* @version 1.0
* @since 2016-06-16
*/
-public class IoTMaster {
+public final class IoTMaster {
/**
* IoTMaster class properties
private CommunicationHandler commHan;
private LoadBalancer lbIoT;
private RouterConfig routerConfig;
+ private ProcessJailConfig processJailConfig;
private ObjectInitHandler objInitHand;
private ObjectAddressInitHandler objAddInitHand;
private String[] strObjectNames;
private static String STR_LANGUAGE_CONTROLLER;
private static String STR_SKEL_CLASS_SUFFIX;
private static String STR_STUB_CLASS_SUFFIX;
+ private static String STR_ACTIVATE_SANDBOXING;
private static boolean BOOL_VERBOSE;
/**
private static final String STR_CFG_FILE_EXT = ".config";
private static final String STR_CLS_FILE_EXT = ".class";
private static final String STR_JAR_FILE_EXT = ".jar";
+ private static final String STR_MAC_POLICY_EXT = ".tomoyo.pol";
+ private static final String STR_SHELL_FILE_EXT = ".sh";
private static final String STR_SO_FILE_EXT = ".so";
private static final String STR_ZIP_FILE_EXT = ".zip";
private static final String STR_TCP_PROTOCOL = "tcp";
private static final String STR_SSH = "ssh";
private static final String STR_SCP = "scp";
private static final String STR_IOTSLAVE_CPP = "./IoTSlave.o";
+ private static final String STR_SHELL_HEADER = "#!/bin/sh";
+ private static final String STR_JAVA_PATH = "/usr/bin/java";
+ private static final String STR_MAC_POL_PATH = "tomoyo/";
private static int INT_SIZE = 4; // send length in the size of integer (4 bytes)
+ private static final int INT_DNS_PORT = 53;
/**
* Runtime class name constants - not to be configured by users
commHan = null;
lbIoT = null;
routerConfig = null;
+ processJailConfig = null;
objInitHand = null;
objAddInitHand = null;
strObjectNames = argObjNms;
STR_JVM_INIT_HEAP_SIZE = null;
STR_JVM_MAX_HEAP_SIZE = null;
STR_LANGUAGE_CONTROLLER = null;
+ STR_ACTIVATE_SANDBOXING = null;
BOOL_VERBOSE = false;
}
lbIoT.setupLoadBalancer();
routerConfig = new RouterConfig();
routerConfig.getAddressList(STR_ROUTER_ADD);
+ processJailConfig = new ProcessJailConfig();
+ //processJailConfig.setAddressListObject(routerConfig.getAddressListObject());
objInitHand = new ObjectInitHandler(BOOL_VERBOSE);
objAddInitHand = new ObjectAddressInitHandler(BOOL_VERBOSE);
mapClassNameToCrim = new HashMap<String,Object>();
}
+ /**
+ * getPrintWriter() gets a new PrintWriter for a new object
+ *
+ * @param strObjectName String object name
+ * @return PrintWriter
+ */
+ private PrintWriter getPrintWriter(String strObjectName) {
+
+ FileWriter fw = null;
+ try {
+ fw = new FileWriter(strObjectName);
+ } catch (IOException ex) {
+ ex.printStackTrace();
+ }
+ PrintWriter printWriter = new PrintWriter(new BufferedWriter(fw));
+ return printWriter;
+ }
+
/**
* A method to initialize constants from config file
*
STR_JVM_MAX_HEAP_SIZE = prop.getProperty("JVM_MAX_HEAP_SIZE");
STR_SKEL_CLASS_SUFFIX = prop.getProperty("SKEL_CLASS_SUFFIX");
STR_STUB_CLASS_SUFFIX = prop.getProperty("STUB_CLASS_SUFFIX");
+ STR_ACTIVATE_SANDBOXING = prop.getProperty("ACTIVATE_SANDBOXING");
if(prop.getProperty("VERBOSE").equals(STR_YES)) {
BOOL_VERBOSE = true;
}
RuntimeOutput.print("STR_JVM_MAX_HEAP_SIZE=" + STR_JVM_MAX_HEAP_SIZE, BOOL_VERBOSE);
RuntimeOutput.print("STR_SKEL_CLASS_SUFFIX=" + STR_SKEL_CLASS_SUFFIX, BOOL_VERBOSE);
RuntimeOutput.print("STR_STUB_CLASS_SUFFIX=" + STR_STUB_CLASS_SUFFIX, BOOL_VERBOSE);
+ RuntimeOutput.print("STR_ACTIVATE_SANDBOXING=" + STR_ACTIVATE_SANDBOXING, BOOL_VERBOSE);
RuntimeOutput.print("BOOL_VERBOSE=" + BOOL_VERBOSE, BOOL_VERBOSE);
RuntimeOutput.print("IoTMaster: Information extracted successfully!", BOOL_VERBOSE);
}
// Get information from the set
List<Object[]> listObject = objAddInitHand.getFields(strFieldIdentifier);
+ RuntimeOutput.print("IoTMaster: DEBUG: Getting into instrumentIoTSetDevice!", BOOL_VERBOSE);
// Create a new IoTSet
if(strLanguage.equals(STR_JAVA)) {
Message msgCrtIoTSet = new MessageCreateSetRelation(IoTCommCode.CREATE_NEW_IOTSET, strFieldName);
RuntimeOutput.print("IoTMaster: Number of rows for IoTZigbeeAddress: " + iRows, BOOL_VERBOSE);
// TODO: DEBUG!!!
- System.out.println("\n\n DEBUG: InstrumentZigbeeDevice: Object Name: " + strObjName);
+ System.out.println("\n\nDEBUG: InstrumentZigbeeDevice: Object Name: " + strObjName);
System.out.println("DEBUG: InstrumentZigbeeDevice: Port number: " + commHan.getComPort(strZigbeeGWAddressKey));
System.out.println("DEBUG: InstrumentZigbeeDevice: Device address: " + strZigbeeGWAddress + "\n\n");
* A private method to instrument an object on a specific machine and setting up policies
*
* @params strFieldObjectID String field object ID
+ * @params strObjControllerName String object controller name
* @params strLanguage String language
* @return void
*/
- private void instrumentObject(String strFieldObjectID, String strLanguage) throws IOException {
+ private void instrumentObject(String strFieldObjectID, String strObjControllerName, String strLanguage) throws IOException {
// Extract the interface name for RMI
// e.g. ProximitySensorInterface, TempSensorInterface, etc.
strIoTSlaveObjectHostAdd, STR_TCP_PROTOCOL);
routerConfig.configureHostMainPolicies(strIoTSlaveObjectHostAdd, strIoTSlaveControllerHostAdd,
strIoTSlaveObjectHostAdd, STR_TCP_PROTOCOL);
+ // Configure MAC policies for objects
+ //String strFileName = STR_MAC_POL_PATH + strObjClassName + STR_MAC_POLICY_EXT;
+ String strFileName = STR_MAC_POL_PATH + STR_JAVA + STR_MAC_POLICY_EXT;
+ if (STR_ACTIVATE_SANDBOXING.equals("Yes")) {
+ processJailConfig.configureProcessJailDeviceDriverPolicies(strIoTSlaveObjectHostAdd, strObjName, strObjClassName,
+ strFileName, strIoTMasterHostAdd, commHan.getComPort(strObjName), commHan.getRMIRegPort(strObjName),
+ commHan.getRMIStubPort(strObjName));
+ processJailConfig.configureProcessJailContRMIPolicies(strObjControllerName, strIoTSlaveObjectHostAdd,
+ commHan.getRMIRegPort(strObjName), commHan.getRMIStubPort(strObjName));
+ }
// Instrument the IoTSet declarations inside the class file
instrumentObjectIoTSet(strFieldObjectID, strLanguage);
}
routerConfig.configureHostMainPolicies(strIoTSlaveObjectHostAdd, strIoTSlaveObjectHostAdd, strDeviceAddress, STR_TCP_PROTOCOL, iDestDeviceDriverPort);
routerConfig.configureRouterHTTPPolicies(STR_ROUTER_ADD, strIoTSlaveObjectHostAdd, strDeviceAddress);
routerConfig.configureHostHTTPPolicies(strIoTSlaveObjectHostAdd, strIoTSlaveObjectHostAdd, strDeviceAddress);
+ // Configure MAC policies
+ if (STR_ACTIVATE_SANDBOXING.equals("Yes"))
+ processJailConfig.configureProcessJailGWDevicePolicies(strIoTSlaveObjectHostAdd, STR_ROUTER_ADD, INT_DNS_PORT);
} else {
// Other port numbers...
commHan.addDevicePort(iDestDeviceDriverPort);
commHan.getComPort(strDeviceAddressKey), iDestDeviceDriverPort);
routerConfig.configureHostMainPolicies(strIoTSlaveObjectHostAdd, strIoTSlaveObjectHostAdd, strDeviceAddress, strProtocol,
commHan.getComPort(strDeviceAddressKey), iDestDeviceDriverPort);
+ // Configure MAC policies
+ if (STR_ACTIVATE_SANDBOXING.equals("Yes"))
+ processJailConfig.configureProcessJailDevicePolicies(strIoTSlaveObjectHostAdd, strProtocol,
+ commHan.getComPort(strDeviceAddressKey), strDeviceAddress, iDestDeviceDriverPort);
}
}
}
* @return void
*/
private void setRouterPolicyIoTSetAddress(String strFieldIdentifier, Map.Entry<String,Object> map,
- String strHostAddress) {
+ String strHostAddress, String strControllerName) {
// Get information from the set
SetInstrumenter setInstrumenter = (SetInstrumenter) map.getValue();
// Get device address
String strAddress = (String) arrFieldValues[0];
// Setting up router policies for HTTP/HTTPs
+ if (STR_ACTIVATE_SANDBOXING.equals("Yes")) {
+ if (strControllerName != null) {
+ processJailConfig.configureProcessJailInetAddressPolicies(strControllerName, STR_ROUTER_ADD, strAddress);
+ } else {
+ processJailConfig.configureProcessJailInetAddressPolicies(strHostAddress, STR_ROUTER_ADD, strAddress);
+ }
+ }
routerConfig.configureRouterHTTPPolicies(STR_ROUTER_ADD, strHostAddress, strAddress);
routerConfig.configureHostHTTPPolicies(strHostAddress, strHostAddress, strAddress);
}
setRouterPolicyIoTSetDevice(strFieldIdentifier, map, strIoTSlaveObjectHostAdd);
} else if(setInstrumenter.getObjTableName().equals(STR_IOT_ADD_CLS)) {
// Instrument the IoTAddress
- setRouterPolicyIoTSetAddress(strFieldIdentifier, map, strIoTSlaveObjectHostAdd);
+ setRouterPolicyIoTSetAddress(strFieldIdentifier, map, strIoTSlaveObjectHostAdd, null);
} else if(setInstrumenter.getObjTableName().equals(STR_IOT_ZB_ADD_CLS)) {
// Instrument the IoTZigbeeAddress - special feature for Zigbee device support
RuntimeOutput.print("IoTMaster: IoTZigbeeAddress found! No router policy is set here..",
*/
private String getCmdJavaDriverIoTSlave(String strIoTMasterHostAdd, String strIoTSlaveObjectHostAdd, String strObjName) {
- return STR_SSH + " " + STR_USERNAME + strIoTSlaveObjectHostAdd + " cd " + STR_RUNTIME_DIR + " sudo java " +
- STR_CLS_PATH + " " + STR_RMI_PATH + " " + STR_RMI_HOSTNAME +
- strIoTSlaveObjectHostAdd + " " + STR_IOT_SLAVE_CLS + " " + strIoTMasterHostAdd + " " +
+ // Create an Shell executable
+ String strJavaCommand = STR_SHELL_HEADER + "\nexec " + STR_JAVA_PATH + " " + STR_CLS_PATH + " " + STR_RMI_PATH + " " +
+ STR_RMI_HOSTNAME + strIoTSlaveObjectHostAdd + " " + STR_IOT_SLAVE_CLS + " " + strIoTMasterHostAdd + " " +
commHan.getComPort(strObjName) + " " + commHan.getRMIRegPort(strObjName) + " " +
- commHan.getRMIStubPort(strObjName) + " >& " + STR_LOG_FILE_PATH + strObjName + ".log &";
+ commHan.getRMIStubPort(strObjName) + " > " + STR_LOG_FILE_PATH + strObjName + ".log &";
+ String shellFile = "./" + strObjName + STR_SHELL_FILE_EXT;
+ createWrapperShellScript(strJavaCommand, shellFile);
+ // Send the file to the compute node
+ String strCmdSend = "scp " + shellFile + " " + STR_USERNAME + strIoTSlaveObjectHostAdd + ":" + STR_RUNTIME_DIR;
+ runCommand(strCmdSend);
+ System.out.println("IoTMaster: Sending shell file: " + strCmdSend);
+ return STR_SSH + " " + STR_USERNAME + strIoTSlaveObjectHostAdd + " cd " + STR_RUNTIME_DIR + " " + shellFile;
}
}
+ /**
+ * createWrapperShellScript() gets a wrapper shell script
+ *
+ * @param strCommand String command
+ * @param strObjectName String object name
+ * @return PrintWriter
+ */
+ private void createWrapperShellScript(String strCommand, String strFileName) {
+
+ PrintWriter printWriter = getPrintWriter(strFileName);
+ printWriter.println(strCommand);
+ printWriter.close();
+ runCommand("chmod 755 " + strFileName);
+ }
+
+
/**
* A private method to create an object on a specific machine
*
if(setInstrumenter.getObjTableName().equals(STR_IOT_DEV_ADD_CLS)) {
// Instrument the normal IoTDeviceAddress
synchronized(this) {
+ //RuntimeOutput.print("IoTMaster: DEBUG: Processing " + STR_IOT_DEV_ADD_CLS + "!", BOOL_VERBOSE);
instrumentIoTSetDevice(strFieldIdentifier, strObjName, strFieldName, strIoTSlaveObjectHostAdd, inStream, outStream, strLanguageDriver);
}
} else if(setInstrumenter.getObjTableName().equals(STR_IOT_ZB_ADD_CLS)) {
* @params strLanguage String language
* @return void
*/
- private void instrumentIoTSet(Map.Entry<String,Object> map, String strFieldName, String strLanguage)
+ private void instrumentIoTSet(Map.Entry<String,Object> map, String strFieldName, String strObjControllerName, String strLanguage)
throws IOException, ClassNotFoundException, InterruptedException {
// Get information from the set
String strObjID = setInstrumenter.fieldObjectID(iRow);
strObjClassName = setInstrumenter.fieldEntryType(strObjID);
// Call the method to create an object
- instrumentObject(strObjID, strLanguage);
+ instrumentObject(strObjID, strObjControllerName, strLanguage);
objInitHand.addObjectIntoField(strFieldName, strIoTSlaveObjectHostAdd, strObjName,
strObjClassName, strObjClassInterfaceName, strObjStubClsIntfaceName, commHan.getRMIRegPort(strObjName),
commHan.getRMIStubPort(strObjName));
* @params strLanguage String language
* @return void
*/
- private void instrumentIoTRelation(Map.Entry<String,Object> map, String strFieldName, String strLanguage)
+ private void instrumentIoTRelation(Map.Entry<String,Object> map, String strFieldName, String strObjControllerName, String strLanguage)
throws IOException, ClassNotFoundException, InterruptedException {
// Get information from the set
String strObjID = relationInstrumenter.firstFieldObjectID(iRow);
strObjClassName = relationInstrumenter.firstEntryFieldType(strObjID);
// Call the method to create an object
- instrumentObject(strObjID, strLanguage);
+ instrumentObject(strObjID, strObjControllerName, strLanguage);
// Get the first object controller host address
String strFirstIoTSlaveObjectHostAdd = strIoTSlaveObjectHostAdd;
objInitHand.addObjectIntoField(strFieldName, strIoTSlaveObjectHostAdd, strObjName,
strObjID = relationInstrumenter.secondFieldObjectID(iRow);
strObjClassName = relationInstrumenter.secondEntryFieldType(strObjID);
// Call the method to create an object
- instrumentObject(strObjID, strLanguage);
+ instrumentObject(strObjID, strObjControllerName, strLanguage);
// Get the second object controller host address
String strSecondIoTSlaveObjectHostAdd = strIoTSlaveObjectHostAdd;
objInitHand.addSecondObjectIntoField(strFieldName, strIoTSlaveObjectHostAdd, strObjName,
}
}
+ /**
+ * A method to create a thread for policy deployment
+ *
+ * @param setHostAddresses Set of strings for host addresses to configure
+ * @return void
+ */
+ private void createMACPolicyThreads(Set<String> setHostAddresses) throws IOException {
+
+ // Create a list of threads
+ List<Thread> threads = new ArrayList<Thread>();
+ // Start threads for hosts
+ for(String strAddress : setHostAddresses) {
+ Thread policyThread = new Thread(new Runnable() {
+ public void run() {
+ synchronized(this) {
+ processJailConfig.sendMACPolicies(strAddress);
+ }
+ }
+ });
+ threads.add(policyThread);
+ policyThread.start();
+ RuntimeOutput.print("Deploying MAC policies for: " + strAddress, BOOL_VERBOSE);
+ }
+ // Join all threads
+ for (Thread thread : threads) {
+ try {
+ thread.join();
+ } catch (InterruptedException ex) {
+ ex.printStackTrace();
+ }
+ }
+ }
+
/**
* A method to send files to Java IoTSlave
*/
private String getCmdJavaIoTSlave(String strObjControllerName) {
- return STR_SSH + " " + STR_USERNAME + strIoTSlaveControllerHostAdd + " cd " +
- STR_RUNTIME_DIR + " sudo java " + STR_JVM_INIT_HEAP_SIZE + " " +
- STR_JVM_MAX_HEAP_SIZE + " " + STR_CLS_PATH + " " +
- STR_RMI_PATH + " " + STR_IOT_SLAVE_CLS + " " + strIoTMasterHostAdd + " " +
- commHan.getComPort(strObjControllerName) + " " +
- commHan.getRMIRegPort(strObjControllerName) + " " +
- commHan.getRMIStubPort(strObjControllerName) + " >& " +
- STR_LOG_FILE_PATH + strObjControllerName + ".log &";
+ // Create an Shell executable
+ String strJavaCommand = STR_SHELL_HEADER + "\nexec " + STR_JAVA_PATH + " " + STR_JVM_INIT_HEAP_SIZE + " " +
+ STR_JVM_MAX_HEAP_SIZE + " " + STR_CLS_PATH + " " + STR_RMI_PATH + " " + STR_IOT_SLAVE_CLS + " " +
+ strIoTMasterHostAdd + " " + commHan.getComPort(strObjControllerName) + " " +
+ commHan.getRMIRegPort(strObjControllerName) + " " + commHan.getRMIStubPort(strObjControllerName) +
+ " > " + STR_LOG_FILE_PATH + strObjControllerName + ".log &";
+ String shellFile = "./" + strObjControllerName + STR_SHELL_FILE_EXT;
+ createWrapperShellScript(strJavaCommand, shellFile);
+ // Send the file to the compute node
+ String strCmdSend = "scp " + shellFile + " " + STR_USERNAME + strIoTSlaveControllerHostAdd + ":" + STR_RUNTIME_DIR;
+ runCommand(strCmdSend);
+ System.out.println("IoTMaster: Sending main controller shell file: " + strCmdSend);
+ return STR_SSH + " " + STR_USERNAME + strIoTSlaveControllerHostAdd + " cd " + STR_RUNTIME_DIR + " " + shellFile;
}
sendFileToCppSlave(strControllerFilePath, strControllerZipFile);
createMainObjectCpp(strObjControllerName, outStream, inStream);
}
-
+ // Write basic MAC policies for controller
+ //String strFileName = STR_MAC_POL_PATH + strObjControllerName + STR_MAC_POLICY_EXT;
+ if (STR_ACTIVATE_SANDBOXING.equals("Yes")) {
+ String strFileName = STR_MAC_POL_PATH + STR_JAVA + STR_MAC_POLICY_EXT;
+ processJailConfig.configureProcessJailControllerPolicies(strObjControllerName, strFileName,
+ strIoTMasterHostAdd, commHan.getComPort(strObjControllerName));
+ }
// PROFILING
result = System.currentTimeMillis()-start;
System.out.println("\n\n ==> From IoTSlave start until main controller object is created: " + result);
throw new Error(strErrMsg);
} else if(setInstrumenter.getObjTableName().equals(STR_IOT_ADD_CLS)) {
// Instrument the IoTAddress
- setRouterPolicyIoTSetAddress(strFieldName, map, strIoTSlaveControllerHostAdd);
+ setRouterPolicyIoTSetAddress(strFieldName, map, strIoTSlaveControllerHostAdd, strObjControllerName);
instrumentIoTSetAddress(strFieldName, strFieldName, inStream, outStream, STR_LANGUAGE_CONTROLLER);
} else {
// Any other cases
- instrumentIoTSet(map, strFieldName, STR_LANGUAGE_CONTROLLER);
+ instrumentIoTSet(map, strFieldName, strObjControllerName, STR_LANGUAGE_CONTROLLER);
}
} else if (strClassName.equals(STR_REL_INSTRUMENTER_CLS)) {
- instrumentIoTRelation(map, strFieldName, STR_LANGUAGE_CONTROLLER);
+ instrumentIoTRelation(map, strFieldName, strObjControllerName, STR_LANGUAGE_CONTROLLER);
}
}
+ // Combine controller MAC policies with the main policy file for the host
+ String strTempFileName = "./" + strObjControllerName + STR_MAC_POLICY_EXT;
+ processJailConfig.combineControllerMACPolicies(strIoTSlaveControllerHostAdd, strObjControllerName, strTempFileName);
+ processJailConfig.close();
+
// PROFILING
result = System.currentTimeMillis()-start;
System.out.println("\n\n ==> Time needed to instrument device driver objects: " + result + "\n\n");
serverSocket.close();
commHan.printLists();
lbIoT.printHostInfo();
+ if (STR_ACTIVATE_SANDBOXING.equals("Yes"))
+ createMACPolicyThreads(setAddresses);
}
} catch (IOException |