Adding a flag to activate/deactivate process sandboxing
authorrtrimana <rtrimana@uci.edu>
Mon, 1 May 2017 15:51:01 +0000 (08:51 -0700)
committerrtrimana <rtrimana@uci.edu>
Mon, 1 May 2017 15:51:01 +0000 (08:51 -0700)
iotjava/iotruntime/master/IoTMaster.java
localconfig/iotruntime/IoTMaster.config

index bd69b0a..f3bae94 100644 (file)
@@ -102,6 +102,7 @@ public final class IoTMaster {
        private static String STR_LANGUAGE_CONTROLLER;
        private static String STR_SKEL_CLASS_SUFFIX;
        private static String STR_STUB_CLASS_SUFFIX;
+       private static String STR_ACTIVATE_SANDBOXING;
        private static boolean BOOL_VERBOSE;
 
        /**
@@ -198,6 +199,7 @@ public final class IoTMaster {
                STR_JVM_INIT_HEAP_SIZE = null;
                STR_JVM_MAX_HEAP_SIZE = null;
                STR_LANGUAGE_CONTROLLER = null;
+               STR_ACTIVATE_SANDBOXING = null;
                BOOL_VERBOSE = false;
        }
 
@@ -277,6 +279,7 @@ public final class IoTMaster {
                STR_JVM_MAX_HEAP_SIZE = prop.getProperty("JVM_MAX_HEAP_SIZE");
                STR_SKEL_CLASS_SUFFIX = prop.getProperty("SKEL_CLASS_SUFFIX");
                STR_STUB_CLASS_SUFFIX = prop.getProperty("STUB_CLASS_SUFFIX");
+               STR_ACTIVATE_SANDBOXING = prop.getProperty("ACTIVATE_SANDBOXING");
                if(prop.getProperty("VERBOSE").equals(STR_YES)) {
                        BOOL_VERBOSE = true;
                }
@@ -301,6 +304,7 @@ public final class IoTMaster {
                RuntimeOutput.print("STR_JVM_MAX_HEAP_SIZE=" + STR_JVM_MAX_HEAP_SIZE, BOOL_VERBOSE);
                RuntimeOutput.print("STR_SKEL_CLASS_SUFFIX=" + STR_SKEL_CLASS_SUFFIX, BOOL_VERBOSE);
                RuntimeOutput.print("STR_STUB_CLASS_SUFFIX=" + STR_STUB_CLASS_SUFFIX, BOOL_VERBOSE);
+               RuntimeOutput.print("STR_ACTIVATE_SANDBOXING=" + STR_ACTIVATE_SANDBOXING, BOOL_VERBOSE);
                RuntimeOutput.print("BOOL_VERBOSE=" + BOOL_VERBOSE, BOOL_VERBOSE);
                RuntimeOutput.print("IoTMaster: Information extracted successfully!", BOOL_VERBOSE);
        }
@@ -636,11 +640,13 @@ public final class IoTMaster {
                        // Configure MAC policies for objects
                        //String strFileName = STR_MAC_POL_PATH + strObjClassName + STR_MAC_POLICY_EXT;
                        String strFileName = STR_MAC_POL_PATH + STR_JAVA + STR_MAC_POLICY_EXT;
-                       processJailConfig.configureProcessJailDeviceDriverPolicies(strIoTSlaveObjectHostAdd, strObjName, strObjClassName,
-                               strFileName, strIoTMasterHostAdd, commHan.getComPort(strObjName), commHan.getRMIRegPort(strObjName), 
-                               commHan.getRMIStubPort(strObjName));
-                       processJailConfig.configureProcessJailContRMIPolicies(strObjControllerName, strIoTSlaveObjectHostAdd, 
-                               commHan.getRMIRegPort(strObjName), commHan.getRMIStubPort(strObjName));
+                       if (STR_ACTIVATE_SANDBOXING.equals("Yes")) {
+                               processJailConfig.configureProcessJailDeviceDriverPolicies(strIoTSlaveObjectHostAdd, strObjName, strObjClassName,
+                                       strFileName, strIoTMasterHostAdd, commHan.getComPort(strObjName), commHan.getRMIRegPort(strObjName), 
+                                       commHan.getRMIStubPort(strObjName));
+                               processJailConfig.configureProcessJailContRMIPolicies(strObjControllerName, strIoTSlaveObjectHostAdd, 
+                                       commHan.getRMIRegPort(strObjName), commHan.getRMIStubPort(strObjName));
+                       }
                        // Instrument the IoTSet declarations inside the class file
                        instrumentObjectIoTSet(strFieldObjectID, strLanguage);
                }
@@ -732,7 +738,8 @@ public final class IoTMaster {
                                routerConfig.configureRouterHTTPPolicies(STR_ROUTER_ADD, strIoTSlaveObjectHostAdd, strDeviceAddress);
                                routerConfig.configureHostHTTPPolicies(strIoTSlaveObjectHostAdd, strIoTSlaveObjectHostAdd, strDeviceAddress);
                                // Configure MAC policies
-                               processJailConfig.configureProcessJailGWDevicePolicies(strIoTSlaveObjectHostAdd, STR_ROUTER_ADD, INT_DNS_PORT);
+                               if (STR_ACTIVATE_SANDBOXING.equals("Yes"))
+                                       processJailConfig.configureProcessJailGWDevicePolicies(strIoTSlaveObjectHostAdd, STR_ROUTER_ADD, INT_DNS_PORT);
                        } else {
                                // Other port numbers...
                                commHan.addDevicePort(iDestDeviceDriverPort);
@@ -741,8 +748,9 @@ public final class IoTMaster {
                                routerConfig.configureHostMainPolicies(strIoTSlaveObjectHostAdd, strIoTSlaveObjectHostAdd, strDeviceAddress, strProtocol, 
                                        commHan.getComPort(strDeviceAddressKey), iDestDeviceDriverPort);
                                // Configure MAC policies
-                               processJailConfig.configureProcessJailDevicePolicies(strIoTSlaveObjectHostAdd, strProtocol,
-                                       commHan.getComPort(strDeviceAddressKey), strDeviceAddress, iDestDeviceDriverPort);
+                               if (STR_ACTIVATE_SANDBOXING.equals("Yes"))
+                                       processJailConfig.configureProcessJailDevicePolicies(strIoTSlaveObjectHostAdd, strProtocol,
+                                               commHan.getComPort(strDeviceAddressKey), strDeviceAddress, iDestDeviceDriverPort);
                        }
                }
        }
@@ -769,10 +777,12 @@ public final class IoTMaster {
                        // Get device address
                        String strAddress = (String) arrFieldValues[0];
                        // Setting up router policies for HTTP/HTTPs
-                       if (strControllerName != null) {
-                               processJailConfig.configureProcessJailInetAddressPolicies(strControllerName, strAddress);
-                       } else {
-                               processJailConfig.configureProcessJailInetAddressPolicies(strHostAddress, strAddress);
+                       if (STR_ACTIVATE_SANDBOXING.equals("Yes")) {
+                               if (strControllerName != null) {
+                                       processJailConfig.configureProcessJailInetAddressPolicies(strControllerName, strAddress);
+                               } else {
+                                       processJailConfig.configureProcessJailInetAddressPolicies(strHostAddress, strAddress);
+                               }
                        }
                        routerConfig.configureRouterHTTPPolicies(STR_ROUTER_ADD, strHostAddress, strAddress);
                        routerConfig.configureHostHTTPPolicies(strHostAddress, strHostAddress, strAddress);
@@ -2060,9 +2070,11 @@ public final class IoTMaster {
                                }
                                // Write basic MAC policies for controller
                                //String strFileName = STR_MAC_POL_PATH + strObjControllerName + STR_MAC_POLICY_EXT;
-                               String strFileName = STR_MAC_POL_PATH + STR_JAVA + STR_MAC_POLICY_EXT;
-                               processJailConfig.configureProcessJailControllerPolicies(strObjControllerName, strFileName, 
-                                       strIoTMasterHostAdd, commHan.getComPort(strObjControllerName));
+                               if (STR_ACTIVATE_SANDBOXING.equals("Yes")) {
+                                       String strFileName = STR_MAC_POL_PATH + STR_JAVA + STR_MAC_POLICY_EXT;
+                                       processJailConfig.configureProcessJailControllerPolicies(strObjControllerName, strFileName, 
+                                               strIoTMasterHostAdd, commHan.getComPort(strObjControllerName));
+                               }
                                // PROFILING
                                result = System.currentTimeMillis()-start;
                                System.out.println("\n\n ==> From IoTSlave start until main controller object is created: " + result);
@@ -2192,8 +2204,8 @@ public final class IoTMaster {
                                serverSocket.close();
                                commHan.printLists();
                                lbIoT.printHostInfo();
-                               // TODO: Uncomment this - just for experiments!
-                               createMACPolicyThreads(setAddresses);
+                               if (STR_ACTIVATE_SANDBOXING.equals("Yes"))
+                                       createMACPolicyThreads(setAddresses);
                        }
 
                } catch (IOException          |
index b899280..de7069f 100644 (file)
@@ -44,3 +44,6 @@ SKEL_CLASS_SUFFIX=_Skeleton
 # Skeleton suffix, e.g. _Stub for CameraSpecial_Stub.class
 STUB_CLASS_SUFFIX=_Stub
 
+# Sandboxing
+ACTIVATE_SANDBOXING=Yes
+