sys/arch/xen/include/xen3-public/xsm/acm_ops.h

   1 /*
   2  * acm_ops.h: Xen access control module hypervisor commands
   3  *
   4  * Permission is hereby granted, free of charge, to any person obtaining a copy
   5  * of this software and associated documentation files (the "Software"), to
   6  * deal in the Software without restriction, including without limitation the
   7  * rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
   8  * sell copies of the Software, and to permit persons to whom the Software is
   9  * furnished to do so, subject to the following conditions:
  10  *
  11  * The above copyright notice and this permission notice shall be included in
  12  * all copies or substantial portions of the Software.
  13  *
  14  * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
  15  * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
  16  * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
  17  * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
  18  * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
  19  * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
  20  * DEALINGS IN THE SOFTWARE.
  21  *
  22  * Reiner Sailer <sailer@watson.ibm.com>
  23  * Copyright (c) 2005,2006 International Business Machines Corporation.
  24  */
  25
  26 #ifndef __XEN_PUBLIC_ACM_OPS_H__
  27 #define __XEN_PUBLIC_ACM_OPS_H__
  28
  29 #include "../xen.h"
  30 #include "acm.h"
  31
  32 /*
  33  * Make sure you increment the interface version whenever you modify this file!
  34  * This makes sure that old versions of acm tools will stop working in a
  35  * well-defined way (rather than crashing the machine, for instance).
  36  */
  37 #define ACM_INTERFACE_VERSION   0xAAAA000A
  38
  39 /************************************************************************/
  40
  41 /*
  42  * Prototype for this hypercall is:
  43  *  int acm_op(int cmd, void *args)
  44  * @cmd  == ACMOP_??? (access control module operation).
  45  * @args == Operation-specific extra arguments (NULL if none).
  46  */
  47
  48
  49 #define ACMOP_setpolicy         1
  50 struct acm_setpolicy {
  51     /* IN */
  52     XEN_GUEST_HANDLE_64(void) pushcache;
  53     uint32_t pushcache_size;
  54 };
  55
  56
  57 #define ACMOP_getpolicy         2
  58 struct acm_getpolicy {
  59     /* IN */
  60     XEN_GUEST_HANDLE_64(void) pullcache;
  61     uint32_t pullcache_size;
  62 };
  63
  64
  65 #define ACMOP_dumpstats         3
  66 struct acm_dumpstats {
  67     /* IN */
  68     XEN_GUEST_HANDLE_64(void) pullcache;
  69     uint32_t pullcache_size;
  70 };
  71
  72
  73 #define ACMOP_getssid           4
  74 #define ACM_GETBY_ssidref  1
  75 #define ACM_GETBY_domainid 2
  76 struct acm_getssid {
  77     /* IN */
  78     uint32_t get_ssid_by; /* ACM_GETBY_* */
  79     union {
  80         domaintype_t domainid;
  81         ssidref_t    ssidref;
  82     } id;
  83     XEN_GUEST_HANDLE_64(void) ssidbuf;
  84     uint32_t ssidbuf_size;
  85 };
  86
  87 #define ACMOP_getdecision      5
  88 struct acm_getdecision {
  89     /* IN */
  90     uint32_t get_decision_by1; /* ACM_GETBY_* */
  91     uint32_t get_decision_by2; /* ACM_GETBY_* */
  92     union {
  93         domaintype_t domainid;
  94         ssidref_t    ssidref;
  95     } id1;
  96     union {
  97         domaintype_t domainid;
  98         ssidref_t    ssidref;
  99     } id2;
 100     uint32_t hook;
 101     /* OUT */
 102     uint32_t acm_decision;
 103 };
 104
 105
 106 #define ACMOP_chgpolicy        6
 107 struct acm_change_policy {
 108     /* IN */
 109     XEN_GUEST_HANDLE_64(void) policy_pushcache;
 110     uint32_t policy_pushcache_size;
 111     XEN_GUEST_HANDLE_64(void) del_array;
 112     uint32_t delarray_size;
 113     XEN_GUEST_HANDLE_64(void) chg_array;
 114     uint32_t chgarray_size;
 115     /* OUT */
 116     /* array with error code */
 117     XEN_GUEST_HANDLE_64(void) err_array;
 118     uint32_t errarray_size;
 119 };
 120
 121 #define ACMOP_relabeldoms       7
 122 struct acm_relabel_doms {
 123     /* IN */
 124     XEN_GUEST_HANDLE_64(void) relabel_map;
 125     uint32_t relabel_map_size;
 126     /* OUT */
 127     XEN_GUEST_HANDLE_64(void) err_array;
 128     uint32_t errarray_size;
 129 };
 130
 131 /* future interface to Xen */
 132 struct xen_acmctl {
 133     uint32_t cmd;
 134     uint32_t interface_version;
 135     union {
 136         struct acm_setpolicy     setpolicy;
 137         struct acm_getpolicy     getpolicy;
 138         struct acm_dumpstats     dumpstats;
 139         struct acm_getssid       getssid;
 140         struct acm_getdecision   getdecision;
 141         struct acm_change_policy change_policy;
 142         struct acm_relabel_doms  relabel_doms;
 143     } u;
 144 };
 145
 146 typedef struct xen_acmctl xen_acmctl_t;
 147 DEFINE_XEN_GUEST_HANDLE(xen_acmctl_t);
 148
 149 #endif /* __XEN_PUBLIC_ACM_OPS_H__ */
 150
 151 /*
 152  * Local variables:
 153  * mode: C
 154  * c-set-style: "BSD"
 155  * c-basic-offset: 4
 156  * tab-width: 4
 157  * indent-tabs-mode: nil
 158  * End:
 159  */