Projects/TempDataLogger/TempLogHostApp/DataLoggerSettings.Designer.cs


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181

namespace Project1HostApp
{
    partial class frmDataloggerSettings
    {
        /// <summary>
        /// Required designer variable.
        /// </summary>
        private System.ComponentModel.IContainer components = null;

        /// <summary>
        /// Clean up any resources being used.
        /// </summary>
        /// <param name="disposing">true if managed resources should be disposed; otherwise, false.</param>
        protected override void Dispose(bool disposing)
        {
            if (disposing && (components != null))
            {
                components.Dispose();
            }
            base.Dispose(disposing);
        }

        #region Windows Form Designer generated code

        /// <summary>
        /// Required method for Designer support - do not modify
        /// the contents of this method with the code editor.
        /// </summary>
        private void InitializeComponent()
        {
            this.btnSetValues = new System.Windows.Forms.Button();
            this.dtpTime = new System.Windows.Forms.DateTimePicker();
            this.lblTime = new System.Windows.Forms.Label();
            this.lblLoggingInterval = new System.Windows.Forms.Label();
            this.nudLogInterval = new System.Windows.Forms.NumericUpDown();
            this.lblSeconds = new System.Windows.Forms.Label();
            this.btnGetValues = new System.Windows.Forms.Button();
            this.lblDate = new System.Windows.Forms.Label();
            this.dtpDate = new System.Windows.Forms.DateTimePicker();
            ((System.ComponentModel.ISupportInitialize)(this.nudLogInterval)).BeginInit();
            this.SuspendLayout();
            // 
            // btnSetValues
            // 
            this.btnSetValues.Location = new System.Drawing.Point(168, 136);
            this.btnSetValues.Name = "btnSetValues";
            this.btnSetValues.Size = new System.Drawing.Size(90, 35);
            this.btnSetValues.TabIndex = 0;
            this.btnSetValues.Text = "Set Values";
            this.btnSetValues.UseVisualStyleBackColor = true;
            this.btnSetValues.Click += new System.EventHandler(this.btnSetValues_Click);
            // 
            // dtpTime
            // 
            this.dtpTime.CustomFormat = "";
            this.dtpTime.Format = System.Windows.Forms.DateTimePickerFormat.Time;
            this.dtpTime.Location = new System.Drawing.Point(148, 61);
            this.dtpTime.Name = "dtpTime";
            this.dtpTime.ShowUpDown = true;
            this.dtpTime.Size = new System.Drawing.Size(110, 20);
            this.dtpTime.TabIndex = 1;
            // 
            // lblTime
            // 
            this.lblTime.AutoSize = true;
            this.lblTime.Font = new System.Drawing.Font("Microsoft Sans Serif", 8.25F, System.Drawing.FontStyle.Bold, System.Drawing.GraphicsUnit.Point, ((byte)(0)));
            this.lblTime.Location = new System.Drawing.Point(51, 67);
            this.lblTime.Name = "lblTime";
            this.lblTime.Size = new System.Drawing.Size(82, 13);
            this.lblTime.TabIndex = 2;
            this.lblTime.Text = "Device Time:";
            // 
            // lblLoggingInterval
            // 
            this.lblLoggingInterval.AutoSize = true;
            this.lblLoggingInterval.Font = new System.Drawing.Font("Microsoft Sans Serif", 8.25F, System.Drawing.FontStyle.Bold, System.Drawing.GraphicsUnit.Point, ((byte)(0)));
            this.lblLoggingInterval.Location = new System.Drawing.Point(30, 101);
            this.lblLoggingInterval.Name = "lblLoggingInterval";
            this.lblLoggingInterval.Size = new System.Drawing.Size(103, 13);
            this.lblLoggingInterval.TabIndex = 3;
            this.lblLoggingInterval.Text = "Logging Interval:";
            // 
            // nudLogInterval
            // 
            this.nudLogInterval.Location = new System.Drawing.Point(148, 94);
            this.nudLogInterval.Maximum = new decimal(new int[] {
            60,
            0,
            0,
            0});
            this.nudLogInterval.Minimum = new decimal(new int[] {
            1,
            0,
            0,
            0});
            this.nudLogInterval.Name = "nudLogInterval";
            this.nudLogInterval.Size = new System.Drawing.Size(51, 20);
            this.nudLogInterval.TabIndex = 5;
            this.nudLogInterval.Value = new decimal(new int[] {
            5,
            0,
            0,
            0});
            // 
            // lblSeconds
            // 
            this.lblSeconds.AutoSize = true;
            this.lblSeconds.Location = new System.Drawing.Point(209, 101);
            this.lblSeconds.Name = "lblSeconds";
            this.lblSeconds.Size = new System.Drawing.Size(49, 13);
            this.lblSeconds.TabIndex = 6;
            this.lblSeconds.Text = "Seconds";
            // 
            // btnGetValues
            // 
            this.btnGetValues.Location = new System.Drawing.Point(30, 136);
            this.btnGetValues.Name = "btnGetValues";
            this.btnGetValues.Size = new System.Drawing.Size(90, 35);
            this.btnGetValues.TabIndex = 7;
            this.btnGetValues.Text = "Get Values";
            this.btnGetValues.UseVisualStyleBackColor = true;
            this.btnGetValues.Click += new System.EventHandler(this.btnGetValues_Click);
            // 
            // lblDate
            // 
            this.lblDate.AutoSize = true;
            this.lblDate.Font = new System.Drawing.Font("Microsoft Sans Serif", 8.25F, System.Drawing.FontStyle.Bold, System.Drawing.GraphicsUnit.Point, ((byte)(0)));
            this.lblDate.Location = new System.Drawing.Point(51, 33);
            this.lblDate.Name = "lblDate";
            this.lblDate.Size = new System.Drawing.Size(82, 13);
            this.lblDate.TabIndex = 8;
            this.lblDate.Text = "Device Date:";
            // 
            // dtpDate
            // 
            this.dtpDate.CustomFormat = "dd/MM/yyyy";
            this.dtpDate.Format = System.Windows.Forms.DateTimePickerFormat.Custom;
            this.dtpDate.Location = new System.Drawing.Point(148, 27);
            this.dtpDate.Name = "dtpDate";
            this.dtpDate.Size = new System.Drawing.Size(110, 20);
            this.dtpDate.TabIndex = 9;
            // 
            // frmDataloggerSettings
            // 
            this.AutoScaleDimensions = new System.Drawing.SizeF(6F, 13F);
            this.AutoScaleMode = System.Windows.Forms.AutoScaleMode.Font;
            this.ClientSize = new System.Drawing.Size(300, 197);
            this.Controls.Add(this.dtpDate);
            this.Controls.Add(this.lblDate);
            this.Controls.Add(this.btnGetValues);
            this.Controls.Add(this.lblSeconds);
            this.Controls.Add(this.nudLogInterval);
            this.Controls.Add(this.lblLoggingInterval);
            this.Controls.Add(this.lblTime);
            this.Controls.Add(this.dtpTime);
            this.Controls.Add(this.btnSetValues);
            this.MaximizeBox = false;
            this.MinimizeBox = false;
            this.Name = "frmDataloggerSettings";
            this.Text = "Datalogger";
            this.Load += new System.EventHandler(this.frmDataloggerSettings_Load);
            ((System.ComponentModel.ISupportInitialize)(this.nudLogInterval)).EndInit();
            this.ResumeLayout(false);
            this.PerformLayout();

        }

        #endregion

        private System.Windows.Forms.Button btnSetValues;
        private System.Windows.Forms.DateTimePicker dtpTime;
        private System.Windows.Forms.Label lblTime;
        private System.Windows.Forms.Label lblLoggingInterval;
        private System.Windows.Forms.NumericUpDown nudLogInterval;
        private System.Windows.Forms.Label lblSeconds;
        private System.Windows.Forms.Button btnGetValues;
        private System.Windows.Forms.Label lblDate;
        private System.Windows.Forms.DateTimePicker dtpDate;
    }
}
/****************************************************************
 * secpol_xml2bin.c
 *
 * Copyright (C) 2005 IBM Corporation
 *
 * Author: Reiner Sailer <sailer@us.ibm.com>
 *
 * Maintained:
 * Reiner Sailer <sailer@us.ibm.com>
 * Ray Valdez <rvaldez@us.ibm.com>
 *
 * This program is free software; you can redistribute it and/or
 * modify it under the terms of the GNU General Public License as
 * published by the Free Software Foundation, version 2 of the
 * License.
 *
 * sHype policy translation tool. This tool takes an XML
 * policy specification as input and produces a binary
 * policy file that can be loaded into Xen through the
 * ACM operations (xensec_tool loadpolicy) interface or at
 * boot time (grub module parameter)
 *
 * indent -i4 -kr -nut
 */

#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <errno.h>
#include <libgen.h>
#include <fcntl.h>
#include <unistd.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <sys/queue.h>
#include <netinet/in.h>
#include <libxml/xmlschemas.h>
#include <libxml/parser.h>
#include <libxml/tree.h>
#include <libxml/xmlreader.h>
#include <stdint.h>
#include <xen/xsm/acm.h>

#include "secpol_xml2bin.h"

#define DEBUG    0

#define NULL_LABEL_NAME "__NULL_LABEL__"

#define ROUND8(x)   ((x + 7) & ~7)

/* primary / secondary policy component setting */
enum policycomponent { CHWALL, STE, NULLPOLICY }
    primary = NULLPOLICY, secondary = NULLPOLICY;

/* general list element for ste and chwall type queues */
struct type_entry {
    TAILQ_ENTRY(type_entry) entries;
    char *name;                 /* name of type from xml file */
    type_t mapping;             /* type mapping into 16bit */
};

TAILQ_HEAD(tailhead, type_entry) ste_head, chwall_head;

/* general list element for all label queues */
enum label_type { VM, RES, ANY };
struct ssid_entry {
    TAILQ_ENTRY(ssid_entry) entries;
    char *name;                 /* label name */
    enum label_type type;       /* type: VM / RESOURCE LABEL */
    u_int32_t num;              /* ssid or referenced ssid */
    int is_ref;                 /* if this entry references earlier ssid number */
    unsigned char *row;         /* index of types (if not a reference) */
};

TAILQ_HEAD(tailhead_ssid, ssid_entry) ste_ssid_head, chwall_ssid_head,
    conflictsets_head;
struct ssid_entry *current_chwall_ssid_p = NULL;
struct ssid_entry *current_ste_ssid_p = NULL;
struct ssid_entry *current_conflictset_p = NULL;

/* which label to assign to dom0 during boot */
char *bootstrap_label;

u_int32_t max_ste_ssids = 0;
u_int32_t max_chwall_ssids = 0;
u_int32_t max_chwall_labels = 0;
u_int32_t max_ste_labels = 0;
u_int32_t max_conflictsets = 0;

char *current_ssid_name;        /* store name until structure is allocated */
char *current_conflictset_name; /* store name until structure is allocated */

/* dynamic list of type mappings for STE */
u_int32_t max_ste_types = 0;

/* dynamic list of type mappings for CHWALL */
u_int32_t max_chwall_types = 0;

/* dynamic list of conflict sets */
int max_conflict_set = 0;

/* which policies are defined */
int have_ste = 0;
int have_chwall = 0;

/* input/output file names */
char *policy_filename = NULL,
    *binary_filename = NULL,
    *mapping_filename = NULL, *schema_filename = NULL;

char *policy_reference_name = NULL;

char *policy_version_string = NULL;

void walk_labels(xmlNode * start, xmlDocPtr doc, unsigned long state);

void usage(char *prg)
{
    printf(
    "Usage: %s [OPTIONS] POLICYNAME\n"
    "POLICYNAME is the directory name within the policy directory\n"
    "that contains the policy files.  The default policy directory\n"
    "is '%s' (see the '-d' option below to change it)\n"
    "The policy files contained in the POLICYNAME directory must be named:\n"
    "\tPOLICYNAME-security_policy.xml\n"
    "\tPOLICYNAME-security_label_template.xml\n\n"
    "OPTIONS:\n"
    "\t-d POLICYDIR\n"
    "\t\tUse POLICYDIR as the policy directory. This directory must \n"
    "\t\tcontain the policy schema file 'security_policy.xsd'\n",
    prg, POLICY_DIR);
    exit(EXIT_FAILURE);
}


/***************** policy-related parsing *********************/

char *type_by_mapping(struct tailhead *head, u_int32_t mapping)
{
    struct type_entry *np;
    for (np = head->tqh_first; np != NULL; np = np->entries.tqe_next)
        if (np->mapping == mapping)
            return np->name;
    return NULL;
}


struct type_entry *lookup(struct tailhead *head, char *name)
{
    struct type_entry *np;
    for (np = head->tqh_first; np != NULL; np = np->entries.tqe_next)
        if (!(strcmp(np->name, name)))
            return np;
    return NULL;
}

/* enforces single-entry lists */
int add_entry(struct tailhead *head, char *name, type_t mapping)
{
    struct type_entry *e;
    if (lookup(head, name)) {
        printf("Error: Type >%s< defined more than once.\n", name);
        return -EFAULT;         /* already in the list */
    }
    if (!(e = malloc(sizeof(struct type_entry))))
        return -ENOMEM;

    e->name = name;
    e->mapping = mapping;
    TAILQ_INSERT_TAIL(head, e, entries);
    return 0;
}

int totoken(char *tok)
{
    int i;
    for (i = 0; token[i] != NULL; i++)
        if (!strcmp(token[i], tok))
            return i;
    return -EFAULT;
}

/* conflictsets use the same data structure as ssids; since
 * they are similar in structure (set of types)
 */
int init_next_conflictset(void)
{
    struct ssid_entry *conflictset = malloc(sizeof(struct ssid_entry));

    if (!conflictset)
        return -ENOMEM;

    conflictset->name = current_conflictset_name;
    conflictset->num = max_conflictsets++;
    conflictset->is_ref = 0;    /* n/a for conflictsets */
        /**
         *  row: allocate one byte per type;
         *  [i] != 0 --> mapped type >i< is part of the conflictset
         */
    conflictset->row = malloc(max_chwall_types);
    if (!conflictset->row)
        return -ENOMEM;

    memset(conflictset->row, 0, max_chwall_types);
    TAILQ_INSERT_TAIL(&conflictsets_head, conflictset, entries);
    current_conflictset_p = conflictset;
    return 0;
}

int register_type(xmlNode * cur_node, xmlDocPtr doc, unsigned long state)
{
    xmlChar *text;
    struct type_entry *e;


    text = xmlNodeListGetString(doc, cur_node->xmlChildrenNode, 1);
    if (!text) {
        printf("Error reading type name!\n");
        return -EFAULT;
    }

    switch (state) {
    case XML2BIN_stetype_S:
        if (add_entry(&ste_head, (char *) text, max_ste_types)) {
            xmlFree(text);
            return -EFAULT;
        }
        max_ste_types++;
        break;

    case XML2BIN_chwalltype_S:
        if (add_entry(&chwall_head, (char *) text, max_chwall_types)) {
            xmlFree(text);
            return -EFAULT;
        }
        max_chwall_types++;
        break;

    case XML2BIN_conflictsettype_S:
        /* a) search the type in the chwall_type list */
        e = lookup(&chwall_head, (char *) text);
        if (e == NULL) {
            printf("CS type >%s< not a CHWALL type.\n", text);
            xmlFree(text);
            return -EFAULT;
        }
        /* b) add type entry to the current cs set */
        if (current_conflictset_p->row[e->mapping]) {
            printf
                ("ERROR: Double entry of type >%s< in conflict set %d.\n",
                 text, current_conflictset_p->num);
            xmlFree(text);
            return -EFAULT;
        }
        current_conflictset_p->row[e->mapping] = 1;
        break;

    default:
        printf("Incorrect type environment (state = %lx, text = %s).\n",
               state, text);
        xmlFree(text);
        return -EFAULT;
    }
    return 0;
}

void set_component_type(xmlNode * cur_node, enum policycomponent pc)
{
    xmlChar *order;

    if ((order =
         xmlGetProp(cur_node, (xmlChar *) PRIMARY_COMPONENT_ATTR_NAME))) {
        if (strcmp((char *) order, PRIMARY_COMPONENT)) {
            printf("ERROR: Illegal attribut value >order=%s<.\n",
                   (char *) order);
            xmlFree(order);
            exit(EXIT_FAILURE);
        }
        if (primary != NULLPOLICY) {
            printf("ERROR: Primary Policy Component set twice!\n");
            exit(EXIT_FAILURE);
        }
        primary = pc;
        xmlFree(order);
    }
}

void walk_policy(xmlNode * start, xmlDocPtr doc, unsigned long state)
{
    xmlNode *cur_node = NULL;
    int code;

    for (cur_node = start; cur_node; cur_node = cur_node->next) {
        if ((code = totoken((char *) cur_node->name)) < 0) {
            printf("Unknown token: >%s<. Aborting.\n", cur_node->name);
            exit(EXIT_FAILURE);
        }
        switch (code) {         /* adjust state to new state */
        case XML2BIN_SECPOL:
        case XML2BIN_STETYPES:
        case XML2BIN_CHWALLTYPES:
        case XML2BIN_CONFLICTSETS:
        case XML2BIN_POLICYHEADER:
        case XML2BIN_FROMPOLICY:
            walk_policy(cur_node->children, doc, state | (1 << code));
            break;

        case XML2BIN_POLICYNAME:       /* get policy reference name .... */
            if (state != XML2BIN_PN_S &&
                state != XML2BIN_PN_frompolicy_S) {
                printf("ERROR: >Url< >%s< out of context.\n",
                       (char *) xmlNodeListGetString(doc,
                                                     cur_node->
                                                     xmlChildrenNode, 1));
                exit(EXIT_FAILURE);
            }
            if (state == XML2BIN_PN_S) {
                policy_reference_name = (char *)
                    xmlNodeListGetString(doc, cur_node->xmlChildrenNode, 1);
                if (!policy_reference_name) {
                    printf("ERROR: empty >policy reference name (Url)<!\n");
                    exit(EXIT_FAILURE);
                } else
                    printf("Policy Reference name (Url): %s\n",
                           policy_reference_name);
            }
            break;

        case XML2BIN_VERSION:         /* get policy version number .... */
            if (state != XML2BIN_PN_S &&
                state != XML2BIN_PN_frompolicy_S) {
                printf("ERROR: >Url< >%s< out of context.\n",
                       (char *) xmlNodeListGetString(doc,
                                                     cur_node->
                                                     xmlChildrenNode, 1));
                exit(EXIT_FAILURE);
            }
            if (state == XML2BIN_PN_S) {
                policy_version_string = (char *)
                    xmlNodeListGetString(doc, cur_node->xmlChildrenNode, 1);
                if (!policy_version_string) {
                    printf("ERROR: empty >policy version string <!\n");
                    exit(EXIT_FAILURE);
                } else
                    printf("Policy version string: %s\n",
                           policy_version_string);
            }
            break;

        case XML2BIN_STE:
            if (WRITTEN_AGAINST_ACM_STE_VERSION != ACM_STE_VERSION) {
                printf
                    ("ERROR: This program was written against another STE version.\n");
                exit(EXIT_FAILURE);
            }
            have_ste = 1;
            set_component_type(cur_node, STE);
            walk_policy(cur_node->children, doc, state | (1 << code));
            break;

        case XML2BIN_CHWALL:
            if (WRITTEN_AGAINST_ACM_CHWALL_VERSION != ACM_CHWALL_VERSION) {
                printf
                    ("ERROR: This program was written against another CHWALL version.\n");
                exit(EXIT_FAILURE);
            }
            have_chwall = 1;
            set_component_type(cur_node, CHWALL);
            walk_policy(cur_node->children, doc, state | (1 << code));
            break;

        case XML2BIN_CSTYPE:
            current_conflictset_name =
                (char *) xmlGetProp(cur_node, (xmlChar *) "name");
            if (!current_conflictset_name)
                current_conflictset_name = "";

            if (init_next_conflictset()) {
                printf
                    ("ERROR: creating new conflictset structure failed.\n");
                exit(EXIT_FAILURE);
            }
            walk_policy(cur_node->children, doc, state | (1 << code));
            break;

        case XML2BIN_TYPE:
            if (register_type(cur_node, doc, state))
                exit(EXIT_FAILURE);
            /* type leaf */
            break;

        case XML2BIN_LABELTEMPLATE:    /* handle in second pass */
        case XML2BIN_TEXT:
        case XML2BIN_COMMENT:
        case XML2BIN_DATE:
        case XML2BIN_REFERENCE:
        case XML2BIN_NSURL:    /* for future use: where to find global label / type name mappings */
        case XML2BIN_URL:      /* for future use: where to find policy */
            /* leaf - nothing to do */
            break;

        default:
            printf("Unkonwn token Error (%d) in Policy\n", code);
            exit(EXIT_FAILURE);
        }

    }
    return;
}

void init_type_mapping(void)
{
    printf("Creating ssid mappings ...\n");

    /* initialize the ste and chwall type lists */
    TAILQ_INIT(&ste_head);
    TAILQ_INIT(&chwall_head);
    TAILQ_INIT(&conflictsets_head);
}

void post_type_mapping(void)
{
    struct type_entry *te;
    struct ssid_entry *se;
    int i;

    /* determine primary/secondary policy component orders */
    if ((primary == NULLPOLICY) && have_chwall)
        primary = CHWALL;       /* default if not set */
    else if ((primary == NULLPOLICY) && have_ste)
        primary = STE;

    switch (primary) {

    case CHWALL:
        if (have_ste)
            secondary = STE;
        /* else default = NULLPOLICY */
        break;

    case STE:
        if (have_chwall)
            secondary = CHWALL;
        /* else default = NULLPOLICY */
        break;

    default:
        /* NULL/NULL policy */
        break;
    }

    if (!DEBUG)
        return;

    /* print queues */
    if (have_ste) {
        printf("STE-Type queue (%s):\n",
               (primary == STE) ? "PRIMARY" : "SECONDARY");
        for (te = ste_head.tqh_first; te != NULL;
             te = te->entries.tqe_next)
            printf("name=%22s, map=%x\n", te->name, te->mapping);
    }
    if (have_chwall) {
        printf("CHWALL-Type queue (%s):\n",
               (primary == CHWALL) ? "PRIMARY" : "SECONDARY");
        for (te = chwall_head.tqh_first; te != NULL;
             te = te->entries.tqe_next)
            printf("name=%s, map=%x\n", te->name, te->mapping);

        printf("Conflictset queue (max=%d):\n", max_conflictsets);
        for (se = conflictsets_head.tqh_first; se != NULL;
             se = se->entries.tqe_next) {
            printf("conflictset name >%s<\n",
                   se->name ? se->name : "NONAME");
            for (i = 0; i < max_chwall_types; i++)
                if (se->row[i])
                    printf("#%x ", i);
            printf("\n");
        }
    }
}


/***************** template-related parsing *********************/

/* add default ssid at head of ssid queues */
int init_ssid_queues(void)
{
    struct ssid_entry *default_ssid_chwall, *default_ssid_ste;

    default_ssid_chwall = malloc(sizeof(struct ssid_entry));
    default_ssid_ste = malloc(sizeof(struct ssid_entry));

    if ((!default_ssid_chwall) || (!default_ssid_ste))
        return -ENOMEM;

    /* default chwall ssid */
    default_ssid_chwall->name = NULL_LABEL_NAME;
    default_ssid_chwall->num = max_chwall_ssids++;
    default_ssid_chwall->is_ref = 0;
    default_ssid_chwall->type = ANY;

    default_ssid_chwall->row = malloc(max_chwall_types);

    if (!default_ssid_chwall->row)
        return -ENOMEM;

    memset(default_ssid_chwall->row, 0, max_chwall_types);

    TAILQ_INSERT_TAIL(&chwall_ssid_head, default_ssid_chwall, entries);
    current_chwall_ssid_p = default_ssid_chwall;
    max_chwall_labels++;

    /* default ste ssid */
    default_ssid_ste->name = NULL_LABEL_NAME;
    default_ssid_ste->num = max_ste_ssids++;
    default_ssid_ste->is_ref = 0;
    default_ssid_ste->type = ANY;

    default_ssid_ste->row = malloc(max_ste_types);

    if (!default_ssid_ste->row)
        return -ENOMEM;

    memset(default_ssid_ste->row, 0, max_ste_types);

    TAILQ_INSERT_TAIL(&ste_ssid_head, default_ssid_ste, entries);
    current_ste_ssid_p = default_ssid_ste;
    max_ste_labels++;
    return 0;
}

int init_next_chwall_ssid(unsigned long state)
{
    struct ssid_entry *ssid = malloc(sizeof(struct ssid_entry));

    if (!ssid)
        return -ENOMEM;

    ssid->name = current_ssid_name;
    ssid->num = max_chwall_ssids++;
    ssid->is_ref = 0;

    if (state & (1 << XML2BIN_VM))
        ssid->type = VM;
    else
        ssid->type = RES;
        /**
         *  row: allocate one byte per type;
         *  [i] != 0 --> mapped type >i< is part of the ssid
         */
    ssid->row = malloc(max_chwall_types);
    if (!ssid->row)
        return -ENOMEM;

    memset(ssid->row, 0, max_chwall_types);
    TAILQ_INSERT_TAIL(&chwall_ssid_head, ssid, entries);
    current_chwall_ssid_p = ssid;
    max_chwall_labels++;
    return 0;
}

int init_next_ste_ssid(unsigned long state)
{
    struct ssid_entry *ssid = malloc(sizeof(struct ssid_entry));

    if (!ssid)
        return -ENOMEM;

    ssid->name = current_ssid_name;
    ssid->num = max_ste_ssids++;
    ssid->is_ref = 0;

    if (state & (1 << XML2BIN_VM))
        ssid->type = VM;
    else
        ssid->type = RES;

        /**
         *  row: allocate one byte per type;
         *  [i] != 0 --> mapped type >i< is part of the ssid
         */
    ssid->row = malloc(max_ste_types);
    if (!ssid->row)
        return -ENOMEM;

    memset(ssid->row, 0, max_ste_types);
    TAILQ_INSERT_TAIL(&ste_ssid_head, ssid, entries);
    current_ste_ssid_p = ssid;
    max_ste_labels++;

    return 0;
}


/* adds a type to the current ssid */
int add_type(xmlNode * cur_node, xmlDocPtr doc, unsigned long state)
{
    xmlChar *text;
    struct type_entry *e;

    text = xmlNodeListGetString(doc, cur_node->xmlChildrenNode, 1);
    if (!text) {
        printf("Error reading type name!\n");
        return -EFAULT;
    }
    /* same for all: 1. lookup type mapping, 2. mark type in ssid */
    switch (state) {
    case XML2BIN_VM_STE_S:
    case XML2BIN_RES_STE_S:
        /* lookup the type mapping and include the type mapping into the array */
        if (!(e = lookup(&ste_head, (char *) text))) {
            printf("ERROR: unknown VM STE type >%s<.\n", text);
            exit(EXIT_FAILURE);
        }
        if (current_ste_ssid_p->row[e->mapping])
            printf("Warning: double entry of VM STE type >%s<.\n", text);

        current_ste_ssid_p->row[e->mapping] = 1;
        break;

    case XML2BIN_VM_CHWALL_S:
        /* lookup the type mapping and include the type mapping into the array */
        if (!(e = lookup(&chwall_head, (char *) text))) {
            printf("ERROR: unknown VM CHWALL type >%s<.\n", text);
            exit(EXIT_FAILURE);
        }
        if (current_chwall_ssid_p->row[e->mapping])
            printf("Warning: double entry of VM CHWALL type >%s<.\n",
                   text);

        current_chwall_ssid_p->row[e->mapping] = 1;
        break;

    default:
        printf("Incorrect type environment (state = %lx, text = %s).\n",
               state, text);
        xmlFree(text);
        return -EFAULT;
    }
    return 0;
}

void set_bootstrap_label(xmlNode * cur_node)
{
    xmlChar *order;

    if ((order =
         xmlGetProp(cur_node, (xmlChar *) BOOTSTRAP_LABEL_ATTR_NAME)))
        bootstrap_label = (char *) order;
    else {
        printf("ERROR: No bootstrap label defined!\n");
        exit(EXIT_FAILURE);
    }
}

void walk_labels(xmlNode * start, xmlDocPtr doc, unsigned long state)
{
    xmlNode *cur_node = NULL;
    int code;

    for (cur_node = start; cur_node; cur_node = cur_node->next) {
        if ((code = totoken((char *) cur_node->name)) < 0) {
            printf("Unkonwn token: >%s<. Aborting.\n", cur_node->name);
            exit(EXIT_FAILURE);
        }
        switch (code) {         /* adjust state to new state */
        case XML2BIN_SUBJECTS:
            set_bootstrap_label(cur_node);
            /* fall through */
        case XML2BIN_SECPOL:
        case XML2BIN_LABELTEMPLATE:
        case XML2BIN_VM:
        case XML2BIN_RES:
        case XML2BIN_OBJECTS:
            walk_labels(cur_node->children, doc, state | (1 << code));
            break;

        case XML2BIN_STETYPES:
            /* create new ssid entry to use and point current to it */
            if (init_next_ste_ssid(state)) {
                printf("ERROR: creating new ste ssid structure failed.\n");
                exit(EXIT_FAILURE);
            }
            walk_labels(cur_node->children, doc, state | (1 << code));
            break;

        case XML2BIN_CHWALLTYPES:
            /* create new ssid entry to use and point current to it */
            if (init_next_chwall_ssid(state)) {
                printf
                    ("ERROR: creating new chwall ssid structure failed.\n");
                exit(EXIT_FAILURE);
            }
            walk_labels(cur_node->children, doc, state | (1 << code));
            break;

        case XML2BIN_TYPE:
            /* add type to current ssid */
            if (add_type(cur_node, doc, state))
                exit(EXIT_FAILURE);
            break;

        case XML2BIN_NAME:
            if ((state == XML2BIN_VM_S) || (state == XML2BIN_RES_S)) {
                current_ssid_name = (char *)
                    xmlNodeListGetString(doc, cur_node->xmlChildrenNode,
                                         1);
                if (!current_ssid_name) {
                    printf("ERROR: empty >vm/res name<!\n");
                    exit(EXIT_FAILURE);
                }
            } else {
                printf
                    ("ERROR: >name< >%s< out of context (state = 0x%lx.\n",
                     (char *) xmlNodeListGetString(doc,
                                                   cur_node->
                                                   xmlChildrenNode, 1),
                     state);
                exit(EXIT_FAILURE);
            }
            break;

        case XML2BIN_TEXT:
        case XML2BIN_COMMENT:
        case XML2BIN_POLICYHEADER:
        case XML2BIN_STE:
        case XML2BIN_CHWALL:
            break;

        default:
            printf("Unkonwn token Error (%d) in Label Template\n", code);
            exit(EXIT_FAILURE);
        }
    }
    return;
}

/*
 * will go away as soon as we have non-static bootstrap ssidref for dom0
 */
void fixup_bootstrap_label(struct tailhead_ssid *head,
                           u_int32_t max_types, u_int32_t * max_ssids)
{
    struct ssid_entry *np;
    int i;

    /* should not happen if xml / xsd checks work */
    if (!bootstrap_label) {
        printf("ERROR: No bootstrap label defined.\n");
        exit(EXIT_FAILURE);
    }

    /* search bootstrap_label */
    for (np = head->tqh_first; np != NULL; np = np->entries.tqe_next) {
        if (!strcmp(np->name, bootstrap_label)) {
            break;
        }
    }

    if (!np) {
        /* bootstrap label not found */
        printf("ERROR: Bootstrap label >%s< not found.\n",
               bootstrap_label);
        exit(EXIT_FAILURE);
    }

    /* move this entry ahead in the list right after the default entry so it
     * receives ssidref 1/1 */
    TAILQ_REMOVE(head, np, entries);
    TAILQ_INSERT_AFTER(head, head->tqh_first, np, entries);

    /* renumber the ssids (we could also just switch places with 1st element) */
    for (np = head->tqh_first, i = 0; np != NULL;
         np = np->entries.tqe_next, i++)
        np->num = i;

}

void init_label_mapping(void)
{

    printf("Creating label mappings ...\n");
    /* initialize the ste and chwall type lists */
    TAILQ_INIT(&chwall_ssid_head);
    TAILQ_INIT(&ste_ssid_head);

    /* init with default ssids */
    if (init_ssid_queues()) {
        printf("ERROR adding default ssids.\n");
        exit(EXIT_FAILURE);
    }
}

void post_label_mapping(void)
{
    struct ssid_entry *np;
    int i;

    /*
     * now sort bootstrap label to the head of the list
     * (for now), dom0 assumes its label in the first
     * defined ssidref (1/1). 0/0 is the default non-Label
     */
    if (have_chwall)
        fixup_bootstrap_label(&chwall_ssid_head, max_chwall_types,
                              &max_chwall_ssids);
    if (have_ste)
        fixup_bootstrap_label(&ste_ssid_head, max_ste_types,
                              &max_ste_ssids);

    if (!DEBUG)
        return;

    /* print queues */
    if (have_chwall) {
        printf("CHWALL SSID queue (max ssidrefs=%d):\n", max_chwall_ssids);
        np = NULL;
        for (np = chwall_ssid_head.tqh_first; np != NULL;
             np = np->entries.tqe_next) {
            printf("SSID #%02u (Label=%s)\n", np->num, np->name);
            if (np->is_ref)
                printf("REFERENCE");
            else
                for (i = 0; i < max_chwall_types; i++)
                    if (np->row[i])
                        printf("#%02d ", i);