2
* acm_ops.h: Xen access control module hypervisor commands
4
* Permission is hereby granted, free of charge, to any person obtaining a copy
5
* of this software and associated documentation files (the "Software"), to
6
* deal in the Software without restriction, including without limitation the
7
* rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
8
* sell copies of the Software, and to permit persons to whom the Software is
9
* furnished to do so, subject to the following conditions:
11
* The above copyright notice and this permission notice shall be included in
12
* all copies or substantial portions of the Software.
14
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
15
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
16
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
17
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
18
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
19
* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
20
* DEALINGS IN THE SOFTWARE.
22
* Reiner Sailer <sailer@watson.ibm.com>
23
* Copyright (c) 2005,2006 International Business Machines Corporation.
26
#ifndef __XEN_PUBLIC_ACM_OPS_H__
27
#define __XEN_PUBLIC_ACM_OPS_H__
33
* Make sure you increment the interface version whenever you modify this file!
34
* This makes sure that old versions of acm tools will stop working in a
35
* well-defined way (rather than crashing the machine, for instance).
37
#define ACM_INTERFACE_VERSION 0xAAAA000A
39
/************************************************************************/
42
* Prototype for this hypercall is:
43
* int acm_op(int cmd, void *args)
44
* @cmd == ACMOP_??? (access control module operation).
45
* @args == Operation-specific extra arguments (NULL if none).
49
#define ACMOP_setpolicy 1
50
struct acm_setpolicy {
52
XEN_GUEST_HANDLE_64(void) pushcache;
53
uint32_t pushcache_size;
57
#define ACMOP_getpolicy 2
58
struct acm_getpolicy {
60
XEN_GUEST_HANDLE_64(void) pullcache;
61
uint32_t pullcache_size;
65
#define ACMOP_dumpstats 3
66
struct acm_dumpstats {
68
XEN_GUEST_HANDLE_64(void) pullcache;
69
uint32_t pullcache_size;
73
#define ACMOP_getssid 4
74
#define ACM_GETBY_ssidref 1
75
#define ACM_GETBY_domainid 2
78
uint32_t get_ssid_by; /* ACM_GETBY_* */
80
domaintype_t domainid;
83
XEN_GUEST_HANDLE_64(void) ssidbuf;
84
uint32_t ssidbuf_size;
87
#define ACMOP_getdecision 5
88
struct acm_getdecision {
90
uint32_t get_decision_by1; /* ACM_GETBY_* */
91
uint32_t get_decision_by2; /* ACM_GETBY_* */
93
domaintype_t domainid;
97
domaintype_t domainid;
102
uint32_t acm_decision;
106
#define ACMOP_chgpolicy 6
107
struct acm_change_policy {
109
XEN_GUEST_HANDLE_64(void) policy_pushcache;
110
uint32_t policy_pushcache_size;
111
XEN_GUEST_HANDLE_64(void) del_array;
112
uint32_t delarray_size;
113
XEN_GUEST_HANDLE_64(void) chg_array;
114
uint32_t chgarray_size;
116
/* array with error code */
117
XEN_GUEST_HANDLE_64(void) err_array;
118
uint32_t errarray_size;
121
#define ACMOP_relabeldoms 7
122
struct acm_relabel_doms {
124
XEN_GUEST_HANDLE_64(void) relabel_map;
125
uint32_t relabel_map_size;
127
XEN_GUEST_HANDLE_64(void) err_array;
128
uint32_t errarray_size;
131
/* future interface to Xen */
134
uint32_t interface_version;
136
struct acm_setpolicy setpolicy;
137
struct acm_getpolicy getpolicy;
138
struct acm_dumpstats dumpstats;
139
struct acm_getssid getssid;
140
struct acm_getdecision getdecision;
141
struct acm_change_policy change_policy;
142
struct acm_relabel_doms relabel_doms;
146
typedef struct xen_acmctl xen_acmctl_t;
147
DEFINE_XEN_GUEST_HANDLE(xen_acmctl_t);
149
#endif /* __XEN_PUBLIC_ACM_OPS_H__ */
157
* indent-tabs-mode: nil