvDomain(name, extraOpts, config) 12.18 + return "/usr/lib/xen/bin/qemu-dm" 12.19 12.20 def getDefaultKernel(): 12.21 + """Get the path to the default DomU kernel""" 12.22 dom0Ver = commands.getoutput("uname -r"); 12.23 domUVer = dom0Ver.replace("xen0", "xenU"); 12.24 12.25 return "/boot/vmlinuz-" + domUVer; 12.26 12.27 +def getUniqueName(): 12.28 + """Get a uniqueish name for use in a domain""" 12.29 + unixtime = int(time.time()) 12.30 + test_name = sys.argv[0] 12.31 + test_name = re.sub("\.test", "", test_name) 12.32 + test_name = re.sub("[\/\.]", "", test_name) 12.33 + name = "%s-%i" % (test_name, unixtime) 12.34 + 12.35 + return name 12.36 + 12.37 +def getRdPath(): 12.38 + rdpath = os.environ.get("RD_PATH") 12.39 + if not rdpath: 12.40 + rdpath = "../../ramdisk" 12.41 + rdpath = os.path.abspath(rdpath) 12.42 + 12.43 + return rdpath 12.44 + 12.45 +ParavirtDefaults = {"memory" : 64, 12.46 + "vcpus" : 1, 12.47 + "kernel" : getDefaultKernel(), 12.48 + "root" : "/dev/ram0", 12.49 + "ramdisk" : getRdPath() + "/initrd.img" 12.50 + } 12.51 +VmxDefaults = {"memory" : 64, 12.52 + "vcpus" : 1, 12.53 + "nics" : 0, 12.54 + "disk" : ["file:%s/disk.img,ioemu:%s,w" % 12.55 + (getRdPath(), BLOCK_ROOT_DEV)], 12.56 + "kernel" : "/usr/lib/xen/boot/vmxloader", 12.57 + "builder" : "vmx", 12.58 + "sdl" : 0, 12.59 + "vnc" : 0, 12.60 + "vncviewer" : 0, 12.61 + "nographic" : 1, 12.62 + "serial" : "pty", 12.63 + "device_model" : getDeviceModel() 12.64 + } 12.65 + 12.66 +if ENABLE_VMX_SUPPORT: 12.67 + configDefaults = VmxDefaults 12.68 +else: 12.69 + configDefaults = ParavirtDefaults 12.70 + 12.71 +class XenConfig: 12.72 + """An object to help create a xen-compliant config file""" 12.73 + def __init__(self): 12.74 + self.defaultOpts = {} 12.75 + 12.76 + # These options need to be lists 12.77 + self.defaultOpts["disk"] = [] 12.78 + self.defaultOpts["vif"] = [] 12.79 + 12.80 + self.opts = self.defaultOpts 12.81 + 12.82 + def toString(self): 12.83 + """Convert this config to a string for writing out 12.84 + to a file""" 12.85 + string = "# Xen configuration generated by xm-test\n" 12.86 + for k, v in self.opts.items(): 12.87 + if isinstance(v, int): 12.88 + piece = "%s = %i" % (k, v) 12.89 + elif isinstance(v, list) and v: 12.90 + piece = "%s = %s" % (k, v) 12.91 + elif isinstance(v, str) and v: 12.92 + piece = "%s = \"%s\"" % (k, v) 12.93 + else: 12.94 + piece = None 12.95 + 12.96 + if piece: 12.97 + string += "%s\n" % piece 12.98 + 12.99 + return string 12.100 + 12.101 + def write(self, filename): 12.102 + """Write this config out to filename""" 12.103 + output = file(filename, "w") 12.104 + output.write(self.toString()) 12.105 + output.close() 12.106 + 12.107 + def __str__(self): 12.108 + """When used as a string, we represent ourself by a config 12.109 + filename, which points to a temporary config that we write 12.110 + out ahead of time""" 12.111 + filename = "/tmp/xm-test.conf" 12.112 + self.write(filename) 12.113 + return filename 12.114 + 12.115 + def setOpt(self, name, value): 12.116 + """Set an option in the config""" 12.117 + if name in self.opts.keys() and isinstance(self.opts[name], list) and not isinstance(value, list): 12.118 + self.opts[name] = [value] 12.119 + else: 12.120 + self.opts[name] = value 12.121 + 12.122 + def appOpt(self, name, value): 12.123 + """Append a value to a list option""" 12.124 + if name in self.opts.keys() and isinstance(self.opts[name], list): 12.125 + self.opts[name].append(value) 12.126 + 12.127 + def getOpt(self, name): 12.128 + """Return the value of a config option""" 12.129 + if name in self.opts.keys(): 12.130 + return self.opts[name] 12.131 + else: 12.132 + return None 12.133 + 12.134 + def setOpts(self, opts): 12.135 + """Batch-set options from a dictionary""" 12.136 + for k, v in opts.items(): 12.137 + self.setOpt(k, v) 12.138 + 12.139 + def clearOpts(self, name=None): 12.140 + """Clear one or all config options""" 12.141 + if name: 12.142 + self.opts[name] = self.defaultOpts[name] 12.143 + else: 12.144 + self.opts = self.defaultOpts 12.145 12.146 class DomainError(Exception): 12.147 def __init__(self, msg, extra="", errorcode=0): 12.148 @@ -55,62 +177,24 @@ class DomainError(Exception): 12.149 def __str__(self): 12.150 return str(self.msg) 12.151 12.152 + 12.153 class XenDomain: 12.154 12.155 - def __init__(self, opts={}, config="/dev/null"): 12.156 - """Create a domain object. Optionally take a 12.157 - dictionary of 'xm' options to use""" 12.158 - 12.159 - self.domID = None; 12.160 - self.config = config 12.161 - 12.162 - if not opts.has_key("name"): 12.163 - raise DomainError("Missing `name' option") 12.164 - if not opts.has_key("memory"): 12.165 - raise DomainError("Missing `memory' option") 12.166 - if not opts.has_key("kernel"): 12.167 - raise DomainError("Missing `kernel' option") 12.168 - 12.169 - self.opts = opts 12.170 - 12.171 - self.configVals = None 12.172 + def __init__(self, name=None, config=None): 12.173 + """Create a domain object. 12.174 + @param config: String filename of config file 12.175 + """ 12.176 12.177 - def __buildCmdLine(self): 12.178 - c = "xm create %s" % self.config 12.179 - 12.180 - for k in self.opts.keys(): 12.181 - c += " %s=%s" % (k, self.opts[k]) 12.182 - 12.183 - return c 12.184 + if name: 12.185 + self.name = name 12.186 + else: 12.187 + self.name = getUniqueName() 12.188 12.189 - def getUniqueName(self): 12.190 - # 12.191 - # We avoid multiple duplicate names 12.192 - # here because they stick around in xend 12.193 - # too long 12.194 - # 12.195 - unixtime = int(time.time()) 12.196 - test_name = sys.argv[0] 12.197 - test_name = re.sub("\.test", "", test_name) 12.198 - test_name = re.sub("[\/\.]", "", test_name) 12.199 - name = "%s-%i" % (test_name, unixtime) 12.200 - 12.201 - return name 12.202 + self.config = config 12.203 12.204 def start(self): 12.205 12.206 - if self.configVals: 12.207 - self.__writeConfig("/tmp/xm-test.conf") 12.208 - self.config = "/tmp/xm-test.conf" 12.209 - 12.210 - commandLine = self.__buildCmdLine() 12.211 - 12.212 - ret, output = traceCommand(commandLine); 12.213 - 12.214 - try: 12.215 - self.domID = self.getId() 12.216 - except: 12.217 - self.domID = -1; 12.218 + ret, output = traceCommand("xm create %s" % self.config) 12.219 12.220 if ret != 0: 12.221 raise DomainError("Failed to create domain", 12.222 @@ -118,190 +202,79 @@ class XenDomain: 12.223 errorcode=ret) 12.224 12.225 def stop(self): 12.226 - prog = "xm"; 12.227 - cmd = " shutdown "; 12.228 + prog = "xm" 12.229 + cmd = " shutdown " 12.230 12.231 - ret, output = traceCommand(prog + cmd + self.opts["name"]); 12.232 + ret, output = traceCommand(prog + cmd + self.config.getOpt("name")) 12.233 12.234 - return ret; 12.235 + return ret 12.236 12.237 def destroy(self): 12.238 - prog = "xm"; 12.239 - cmd = " destroy "; 12.240 + prog = "xm" 12.241 + cmd = " destroy " 12.242 12.243 - ret, output = traceCommand(prog + cmd + self.opts["name"]); 12.244 + ret, output = traceCommand(prog + cmd + self.config.getOpt("name")) 12.245 12.246 - return ret; 12.247 + return ret 12.248 12.249 def getName(self): 12.250 - return self.opts["name"]; 12.251 + return self.name 12.252 12.253 def getId(self): 12.254 return domid(self.getName()); 12.255 12.256 - def configSetVar(self, key, value): 12.257 - if not self.configVals: 12.258 - self.configVals = {} 12.259 12.260 - self.configVals[key] = value 12.261 - 12.262 - def configAddDisk(self, pdev, vdev, acc): 12.263 - if not self.configVals: 12.264 - self.configVals = {} 12.265 - 12.266 - if not self.configVals.has_key("disk"): 12.267 - self.configVals["disk"] = [] 12.268 - 12.269 - self.configVals["disk"].append("%s,%s,%s" % (pdev,vdev,acc)) 12.270 - 12.271 - def configAddVif(self, type, mac, bridge): 12.272 - if not self.configVals: 12.273 - self.configVals = {} 12.274 - 12.275 - if not self.configVals.has_key("vif"): 12.276 - self.configVals["vif"] = [] 12.277 - 12.278 - if mac: 12.279 - self.configVals["vif"].append("%s,%s,%s" % (type,mac,bridge)) 12.280 - else: 12.281 - self.configVals["vif"].append("%s,%s" % (type,bridge)) 12.282 - 12.283 - def __writeConfig(self, configFileName): 12.284 - 12.285 - conf = file(configFileName, "w") 12.286 - 12.287 - for k,v in self.configVals.items(): 12.288 - print >>conf, "%s = %s" % (k, v) 12.289 - 12.290 - conf.close() 12.291 - 12.292 -class XmTestVmxDomain(XenDomain): 12.293 - 12.294 - def __prepareBlockRoot(self, rdpath): 12.295 - image = os.path.abspath(rdpath + "/disk.img") 12.296 - self.configAddDisk("file:%s" % image, "ioemu:%s" % BLOCK_ROOT_DEV, "w") 12.297 - 12.298 - def __prepareVif(self): 12.299 - self.configAddVif("type=ioemu", None, "bridge=xenbr0") 12.300 +class XmTestDomain(XenDomain): 12.301 12.302 - def __prepareDeviceModel(self): 12.303 - arch = os.uname()[4] 12.304 - if re.search('64', arch): 12.305 - self.configSetVar("device_model", "\"/usr/lib64/xen/bin/qemu-dm\"") 12.306 - else: 12.307 - self.configSetVar("device_model", "\"/usr/lib/xen/bin/qemu-dm\"") 12.308 - 12.309 - def __init__(self, name=None, extraOpts=None, config="/dev/null"): 12.310 - 12.311 - rdpath = os.environ.get("RD_PATH") 12.312 - if not rdpath: 12.313 - rdpath = "../../ramdisk" 12.314 - 12.315 - self.opts = {} 12.316 - self.configVals = {} 12.317 + def __init__(self, name=None, extraConfig=None, baseConfig=configDefaults): 12.318 + """Create a new xm-test domain 12.319 + @param name: The requested domain name 12.320 + @param extraConfig: Additional configuration options 12.321 + @param baseConfig: The initial configuration defaults to use 12.322 + """ 12.323 + config = XenConfig() 12.324 + config.setOpts(baseConfig) 12.325 + if extraConfig: 12.326 + config.setOpts(extraConfig) 12.327 12.328 - # Defaults 12.329 - self.defaults = {"memory" : 64, 12.330 - "vcpus" : 1, 12.331 - "kernel" : "/usr/lib/xen/boot/vmxloader", 12.332 - "builder" : "\'vmx\'", 12.333 - "name" : name or self.getUniqueName() 12.334 - } 12.335 - 12.336 - self.domID = None; 12.337 - self.config = config; 12.338 + if name: 12.339 + config.setOpt("name", name) 12.340 + elif not config.getOpt("name"): 12.341 + config.setOpt("name", getUniqueName()) 12.342 12.343 - self.__prepareBlockRoot(rdpath) 12.344 - #self.__prepareVif() 12.345 - self.__prepareDeviceModel() 12.346 - #self.configSetVar("boot","\'c\'") 12.347 - self.configSetVar("sdl","0") 12.348 - self.configSetVar("vnc","0") 12.349 - self.configSetVar("vncviewer","0") 12.350 - self.configSetVar("nographic","1") 12.351 - self.configSetVar("serial","\'pty\'") 12.352 - 12.353 - # Copy over defaults 12.354 - for key in self.defaults.keys(): 12.355 - self.opts[key] = self.defaults[key] 12.356 - 12.357 - # Merge in extra options 12.358 - if extraOpts: 12.359 - for key in extraOpts.keys(): 12.360 - self.opts[key] = extraOpts[key] 12.361 + XenDomain.__init__(self, config.getOpt("name"), config=config) 12.362 12.363 def start(self): 12.364 - """We know how about how long everyone will need to wait 12.365 - for our disk image to come up, so we do it here as a convenience""" 12.366 - 12.367 -# for i in range(0,5): 12.368 -# status, output = traceCommand("xm list") 12.369 - 12.370 XenDomain.start(self) 12.371 - waitForBoot() 12.372 + if ENABLE_VMX_SUPPORT: 12.373 + waitForBoot() 12.374 12.375 def startNow(self): 12.376 XenDomain.start(self) 12.377 12.378 - def getMem(self): 12.379 - return int(self.opts["memory"]) 12.380 - 12.381 - def minSafeMem(self): 12.382 - return 16 12.383 - 12.384 -class XmTestPvDomain(XenDomain): 12.385 - 12.386 - def __init__(self, name=None, extraOpts=None, config="/dev/null"): 12.387 - 12.388 - rdpath = os.environ.get("RD_PATH") 12.389 - if not rdpath: 12.390 - rdpath = "../../ramdisk" 12.391 - 12.392 - self.opts = {} 12.393 - self.configVals = None 12.394 - 12.395 - # Defaults 12.396 - self.defaults = {"memory" : 64, 12.397 - "vcpus" : 1, 12.398 - "kernel" : getDefaultKernel(), 12.399 - "root" : "/dev/ram0", 12.400 - "name" : name or self.getUniqueName(), 12.401 - "ramdisk" : rdpath + "/initrd.img" 12.402 - } 12.403 - 12.404 - self.domID = None; 12.405 - self.config = config; 12.406 - 12.407 - # Copy over defaults 12.408 - for key in self.defaults.keys(): 12.409 - self.opts[key] = self.defaults[key] 12.410 - 12.411 - # Merge in extra options 12.412 - if extraOpts: 12.413 - for key in extraOpts.keys(): 12.414 - self.opts[key] = extraOpts[key] 12.415 - 12.416 - def start(self): 12.417 - """We know how about how long everyone will need to wait 12.418 - for our ramdisk to come up, so we do it here as a convenience""" 12.419 - 12.420 -# for i in range(0,5): 12.421 -# status, output = traceCommand("xm list") 12.422 - 12.423 - XenDomain.start(self) 12.424 -# waitForBoot() 12.425 - 12.426 - def startNow(self): 12.427 - XenDomain.start(self) 12.428 - 12.429 - def getMem(self): 12.430 - return int(self.opts["memory"]) 12.431 - 12.432 def minSafeMem(self): 12.433 return 16 12.434 12.435 if __name__ == "__main__": 12.436 12.437 - d = XmTestDomain(); 12.438 + c = XenConfig() 12.439 + 12.440 + c.setOpt("foo", "bar") 12.441 + c.setOpt("foob", 1) 12.442 + opts = {"opt1" : 19, 12.443 + "opt2" : "blah"} 12.444 + c.setOpts(opts) 12.445 + 12.446 + c.setOpt("disk", "phy:/dev/ram0,hda1,w") 12.447 + c.appOpt("disk", "phy:/dev/ram1,hdb1,w") 12.448 12.449 - d.start(); 12.450 + print str(c) 12.451 + 12.452 + 12.453 + 12.454 +# c.write("/tmp/foo.conf") 12.455 + 12.456 +# d = XmTestDomain(); 12.457 +# 12.458 +# d.start(); 12.459 +
13.1 --- a/tools/xm-test/lib/XmTestReport/Report.py Tue Dec 13 18:08:17 2005 +0000 13.2 +++ b/tools/xm-test/lib/XmTestReport/Report.py Tue Dec 13 18:08:26 2005 +0000 13.3 @@ -31,10 +31,12 @@ import os 13.4 import xml.dom.minidom 13.5 import httplib 13.6 import urllib 13.7 +import re 13.8 13.9 #REPORT_HOST = "xmtest-dev.dague.org" 13.10 REPORT_HOST = "xmtest.dague.org" 13.11 REPORT_URL = "/cgi-bin/report-results"; 13.12 +VIEW_URL = "cgi-bin/display?view=single&testid=" 13.13 13.14 class XmTestReport: 13.15 13.16 @@ -101,16 +103,21 @@ def postResults(results): 13.17 conn.request("POST", REPORT_URL, body, headers) 13.18 13.19 resp = conn.getresponse() 13.20 + data = resp.read() 13.21 + 13.22 if resp.status == 200: 13.23 print >>sys.stderr, "Your results have been submitted successfully!" 13.24 + match = re.match("^id=([0-9]+)$", data.split("\n")[1]) 13.25 + if match: 13.26 + id = match.group(1) 13.27 + print >>sys.stderr, "See your report at:" 13.28 + print >>sys.stderr, "http://%s/%s%s" % (REPORT_HOST, VIEW_URL, id) 13.29 else: 13.30 print >>sys.stderr, "Unable to submit results:" 13.31 print >>sys.stderr, "[http://%s%s] said %i: %s" % (REPORT_HOST, 13.32 REPORT_URL, 13.33 resp.status, 13.34 resp.reason) 13.35 - 13.36 - data = resp.read() 13.37 print >>sys.stderr, data 13.38 13.39 if __name__ == "__main__":
14.1 --- a/tools/xm-test/tests/block-create/11_block_attach_shared_dom0.py Tue Dec 13 18:08:17 2005 +0000 14.2 +++ b/tools/xm-test/tests/block-create/11_block_attach_shared_dom0.py Tue Dec 13 18:08:26 2005 +0000 14.3 @@ -21,8 +21,9 @@ if s != 0: 14.4 14.5 # Now try to start a DomU with write access to /dev/ram0 14.6 14.7 -domain = XmTestDomain(); 14.8 -domain.configAddDisk("phy:/dev/ram0", "hda1", "w") 14.9 +config = {"disk":"phy:/dev/ram0,hda1,w"} 14.10 + 14.11 +domain = XmTestDomain(extraConfig=config); 14.12 14.13 try: 14.14 domain.start()
15.1 --- a/tools/xm-test/tests/block-create/12_block_attach_shared_domU.py Tue Dec 13 18:08:17 2005 +0000 15.2 +++ b/tools/xm-test/tests/block-create/12_block_attach_shared_domU.py Tue Dec 13 18:08:26 2005 +0000 15.3 @@ -5,11 +5,11 @@ 15.4 15.5 from XmTestLib import * 15.6 15.7 -dom1 = XmTestDomain() 15.8 -dom2 = XmTestDomain(dom1.getName() + "-2") 15.9 +config = {"disk":"phy:/dev/ram0,hda1,w"} 15.10 15.11 -dom1.configAddDisk("phy:/dev/ram0", "hda1", "w") 15.12 -dom2.configAddDisk("phy:/dev/ram0", "hda1", "w") 15.13 +dom1 = XmTestDomain(extraConfig=config) 15.14 +dom2 = XmTestDomain(dom1.getName() + "-2", 15.15 + extraConfig=config) 15.16 15.17 try: 15.18 dom1.start()
16.1 --- a/tools/xm-test/tests/block-destroy/01_block-destroy_btblock_pos.py Tue Dec 13 18:08:17 2005 +0000 16.2 +++ b/tools/xm-test/tests/block-destroy/01_block-destroy_btblock_pos.py Tue Dec 13 18:08:26 2005 +0000 16.3 @@ -5,9 +5,8 @@ 16.4 16.5 from XmTestLib import * 16.6 16.7 -domain = XmTestDomain() 16.8 - 16.9 -domain.configAddDisk("phy:/dev/ram0", "hda1", "w") 16.10 +config = {"disk":"phy:/dev/ram0,hda1,w"} 16.11 +domain = XmTestDomain(extraConfig=config) 16.12 16.13 try: 16.14 domain.start()
17.1 --- a/tools/xm-test/tests/block-destroy/05_block-destroy_byname_pos.py Tue Dec 13 18:08:17 2005 +0000 17.2 +++ b/tools/xm-test/tests/block-destroy/05_block-destroy_byname_pos.py Tue Dec 13 18:08:26 2005 +0000 17.3 @@ -5,9 +5,8 @@ 17.4 17.5 from XmTestLib import * 17.6 17.7 -domain = XmTestDomain() 17.8 - 17.9 -domain.configAddDisk("phy:/dev/ram0", "hda1", "w") 17.10 +config = {"disk":"phy:/dev/ram0,hda1,w"} 17.11 +domain = XmTestDomain(extraConfig=config) 17.12 17.13 try: 17.14 domain.start()
18.1 --- a/tools/xm-test/tests/block-list/01_block-list_pos.py Tue Dec 13 18:08:17 2005 +0000 18.2 +++ b/tools/xm-test/tests/block-list/01_block-list_pos.py Tue Dec 13 18:08:26 2005 +0000 18.3 @@ -8,9 +8,8 @@ 18.4 18.5 from XmTestLib import * 18.6 18.7 -domain = XmTestDomain() 18.8 - 18.9 -domain.configAddDisk("phy:/dev/ram0", "hda1", "w") 18.10 +config = {"disk":"phy:/dev/ram0,hda1,w"} 18.11 +domain = XmTestDomain(extraConfig=config) 18.12 18.13 try: 18.14 domain.start()
19.1 --- a/tools/xm-test/tests/block-list/03_block-list_anotherbd_pos.py Tue Dec 13 18:08:17 2005 +0000 19.2 +++ b/tools/xm-test/tests/block-list/03_block-list_anotherbd_pos.py Tue Dec 13 18:08:26 2005 +0000 19.3 @@ -8,9 +8,8 @@ 19.4 19.5 from XmTestLib import * 19.6 19.7 -domain = XmTestDomain() 19.8 - 19.9 -domain.configAddDisk("phy:/dev/ram0", "hda1", "w") 19.10 +config = {"disk":"phy:/dev/ram0,hda1,w"} 19.11 +domain = XmTestDomain(extraConfig=config) 19.12 19.13 try: 19.14 domain.start()
20.1 --- a/tools/xm-test/tests/create/01_create_basic_pos.py Tue Dec 13 18:08:17 2005 +0000 20.2 +++ b/tools/xm-test/tests/create/01_create_basic_pos.py Tue Dec 13 18:08:26 2005 +0000 20.3 @@ -12,9 +12,9 @@ from XmTestLib import * 20.4 # Create a domain (default XmTestDomain, with our ramdisk) 20.5 domain = XmTestDomain() 20.6 20.7 -if int(getInfo("free_memory")) < domain.getMem(): 20.8 +if int(getInfo("free_memory")) < domain.config.getOpt("memory"): 20.9 SKIP("This test needs %i MB of free memory (%i MB avail)" % 20.10 - (domain.getMem(), int(getInfo("free_memory")))) 20.11 + (domain.config.getOpt("memory"), int(getInfo("free_memory")))) 20.12 20.13 # Start it 20.14 try:
21.1 --- a/tools/xm-test/tests/create/06_create_mem_neg.py Tue Dec 13 18:08:17 2005 +0000 21.2 +++ b/tools/xm-test/tests/create/06_create_mem_neg.py Tue Dec 13 18:08:26 2005 +0000 21.3 @@ -19,15 +19,8 @@ if not rdpath: 21.4 rdpath = "../ramdisk" 21.5 21.6 # Test 1: create a domain with mem=0 21.7 -opts1 = { 21.8 - "name" : "default", 21.9 - "memory" : 0, 21.10 - "kernel" : getDefaultKernel(), 21.11 - "root" : "/dev/ram0", 21.12 - "ramdisk" : rdpath + "/initrd.img", 21.13 - } 21.14 - 21.15 -domain1=XenDomain(opts1) 21.16 +config1 = {"memory": 0} 21.17 +domain1=XmTestDomain(extraConfig=config1) 21.18 21.19 try: 21.20 domain1.start() 21.21 @@ -43,17 +36,10 @@ if eyecatcher1 != "Fail": 21.22 # Test 2: create a domain with mem>sys_mem 21.23 21.24 mem = int(getInfo("total_memory")) 21.25 -extreme_mem = str(mem + 100) 21.26 +extreme_mem = mem + 100 21.27 21.28 -opts2= { 21.29 - "name" : "default", 21.30 - "memory" : extreme_mem, 21.31 - "kernel" : getDefaultKernel(), 21.32 - "root" : "/dev/ram0", 21.33 - "ramdisk" : rdpath + "/initrd.img", 21.34 - } 21.35 - 21.36 -domain2=XenDomain(opts2) 21.37 +config2 = {"memory": extreme_mem} 21.38 +domain2=XmTestDomain(extraConfig=config2) 21.39 21.40 try: 21.41 domain2.start()
22.1 --- a/tools/xm-test/tests/create/07_create_mem64_pos.py Tue Dec 13 18:08:17 2005 +0000 22.2 +++ b/tools/xm-test/tests/create/07_create_mem64_pos.py Tue Dec 13 18:08:26 2005 +0000 22.3 @@ -23,15 +23,8 @@ if mem < 64: 22.4 SKIP("This test needs 64 MB of free memory (%i MB avail)" % mem) 22.5 22.6 #create a domain with mem=64 22.7 -opts = { 22.8 - "name" : "MEM64", 22.9 - "memory" : 64, 22.10 - "kernel" : getDefaultKernel(), 22.11 - "root" : "/dev/ram0", 22.12 - "ramdisk" : rdpath + "/initrd.img", 22.13 - } 22.14 - 22.15 -domain_mem64=XenDomain(opts) 22.16 +config = {"memory": 64} 22.17 +domain_mem64=XmTestDomain(extraConfig=config) 22.18 22.19 #start it 22.20 try:
23.1 --- a/tools/xm-test/tests/create/08_create_mem128_pos.py Tue Dec 13 18:08:17 2005 +0000 23.2 +++ b/tools/xm-test/tests/create/08_create_mem128_pos.py Tue Dec 13 18:08:26 2005 +0000 23.3 @@ -23,15 +23,8 @@ if mem < 128: 23.4 SKIP("This test needs 128 MB of free memory (%i MB avail)" % mem) 23.5 23.6 #create a domain with mem=128 23.7 -opts = { 23.8 - "name" : "MEM128", 23.9 - "memory" : 128, 23.10 - "kernel" : getDefaultKernel(), 23.11 - "root" : "/dev/ram0", 23.12 - "ramdisk" : rdpath + "/initrd.img", 23.13 - } 23.14 - 23.15 -domain_mem128=XenDomain(opts) 23.16 +config={"memory": 128} 23.17 +domain_mem128=XmTestDomain(extraConfig=config) 23.18 23.19 #start it 23.20 try:
24.1 --- a/tools/xm-test/tests/create/09_create_mem256_pos.py Tue Dec 13 18:08:17 2005 +0000 24.2 +++ b/tools/xm-test/tests/create/09_create_mem256_pos.py Tue Dec 13 18:08:26 2005 +0000 24.3 @@ -23,15 +23,8 @@ if mem < 256: 24.4 SKIP("This test needs 256 MB of free memory (%i MB avail)" % mem) 24.5 24.6 #create a domain with mem=256 24.7 -opts = { 24.8 - "name" : "MEM256", 24.9 - "memory" : 256, 24.10 - "kernel" : getDefaultKernel(), 24.11 - "root" : "/dev/ram0", 24.12 - "ramdisk" : rdpath + "/initrd.img", 24.13 - } 24.14 - 24.15 -domain_mem256=XenDomain(opts) 24.16 +config = {"memory": 256} 24.17 +domain_mem256=XmTestDomain(extraConfig=config) 24.18 24.19 #start it 24.20 try:
25.1 --- a/tools/xm-test/tests/create/11_create_concurrent_pos.py Tue Dec 13 18:08:17 2005 +0000 25.2 +++ b/tools/xm-test/tests/create/11_create_concurrent_pos.py Tue Dec 13 18:08:26 2005 +0000 25.3 @@ -34,7 +34,7 @@ if verbose: 25.4 25.5 for d in range(0, NUM_DOMS): 25.6 dom = XmTestDomain(name="11_create_%i" % d, 25.7 - extraOpts={"memory":str(MEM_PER_DOM)}) 25.8 + extraConfig={"memory":MEM_PER_DOM}) 25.9 25.10 try: 25.11 dom.start()
26.1 --- a/tools/xm-test/tests/create/12_create_concurrent_stress_pos.py Tue Dec 13 18:08:17 2005 +0000 26.2 +++ b/tools/xm-test/tests/create/12_create_concurrent_stress_pos.py Tue Dec 13 18:08:26 2005 +0000 26.3 @@ -14,7 +14,7 @@ DUR=60 26.4 domains = [] 26.5 26.6 for i in range(0,DOMS): 26.7 - dom = XmTestDomain(extraOpts={"memory" : str(MEM)}) 26.8 + dom = XmTestDomain(extraConfig={"memory" : MEM}) 26.9 26.10 try: 26.11 dom.start()
27.1 --- a/tools/xm-test/tests/create/13_create_multinic_pos.py Tue Dec 13 18:08:17 2005 +0000 27.2 +++ b/tools/xm-test/tests/create/13_create_multinic_pos.py Tue Dec 13 18:08:26 2005 +0000 27.3 @@ -6,8 +6,8 @@ 27.4 from XmTestLib import * 27.5 27.6 for i in range(0,10): 27.7 - domain = XmTestDomain() 27.8 - domain.configSetVar('vif', str(['' for _ in range(0, i)])) 27.9 + config = {"vif": ['' for _ in range(0, i)]} 27.10 + domain = XmTestDomain(extraConfig=config) 27.11 27.12 try: 27.13 domain.start()
28.1 --- a/tools/xm-test/tests/create/14_create_blockroot_pos.py Tue Dec 13 18:08:17 2005 +0000 28.2 +++ b/tools/xm-test/tests/create/14_create_blockroot_pos.py Tue Dec 13 18:08:26 2005 +0000 28.3 @@ -6,10 +6,9 @@ 28.4 from XmTestLib import * 28.5 28.6 import os 28.7 +import time 28.8 28.9 -CONF_FILE = "/tmp/14_create_blockroot_pos.conf" 28.10 - 28.11 -rdpath = os.path.abspath(os.environ.get("RD_PATH")) 28.12 +rdpath = getRdPath() 28.13 28.14 # status, output = traceCommand("losetup -f %s" % rdpath) 28.15 # if status != 0: 28.16 @@ -17,22 +16,26 @@ rdpath = os.path.abspath(os.environ.get( 28.17 # 28.18 # if verbose: 28.19 # print "Using %s" % output 28.20 - 28.21 -opts = {"memory" : "64", 28.22 - "root" : "/dev/hda1", 28.23 - "name" : "14_create_blockroot", 28.24 - "kernel" : getDefaultKernel() } 28.25 28.26 -domain = XenDomain(opts=opts) 28.27 - 28.28 -domain.configAddDisk("file:%s/initrd.img" % rdpath, "hda1", "w") 28.29 +if ENABLE_VMX_SUPPORT: 28.30 + domain = XmTestDomain(name="14_create_blockroot") 28.31 +else: 28.32 + config = {"memory" : "64", 28.33 + "root" : "/dev/hda1", 28.34 + "name" : "14_create_blockroot", 28.35 + "kernel" : getDefaultKernel(), 28.36 + "disk" : "file:%s/initrd.img,hda1,w" % rdpath 28.37 + } 28.38 + domConfig = XenConfig() 28.39 + domConfig.setOpts(config) 28.40 + domain = XenDomain(name=domConfig.getOpt("name"), config=domConfig) 28.41 28.42 try: 28.43 domain.start() 28.44 except DomainError, e: 28.45 FAIL(str(e)) 28.46 28.47 -waitForBoot() 28.48 +#waitForBoot() 28.49 28.50 try: 28.51 console = XmConsole(domain.getName(), historySaveCmds=True)
29.1 --- a/tools/xm-test/tests/create/15_create_smallmem_pos.py Tue Dec 13 18:08:17 2005 +0000 29.2 +++ b/tools/xm-test/tests/create/15_create_smallmem_pos.py Tue Dec 13 18:08:26 2005 +0000 29.3 @@ -7,8 +7,8 @@ from XmTestLib import * 29.4 29.5 MEM = 16 29.6 29.7 -domain = XmTestDomain(extraOpts={"memory":"%i" % MEM, 29.8 - "extra" :"mem=%iM" % MEM}) 29.9 +domain = XmTestDomain(extraConfig={"memory": MEM, 29.10 + "extra" :"mem=%iM" % MEM}) 29.11 29.12 try: 29.13 domain.start()
30.1 --- a/tools/xm-test/tests/memset/03_memset_random_pos.py Tue Dec 13 18:08:17 2005 +0000 30.2 +++ b/tools/xm-test/tests/memset/03_memset_random_pos.py Tue Dec 13 18:08:26 2005 +0000 30.3 @@ -20,8 +20,8 @@ except DomainError, e: 30.4 FAIL(str(e)) 30.5 30.6 times = random.randint(10,50) 30.7 -origmem = domain.getMem() 30.8 -currmem = domain.getMem() 30.9 +origmem = domain.config.getOpt("memory") 30.10 +currmem = domain.config.getOpt("memory") 30.11 30.12 try: 30.13 console = XmConsole(domain.getName())
31.1 --- a/tools/xm-test/tests/network/02_network_local_ping_pos.py Tue Dec 13 18:08:17 2005 +0000 31.2 +++ b/tools/xm-test/tests/network/02_network_local_ping_pos.py Tue Dec 13 18:08:26 2005 +0000 31.3 @@ -28,9 +28,9 @@ ip = Net.ip("dom1", "eth0") 31.4 mask = Net.mask("dom1", "eth0") 31.5 31.6 # Fire up a guest domain w/1 nic 31.7 -domain = XmTestDomain() 31.8 +config = {"vif" : ['ip=%s' % ip]} 31.9 +domain = XmTestDomain(extraConfig=config) 31.10 try: 31.11 - domain.configSetVar('vif', " [ 'ip=" + ip + "' ]") 31.12 domain.start() 31.13 except DomainError, e: 31.14 if verbose:
32.1 --- a/tools/xm-test/tests/network/05_network_dom0_ping_pos.py Tue Dec 13 18:08:17 2005 +0000 32.2 +++ b/tools/xm-test/tests/network/05_network_dom0_ping_pos.py Tue Dec 13 18:08:26 2005 +0000 32.3 @@ -31,9 +31,9 @@ except NetworkError, e: 32.4 FAIL(str(e)) 32.5 32.6 # Fire up a guest domain w/1 nic 32.7 -domain = XmTestDomain() 32.8 +config = {"vif" : ["ip=%s" % ip]} 32.9 +domain = XmTestDomain(extraConfig=config) 32.10 try: 32.11 - domain.configSetVar('vif', " [ 'ip=" + ip + "' ]") 32.12 domain.start() 32.13 except DomainError, e: 32.14 if verbose:
33.1 --- a/tools/xm-test/tests/network/11_network_domU_ping_pos.py Tue Dec 13 18:08:17 2005 +0000 33.2 +++ b/tools/xm-test/tests/network/11_network_domU_ping_pos.py Tue Dec 13 18:08:26 2005 +0000 33.3 @@ -15,15 +15,12 @@ 33.4 pingsizes = [ 1, 48, 64, 512, 1440, 1500, 1505, 4096, 4192, 33.5 32767, 65507 ] 33.6 33.7 - 33.8 - 33.9 from XmTestLib import * 33.10 33.11 - 33.12 def netDomain(ip): 33.13 - dom = XmTestDomain() 33.14 + config = {"vif" : ["ip=%s" % ip]} 33.15 + domain = XmTestDomain(extraConfig=config) 33.16 try: 33.17 - dom.configSetVar('vif', " [ 'ip=" + ip + "' ]") 33.18 dom.start() 33.19 except DomainError, e: 33.20 if verbose:
34.1 --- a/tools/xm-test/tests/restore/04_restore_withdevices_pos.py Tue Dec 13 18:08:17 2005 +0000 34.2 +++ b/tools/xm-test/tests/restore/04_restore_withdevices_pos.py Tue Dec 13 18:08:26 2005 +0000 34.3 @@ -7,12 +7,9 @@ from XmTestLib import * 34.4 34.5 import re 34.6 34.7 -domain = XmTestDomain() 34.8 - 34.9 -domain.configSetVar('vif', "[ '', '' ]") 34.10 - 34.11 -domain.configAddDisk("phy:/dev/ram0", "hda1", "w") 34.12 -domain.configAddDisk("phy:/dev/ram1", "hdb2", "w") 34.13 +config = {"disk": ["phy:/dev/ram0,hda1,w", "phy:/dev/ram1,hdb2,w"], 34.14 + "vif": ['', '']} 34.15 +domain = XmTestDomain(extraConfig=config) 34.16 34.17 s, o = traceCommand("mke2fs -q /dev/ram0") 34.18 if s != 0:
35.1 --- a/tools/xm-test/tests/sedf/01_sedf_multi_pos.py Tue Dec 13 18:08:17 2005 +0000 35.2 +++ b/tools/xm-test/tests/sedf/01_sedf_multi_pos.py Tue Dec 13 18:08:26 2005 +0000 35.3 @@ -7,7 +7,7 @@ from XmTestLib import * 35.4 35.5 sedf_opts = "20000000 5000000 0 0 0" 35.6 35.7 -domain = XmTestDomain(extraOpts = {"sched":"sedf"}) 35.8 +domain = XmTestDomain(extraConfig = {"sched":"sedf"}) 35.9 35.10 try: 35.11 domain.start()
36.1 --- a/tools/xm-test/tests/vcpu-disable/01_vcpu-disable_basic_pos.py Tue Dec 13 18:08:17 2005 +0000 36.2 +++ b/tools/xm-test/tests/vcpu-disable/01_vcpu-disable_basic_pos.py Tue Dec 13 18:08:26 2005 +0000 36.3 @@ -39,7 +39,7 @@ if smpConcurrencyLevel() <= 1: 36.4 SKIP("Host not capable of running test") 36.5 36.6 # Start a XmTestDomain with 2 VCPUs 36.7 -domain = XmTestDomain(extraOpts = {"vcpus":"2"}) 36.8 +domain = XmTestDomain(extraConfig={"vcpus":2}) 36.9 36.10 try: 36.11 domain.start()
37.1 --- a/xen/arch/x86/Makefile Tue Dec 13 18:08:17 2005 +0000 37.2 +++ b/xen/arch/x86/Makefile Tue Dec 13 18:08:26 2005 +0000 37.3 @@ -62,6 +62,8 @@ asm-offsets.s: $(TARGET_SUBARCH)/asm-off 37.4 boot/mkelf32: boot/mkelf32.c 37.5 $(HOSTCC) $(HOSTCFLAGS) -o $@ $< 37.6 37.7 +shadow_guest32.o: shadow.c 37.8 + 37.9 clean: 37.10 rm -f *.o *.s *~ core boot/*.o boot/*~ boot/core boot/mkelf32 37.11 rm -f x86_32/*.o x86_32/*~ x86_32/core
38.1 --- a/xen/arch/x86/vmx.c Tue Dec 13 18:08:17 2005 +0000 38.2 +++ b/xen/arch/x86/vmx.c Tue Dec 13 18:08:26 2005 +0000 38.3 @@ -1476,6 +1476,15 @@ static inline void vmx_do_msr_read(struc 38.4 (unsigned long)regs->ecx, (unsigned long)regs->eax, 38.5 (unsigned long)regs->edx); 38.6 switch (regs->ecx) { 38.7 + case MSR_IA32_TIME_STAMP_COUNTER: 38.8 + { 38.9 + struct vmx_virpit *vpit; 38.10 + 38.11 + rdtscll(msr_content); 38.12 + vpit = &(v->domain->arch.vmx_platform.vmx_pit); 38.13 + msr_content += vpit->shift; 38.14 + break; 38.15 + } 38.16 case MSR_IA32_SYSENTER_CS: 38.17 __vmread(GUEST_SYSENTER_CS, (u32 *)&msr_content); 38.18 break; 38.19 @@ -1516,6 +1525,23 @@ static inline void vmx_do_msr_write(stru 38.20 msr_content = (regs->eax & 0xFFFFFFFF) | ((u64)regs->edx << 32); 38.21 38.22 switch (regs->ecx) { 38.23 + case MSR_IA32_TIME_STAMP_COUNTER: 38.24 + { 38.25 + struct vmx_virpit *vpit; 38.26 + u64 host_tsc, drift; 38.27 + 38.28 + rdtscll(host_tsc); 38.29 + vpit = &(v->domain->arch.vmx_platform.vmx_pit); 38.30 + drift = v->arch.arch_vmx.tsc_offset - vpit->shift; 38.31 + vpit->shift = msr_content - host_tsc; 38.32 + v->arch.arch_vmx.tsc_offset = vpit->shift + drift; 38.33 + __vmwrite(TSC_OFFSET, vpit->shift); 38.34 + 38.35 +#if defined (__i386__) 38.36 + __vmwrite(TSC_OFFSET_HIGH, ((vpit->shift)>>32)); 38.37 +#endif 38.38 + break; 38.39 + } 38.40 case MSR_IA32_SYSENTER_CS: 38.41 __vmwrite(GUEST_SYSENTER_CS, msr_content); 38.42 break;
39.1 --- a/xen/arch/x86/vmx_io.c Tue Dec 13 18:08:17 2005 +0000 39.2 +++ b/xen/arch/x86/vmx_io.c Tue Dec 13 18:08:26 2005 +0000 39.3 @@ -801,11 +801,11 @@ void set_tsc_shift(struct vcpu *v,struct 39.4 drift = vpit->period_cycles * vpit->pending_intr_nr; 39.5 else 39.6 drift = 0; 39.7 - drift = v->arch.arch_vmx.tsc_offset - drift; 39.8 - __vmwrite(TSC_OFFSET, drift); 39.9 + vpit->shift = v->arch.arch_vmx.tsc_offset - drift; 39.10 + __vmwrite(TSC_OFFSET, vpit->shift); 39.11 39.12 #if defined (__i386__) 39.13 - __vmwrite(TSC_OFFSET_HIGH, (drift >> 32)); 39.14 + __vmwrite(TSC_OFFSET_HIGH, ((vpit->shift)>> 32)); 39.15 #endif 39.16 } 39.17
40.1 --- a/xen/common/grant_table.c Tue Dec 13 18:08:17 2005 +0000 40.2 +++ b/xen/common/grant_table.c Tue Dec 13 18:08:26 2005 +0000 40.3 @@ -579,7 +579,7 @@ gnttab_setup_table( 40.4 (void)put_user(GNTST_okay, &uop->status); 40.5 for ( i = 0; i < op.nr_frames; i++ ) 40.6 (void)put_user(gnttab_shared_mfn(d, d->grant_table, i), 40.7 - &uop->frame_list[i]); 40.8 + &op.frame_list[i]); 40.9 } 40.10 40.11 put_domain(d);
41.1 --- a/xen/include/asm-x86/msr.h Tue Dec 13 18:08:17 2005 +0000 41.2 +++ b/xen/include/asm-x86/msr.h Tue Dec 13 18:08:26 2005 +0000 41.3 @@ -88,6 +88,7 @@ static inline void wrmsrl(unsigned int m 41.4 /* Intel defined MSRs. */ 41.5 #define MSR_IA32_P5_MC_ADDR 0 41.6 #define MSR_IA32_P5_MC_TYPE 1 41.7 +#define MSR_IA32_TIME_STAMP_COUNTER 0x10 41.8 #define MSR_IA32_PLATFORM_ID 0x17 41.9 #define MSR_IA32_EBL_CR_POWERON 0x2a 41.10
42.1 --- a/xen/include/asm-x86/vmx_vpit.h Tue Dec 13 18:08:17 2005 +0000 42.2 +++ b/xen/include/asm-x86/vmx_vpit.h Tue Dec 13 18:08:26 2005 +0000 42.3 @@ -21,6 +21,7 @@ struct vmx_virpit { 42.4 /* for simulation of counter 0 in mode 2*/ 42.5 u64 period_cycles; /* pit frequency in cpu cycles */ 42.6 u64 inject_point; /* the time inject virt intr */ 42.7 + u64 shift; /* save the value of offset - drift */ 42.8 s_time_t scheduled; /* scheduled timer interrupt */ 42.9 struct ac_timer pit_timer; /* periodic timer for mode 2*/ 42.10 unsigned int channel; /* the pit channel, counter 0~2 */