1/*
2   This file is part of Valgrind, a dynamic binary instrumentation
3   framework.
4
5   Copyright (C) 2012-2017 Citrix
6
7   This program is free software; you can redistribute it and/or
8   modify it under the terms of the GNU General Public License as
9   published by the Free Software Foundation; either version 2 of the
10   License, or (at your option) any later version.
11
12   This program is distributed in the hope that it will be useful, but
13   WITHOUT ANY WARRANTY; without even the implied warranty of
14   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
15   General Public License for more details.
16
17   You should have received a copy of the GNU General Public License
18   along with this program; if not, write to the Free Software
19   Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
20   02111-1307, USA.
21
22   The GNU General Public License is contained in the file COPYING.
23*/
24
25/* Contributed by Andrew Cooper <andrew.cooper3@citrix.com>
26   and Ian Campbell <ian.campbell@citrix.com> */
27
28#ifndef __VKI_XEN_XSM_H
29#define __VKI_XEN_XSM_H
30
31#define VKI_XEN_FLASK_INTERFACE_VERSION 1
32
33struct vki_xen_flask_sid_context {
34    /* IN/OUT: sid to convert to/from string */
35    vki_uint32_t sid;
36    /* IN: size of the context buffer
37     * OUT: actual size of the output context string
38     */
39    vki_uint32_t size;
40    VKI_XEN_GUEST_HANDLE(char) context;
41};
42
43struct vki_xen_flask_op {
44    vki_uint32_t cmd;
45#define VKI_FLASK_LOAD              1
46#define VKI_FLASK_GETENFORCE        2
47#define VKI_FLASK_SETENFORCE        3
48#define VKI_FLASK_CONTEXT_TO_SID    4
49#define VKI_FLASK_SID_TO_CONTEXT    5
50#define VKI_FLASK_ACCESS            6
51#define VKI_FLASK_CREATE            7
52#define VKI_FLASK_RELABEL           8
53#define VKI_FLASK_USER              9
54#define VKI_FLASK_POLICYVERS        10
55#define VKI_FLASK_GETBOOL           11
56#define VKI_FLASK_SETBOOL           12
57#define VKI_FLASK_COMMITBOOLS       13
58#define VKI_FLASK_MLS               14
59#define VKI_FLASK_DISABLE           15
60#define VKI_FLASK_GETAVC_THRESHOLD  16
61#define VKI_FLASK_SETAVC_THRESHOLD  17
62#define VKI_FLASK_AVC_HASHSTATS     18
63#define VKI_FLASK_AVC_CACHESTATS    19
64#define VKI_FLASK_MEMBER            20
65#define VKI_FLASK_ADD_OCONTEXT      21
66#define VKI_FLASK_DEL_OCONTEXT      22
67#define VKI_FLASK_GET_PEER_SID      23
68#define VKI_FLASK_RELABEL_DOMAIN    24
69    vki_uint32_t interface_version; /* VKI_XEN_FLASK_INTERFACE_VERSION */
70    union {
71        //struct vki_xen_flask_load load;
72        //struct vki_xen_flask_setenforce enforce;
73        /* FLASK_CONTEXT_TO_SID and FLASK_SID_TO_CONTEXT */
74        struct vki_xen_flask_sid_context sid_context;
75        //struct vki_xen_flask_access access;
76        /* FLASK_CREATE, FLASK_RELABEL, FLASK_MEMBER */
77        //struct vki_xen_flask_transition transition;
78        //struct vki_xen_flask_userlist userlist;
79        /* FLASK_GETBOOL, FLASK_SETBOOL */
80        //struct vki_xen_flask_boolean boolean;
81        //struct vki_xen_flask_setavc_threshold setavc_threshold;
82        //struct vki_xen_flask_hash_stats hash_stats;
83        //struct vki_xen_flask_cache_stats cache_stats;
84        /* FLASK_ADD_OCONTEXT, FLASK_DEL_OCONTEXT */
85        //struct vki_xen_flask_ocontext ocontext;
86        //struct vki_xen_flask_peersid peersid;
87        //struct vki_xen_flask_relabel relabel;
88    } u;
89};
90
91#endif // __VKI_XEN_XSM_H
92
93/*--------------------------------------------------------------------*/
94/*--- end                                                          ---*/
95/*--------------------------------------------------------------------*/
96