2 * acm_ops.h: Xen access control module hypervisor commands
4 * Permission is hereby granted, free of charge, to any person obtaining a copy
5 * of this software and associated documentation files (the "Software"), to
6 * deal in the Software without restriction, including without limitation the
7 * rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
8 * sell copies of the Software, and to permit persons to whom the Software is
9 * furnished to do so, subject to the following conditions:
11 * The above copyright notice and this permission notice shall be included in
12 * all copies or substantial portions of the Software.
14 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
15 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
16 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
17 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
18 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
19 * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
20 * DEALINGS IN THE SOFTWARE.
22 * Reiner Sailer <sailer@watson.ibm.com>
23 * Copyright (c) 2005,2006 International Business Machines Corporation.
26 #ifndef __XEN_PUBLIC_ACM_OPS_H__
27 #define __XEN_PUBLIC_ACM_OPS_H__
33 * Make sure you increment the interface version whenever you modify this file!
34 * This makes sure that old versions of acm tools will stop working in a
35 * well-defined way (rather than crashing the machine, for instance).
37 #define ACM_INTERFACE_VERSION 0xAAAA000A
39 /************************************************************************/
42 * Prototype for this hypercall is:
43 * int acm_op(int cmd, void *args)
44 * @cmd == ACMOP_??? (access control module operation).
45 * @args == Operation-specific extra arguments (NULL if none).
49 #define ACMOP_setpolicy 1
50 struct acm_setpolicy {
52 XEN_GUEST_HANDLE_64(void) pushcache;
53 uint32_t pushcache_size;
57 #define ACMOP_getpolicy 2
58 struct acm_getpolicy {
60 XEN_GUEST_HANDLE_64(void) pullcache;
61 uint32_t pullcache_size;
65 #define ACMOP_dumpstats 3
66 struct acm_dumpstats {
68 XEN_GUEST_HANDLE_64(void) pullcache;
69 uint32_t pullcache_size;
73 #define ACMOP_getssid 4
74 #define ACM_GETBY_ssidref 1
75 #define ACM_GETBY_domainid 2
78 uint32_t get_ssid_by; /* ACM_GETBY_* */
80 domaintype_t domainid;
83 XEN_GUEST_HANDLE_64(void) ssidbuf;
84 uint32_t ssidbuf_size;
87 #define ACMOP_getdecision 5
88 struct acm_getdecision {
90 uint32_t get_decision_by1; /* ACM_GETBY_* */
91 uint32_t get_decision_by2; /* ACM_GETBY_* */
93 domaintype_t domainid;
97 domaintype_t domainid;
102 uint32_t acm_decision;
106 #define ACMOP_chgpolicy 6
107 struct acm_change_policy {
109 XEN_GUEST_HANDLE_64(void) policy_pushcache;
110 uint32_t policy_pushcache_size;
111 XEN_GUEST_HANDLE_64(void) del_array;
112 uint32_t delarray_size;
113 XEN_GUEST_HANDLE_64(void) chg_array;
114 uint32_t chgarray_size;
116 /* array with error code */
117 XEN_GUEST_HANDLE_64(void) err_array;
118 uint32_t errarray_size;
121 #define ACMOP_relabeldoms 7
122 struct acm_relabel_doms {
124 XEN_GUEST_HANDLE_64(void) relabel_map;
125 uint32_t relabel_map_size;
127 XEN_GUEST_HANDLE_64(void) err_array;
128 uint32_t errarray_size;
131 /* future interface to Xen */
134 uint32_t interface_version;
136 struct acm_setpolicy setpolicy;
137 struct acm_getpolicy getpolicy;
138 struct acm_dumpstats dumpstats;
139 struct acm_getssid getssid;
140 struct acm_getdecision getdecision;
141 struct acm_change_policy change_policy;
142 struct acm_relabel_doms relabel_doms;
146 typedef struct xen_acmctl xen_acmctl_t;
147 DEFINE_XEN_GUEST_HANDLE(xen_acmctl_t);
149 #endif /* __XEN_PUBLIC_ACM_OPS_H__ */
157 * indent-tabs-mode: nil