ia64/xen-unstable

changeset 9832:ad30019015a2

This patch adds support in the hypervisor for the policy name attribute
introduced into security policies. It also fixes a minor problem related
to handling unsupported boot policies.

Signed-off by: Reiner Sailer <sailer@us.ibm.com>
author smh22@firebug.cl.cam.ac.uk
date Mon Apr 24 10:51:50 2006 +0100 (2006-04-24)
parents 0a5183b3e7bb
children 65ce9bf4a86f
files tools/security/Makefile tools/security/secpol_tool.c tools/security/secpol_xml2bin.c tools/security/secpol_xml2bin.h
line diff
     1.1 --- a/tools/security/Makefile	Mon Apr 24 10:51:20 2006 +0100
     1.2 +++ b/tools/security/Makefile	Mon Apr 24 10:51:50 2006 +0100
     1.3 @@ -30,28 +30,23 @@ SRCS_TOOL     = secpol_tool.c
     1.4  OBJS_TOOL    := $(patsubst %.c,%.o,$(filter %.c,$(SRCS_TOOL)))
     1.5  SRCS_XML2BIN  = secpol_xml2bin.c secpol_xml2bin.h
     1.6  OBJS_XML2BIN := $(patsubst %.c,%.o,$(filter %.c,$(SRCS_XML2BIN)))
     1.7 -SRCS_GETD     = get_decision.c
     1.8 -OBJS_GETD    := $(patsubst %.c,%.o,$(filter %.c,$(SRCS_GETD)))
     1.9  
    1.10  ACM_INST_TOOLS    = xensec_tool xensec_xml2bin xensec_gen
    1.11 -ACM_NOINST_TOOLS  = get_decision
    1.12  ACM_OBJS          = $(OBJS_TOOL) $(OBJS_XML2BIN) $(OBJS_GETD)
    1.13 -ACM_SCRIPTS       = getlabel.sh setlabel.sh updategrub.sh labelfuncs.sh
    1.14 +ACM_SCRIPTS       = python/xensec_tools/acm_getlabel python/xensec_tools/acm_getdecision
    1.15  
    1.16  ACM_CONFIG_DIR    = /etc/xen/acm-security
    1.17  ACM_POLICY_DIR    = $(ACM_CONFIG_DIR)/policies
    1.18  ACM_SCRIPT_DIR    = $(ACM_CONFIG_DIR)/scripts
    1.19  
    1.20  ACM_INST_HTML     = python/xensec_gen/index.html
    1.21 -ACM_INST_CGI      = python/xensec_gen/cgi-bin/policy.cgi \
    1.22 -                    python/xensec_gen/cgi-bin/policylabel.cgi
    1.23 +ACM_INST_CGI      = python/xensec_gen/cgi-bin/policy.cgi
    1.24  ACM_SECGEN_HTMLDIR= /var/lib/xensec_gen
    1.25  ACM_SECGEN_CGIDIR = $(ACM_SECGEN_HTMLDIR)/cgi-bin
    1.26  
    1.27  ACM_SCHEMA        = security_policy.xsd
    1.28 -ACM_EXAMPLES      = null chwall ste chwall_ste
    1.29 +ACM_EXAMPLES      = chwall ste chwall_ste
    1.30  ACM_POLICY_SUFFIX = security_policy.xml
    1.31 -ACM_LABEL_SUFFIX  = security_label_template.xml
    1.32  
    1.33  ifeq ($(ACM_SECURITY),y)
    1.34  .PHONY: all
    1.35 @@ -64,10 +59,10 @@ install: all $(ACM_CONFIG_FILE)
    1.36  	$(INSTALL_DIR) -p $(DESTDIR)$(ACM_CONFIG_DIR)
    1.37  	$(INSTALL_DIR) -p $(DESTDIR)$(ACM_POLICY_DIR)
    1.38  	$(INSTALL_DATA) -p policies/$(ACM_SCHEMA) $(DESTDIR)$(ACM_POLICY_DIR)
    1.39 +	$(INSTALL_DIR) -p $(DESTDIR)$(ACM_POLICY_DIR)/example
    1.40  	for i in $(ACM_EXAMPLES); do \
    1.41 -		$(INSTALL_DIR) -p $(DESTDIR)$(ACM_POLICY_DIR)/$$i; \
    1.42 -		$(INSTALL_DATA) -p policies/$$i/$$i-$(ACM_POLICY_SUFFIX) $(DESTDIR)$(ACM_POLICY_DIR)/$$i; \
    1.43 -		$(INSTALL_DATA) -p policies/$$i/$$i-$(ACM_LABEL_SUFFIX) $(DESTDIR)$(ACM_POLICY_DIR)/$$i; \
    1.44 +		$(INSTALL_DIR) -p $(DESTDIR)$(ACM_POLICY_DIR)/example/$$i; \
    1.45 +		$(INSTALL_DATA) -p policies/example/$$i/client_v1-$(ACM_POLICY_SUFFIX) $(DESTDIR)$(ACM_POLICY_DIR)/example/$$i; \
    1.46  	done
    1.47  	$(INSTALL_DIR) -p $(DESTDIR)$(ACM_SCRIPT_DIR)
    1.48  	$(INSTALL_PROG) -p $(ACM_SCRIPTS) $(DESTDIR)$(ACM_SCRIPT_DIR)
    1.49 @@ -99,9 +94,6 @@ xensec_tool: $(OBJS_TOOL)
    1.50  xensec_xml2bin: $(OBJS_XML2BIN)
    1.51  	$(CC) $(CFLAGS) $(LDFLAGS) -o $@ $^
    1.52  
    1.53 -get_decision: $(OBJS_GETD)
    1.54 -	$(CC) $(CFLAGS) $(LDFLAGS) -o $@ $^
    1.55 -
    1.56  xensec_gen: xensec_gen.py
    1.57  	cp -f $^ $@
    1.58  
    1.59 @@ -116,8 +108,4 @@ clean:
    1.60  .PHONY: mrproper
    1.61  mrproper: clean
    1.62  
    1.63 -.PHONY: boot_install
    1.64 -boot_install: install
    1.65 -	$(ACM_SCRIPT_DIR)/updategrub.sh $(POLICY) $(KERNEL_VERSION)
    1.66 -
    1.67  -include $(PROG_DEPS)
     2.1 --- a/tools/security/secpol_tool.c	Mon Apr 24 10:51:20 2006 +0100
     2.2 +++ b/tools/security/secpol_tool.c	Mon Apr 24 10:51:50 2006 +0100
     2.3 @@ -48,9 +48,7 @@ void usage(char *progname)
     2.4             "ACTION is one of:\n"
     2.5             "\t getpolicy\n"
     2.6             "\t dumpstats\n"
     2.7 -           "\t loadpolicy <binary policy file>\n"
     2.8 -           "\t getssid -d <domainid> [-f]\n"
     2.9 -           "\t getssid -s <ssidref> [-f]\n", progname);
    2.10 +           "\t loadpolicy <binary policy file>\n", progname);
    2.11      exit(-1);
    2.12  }
    2.13  
    2.14 @@ -68,7 +66,7 @@ static inline int do_xen_hypercall(int x
    2.15                          (unsigned long) hypercall);
    2.16  }
    2.17  
    2.18 -static inline int do_acm_op(int xc_handle, struct acm_op * op)
    2.19 +static inline int do_acm_op(int xc_handle, struct acm_op *op)
    2.20  {
    2.21      int ret = -1;
    2.22      privcmd_hypercall_t hypercall;
    2.23 @@ -78,15 +76,13 @@ static inline int do_acm_op(int xc_handl
    2.24      hypercall.op = __HYPERVISOR_acm_op;
    2.25      hypercall.arg[0] = (unsigned long) op;
    2.26  
    2.27 -    if (mlock(op, sizeof(*op)) != 0)
    2.28 -    {
    2.29 +    if (mlock(op, sizeof(*op)) != 0) {
    2.30          PERROR("Could not lock memory for Xen policy hypercall");
    2.31          goto out1;
    2.32      }
    2.33  
    2.34 -    if ((ret = do_xen_hypercall(xc_handle, &hypercall)) < 0)
    2.35 -    {
    2.36 -        printf( "ACM operation failed: errno=%d\n", errno );
    2.37 +    if ((ret = do_xen_hypercall(xc_handle, &hypercall)) < 0) {
    2.38 +        printf("ACM operation failed: errno=%d\n", errno);
    2.39          if (errno == EACCES)
    2.40              fprintf(stderr, "ACM operation failed -- need to"
    2.41                      " rebuild the user-space tool set?\n");
    2.42 @@ -108,8 +104,7 @@ void acm_dump_chinesewall_buffer(void *b
    2.43      int i, j;
    2.44  
    2.45  
    2.46 -    if (htonl(cwbuf->policy_code) != ACM_CHINESE_WALL_POLICY)
    2.47 -    {
    2.48 +    if (htonl(cwbuf->policy_code) != ACM_CHINESE_WALL_POLICY) {
    2.49          printf("CHINESE WALL POLICY CODE not found ERROR!!\n");
    2.50          return;
    2.51      }
    2.52 @@ -129,8 +124,7 @@ void acm_dump_chinesewall_buffer(void *b
    2.53      printf("\nSSID To CHWALL-Type matrix:\n");
    2.54  
    2.55      ssids = (domaintype_t *) (buf + ntohl(cwbuf->chwall_ssid_offset));
    2.56 -    for (i = 0; i < ntohl(cwbuf->chwall_max_ssidrefs); i++)
    2.57 -    {
    2.58 +    for (i = 0; i < ntohl(cwbuf->chwall_max_ssidrefs); i++) {
    2.59          printf("\n   ssidref%2x:  ", i);
    2.60          for (j = 0; j < ntohl(cwbuf->chwall_max_types); j++)
    2.61              printf("%02x ",
    2.62 @@ -139,8 +133,7 @@ void acm_dump_chinesewall_buffer(void *b
    2.63      printf("\n\nConfict Sets:\n");
    2.64      conflicts =
    2.65          (domaintype_t *) (buf + ntohl(cwbuf->chwall_conflict_sets_offset));
    2.66 -    for (i = 0; i < ntohl(cwbuf->chwall_max_conflictsets); i++)
    2.67 -    {
    2.68 +    for (i = 0; i < ntohl(cwbuf->chwall_max_conflictsets); i++) {
    2.69          printf("\n   c-set%2x:    ", i);
    2.70          for (j = 0; j < ntohl(cwbuf->chwall_max_types); j++)
    2.71              printf("%02x ",
    2.72 @@ -150,13 +143,11 @@ void acm_dump_chinesewall_buffer(void *b
    2.73      printf("\n");
    2.74  
    2.75      printf("\nRunning\nTypes:         ");
    2.76 -    if (ntohl(cwbuf->chwall_running_types_offset))
    2.77 -    {
    2.78 +    if (ntohl(cwbuf->chwall_running_types_offset)) {
    2.79          running_types =
    2.80              (domaintype_t *) (buf +
    2.81                                ntohl(cwbuf->chwall_running_types_offset));
    2.82 -        for (i = 0; i < ntohl(cwbuf->chwall_max_types); i++)
    2.83 -        {
    2.84 +        for (i = 0; i < ntohl(cwbuf->chwall_max_types); i++) {
    2.85              printf("%02x ", ntohs(running_types[i]));
    2.86          }
    2.87          printf("\n");
    2.88 @@ -164,13 +155,12 @@ void acm_dump_chinesewall_buffer(void *b
    2.89          printf("Not Reported!\n");
    2.90      }
    2.91      printf("\nConflict\nAggregate Set: ");
    2.92 -    if (ntohl(cwbuf->chwall_conflict_aggregate_offset))
    2.93 -    {
    2.94 +    if (ntohl(cwbuf->chwall_conflict_aggregate_offset)) {
    2.95          conflict_aggregate =
    2.96              (domaintype_t *) (buf +
    2.97 -                              ntohl(cwbuf->chwall_conflict_aggregate_offset));
    2.98 -        for (i = 0; i < ntohl(cwbuf->chwall_max_types); i++)
    2.99 -        {
   2.100 +                              ntohl(cwbuf->
   2.101 +                                    chwall_conflict_aggregate_offset));
   2.102 +        for (i = 0; i < ntohl(cwbuf->chwall_max_types); i++) {
   2.103              printf("%02x ", ntohs(conflict_aggregate[i]));
   2.104          }
   2.105          printf("\n\n");
   2.106 @@ -201,11 +191,11 @@ void acm_dump_ste_buffer(void *buf, int 
   2.107      printf("\nSSID To STE-Type matrix:\n");
   2.108  
   2.109      ssids = (domaintype_t *) (buf + ntohl(stebuf->ste_ssid_offset));
   2.110 -    for (i = 0; i < ntohl(stebuf->ste_max_ssidrefs); i++)
   2.111 -    {
   2.112 +    for (i = 0; i < ntohl(stebuf->ste_max_ssidrefs); i++) {
   2.113          printf("\n   ssidref%2x: ", i);
   2.114          for (j = 0; j < ntohl(stebuf->ste_max_types); j++)
   2.115 -            printf("%02x ", ntohs(ssids[i * ntohl(stebuf->ste_max_types) + j]));
   2.116 +            printf("%02x ",
   2.117 +                   ntohs(ssids[i * ntohl(stebuf->ste_max_types) + j]));
   2.118      }
   2.119      printf("\n\n");
   2.120  }
   2.121 @@ -213,9 +203,12 @@ void acm_dump_ste_buffer(void *buf, int 
   2.122  void acm_dump_policy_buffer(void *buf, int buflen)
   2.123  {
   2.124      struct acm_policy_buffer *pol = (struct acm_policy_buffer *) buf;
   2.125 -
   2.126 +    char *policy_reference_name =
   2.127 +        (buf + ntohl(pol->policy_reference_offset) +
   2.128 +         sizeof(struct acm_policy_reference_buffer));
   2.129      printf("\nPolicy dump:\n");
   2.130      printf("============\n");
   2.131 +    printf("POLICY REFERENCE = %s.\n", policy_reference_name);
   2.132      printf("PolicyVer = %x.\n", ntohl(pol->policy_version));
   2.133      printf("Magic     = %x.\n", ntohl(pol->magic));
   2.134      printf("Len       = %x.\n", ntohl(pol->len));
   2.135 @@ -227,8 +220,7 @@ void acm_dump_policy_buffer(void *buf, i
   2.136             ACM_POLICY_NAME(ntohl(pol->secondary_policy_code)),
   2.137             ntohl(pol->secondary_policy_code),
   2.138             ntohl(pol->secondary_buffer_offset));
   2.139 -    switch (ntohl(pol->primary_policy_code))
   2.140 -    {
   2.141 +    switch (ntohl(pol->primary_policy_code)) {
   2.142      case ACM_CHINESE_WALL_POLICY:
   2.143          acm_dump_chinesewall_buffer(buf +
   2.144                                      ntohl(pol->primary_buffer_offset),
   2.145 @@ -250,8 +242,7 @@ void acm_dump_policy_buffer(void *buf, i
   2.146          printf("UNKNOWN POLICY!\n");
   2.147      }
   2.148  
   2.149 -    switch (ntohl(pol->secondary_policy_code))
   2.150 -    {
   2.151 +    switch (ntohl(pol->secondary_policy_code)) {
   2.152      case ACM_CHINESE_WALL_POLICY:
   2.153          acm_dump_chinesewall_buffer(buf +
   2.154                                      ntohl(pol->secondary_buffer_offset),
   2.155 @@ -303,26 +294,22 @@ int acm_domain_loadpolicy(int xc_handle,
   2.156      off_t len;
   2.157      uint8_t *buffer;
   2.158  
   2.159 -    if ((ret = stat(filename, &mystat)))
   2.160 -    {
   2.161 +    if ((ret = stat(filename, &mystat))) {
   2.162          printf("File %s not found.\n", filename);
   2.163          goto out;
   2.164      }
   2.165  
   2.166      len = mystat.st_size;
   2.167 -    if ((buffer = malloc(len)) == NULL)
   2.168 -    {
   2.169 +    if ((buffer = malloc(len)) == NULL) {
   2.170          ret = -ENOMEM;
   2.171          goto out;
   2.172      }
   2.173 -    if ((fd = open(filename, O_RDONLY)) <= 0)
   2.174 -    {
   2.175 +    if ((fd = open(filename, O_RDONLY)) <= 0) {
   2.176          ret = -ENOENT;
   2.177          printf("File %s not found.\n", filename);
   2.178          goto free_out;
   2.179      }
   2.180 -    if (len == read(fd, buffer, len))
   2.181 -    {
   2.182 +    if (len == read(fd, buffer, len)) {
   2.183          struct acm_op op;
   2.184          /* dump it and then push it down into xen/acm */
   2.185          acm_dump_policy_buffer(buffer, len);
   2.186 @@ -334,7 +321,7 @@ int acm_domain_loadpolicy(int xc_handle,
   2.187  
   2.188          if (ret)
   2.189              printf
   2.190 -                ("ERROR setting policy. Try 'xm dmesg' to see details.\n");
   2.191 +                ("ERROR setting policy.\n");
   2.192          else
   2.193              printf("Successfully changed policy.\n");
   2.194  
   2.195 @@ -382,9 +369,9 @@ int acm_domain_dumpstats(int xc_handle)
   2.196      op.u.dumpstats.pullcache_size = sizeof(stats_buffer);
   2.197      ret = do_acm_op(xc_handle, &op);
   2.198  
   2.199 -    if (ret < 0)
   2.200 -    {
   2.201 -        printf("ERROR dumping policy stats. Try 'xm dmesg' to see details.\n");
   2.202 +    if (ret < 0) {
   2.203 +        printf
   2.204 +            ("ERROR dumping policy stats. Try 'xm dmesg' to see details.\n");
   2.205          return ret;
   2.206      }
   2.207      stats = (struct acm_stats_buffer *) stats_buffer;
   2.208 @@ -394,8 +381,7 @@ int acm_domain_dumpstats(int xc_handle)
   2.209      printf("Magic     = %x.\n", ntohl(stats->magic));
   2.210      printf("Len       = %x.\n", ntohl(stats->len));
   2.211  
   2.212 -    switch (ntohl(stats->primary_policy_code))
   2.213 -    {
   2.214 +    switch (ntohl(stats->primary_policy_code)) {
   2.215      case ACM_NULL_POLICY:
   2.216          printf("NULL Policy: No statistics apply.\n");
   2.217          break;
   2.218 @@ -414,8 +400,7 @@ int acm_domain_dumpstats(int xc_handle)
   2.219          printf("UNKNOWN PRIMARY POLICY ERROR!\n");
   2.220      }
   2.221  
   2.222 -    switch (ntohl(stats->secondary_policy_code))
   2.223 -    {
   2.224 +    switch (ntohl(stats->secondary_policy_code)) {
   2.225      case ACM_NULL_POLICY:
   2.226          printf("NULL Policy: No statistics apply.\n");
   2.227          break;
   2.228 @@ -435,119 +420,6 @@ int acm_domain_dumpstats(int xc_handle)
   2.229      }
   2.230      return ret;
   2.231  }
   2.232 -/************************ get ssidref & types ******************************/
   2.233 -/*
   2.234 - * the ssid (types) can be looked up either by domain id or by ssidref
   2.235 - */
   2.236 -int acm_domain_getssid(int xc_handle, int argc, char * const argv[])
   2.237 -{
   2.238 -    /* this includes header and a set of types */
   2.239 -    #define MAX_SSIDBUFFER  2000
   2.240 -    int ret, i;
   2.241 -    struct acm_op op;
   2.242 -    struct acm_ssid_buffer *hdr;
   2.243 -    unsigned char *buf;
   2.244 -	int nice_print = 1;
   2.245 -
   2.246 -    op.cmd = ACM_GETSSID;
   2.247 -    op.interface_version = ACM_INTERFACE_VERSION;
   2.248 -	op.u.getssid.get_ssid_by = UNSET;
   2.249 -	/* arguments
   2.250 -	   -d ... domain id to look up
   2.251 -	   -s ... ssidref number to look up
   2.252 -	   -f ... formatted print (scripts depend on this format)
   2.253 -	*/
   2.254 -	while (1)
   2.255 -    {
   2.256 -		int c = getopt(argc, argv, "d:s:f");
   2.257 -		if (c == -1)
   2.258 -			break;
   2.259 -		if (c == 'd')
   2.260 -        {
   2.261 -			if (op.u.getssid.get_ssid_by != UNSET)
   2.262 -				usage(argv[0]);
   2.263 -			op.u.getssid.get_ssid_by = DOMAINID;
   2.264 -			op.u.getssid.id.domainid = strtoul(optarg, NULL, 0);
   2.265 -		}
   2.266 -		else if (c== 's')
   2.267 -        {
   2.268 -			if (op.u.getssid.get_ssid_by != UNSET)
   2.269 -				usage(argv[0]);
   2.270 -			op.u.getssid.get_ssid_by = SSIDREF;
   2.271 -			op.u.getssid.id.ssidref = strtoul(optarg, NULL, 0);
   2.272 -		}
   2.273 -		else if (c== 'f')
   2.274 -		{
   2.275 -			nice_print = 0;
   2.276 -		}
   2.277 -		else
   2.278 -			usage(argv[0]);
   2.279 -	}
   2.280 -	if (op.u.getssid.get_ssid_by == UNSET)
   2.281 -		usage(argv[0]);
   2.282 -
   2.283 -	buf = malloc(MAX_SSIDBUFFER);
   2.284 -    if (!buf)
   2.285 -        return -ENOMEM;
   2.286 -
   2.287 -    /* dump it and then push it down into xen/acm */
   2.288 -    op.u.getssid.ssidbuf = buf;   /* out */
   2.289 -    op.u.getssid.ssidbuf_size = MAX_SSIDBUFFER;
   2.290 -    ret = do_acm_op(xc_handle, &op);
   2.291 -
   2.292 -    if (ret)
   2.293 -    {
   2.294 -        printf("ERROR getting ssidref. Try 'xm dmesg' to see details.\n");
   2.295 -        goto out;
   2.296 -    }
   2.297 -    hdr = (struct acm_ssid_buffer *)buf;
   2.298 -    if (hdr->len > MAX_SSIDBUFFER)
   2.299 -    {
   2.300 -        printf("ERROR: Buffer length inconsistent (ret=%d, hdr->len=%d)!\n",
   2.301 -               ret, hdr->len);
   2.302 -            return -EIO;
   2.303 -    }
   2.304 -	if (nice_print)
   2.305 -    {
   2.306 -		printf("SSID: ssidref = 0x%08x \n", hdr->ssidref);
   2.307 -		printf("      P: %s, max_types = %d\n",
   2.308 -			   ACM_POLICY_NAME(hdr->primary_policy_code), hdr->primary_max_types);
   2.309 -		printf("	  Types: ");
   2.310 -		for (i=0; i< hdr->primary_max_types; i++)
   2.311 -			if (buf[hdr->primary_types_offset + i])
   2.312 -				printf("%02x ", i);
   2.313 -			else
   2.314 -				printf("-- ");
   2.315 -		printf("\n");
   2.316 -
   2.317 -		printf("      S: %s, max_types = %d\n",
   2.318 -			   ACM_POLICY_NAME(hdr->secondary_policy_code), hdr->secondary_max_types);
   2.319 -		printf("	  Types: ");
   2.320 -		for (i=0; i< hdr->secondary_max_types; i++)
   2.321 -			if (buf[hdr->secondary_types_offset + i])
   2.322 -				printf("%02x ", i);
   2.323 -			else
   2.324 -				printf("-- ");
   2.325 -		printf("\n");
   2.326 -	}
   2.327 -	else
   2.328 -    {
   2.329 -		/* formatted print for use with scripts (.sh)
   2.330 -		 *  update scripts when updating here (usually
   2.331 -		 *  used in combination with -d to determine a
   2.332 -		 *  running domain's label
   2.333 -		 */
   2.334 -		printf("SSID: ssidref = 0x%08x \n", hdr->ssidref);
   2.335 -	}
   2.336 -
   2.337 -    /* return ste ssidref */
   2.338 -    if (hdr->primary_policy_code == ACM_SIMPLE_TYPE_ENFORCEMENT_POLICY)
   2.339 -        ret = (hdr->ssidref) & 0xffff;
   2.340 -    else if (hdr->secondary_policy_code == ACM_SIMPLE_TYPE_ENFORCEMENT_POLICY)
   2.341 -        ret = (hdr->ssidref) >> 16;
   2.342 - out:
   2.343 -    return ret;
   2.344 -}
   2.345  
   2.346  /***************************** main **************************************/
   2.347  
   2.348 @@ -559,8 +431,7 @@ int main(int argc, char **argv)
   2.349      if (argc < 2)
   2.350          usage(argv[0]);
   2.351  
   2.352 -    if ((acm_cmd_fd = open("/proc/xen/privcmd", O_RDONLY)) <= 0)
   2.353 -    {
   2.354 +    if ((acm_cmd_fd = open("/proc/xen/privcmd", O_RDONLY)) <= 0) {
   2.355          printf("ERROR: Could not open xen privcmd device!\n");
   2.356          exit(-1);
   2.357      }
   2.358 @@ -577,8 +448,6 @@ int main(int argc, char **argv)
   2.359          if (argc != 2)
   2.360              usage(argv[0]);
   2.361          ret = acm_domain_dumpstats(acm_cmd_fd);
   2.362 -    } else if (!strcmp(argv[1], "getssid")) {
   2.363 -        ret = acm_domain_getssid(acm_cmd_fd, argc, argv);
   2.364      } else
   2.365          usage(argv[0]);
   2.366  
     3.1 --- a/tools/security/secpol_xml2bin.c	Mon Apr 24 10:51:20 2006 +0100
     3.2 +++ b/tools/security/secpol_xml2bin.c	Mon Apr 24 10:51:50 2006 +0100
     3.3 @@ -101,22 +101,30 @@ int have_chwall = 0;
     3.4  
     3.5  /* input/output file names */
     3.6  char *policy_filename = NULL,
     3.7 -    *label_filename = NULL,
     3.8 -    *binary_filename = NULL, *mapping_filename = NULL,
     3.9 -    *schema_filename = NULL;
    3.10 +    *binary_filename = NULL,
    3.11 +    *mapping_filename = NULL, *schema_filename = NULL;
    3.12 +
    3.13 +char *policy_reference_name = NULL;
    3.14 +
    3.15 +void walk_labels(xmlNode * start, xmlDocPtr doc, unsigned long state);
    3.16  
    3.17  void usage(char *prg)
    3.18  {
    3.19      printf("Usage: %s [OPTIONS] POLICYNAME\n", prg);
    3.20 -    printf("POLICYNAME is the directory name within the policy directory\n");
    3.21 -    printf("that contains the policy files.  The default policy directory\n");
    3.22 -    printf("is '%s' (see the '-d' option below to change it)\n", POLICY_DIR);
    3.23 -    printf("The policy files contained in the POLICYNAME directory must be named:\n");
    3.24 +    printf
    3.25 +        ("POLICYNAME is the directory name within the policy directory\n");
    3.26 +    printf
    3.27 +        ("that contains the policy files.  The default policy directory\n");
    3.28 +    printf("is '%s' (see the '-d' option below to change it)\n",
    3.29 +           POLICY_DIR);
    3.30 +    printf
    3.31 +        ("The policy files contained in the POLICYNAME directory must be named:\n");
    3.32      printf("\tPOLICYNAME-security_policy.xml\n");
    3.33      printf("\tPOLICYNAME-security_label_template.xml\n\n");
    3.34      printf("OPTIONS:\n");
    3.35      printf("\t-d POLICYDIR\n");
    3.36 -    printf("\t\tUse POLICYDIR as the policy directory. This directory must contain\n");
    3.37 +    printf
    3.38 +        ("\t\tUse POLICYDIR as the policy directory. This directory must contain\n");
    3.39      printf("\t\tthe policy schema file 'security_policy.xsd'\n");
    3.40      exit(EXIT_FAILURE);
    3.41  }
    3.42 @@ -147,8 +155,7 @@ struct type_entry *lookup(struct tailhea
    3.43  int add_entry(struct tailhead *head, char *name, type_t mapping)
    3.44  {
    3.45      struct type_entry *e;
    3.46 -    if (lookup(head, name))
    3.47 -    {
    3.48 +    if (lookup(head, name)) {
    3.49          printf("Error: Type >%s< defined more than once.\n", name);
    3.50          return -EFAULT;         /* already in the list */
    3.51      }
    3.52 @@ -204,16 +211,14 @@ int register_type(xmlNode * cur_node, xm
    3.53  
    3.54  
    3.55      text = xmlNodeListGetString(doc, cur_node->xmlChildrenNode, 1);
    3.56 -    if (!text)
    3.57 -    {
    3.58 +    if (!text) {
    3.59          printf("Error reading type name!\n");
    3.60          return -EFAULT;
    3.61      }
    3.62  
    3.63      switch (state) {
    3.64      case XML2BIN_stetype_S:
    3.65 -        if (add_entry(&ste_head, (char *) text, max_ste_types))
    3.66 -        {
    3.67 +        if (add_entry(&ste_head, (char *) text, max_ste_types)) {
    3.68              xmlFree(text);
    3.69              return -EFAULT;
    3.70          }
    3.71 @@ -221,8 +226,7 @@ int register_type(xmlNode * cur_node, xm
    3.72          break;
    3.73  
    3.74      case XML2BIN_chwalltype_S:
    3.75 -        if (add_entry(&chwall_head, (char *) text, max_chwall_types))
    3.76 -        {
    3.77 +        if (add_entry(&chwall_head, (char *) text, max_chwall_types)) {
    3.78              xmlFree(text);
    3.79              return -EFAULT;
    3.80          }
    3.81 @@ -232,16 +236,15 @@ int register_type(xmlNode * cur_node, xm
    3.82      case XML2BIN_conflictsettype_S:
    3.83          /* a) search the type in the chwall_type list */
    3.84          e = lookup(&chwall_head, (char *) text);
    3.85 -        if (e == NULL)
    3.86 -        {
    3.87 +        if (e == NULL) {
    3.88              printf("CS type >%s< not a CHWALL type.\n", text);
    3.89              xmlFree(text);
    3.90              return -EFAULT;
    3.91          }
    3.92          /* b) add type entry to the current cs set */
    3.93 -        if (current_conflictset_p->row[e->mapping])
    3.94 -        {
    3.95 -            printf("ERROR: Double entry of type >%s< in conflict set %d.\n",
    3.96 +        if (current_conflictset_p->row[e->mapping]) {
    3.97 +            printf
    3.98 +                ("ERROR: Double entry of type >%s< in conflict set %d.\n",
    3.99                   text, current_conflictset_p->num);
   3.100              xmlFree(text);
   3.101              return -EFAULT;
   3.102 @@ -262,16 +265,15 @@ void set_component_type(xmlNode * cur_no
   3.103  {
   3.104      xmlChar *order;
   3.105  
   3.106 -    if ((order = xmlGetProp(cur_node, (xmlChar *) PRIMARY_COMPONENT_ATTR_NAME))) {
   3.107 -        if (strcmp((char *) order, PRIMARY_COMPONENT))
   3.108 -        {
   3.109 +    if ((order =
   3.110 +         xmlGetProp(cur_node, (xmlChar *) PRIMARY_COMPONENT_ATTR_NAME))) {
   3.111 +        if (strcmp((char *) order, PRIMARY_COMPONENT)) {
   3.112              printf("ERROR: Illegal attribut value >order=%s<.\n",
   3.113                     (char *) order);
   3.114              xmlFree(order);
   3.115              exit(EXIT_FAILURE);
   3.116          }
   3.117 -        if (primary != NULLPOLICY)
   3.118 -        {
   3.119 +        if (primary != NULLPOLICY) {
   3.120              printf("ERROR: Primary Policy Component set twice!\n");
   3.121              exit(EXIT_FAILURE);
   3.122          }
   3.123 @@ -285,10 +287,8 @@ void walk_policy(xmlNode * start, xmlDoc
   3.124      xmlNode *cur_node = NULL;
   3.125      int code;
   3.126  
   3.127 -    for (cur_node = start; cur_node; cur_node = cur_node->next)
   3.128 -    {
   3.129 -        if ((code = totoken((char *) cur_node->name)) < 0)
   3.130 -        {
   3.131 +    for (cur_node = start; cur_node; cur_node = cur_node->next) {
   3.132 +        if ((code = totoken((char *) cur_node->name)) < 0) {
   3.133              printf("Unknown token: >%s<. Aborting.\n", cur_node->name);
   3.134              exit(EXIT_FAILURE);
   3.135          }
   3.136 @@ -297,13 +297,32 @@ void walk_policy(xmlNode * start, xmlDoc
   3.137          case XML2BIN_STETYPES:
   3.138          case XML2BIN_CHWALLTYPES:
   3.139          case XML2BIN_CONFLICTSETS:
   3.140 +        case XML2BIN_POLICYHEADER:
   3.141              walk_policy(cur_node->children, doc, state | (1 << code));
   3.142              break;
   3.143  
   3.144 +        case XML2BIN_POLICYNAME:       /* get policy reference name .... */
   3.145 +            if (state != XML2BIN_PN_S) {
   3.146 +                printf("ERROR: >Url< >%s< out of context.\n",
   3.147 +                       (char *) xmlNodeListGetString(doc,
   3.148 +                                                     cur_node->
   3.149 +                                                     xmlChildrenNode, 1));
   3.150 +                exit(EXIT_FAILURE);
   3.151 +            }
   3.152 +            policy_reference_name = (char *)
   3.153 +                xmlNodeListGetString(doc, cur_node->xmlChildrenNode, 1);
   3.154 +            if (!policy_reference_name) {
   3.155 +                printf("ERROR: empty >policy reference name (Url)<!\n");
   3.156 +                exit(EXIT_FAILURE);
   3.157 +            } else
   3.158 +                printf("Policy Reference name (Url): %s\n",
   3.159 +                       policy_reference_name);
   3.160 +            break;
   3.161 +
   3.162          case XML2BIN_STE:
   3.163 -            if (WRITTEN_AGAINST_ACM_STE_VERSION != ACM_STE_VERSION)
   3.164 -            {
   3.165 -                printf("ERROR: This program was written against another STE version.\n");
   3.166 +            if (WRITTEN_AGAINST_ACM_STE_VERSION != ACM_STE_VERSION) {
   3.167 +                printf
   3.168 +                    ("ERROR: This program was written against another STE version.\n");
   3.169                  exit(EXIT_FAILURE);
   3.170              }
   3.171              have_ste = 1;
   3.172 @@ -312,9 +331,9 @@ void walk_policy(xmlNode * start, xmlDoc
   3.173              break;
   3.174  
   3.175          case XML2BIN_CHWALL:
   3.176 -            if (WRITTEN_AGAINST_ACM_CHWALL_VERSION != ACM_CHWALL_VERSION)
   3.177 -            {
   3.178 -                printf("ERROR: This program was written against another CHWALL version.\n");
   3.179 +            if (WRITTEN_AGAINST_ACM_CHWALL_VERSION != ACM_CHWALL_VERSION) {
   3.180 +                printf
   3.181 +                    ("ERROR: This program was written against another CHWALL version.\n");
   3.182                  exit(EXIT_FAILURE);
   3.183              }
   3.184              have_chwall = 1;
   3.185 @@ -328,8 +347,7 @@ void walk_policy(xmlNode * start, xmlDoc
   3.186              if (!current_conflictset_name)
   3.187                  current_conflictset_name = "";
   3.188  
   3.189 -            if (init_next_conflictset())
   3.190 -            {
   3.191 +            if (init_next_conflictset()) {
   3.192                  printf
   3.193                      ("ERROR: creating new conflictset structure failed.\n");
   3.194                  exit(EXIT_FAILURE);
   3.195 @@ -343,14 +361,18 @@ void walk_policy(xmlNode * start, xmlDoc
   3.196              /* type leaf */
   3.197              break;
   3.198  
   3.199 +        case XML2BIN_LABELTEMPLATE:    /* handle in second pass */
   3.200          case XML2BIN_TEXT:
   3.201          case XML2BIN_COMMENT:
   3.202 -        case XML2BIN_POLICYHEADER:
   3.203 +        case XML2BIN_DATE:
   3.204 +        case XML2BIN_REFERENCE:
   3.205 +        case XML2BIN_NSURL:    /* for future use: where to find global label / type name mappings */
   3.206 +        case XML2BIN_URL:      /* for future use: where to find policy */
   3.207              /* leaf - nothing to do */
   3.208              break;
   3.209  
   3.210          default:
   3.211 -            printf("Unkonwn token Error (%d)\n", code);
   3.212 +            printf("Unkonwn token Error (%d) in Policy\n", code);
   3.213              exit(EXIT_FAILURE);
   3.214          }
   3.215  
   3.216 @@ -358,21 +380,21 @@ void walk_policy(xmlNode * start, xmlDoc
   3.217      return;
   3.218  }
   3.219  
   3.220 -int create_type_mapping(xmlDocPtr doc)
   3.221 +void init_type_mapping(void)
   3.222  {
   3.223 -    xmlNode *root_element = xmlDocGetRootElement(doc);
   3.224 -    struct type_entry *te;
   3.225 -    struct ssid_entry *se;
   3.226 -    int i;
   3.227 -
   3.228      printf("Creating ssid mappings ...\n");
   3.229  
   3.230      /* initialize the ste and chwall type lists */
   3.231      TAILQ_INIT(&ste_head);
   3.232      TAILQ_INIT(&chwall_head);
   3.233      TAILQ_INIT(&conflictsets_head);
   3.234 +}
   3.235  
   3.236 -    walk_policy(root_element, doc, XML2BIN_NULL);
   3.237 +void post_type_mapping(void)
   3.238 +{
   3.239 +    struct type_entry *te;
   3.240 +    struct ssid_entry *se;
   3.241 +    int i;
   3.242  
   3.243      /* determine primary/secondary policy component orders */
   3.244      if ((primary == NULLPOLICY) && have_chwall)
   3.245 @@ -400,19 +422,17 @@ int create_type_mapping(xmlDocPtr doc)
   3.246      }
   3.247  
   3.248      if (!DEBUG)
   3.249 -        return 0;
   3.250 +        return;
   3.251  
   3.252      /* print queues */
   3.253 -    if (have_ste)
   3.254 -    {
   3.255 +    if (have_ste) {
   3.256          printf("STE-Type queue (%s):\n",
   3.257                 (primary == STE) ? "PRIMARY" : "SECONDARY");
   3.258          for (te = ste_head.tqh_first; te != NULL;
   3.259               te = te->entries.tqe_next)
   3.260              printf("name=%22s, map=%x\n", te->name, te->mapping);
   3.261      }
   3.262 -    if (have_chwall)
   3.263 -    {
   3.264 +    if (have_chwall) {
   3.265          printf("CHWALL-Type queue (%s):\n",
   3.266                 (primary == CHWALL) ? "PRIMARY" : "SECONDARY");
   3.267          for (te = chwall_head.tqh_first; te != NULL;
   3.268 @@ -421,8 +441,7 @@ int create_type_mapping(xmlDocPtr doc)
   3.269  
   3.270          printf("Conflictset queue (max=%d):\n", max_conflictsets);
   3.271          for (se = conflictsets_head.tqh_first; se != NULL;
   3.272 -             se = se->entries.tqe_next)
   3.273 -        {
   3.274 +             se = se->entries.tqe_next) {
   3.275              printf("conflictset name >%s<\n",
   3.276                     se->name ? se->name : "NONAME");
   3.277              for (i = 0; i < max_chwall_types; i++)
   3.278 @@ -431,7 +450,6 @@ int create_type_mapping(xmlDocPtr doc)
   3.279              printf("\n");
   3.280          }
   3.281      }
   3.282 -    return 0;
   3.283  }
   3.284  
   3.285  
   3.286 @@ -554,8 +572,7 @@ int add_type(xmlNode * cur_node, xmlDocP
   3.287      struct type_entry *e;
   3.288  
   3.289      text = xmlNodeListGetString(doc, cur_node->xmlChildrenNode, 1);
   3.290 -    if (!text)
   3.291 -    {
   3.292 +    if (!text) {
   3.293          printf("Error reading type name!\n");
   3.294          return -EFAULT;
   3.295      }
   3.296 @@ -564,8 +581,7 @@ int add_type(xmlNode * cur_node, xmlDocP
   3.297      case XML2BIN_VM_STE_S:
   3.298      case XML2BIN_RES_STE_S:
   3.299          /* lookup the type mapping and include the type mapping into the array */
   3.300 -        if (!(e = lookup(&ste_head, (char *) text)))
   3.301 -        {
   3.302 +        if (!(e = lookup(&ste_head, (char *) text))) {
   3.303              printf("ERROR: unknown VM STE type >%s<.\n", text);
   3.304              exit(EXIT_FAILURE);
   3.305          }
   3.306 @@ -577,8 +593,7 @@ int add_type(xmlNode * cur_node, xmlDocP
   3.307  
   3.308      case XML2BIN_VM_CHWALL_S:
   3.309          /* lookup the type mapping and include the type mapping into the array */
   3.310 -        if (!(e = lookup(&chwall_head, (char *) text)))
   3.311 -        {
   3.312 +        if (!(e = lookup(&chwall_head, (char *) text))) {
   3.313              printf("ERROR: unknown VM CHWALL type >%s<.\n", text);
   3.314              exit(EXIT_FAILURE);
   3.315          }
   3.316 @@ -602,8 +617,9 @@ void set_bootstrap_label(xmlNode * cur_n
   3.317  {
   3.318      xmlChar *order;
   3.319  
   3.320 -    if ((order = xmlGetProp(cur_node, (xmlChar *) BOOTSTRAP_LABEL_ATTR_NAME)))
   3.321 -        bootstrap_label = (char *)order;
   3.322 +    if ((order =
   3.323 +         xmlGetProp(cur_node, (xmlChar *) BOOTSTRAP_LABEL_ATTR_NAME)))
   3.324 +        bootstrap_label = (char *) order;
   3.325      else {
   3.326          printf("ERROR: No bootstrap label defined!\n");
   3.327          exit(EXIT_FAILURE);
   3.328 @@ -615,45 +631,40 @@ void walk_labels(xmlNode * start, xmlDoc
   3.329      xmlNode *cur_node = NULL;
   3.330      int code;
   3.331  
   3.332 -    for (cur_node = start; cur_node; cur_node = cur_node->next)
   3.333 -    {
   3.334 -        if ((code = totoken((char *) cur_node->name)) < 0)
   3.335 -        {
   3.336 +    for (cur_node = start; cur_node; cur_node = cur_node->next) {
   3.337 +        if ((code = totoken((char *) cur_node->name)) < 0) {
   3.338              printf("Unkonwn token: >%s<. Aborting.\n", cur_node->name);
   3.339              exit(EXIT_FAILURE);
   3.340          }
   3.341          switch (code) {         /* adjust state to new state */
   3.342 -
   3.343          case XML2BIN_SUBJECTS:
   3.344              set_bootstrap_label(cur_node);
   3.345              /* fall through */
   3.346 +        case XML2BIN_SECPOL:
   3.347 +        case XML2BIN_LABELTEMPLATE:
   3.348          case XML2BIN_VM:
   3.349          case XML2BIN_RES:
   3.350 -        case XML2BIN_SECTEMPLATE:
   3.351          case XML2BIN_OBJECTS:
   3.352              walk_labels(cur_node->children, doc, state | (1 << code));
   3.353              break;
   3.354  
   3.355          case XML2BIN_STETYPES:
   3.356              /* create new ssid entry to use and point current to it */
   3.357 -            if (init_next_ste_ssid(state))
   3.358 -            {
   3.359 +            if (init_next_ste_ssid(state)) {
   3.360                  printf("ERROR: creating new ste ssid structure failed.\n");
   3.361                  exit(EXIT_FAILURE);
   3.362              }
   3.363              walk_labels(cur_node->children, doc, state | (1 << code));
   3.364 -
   3.365              break;
   3.366  
   3.367          case XML2BIN_CHWALLTYPES:
   3.368              /* create new ssid entry to use and point current to it */
   3.369 -            if (init_next_chwall_ssid(state))
   3.370 -            {
   3.371 -                printf("ERROR: creating new chwall ssid structure failed.\n");
   3.372 +            if (init_next_chwall_ssid(state)) {
   3.373 +                printf
   3.374 +                    ("ERROR: creating new chwall ssid structure failed.\n");
   3.375                  exit(EXIT_FAILURE);
   3.376              }
   3.377              walk_labels(cur_node->children, doc, state | (1 << code));
   3.378 -
   3.379              break;
   3.380  
   3.381          case XML2BIN_TYPE:
   3.382 @@ -663,115 +674,66 @@ void walk_labels(xmlNode * start, xmlDoc
   3.383              break;
   3.384  
   3.385          case XML2BIN_NAME:
   3.386 -            if ((state != XML2BIN_VM_S) && (state != XML2BIN_RES_S))
   3.387 -            {
   3.388 -                printf("ERROR: >name< out of VM/RES context.\n");
   3.389 -                exit(EXIT_FAILURE);
   3.390 -            }
   3.391 -            current_ssid_name = (char *)
   3.392 -                xmlNodeListGetString(doc, cur_node->xmlChildrenNode, 1);
   3.393 -
   3.394 -            if (!current_ssid_name)
   3.395 -            {
   3.396 -                printf("ERROR: empty >name<!\n");
   3.397 +            if ((state == XML2BIN_VM_S) || (state == XML2BIN_RES_S)) {
   3.398 +                current_ssid_name = (char *)
   3.399 +                    xmlNodeListGetString(doc, cur_node->xmlChildrenNode,
   3.400 +                                         1);
   3.401 +                if (!current_ssid_name) {
   3.402 +                    printf("ERROR: empty >vm/res name<!\n");
   3.403 +                    exit(EXIT_FAILURE);
   3.404 +                }
   3.405 +            } else {
   3.406 +                printf
   3.407 +                    ("ERROR: >name< >%s< out of context (state = 0x%lx.\n",
   3.408 +                     (char *) xmlNodeListGetString(doc,
   3.409 +                                                   cur_node->
   3.410 +                                                   xmlChildrenNode, 1),
   3.411 +                     state);
   3.412                  exit(EXIT_FAILURE);
   3.413              }
   3.414              break;
   3.415  
   3.416          case XML2BIN_TEXT:
   3.417          case XML2BIN_COMMENT:
   3.418 -        case XML2BIN_LABELHEADER:
   3.419 +        case XML2BIN_POLICYHEADER:
   3.420 +        case XML2BIN_STE:
   3.421 +        case XML2BIN_CHWALL:
   3.422              break;
   3.423  
   3.424          default:
   3.425 -            printf("Unkonwn token Error (%d)\n", code);
   3.426 +            printf("Unkonwn token Error (%d) in Label Template\n", code);
   3.427              exit(EXIT_FAILURE);
   3.428          }
   3.429 -
   3.430      }
   3.431      return;
   3.432  }
   3.433  
   3.434 -/* this function walks through a ssid queue
   3.435 - * and transforms double entries into references
   3.436 - * of the first definition (we need to keep the
   3.437 - * entry to map labels but we don't want double
   3.438 - * ssids in the binary policy
   3.439 - */
   3.440 -void
   3.441 -remove_doubles(struct tailhead_ssid *head,
   3.442 -                        u_int32_t max_types, u_int32_t * max_ssids)
   3.443 -{
   3.444 -    struct ssid_entry *np, *ni;
   3.445 -
   3.446 -    /* walk once through the list */
   3.447 -    for (np = head->tqh_first; np != NULL; np = np->entries.tqe_next)
   3.448 -    {
   3.449 -        /* now search from the start until np for the same entry */
   3.450 -        for (ni = head->tqh_first; ni != np; ni = ni->entries.tqe_next)
   3.451 -        {
   3.452 -            if (ni->is_ref)
   3.453 -                continue;
   3.454 -            if (memcmp(np->row, ni->row, max_types))
   3.455 -                continue;
   3.456 -            /* found one, set np reference to ni */
   3.457 -            np->is_ref = 1;
   3.458 -            np->num = ni->num;
   3.459 -            (*max_ssids)--;
   3.460 -        }
   3.461 -    }
   3.462 -
   3.463 -    /* now minimize the ssid numbers used (doubles introduce holes) */
   3.464 -    (*max_ssids) = 0; /* reset */
   3.465 -
   3.466 -    for (np = head->tqh_first; np != NULL; np = np->entries.tqe_next)
   3.467 -    {
   3.468 -        if (np->is_ref)
   3.469 -            continue;
   3.470 -
   3.471 -        if (np->num != (*max_ssids)) {
   3.472 -                /* first reset all later references to the new max_ssid */
   3.473 -                for (ni = np->entries.tqe_next; ni != NULL; ni = ni->entries.tqe_next)
   3.474 -                {
   3.475 -                    if (ni->num == np->num)
   3.476 -                        ni->num = (*max_ssids);
   3.477 -                }
   3.478 -                /* now reset num */
   3.479 -                np->num = (*max_ssids)++;
   3.480 -        }
   3.481 -        else
   3.482 -            (*max_ssids)++;
   3.483 -    }
   3.484 -}
   3.485 -
   3.486  /*
   3.487   * will go away as soon as we have non-static bootstrap ssidref for dom0
   3.488   */
   3.489  void fixup_bootstrap_label(struct tailhead_ssid *head,
   3.490 -                         u_int32_t max_types, u_int32_t * max_ssids)
   3.491 +                           u_int32_t max_types, u_int32_t * max_ssids)
   3.492  {
   3.493      struct ssid_entry *np;
   3.494      int i;
   3.495  
   3.496      /* should not happen if xml / xsd checks work */
   3.497 -    if (!bootstrap_label)
   3.498 -    {
   3.499 +    if (!bootstrap_label) {
   3.500          printf("ERROR: No bootstrap label defined.\n");
   3.501          exit(EXIT_FAILURE);
   3.502      }
   3.503  
   3.504      /* search bootstrap_label */
   3.505 -    for (np = head->tqh_first; np != NULL; np = np->entries.tqe_next)
   3.506 -    {
   3.507 -        if (!strcmp(np->name, bootstrap_label))
   3.508 -        {
   3.509 +    for (np = head->tqh_first; np != NULL; np = np->entries.tqe_next) {
   3.510 +        if (!strcmp(np->name, bootstrap_label)) {
   3.511              break;
   3.512          }
   3.513      }
   3.514  
   3.515      if (!np) {
   3.516          /* bootstrap label not found */
   3.517 -        printf("ERROR: Bootstrap label >%s< not found.\n", bootstrap_label);
   3.518 +        printf("ERROR: Bootstrap label >%s< not found.\n",
   3.519 +               bootstrap_label);
   3.520          exit(EXIT_FAILURE);
   3.521      }
   3.522  
   3.523 @@ -781,16 +743,14 @@ void fixup_bootstrap_label(struct tailhe
   3.524      TAILQ_INSERT_AFTER(head, head->tqh_first, np, entries);
   3.525  
   3.526      /* renumber the ssids (we could also just switch places with 1st element) */
   3.527 -    for (np = head->tqh_first, i=0; np != NULL; np = np->entries.tqe_next, i++)
   3.528 -        np->num   = i;
   3.529 +    for (np = head->tqh_first, i = 0; np != NULL;
   3.530 +         np = np->entries.tqe_next, i++)
   3.531 +        np->num = i;
   3.532  
   3.533  }
   3.534  
   3.535 -int create_ssid_mapping(xmlDocPtr doc)
   3.536 +void init_label_mapping(void)
   3.537  {
   3.538 -    xmlNode *root_element = xmlDocGetRootElement(doc);
   3.539 -    struct ssid_entry *np;
   3.540 -    int i;
   3.541  
   3.542      printf("Creating label mappings ...\n");
   3.543      /* initialize the ste and chwall type lists */
   3.544 @@ -798,14 +758,16 @@ int create_ssid_mapping(xmlDocPtr doc)
   3.545      TAILQ_INIT(&ste_ssid_head);
   3.546  
   3.547      /* init with default ssids */
   3.548 -    if (init_ssid_queues())
   3.549 -    {
   3.550 +    if (init_ssid_queues()) {
   3.551          printf("ERROR adding default ssids.\n");
   3.552          exit(EXIT_FAILURE);
   3.553      }
   3.554 +}
   3.555  
   3.556 -    /* now walk the template DOM tree and fill in ssids */
   3.557 -    walk_labels(root_element, doc, XML2BIN_NULL);
   3.558 +void post_label_mapping(void)
   3.559 +{
   3.560 +    struct ssid_entry *np;
   3.561 +    int i;
   3.562  
   3.563      /*
   3.564       * now sort bootstrap label to the head of the list
   3.565 @@ -814,30 +776,20 @@ int create_ssid_mapping(xmlDocPtr doc)
   3.566       */
   3.567      if (have_chwall)
   3.568          fixup_bootstrap_label(&chwall_ssid_head, max_chwall_types,
   3.569 -                                &max_chwall_ssids);
   3.570 +                              &max_chwall_ssids);
   3.571      if (have_ste)
   3.572          fixup_bootstrap_label(&ste_ssid_head, max_ste_types,
   3.573 -                                &max_ste_ssids);
   3.574 -
   3.575 -    /* remove any double entries (insert reference instead) */
   3.576 -    if (have_chwall)
   3.577 -        remove_doubles(&chwall_ssid_head, max_chwall_types,
   3.578 -                       &max_chwall_ssids);
   3.579 -    if (have_ste)
   3.580 -        remove_doubles(&ste_ssid_head, max_ste_types,
   3.581 -                       &max_ste_ssids);
   3.582 +                              &max_ste_ssids);
   3.583  
   3.584      if (!DEBUG)
   3.585 -        return 0;
   3.586 +        return;
   3.587  
   3.588      /* print queues */
   3.589 -    if (have_chwall)
   3.590 -    {
   3.591 +    if (have_chwall) {
   3.592          printf("CHWALL SSID queue (max ssidrefs=%d):\n", max_chwall_ssids);
   3.593          np = NULL;
   3.594          for (np = chwall_ssid_head.tqh_first; np != NULL;
   3.595 -             np = np->entries.tqe_next)
   3.596 -        {
   3.597 +             np = np->entries.tqe_next) {
   3.598              printf("SSID #%02u (Label=%s)\n", np->num, np->name);
   3.599              if (np->is_ref)
   3.600                  printf("REFERENCE");
   3.601 @@ -848,13 +800,11 @@ int create_ssid_mapping(xmlDocPtr doc)
   3.602              printf("\n\n");
   3.603          }
   3.604      }
   3.605 -    if (have_ste)
   3.606 -    {
   3.607 +    if (have_ste) {
   3.608          printf("STE SSID queue (max ssidrefs=%d):\n", max_ste_ssids);
   3.609          np = NULL;
   3.610          for (np = ste_ssid_head.tqh_first; np != NULL;
   3.611 -             np = np->entries.tqe_next)
   3.612 -        {
   3.613 +             np = np->entries.tqe_next) {
   3.614              printf("SSID #%02u (Label=%s)\n", np->num, np->name);
   3.615              if (np->is_ref)
   3.616                  printf("REFERENCE");
   3.617 @@ -865,7 +815,19 @@ int create_ssid_mapping(xmlDocPtr doc)
   3.618              printf("\n\n");
   3.619          }
   3.620      }
   3.621 -    return 0;
   3.622 +}
   3.623 +
   3.624 +void create_mappings(xmlDocPtr doc)
   3.625 +{
   3.626 +    xmlNode *doc_root_node = xmlDocGetRootElement(doc);
   3.627 +
   3.628 +    /* walk the XML policy tree and fill in types and labels */
   3.629 +    init_type_mapping();
   3.630 +    walk_policy(doc_root_node, doc, XML2BIN_NULL);      /* first pass: types */
   3.631 +    post_type_mapping();
   3.632 +    init_label_mapping();
   3.633 +    walk_labels(doc_root_node, doc, XML2BIN_NULL);      /* second pass: labels */
   3.634 +    post_label_mapping();
   3.635  }
   3.636  
   3.637  /***************** writing the binary policy *********************/
   3.638 @@ -888,19 +850,16 @@ int write_mapping(char *filename)
   3.639      if ((file = fopen(filename, "w")) == NULL)
   3.640          return -EIO;
   3.641  
   3.642 +    fprintf(file, "POLICYREFERENCENAME    %s\n", policy_reference_name);
   3.643      fprintf(file, "MAGIC                  %08x\n", ACM_MAGIC);
   3.644 -    fprintf(file, "POLICY                 %s\n",
   3.645 -            basename(policy_filename));
   3.646 -    fprintf(file, "BINARY                 %s\n",
   3.647 -            basename(binary_filename));
   3.648 -    if (have_chwall)
   3.649 -    {
   3.650 +    fprintf(file, "POLICY FILE            %s\n", policy_filename);
   3.651 +    fprintf(file, "BINARY FILE            %s\n", binary_filename);
   3.652 +    if (have_chwall) {
   3.653          fprintf(file, "MAX-CHWALL-TYPES       %08x\n", max_chwall_types);
   3.654          fprintf(file, "MAX-CHWALL-SSIDS       %08x\n", max_chwall_ssids);
   3.655          fprintf(file, "MAX-CHWALL-LABELS      %08x\n", max_chwall_labels);
   3.656      }
   3.657 -    if (have_ste)
   3.658 -    {
   3.659 +    if (have_ste) {
   3.660          fprintf(file, "MAX-STE-TYPES          %08x\n", max_ste_types);
   3.661          fprintf(file, "MAX-STE-SSIDS          %08x\n", max_ste_ssids);
   3.662          fprintf(file, "MAX-STE-LABELS         %08x\n", max_ste_labels);
   3.663 @@ -939,11 +898,9 @@ int write_mapping(char *filename)
   3.664      fprintf(file, "\n");
   3.665  
   3.666      /* first labels to ssid mappings */
   3.667 -    if (have_chwall)
   3.668 -    {
   3.669 +    if (have_chwall) {
   3.670          for (e = chwall_ssid_head.tqh_first; e != NULL;
   3.671 -             e = e->entries.tqe_next)
   3.672 -        {
   3.673 +             e = e->entries.tqe_next) {
   3.674              fprintf(file, "LABEL->SSID %s CHWALL %-25s %8x\n",
   3.675                      (e->type ==
   3.676                       VM) ? "VM " : ((e->type == RES) ? "RES" : "ANY"),
   3.677 @@ -951,11 +908,9 @@ int write_mapping(char *filename)
   3.678          }
   3.679          fprintf(file, "\n");
   3.680      }
   3.681 -    if (have_ste)
   3.682 -    {
   3.683 +    if (have_ste) {
   3.684          for (e = ste_ssid_head.tqh_first; e != NULL;
   3.685 -             e = e->entries.tqe_next)
   3.686 -        {
   3.687 +             e = e->entries.tqe_next) {
   3.688              fprintf(file, "LABEL->SSID %s STE    %-25s %8x\n",
   3.689                      (e->type ==
   3.690                       VM) ? "VM " : ((e->type == RES) ? "RES" : "ANY"),
   3.691 @@ -965,11 +920,9 @@ int write_mapping(char *filename)
   3.692      }
   3.693  
   3.694      /* second ssid to type mappings */
   3.695 -    if (have_chwall)
   3.696 -    {
   3.697 +    if (have_chwall) {
   3.698          for (e = chwall_ssid_head.tqh_first; e != NULL;
   3.699 -             e = e->entries.tqe_next)
   3.700 -        {
   3.701 +             e = e->entries.tqe_next) {
   3.702              if (e->is_ref)
   3.703                  continue;
   3.704  
   3.705 @@ -985,8 +938,7 @@ int write_mapping(char *filename)
   3.706      }
   3.707      if (have_ste) {
   3.708          for (e = ste_ssid_head.tqh_first; e != NULL;
   3.709 -             e = e->entries.tqe_next)
   3.710 -        {
   3.711 +             e = e->entries.tqe_next) {
   3.712              if (e->is_ref)
   3.713                  continue;
   3.714  
   3.715 @@ -1001,18 +953,15 @@ int write_mapping(char *filename)
   3.716          fprintf(file, "\n");
   3.717      }
   3.718      /* third type mappings */
   3.719 -    if (have_chwall)
   3.720 -    {
   3.721 -        for (t = chwall_head.tqh_first; t != NULL; t = t->entries.tqe_next)
   3.722 -        {
   3.723 +    if (have_chwall) {
   3.724 +        for (t = chwall_head.tqh_first; t != NULL; t = t->entries.tqe_next) {
   3.725              fprintf(file, "TYPE CHWALL            %-25s %8x\n",
   3.726                      t->name, t->mapping);
   3.727          }
   3.728          fprintf(file, "\n");
   3.729      }
   3.730      if (have_ste) {
   3.731 -        for (t = ste_head.tqh_first; t != NULL; t = t->entries.tqe_next)
   3.732 -        {
   3.733 +        for (t = ste_head.tqh_first; t != NULL; t = t->entries.tqe_next) {
   3.734              fprintf(file, "TYPE STE               %-25s %8x\n",
   3.735                      t->name, t->mapping);
   3.736          }
   3.737 @@ -1022,6 +971,38 @@ int write_mapping(char *filename)
   3.738      return 0;
   3.739  }
   3.740  
   3.741 +
   3.742 +unsigned char *write_policy_reference_binary(u_int32_t * len_pr)
   3.743 +{
   3.744 +    unsigned char *buf, *ptr;
   3.745 +    struct acm_policy_reference_buffer *pr_header;
   3.746 +    u_int32_t len;
   3.747 +
   3.748 +    if (policy_reference_name == NULL) {
   3.749 +        printf("ERROR: No policy reference name found.\n");
   3.750 +        exit(EXIT_FAILURE);
   3.751 +    }
   3.752 +    len = (sizeof(struct acm_policy_reference_buffer) +
   3.753 +           strlen(policy_reference_name) + 1);
   3.754 +    buf = malloc(len);
   3.755 +    ptr = buf;
   3.756 +
   3.757 +    if (!buf) {
   3.758 +        printf
   3.759 +            ("ERROR: out of memory allocating label reference buffer.\n");
   3.760 +        exit(EXIT_FAILURE);
   3.761 +    }
   3.762 +    pr_header = (struct acm_policy_reference_buffer *) buf;
   3.763 +    pr_header->len =
   3.764 +        htonl(strlen(policy_reference_name) + 1 /* strend \'0' */ );
   3.765 +    ptr += sizeof(struct acm_policy_reference_buffer);
   3.766 +    strcpy((char *) ptr, policy_reference_name);
   3.767 +
   3.768 +    (*len_pr) = len;
   3.769 +    return buf;
   3.770 +}
   3.771 +
   3.772 +
   3.773  unsigned char *write_chwall_binary(u_int32_t * len_chwall)
   3.774  {
   3.775      unsigned char *buf, *ptr;
   3.776 @@ -1040,8 +1021,7 @@ unsigned char *write_chwall_binary(u_int
   3.777      buf = malloc(len);
   3.778      ptr = buf;
   3.779  
   3.780 -    if (!buf)
   3.781 -    {
   3.782 +    if (!buf) {
   3.783          printf("ERROR: out of memory allocating chwall buffer.\n");
   3.784          exit(EXIT_FAILURE);
   3.785      }
   3.786 @@ -1058,14 +1038,13 @@ unsigned char *write_chwall_binary(u_int
   3.787      chwall_header->chwall_conflict_sets_offset =
   3.788          htonl(ntohl(chwall_header->chwall_ssid_offset) +
   3.789                sizeof(domaintype_t) * max_chwall_ssids * max_chwall_types);
   3.790 -    chwall_header->chwall_running_types_offset = 0;     /* not set, only retrieved */
   3.791 -    chwall_header->chwall_conflict_aggregate_offset = 0;        /* not set, only retrieved */
   3.792 +    chwall_header->chwall_running_types_offset = 0;
   3.793 +    chwall_header->chwall_conflict_aggregate_offset = 0;
   3.794      ptr += sizeof(struct acm_chwall_policy_buffer);
   3.795  
   3.796      /* types */
   3.797      for (e = chwall_ssid_head.tqh_first; e != NULL;
   3.798 -         e = e->entries.tqe_next)
   3.799 -    {
   3.800 +         e = e->entries.tqe_next) {
   3.801          if (e->is_ref)
   3.802              continue;
   3.803  
   3.804 @@ -1077,16 +1056,14 @@ unsigned char *write_chwall_binary(u_int
   3.805  
   3.806      /* conflictsets */
   3.807      for (e = conflictsets_head.tqh_first; e != NULL;
   3.808 -         e = e->entries.tqe_next)
   3.809 -    {
   3.810 +         e = e->entries.tqe_next) {
   3.811          for (i = 0; i < max_chwall_types; i++)
   3.812              ((type_t *) ptr)[i] = htons((type_t) e->row[i]);
   3.813  
   3.814          ptr += sizeof(type_t) * max_chwall_types;
   3.815      }
   3.816  
   3.817 -    if ((ptr - buf) != len)
   3.818 -    {
   3.819 +    if ((ptr - buf) != len) {
   3.820          printf("ERROR: wrong lengths in %s.\n", __func__);
   3.821          exit(EXIT_FAILURE);
   3.822      }
   3.823 @@ -1112,8 +1089,7 @@ unsigned char *write_ste_binary(u_int32_
   3.824      buf = malloc(len);
   3.825      ptr = buf;
   3.826  
   3.827 -    if (!buf)
   3.828 -    {
   3.829 +    if (!buf) {
   3.830          printf("ERROR: out of memory allocating chwall buffer.\n");
   3.831          exit(EXIT_FAILURE);
   3.832      }
   3.833 @@ -1130,8 +1106,7 @@ unsigned char *write_ste_binary(u_int32_
   3.834      ptr += sizeof(struct acm_ste_policy_buffer);
   3.835  
   3.836      /* types */
   3.837 -    for (e = ste_ssid_head.tqh_first; e != NULL; e = e->entries.tqe_next)
   3.838 -    {
   3.839 +    for (e = ste_ssid_head.tqh_first; e != NULL; e = e->entries.tqe_next) {
   3.840          if (e->is_ref)
   3.841              continue;
   3.842  
   3.843 @@ -1141,8 +1116,7 @@ unsigned char *write_ste_binary(u_int32_
   3.844          ptr += sizeof(type_t) * max_ste_types;
   3.845      }
   3.846  
   3.847 -    if ((ptr - buf) != len)
   3.848 -    {
   3.849 +    if ((ptr - buf) != len) {
   3.850          printf("ERROR: wrong lengths in %s.\n", __func__);
   3.851          exit(EXIT_FAILURE);
   3.852      }
   3.853 @@ -1153,16 +1127,21 @@ unsigned char *write_ste_binary(u_int32_
   3.854  int write_binary(char *filename)
   3.855  {
   3.856      struct acm_policy_buffer header;
   3.857 -    unsigned char *ste_buffer = NULL, *chwall_buffer = NULL;
   3.858 +    unsigned char *ste_buffer = NULL, *chwall_buffer =
   3.859 +        NULL, *policy_reference_buffer = NULL;
   3.860      u_int32_t len;
   3.861 -    int fd;
   3.862 +    int fd, ret = 0;
   3.863  
   3.864 -    u_int32_t len_ste = 0, len_chwall = 0;      /* length of policy components */
   3.865 +    u_int32_t len_ste = 0, len_chwall = 0, len_pr = 0;  /* length of policy components */
   3.866  
   3.867      /* open binary file */
   3.868 -    if ((fd = open(filename, O_WRONLY | O_CREAT | O_TRUNC, S_IRUSR | S_IWUSR)) <= 0)
   3.869 -        return -EIO;
   3.870 -
   3.871 +    if ((fd =
   3.872 +         open(filename, O_WRONLY | O_CREAT | O_TRUNC,
   3.873 +              S_IRUSR | S_IWUSR)) <= 0) {
   3.874 +        ret = -EIO;
   3.875 +        goto out1;
   3.876 +    }
   3.877 +    policy_reference_buffer = write_policy_reference_binary(&len_pr);
   3.878      ste_buffer = write_ste_binary(&len_ste);
   3.879      chwall_buffer = write_chwall_binary(&len_chwall);
   3.880  
   3.881 @@ -1175,24 +1154,26 @@ int write_binary(char *filename)
   3.882          len += len_chwall;
   3.883      if (have_ste)
   3.884          len += len_ste;
   3.885 +    len += len_pr;              /* policy reference is mandatory */
   3.886      header.len = htonl(len);
   3.887  
   3.888 -    header.primary_buffer_offset = htonl(sizeof(struct acm_policy_buffer));
   3.889 -    if (primary == CHWALL)
   3.890 -    {
   3.891 +    header.policy_reference_offset =
   3.892 +        htonl(sizeof(struct acm_policy_buffer));
   3.893 +
   3.894 +    header.primary_buffer_offset =
   3.895 +        htonl(sizeof(struct acm_policy_buffer) + len_pr);
   3.896 +    if (primary == CHWALL) {
   3.897          header.primary_policy_code = htonl(ACM_CHINESE_WALL_POLICY);
   3.898          header.secondary_buffer_offset =
   3.899 -            htonl((sizeof(struct acm_policy_buffer)) + len_chwall);
   3.900 -    }
   3.901 -    else if (primary == STE)
   3.902 -    {
   3.903 +            htonl((sizeof(struct acm_policy_buffer)) + len_pr +
   3.904 +                  len_chwall);
   3.905 +    } else if (primary == STE) {
   3.906          header.primary_policy_code =
   3.907              htonl(ACM_SIMPLE_TYPE_ENFORCEMENT_POLICY);
   3.908          header.secondary_buffer_offset =
   3.909 -            htonl((sizeof(struct acm_policy_buffer)) + len_ste);
   3.910 -    }
   3.911 -    else
   3.912 -    {
   3.913 +            htonl((sizeof(struct acm_policy_buffer)) + len_pr +
   3.914 +                  len_ste);
   3.915 +    } else {
   3.916          /* null policy */
   3.917          header.primary_policy_code = htonl(ACM_NULL_POLICY);
   3.918          header.secondary_buffer_offset =
   3.919 @@ -1208,36 +1189,52 @@ int write_binary(char *filename)
   3.920          header.secondary_policy_code = htonl(ACM_NULL_POLICY);
   3.921  
   3.922      if (write(fd, (void *) &header, sizeof(struct acm_policy_buffer))
   3.923 -        != sizeof(struct acm_policy_buffer))
   3.924 -        return -EIO;
   3.925 +        != sizeof(struct acm_policy_buffer)) {
   3.926 +        ret = -EIO;
   3.927 +        goto out1;
   3.928 +    }
   3.929  
   3.930 +    /* write label reference name */
   3.931 +    if (write(fd, policy_reference_buffer, len_pr) != len_pr) {
   3.932 +        ret = -EIO;
   3.933 +        goto out1;
   3.934 +    }
   3.935      /* write primary policy component */
   3.936 -    if (primary == CHWALL)
   3.937 -    {
   3.938 -        if (write(fd, chwall_buffer, len_chwall) != len_chwall)
   3.939 -            return -EIO;
   3.940 -    }
   3.941 -    else if (primary == STE)
   3.942 -    {
   3.943 -        if (write(fd, ste_buffer, len_ste) != len_ste)
   3.944 -            return -EIO;
   3.945 -    } else
   3.946 -        ;                     /* NULL POLICY has no policy data */
   3.947 +    if (primary == CHWALL) {
   3.948 +        if (write(fd, chwall_buffer, len_chwall) != len_chwall) {
   3.949 +            ret = -EIO;
   3.950 +            goto out1;
   3.951 +        }
   3.952 +    } else if (primary == STE) {
   3.953 +        if (write(fd, ste_buffer, len_ste) != len_ste) {
   3.954 +            ret = -EIO;
   3.955 +            goto out1;
   3.956 +        }
   3.957 +    } else;                     /* NULL POLICY has no policy data */
   3.958  
   3.959      /* write secondary policy component */
   3.960 -    if (secondary == CHWALL)
   3.961 -    {
   3.962 -        if (write(fd, chwall_buffer, len_chwall) != len_chwall)
   3.963 -            return -EIO;
   3.964 -    }
   3.965 -    else if (secondary == STE)
   3.966 -    {
   3.967 -        if (write(fd, ste_buffer, len_ste) != len_ste)
   3.968 -            return -EIO;
   3.969 +    if (secondary == CHWALL) {
   3.970 +        if (write(fd, chwall_buffer, len_chwall) != len_chwall) {
   3.971 +            ret = -EIO;
   3.972 +            goto out1;
   3.973 +        }
   3.974 +    } else if (secondary == STE) {
   3.975 +        if (write(fd, ste_buffer, len_ste) != len_ste) {
   3.976 +            ret = -EIO;
   3.977 +            goto out1;
   3.978 +        }
   3.979      } else;                     /* NULL POLICY has no policy data */
   3.980  
   3.981 +  out1:
   3.982 +    /* cleanup */
   3.983 +    if (policy_reference_buffer)
   3.984 +        free(policy_reference_buffer);
   3.985 +    if (chwall_buffer)
   3.986 +        free(chwall_buffer);
   3.987 +    if (ste_buffer)
   3.988 +        free(ste_buffer);
   3.989      close(fd);
   3.990 -    return 0;
   3.991 +    return ret;
   3.992  }
   3.993  
   3.994  int is_valid(xmlDocPtr doc)
   3.995 @@ -1253,18 +1250,15 @@ int is_valid(xmlDocPtr doc)
   3.996  
   3.997  #ifdef VALIDATE_SCHEMA
   3.998      /* only tested to be available from libxml2-2.6.20 upwards */
   3.999 -    if ((err = xmlSchemaIsValid(schemavalid_ctxt)) != 1)
  3.1000 -    {
  3.1001 +    if ((err = xmlSchemaIsValid(schemavalid_ctxt)) != 1) {
  3.1002          printf("ERROR: Invalid schema file %s (err=%d)\n",
  3.1003                 schema_filename, err);
  3.1004          err = -EIO;
  3.1005          goto out;
  3.1006 -    }
  3.1007 -    else
  3.1008 +    } else
  3.1009          printf("XML Schema %s valid.\n", schema_filename);
  3.1010  #endif
  3.1011 -    if ((err = xmlSchemaValidateDoc(schemavalid_ctxt, doc)))
  3.1012 -    {
  3.1013 +    if ((err = xmlSchemaValidateDoc(schemavalid_ctxt, doc))) {
  3.1014          err = -EIO;
  3.1015          goto out;
  3.1016      }
  3.1017 @@ -1277,10 +1271,9 @@ int is_valid(xmlDocPtr doc)
  3.1018  
  3.1019  int main(int argc, char **argv)
  3.1020  {
  3.1021 -    xmlDocPtr labeldoc = NULL;
  3.1022      xmlDocPtr policydoc = NULL;
  3.1023  
  3.1024 -    int err = EXIT_SUCCESS;
  3.1025 +    int err = EXIT_FAILURE;
  3.1026  
  3.1027      char *file_prefix;
  3.1028      int prefix_len;
  3.1029 @@ -1288,16 +1281,18 @@ int main(int argc, char **argv)
  3.1030      int opt_char;
  3.1031      char *policy_dir = POLICY_DIR;
  3.1032  
  3.1033 -    if (ACM_POLICY_VERSION != WRITTEN_AGAINST_ACM_POLICY_VERSION)
  3.1034 -    {
  3.1035 -        printf("ERROR: This program was written against an older ACM version.\n");
  3.1036 +    if (ACM_POLICY_VERSION != WRITTEN_AGAINST_ACM_POLICY_VERSION) {
  3.1037 +        printf
  3.1038 +            ("ERROR: This program was written against an older ACM version.\n");
  3.1039 +        printf("ERROR: ACM_POLICY_VERSION=%d, WRITTEN AGAINST= %d.\n",
  3.1040 +               ACM_POLICY_VERSION, WRITTEN_AGAINST_ACM_POLICY_VERSION);
  3.1041          exit(EXIT_FAILURE);
  3.1042      }
  3.1043  
  3.1044      while ((opt_char = getopt(argc, argv, "d:")) != -1) {
  3.1045          switch (opt_char) {
  3.1046          case 'd':
  3.1047 -            policy_dir = malloc(strlen(optarg) + 2); // null terminator and possibly "/"
  3.1048 +            policy_dir = malloc(strlen(optarg) + 2);    /* null terminator and possibly "/" */
  3.1049              if (!policy_dir) {
  3.1050                  printf("ERROR allocating directory name memory.\n");
  3.1051                  exit(EXIT_FAILURE);
  3.1052 @@ -1315,20 +1310,21 @@ int main(int argc, char **argv)
  3.1053      if ((argc - optind) != 1)
  3.1054          usage(basename(argv[0]));
  3.1055  
  3.1056 -    prefix_len = strlen(policy_dir) +
  3.1057 -        strlen(argv[optind]) + 1 /* "/" */  +
  3.1058 -        strlen(argv[optind]) + 1 /* null terminator */ ;
  3.1059 +    printf("arg=%s\n", argv[optind]);
  3.1060 +
  3.1061 +    prefix_len =
  3.1062 +        strlen(policy_dir) + strlen(argv[optind]) +
  3.1063 +        1 /* null terminator */ ;
  3.1064  
  3.1065      file_prefix = malloc(prefix_len);
  3.1066      policy_filename = malloc(prefix_len + strlen(POLICY_EXTENSION));
  3.1067 -    label_filename = malloc(prefix_len + strlen(LABEL_EXTENSION));
  3.1068      binary_filename = malloc(prefix_len + strlen(BINARY_EXTENSION));
  3.1069      mapping_filename = malloc(prefix_len + strlen(MAPPING_EXTENSION));
  3.1070 -    schema_filename = malloc(strlen(policy_dir) + strlen(SCHEMA_FILENAME) + 1);
  3.1071 +    schema_filename =
  3.1072 +        malloc(strlen(policy_dir) + strlen(SCHEMA_FILENAME) + 1);
  3.1073  
  3.1074 -    if (!file_prefix || !policy_filename || !label_filename ||
  3.1075 -        !binary_filename || !mapping_filename || !schema_filename)
  3.1076 -    {
  3.1077 +    if (!file_prefix || !policy_filename ||
  3.1078 +        !binary_filename || !mapping_filename || !schema_filename) {
  3.1079          printf("ERROR allocating file name memory.\n");
  3.1080          goto out2;
  3.1081      }
  3.1082 @@ -1336,85 +1332,56 @@ int main(int argc, char **argv)
  3.1083      /* create input/output filenames out of prefix */
  3.1084      strcpy(file_prefix, policy_dir);
  3.1085      strcat(file_prefix, argv[optind]);
  3.1086 -    strcat(file_prefix, "/");
  3.1087 -    strcat(file_prefix, argv[optind]);
  3.1088  
  3.1089      strcpy(policy_filename, file_prefix);
  3.1090 -    strcpy(label_filename, file_prefix);
  3.1091      strcpy(binary_filename, file_prefix);
  3.1092      strcpy(mapping_filename, file_prefix);
  3.1093  
  3.1094      strcat(policy_filename, POLICY_EXTENSION);
  3.1095 -    strcat(label_filename, LABEL_EXTENSION);
  3.1096      strcat(binary_filename, BINARY_EXTENSION);
  3.1097      strcat(mapping_filename, MAPPING_EXTENSION);
  3.1098  
  3.1099      strcpy(schema_filename, policy_dir);
  3.1100      strcat(schema_filename, SCHEMA_FILENAME);
  3.1101  
  3.1102 -    labeldoc = xmlParseFile(label_filename);
  3.1103 -
  3.1104 -    if (labeldoc == NULL)
  3.1105 -    {
  3.1106 -        printf("Error: could not parse file %s.\n", argv[optind]);
  3.1107 -        goto out2;
  3.1108 -    }
  3.1109 -
  3.1110 -    printf("Validating label file %s...\n", label_filename);
  3.1111 -    if (!is_valid(labeldoc))
  3.1112 -    {
  3.1113 -        printf("ERROR: Failed schema-validation for file %s (err=%d)\n",
  3.1114 -               label_filename, err);
  3.1115 -        goto out1;
  3.1116 -    }
  3.1117 -
  3.1118      policydoc = xmlParseFile(policy_filename);
  3.1119  
  3.1120 -    if (policydoc == NULL)
  3.1121 -    {
  3.1122 +    if (policydoc == NULL) {
  3.1123          printf("Error: could not parse file %s.\n", argv[optind]);
  3.1124 -        goto out1;
  3.1125 +        goto out;
  3.1126      }
  3.1127  
  3.1128      printf("Validating policy file %s...\n", policy_filename);
  3.1129  
  3.1130 -    if (!is_valid(policydoc))
  3.1131 -    {
  3.1132 +    if (!is_valid(policydoc)) {
  3.1133          printf("ERROR: Failed schema-validation for file %s (err=%d)\n",
  3.1134                 policy_filename, err);
  3.1135          goto out;
  3.1136      }
  3.1137  
  3.1138 -    /* Init queues and parse policy */
  3.1139 -    create_type_mapping(policydoc);
  3.1140 -
  3.1141 -    /* create ssids */
  3.1142 -    create_ssid_mapping(labeldoc);
  3.1143 +    /* create mappings */
  3.1144 +    create_mappings(policydoc);
  3.1145  
  3.1146      /* write label mapping file */
  3.1147 -    if (write_mapping(mapping_filename))
  3.1148 -    {
  3.1149 +    if (write_mapping(mapping_filename)) {
  3.1150          printf("ERROR: writing mapping file %s.\n", mapping_filename);
  3.1151          goto out;
  3.1152      }
  3.1153  
  3.1154      /* write binary file */
  3.1155 -    if (write_binary(binary_filename))
  3.1156 -    {
  3.1157 +    if (write_binary(binary_filename)) {
  3.1158          printf("ERROR: writing binary file %s.\n", binary_filename);
  3.1159          goto out;
  3.1160      }
  3.1161 -
  3.1162 +    err = EXIT_SUCCESS;
  3.1163      /* write stats */
  3.1164 -    if (have_chwall)
  3.1165 -    {
  3.1166 +    if (have_chwall) {
  3.1167          printf("Max chwall labels:  %u\n", max_chwall_labels);
  3.1168          printf("Max chwall-types:   %u\n", max_chwall_types);
  3.1169          printf("Max chwall-ssids:   %u\n", max_chwall_ssids);
  3.1170      }
  3.1171  
  3.1172 -    if (have_ste)
  3.1173 -    {
  3.1174 +    if (have_ste) {
  3.1175          printf("Max ste labels:     %u\n", max_ste_labels);
  3.1176          printf("Max ste-types:      %u\n", max_ste_types);
  3.1177          printf("Max ste-ssids:      %u\n", max_ste_ssids);
  3.1178 @@ -1422,10 +1389,17 @@ int main(int argc, char **argv)
  3.1179      /* cleanup */
  3.1180    out:
  3.1181      xmlFreeDoc(policydoc);
  3.1182 -  out1:
  3.1183 -    xmlFreeDoc(labeldoc);
  3.1184    out2:
  3.1185      xmlCleanupParser();
  3.1186      return err;
  3.1187  }
  3.1188  
  3.1189 +/*
  3.1190 + * Local variables:
  3.1191 + * mode: C
  3.1192 + * c-set-style: "BSD"
  3.1193 + * c-basic-offset: 4
  3.1194 + * tab-width: 4
  3.1195 + * indent-tabs-mode: nil
  3.1196 + * End:
  3.1197 + */
     4.1 --- a/tools/security/secpol_xml2bin.h	Mon Apr 24 10:51:20 2006 +0100
     4.2 +++ b/tools/security/secpol_xml2bin.h	Mon Apr 24 10:51:50 2006 +0100
     4.3 @@ -12,37 +12,41 @@
     4.4   * License.
     4.5   *
     4.6   */
     4.7 -#define POLICY_DIR          "/etc/xen/acm-security/policies/"
     4.8 -#define POLICY_EXTENSION    "-security_policy.xml"
     4.9 -#define LABEL_EXTENSION     "-security_label_template.xml"
    4.10 -#define BINARY_EXTENSION    ".bin"
    4.11 -#define MAPPING_EXTENSION   ".map"
    4.12 -#define PRIMARY_COMPONENT_ATTR_NAME "order"
    4.13 -#define BOOTSTRAP_LABEL_ATTR_NAME   "bootstrap"
    4.14 -#define PRIMARY_COMPONENT   "PrimaryPolicyComponent"
    4.15 -#define SCHEMA_FILENAME     "security_policy.xsd"
    4.16 +#define POLICY_DIR          			"/etc/xen/acm-security/policies/"
    4.17 +#define POLICY_EXTENSION    			"-security_policy.xml"
    4.18 +#define BINARY_EXTENSION    			".bin"
    4.19 +#define MAPPING_EXTENSION   			".map"
    4.20 +#define PRIMARY_COMPONENT_ATTR_NAME 	"order"
    4.21 +#define BOOTSTRAP_LABEL_ATTR_NAME   	"bootstrap"
    4.22 +#define PRIMARY_COMPONENT   			"PrimaryPolicyComponent"
    4.23 +#define SCHEMA_FILENAME     			"security_policy.xsd"
    4.24  
    4.25  /* basic states (used as 1 << X) */
    4.26 -#define XML2BIN_SECPOL		    0   /* policy tokens */
    4.27 -#define XML2BIN_STE		        1
    4.28 +#define ENDOFLIST_POS           22  /* ADAPT!! this position will be NULL; stay below 32 (bit) */
    4.29 +#define XML2BIN_SECPOL          0   /* policy tokens */
    4.30 +#define XML2BIN_STE             1
    4.31  #define XML2BIN_CHWALL          2
    4.32 -#define XML2BIN_CONFLICTSETS   	3
    4.33 -#define XML2BIN_CSTYPE	    	4
    4.34 +#define XML2BIN_CONFLICTSETS    3
    4.35 +#define XML2BIN_CSTYPE          4
    4.36 +#define XML2BIN_POLICYHEADER    5
    4.37 +#define XML2BIN_NSURL           6
    4.38 +#define XML2BIN_POLICYNAME      7
    4.39 +#define XML2BIN_URL             8
    4.40 +#define XML2BIN_REFERENCE       9
    4.41 +#define XML2BIN_DATE            10
    4.42  
    4.43 -#define XML2BIN_SECTEMPLATE	    5   /* label tokens */
    4.44 -#define XML2BIN_POLICYHEADER   	6
    4.45 -#define XML2BIN_LABELHEADER     7
    4.46 -#define XML2BIN_SUBJECTS        8
    4.47 -#define XML2BIN_OBJECTS  	    9
    4.48 -#define XML2BIN_VM      	    10
    4.49 -#define XML2BIN_RES          	11
    4.50 +#define XML2BIN_LABELTEMPLATE   11  /* label tokens */
    4.51 +#define XML2BIN_SUBJECTS        12
    4.52 +#define XML2BIN_OBJECTS         13
    4.53 +#define XML2BIN_VM              14
    4.54 +#define XML2BIN_RES             15
    4.55 +#define XML2BIN_NAME            16
    4.56  
    4.57 -#define XML2BIN_STETYPES	    12  /* shared tokens */
    4.58 -#define XML2BIN_CHWALLTYPES	    13
    4.59 -#define XML2BIN_TYPE		    14
    4.60 -#define XML2BIN_NAME            15
    4.61 -#define XML2BIN_TEXT		    16
    4.62 -#define XML2BIN_COMMENT	    	17
    4.63 +#define XML2BIN_STETYPES        17  /* shared tokens */
    4.64 +#define XML2BIN_CHWALLTYPES     18
    4.65 +#define XML2BIN_TYPE            19
    4.66 +#define XML2BIN_TEXT            20
    4.67 +#define XML2BIN_COMMENT         21
    4.68  
    4.69  /* type "data type" (currently 16bit) */
    4.70  typedef u_int16_t type_t;
    4.71 @@ -51,27 +55,34 @@ typedef u_int16_t type_t;
    4.72   * state constants and token positions must be  *
    4.73   * in sync for correct state recognition        */
    4.74  
    4.75 -char *token[20] =                       /* parser triggers */
    4.76 +char *token[32] =                       /* parser triggers */
    4.77  {
    4.78 -    [0] = "SecurityPolicyDefinition",   /* policy xml */
    4.79 -    [1] = "SimpleTypeEnforcement",
    4.80 -    [2] = "ChineseWall",
    4.81 -    [3] = "ConflictSets",
    4.82 -    [4] = "Conflict",                   /* label-template xml */
    4.83 -    [5] = "SecurityLabelTemplate",
    4.84 -    [6] = "PolicyHeader",
    4.85 -    [7] = "LabelHeader",
    4.86 -    [8] = "SubjectLabels",
    4.87 -    [9] = "ObjectLabels",
    4.88 -    [10] = "VirtualMachineLabel",
    4.89 -    [11] = "ResourceLabel",
    4.90 -    [12] = "SimpleTypeEnforcementTypes",                  /* common tags */
    4.91 -    [13] = "ChineseWallTypes",
    4.92 -    [14] = "Type",
    4.93 -    [15] = "Name",
    4.94 -    [16] = "text",
    4.95 -    [17] = "comment",
    4.96 -    [18] = NULL,
    4.97 +    [XML2BIN_SECPOL]        = "SecurityPolicyDefinition", /* policy xml */
    4.98 +    [XML2BIN_STE]           = "SimpleTypeEnforcement",
    4.99 +    [XML2BIN_CHWALL]        = "ChineseWall",
   4.100 +    [XML2BIN_CONFLICTSETS]  = "ConflictSets",
   4.101 +    [XML2BIN_CSTYPE]        = "Conflict",
   4.102 +    [XML2BIN_POLICYHEADER]  = "PolicyHeader",
   4.103 +    [XML2BIN_NSURL]         = "NameSpaceUrl",
   4.104 +    [XML2BIN_POLICYNAME]    = "PolicyName",
   4.105 +    [XML2BIN_URL]           = "PolicyUrl",
   4.106 +    [XML2BIN_REFERENCE]     = "Reference",
   4.107 +    [XML2BIN_DATE]          = "Date",
   4.108 +
   4.109 +    [XML2BIN_LABELTEMPLATE] = "SecurityLabelTemplate", /* label-template xml */
   4.110 +    [XML2BIN_SUBJECTS]      = "SubjectLabels",
   4.111 +    [XML2BIN_OBJECTS]       = "ObjectLabels",
   4.112 +    [XML2BIN_VM]            = "VirtualMachineLabel",
   4.113 +    [XML2BIN_RES]           = "ResourceLabel",
   4.114 +    [XML2BIN_NAME]          = "Name",
   4.115 +
   4.116 +    [XML2BIN_STETYPES]      = "SimpleTypeEnforcementTypes", /* common tags */
   4.117 +    [XML2BIN_CHWALLTYPES]   = "ChineseWallTypes",
   4.118 +    [XML2BIN_TYPE]          = "Type",
   4.119 +	[XML2BIN_TEXT]          = "text",
   4.120 +    [XML2BIN_COMMENT]       = "comment",
   4.121 +    [ENDOFLIST_POS]         = NULL  /* End of LIST, adapt ENDOFLIST_POS
   4.122 +                                       when adding entries */
   4.123  };
   4.124  
   4.125  /* important combined states */
   4.126 @@ -82,47 +93,53 @@ char *token[20] =                       
   4.127  /* e.g., here we are in a <secpol,ste,stetypes> environment,  *
   4.128   * so when finding a type element, we know where to put it    */
   4.129  #define XML2BIN_stetype_S ((1 << XML2BIN_SECPOL) | \
   4.130 -				 (1 << XML2BIN_STE) | 	 \
   4.131 -				 (1 << XML2BIN_STETYPES))
   4.132 +                 (1 << XML2BIN_STE) | \
   4.133 +                 (1 << XML2BIN_STETYPES))
   4.134  
   4.135  #define XML2BIN_chwalltype_S ((1 << XML2BIN_SECPOL) | \
   4.136 -				 (1 << XML2BIN_CHWALL) | \
   4.137 -				 (1 << XML2BIN_CHWALLTYPES))
   4.138 +                 (1 << XML2BIN_CHWALL) | \
   4.139 +                 (1 << XML2BIN_CHWALLTYPES))
   4.140  
   4.141  #define XML2BIN_conflictset_S ((1 << XML2BIN_SECPOL) | \
   4.142 -				 (1 << XML2BIN_CHWALL) | \
   4.143 -				 (1 << XML2BIN_CONFLICTSETS))
   4.144 +                 (1 << XML2BIN_CHWALL) | \
   4.145 +                 (1 << XML2BIN_CONFLICTSETS))
   4.146  
   4.147  #define XML2BIN_conflictsettype_S ((1 << XML2BIN_SECPOL) | \
   4.148 -				 (1 << XML2BIN_CHWALL) | \
   4.149 -				 (1 << XML2BIN_CONFLICTSETS) | \
   4.150 -				 (1 << XML2BIN_CSTYPE))
   4.151 +                 (1 << XML2BIN_CHWALL) | \
   4.152 +                 (1 << XML2BIN_CONFLICTSETS) | \
   4.153 +                 (1 << XML2BIN_CSTYPE))
   4.154  
   4.155 +#define XML2BIN_PN_S ((1 << XML2BIN_SECPOL) | \
   4.156 +                 (1 << XML2BIN_POLICYHEADER))
   4.157  
   4.158  /* label xml states */
   4.159 -#define XML2BIN_VM_S ((1 << XML2BIN_SECTEMPLATE) | \
   4.160 -                      (1 << XML2BIN_SUBJECTS) |    \
   4.161 -                      (1 << XML2BIN_VM))
   4.162 -
   4.163 -#define XML2BIN_RES_S ((1 << XML2BIN_SECTEMPLATE) | \
   4.164 -                       (1 << XML2BIN_OBJECTS) |     \
   4.165 -                       (1 << XML2BIN_RES))
   4.166 +#define XML2BIN_VM_S ((1 << XML2BIN_SECPOL) | \
   4.167 +                 (1 << XML2BIN_LABELTEMPLATE) |	\
   4.168 +                 (1 << XML2BIN_SUBJECTS) | \
   4.169 +                 (1 << XML2BIN_VM))
   4.170  
   4.171 -#define XML2BIN_VM_STE_S ((1 << XML2BIN_SECTEMPLATE) | \
   4.172 -                        (1 << XML2BIN_SUBJECTS) | \
   4.173 -                        (1 << XML2BIN_VM) | \
   4.174 -                        (1 << XML2BIN_STETYPES))
   4.175 +#define XML2BIN_RES_S ((1 << XML2BIN_SECPOL) | \
   4.176 +                 (1 << XML2BIN_LABELTEMPLATE) |	\
   4.177 +                 (1 << XML2BIN_OBJECTS) | \
   4.178 +                 (1 << XML2BIN_RES))
   4.179  
   4.180 -#define XML2BIN_VM_CHWALL_S ((1 << XML2BIN_SECTEMPLATE) | \
   4.181 -                           (1 << XML2BIN_SUBJECTS) | \
   4.182 -                           (1 << XML2BIN_VM) | \
   4.183 -                           (1 << XML2BIN_CHWALLTYPES))
   4.184 +#define XML2BIN_VM_STE_S ((1 << XML2BIN_SECPOL) | \
   4.185 +                 (1 << XML2BIN_LABELTEMPLATE) |	\
   4.186 +                 (1 << XML2BIN_SUBJECTS) | \
   4.187 +                 (1 << XML2BIN_VM) | \
   4.188 +                 (1 << XML2BIN_STETYPES))
   4.189  
   4.190 -#define XML2BIN_RES_STE_S ((1 << XML2BIN_SECTEMPLATE) | \
   4.191 -                         (1 << XML2BIN_OBJECTS) | \
   4.192 -                         (1 << XML2BIN_RES) | \
   4.193 -                         (1 << XML2BIN_STETYPES))
   4.194 +#define XML2BIN_VM_CHWALL_S ((1 << XML2BIN_SECPOL) | \
   4.195 +                 (1 << XML2BIN_LABELTEMPLATE) | \
   4.196 +                 (1 << XML2BIN_SUBJECTS) | \
   4.197 +                 (1 << XML2BIN_VM) | \
   4.198 +                 (1 << XML2BIN_CHWALLTYPES))
   4.199  
   4.200 +#define XML2BIN_RES_STE_S ((1 << XML2BIN_SECPOL) | \
   4.201 +                 (1 << XML2BIN_LABELTEMPLATE) | \
   4.202 +                 (1 << XML2BIN_OBJECTS) | \
   4.203 +                 (1 << XML2BIN_RES) | \
   4.204 +                 (1 << XML2BIN_STETYPES))
   4.205  
   4.206  
   4.207  /* check versions of headers against which the
   4.208 @@ -130,7 +147,7 @@ char *token[20] =                       
   4.209   */
   4.210  
   4.211  /* protects from unnoticed changes in struct acm_policy_buffer */
   4.212 -#define WRITTEN_AGAINST_ACM_POLICY_VERSION  1
   4.213 +#define WRITTEN_AGAINST_ACM_POLICY_VERSION  2
   4.214  
   4.215  /* protects from unnoticed changes in struct acm_chwall_policy_buffer */
   4.216  #define WRITTEN_AGAINST_ACM_CHWALL_VERSION  1