1251767Sgibbs/*
2251767Sgibbs *  This file contains the flask_op hypercall commands and definitions.
3251767Sgibbs *
4251767Sgibbs *  Author:  George Coker, <gscoker@alpha.ncsc.mil>
5251767Sgibbs *
6251767Sgibbs * Permission is hereby granted, free of charge, to any person obtaining a copy
7251767Sgibbs * of this software and associated documentation files (the "Software"), to
8251767Sgibbs * deal in the Software without restriction, including without limitation the
9251767Sgibbs * rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
10251767Sgibbs * sell copies of the Software, and to permit persons to whom the Software is
11251767Sgibbs * furnished to do so, subject to the following conditions:
12251767Sgibbs *
13251767Sgibbs * The above copyright notice and this permission notice shall be included in
14251767Sgibbs * all copies or substantial portions of the Software.
15251767Sgibbs *
16251767Sgibbs * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
17251767Sgibbs * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
18251767Sgibbs * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
19251767Sgibbs * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
20251767Sgibbs * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
21251767Sgibbs * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
22251767Sgibbs * DEALINGS IN THE SOFTWARE.
23251767Sgibbs */
24251767Sgibbs
25251767Sgibbs#ifndef __FLASK_OP_H__
26251767Sgibbs#define __FLASK_OP_H__
27251767Sgibbs
28288917Sroyger#include "../event_channel.h"
29288917Sroyger
30251767Sgibbs#define XEN_FLASK_INTERFACE_VERSION 1
31251767Sgibbs
32251767Sgibbsstruct xen_flask_load {
33251767Sgibbs    XEN_GUEST_HANDLE(char) buffer;
34251767Sgibbs    uint32_t size;
35251767Sgibbs};
36251767Sgibbs
37251767Sgibbsstruct xen_flask_setenforce {
38251767Sgibbs    uint32_t enforcing;
39251767Sgibbs};
40251767Sgibbs
41251767Sgibbsstruct xen_flask_sid_context {
42251767Sgibbs    /* IN/OUT: sid to convert to/from string */
43251767Sgibbs    uint32_t sid;
44251767Sgibbs    /* IN: size of the context buffer
45251767Sgibbs     * OUT: actual size of the output context string
46251767Sgibbs     */
47251767Sgibbs    uint32_t size;
48251767Sgibbs    XEN_GUEST_HANDLE(char) context;
49251767Sgibbs};
50251767Sgibbs
51251767Sgibbsstruct xen_flask_access {
52251767Sgibbs    /* IN: access request */
53251767Sgibbs    uint32_t ssid;
54251767Sgibbs    uint32_t tsid;
55251767Sgibbs    uint32_t tclass;
56251767Sgibbs    uint32_t req;
57251767Sgibbs    /* OUT: AVC data */
58251767Sgibbs    uint32_t allowed;
59251767Sgibbs    uint32_t audit_allow;
60251767Sgibbs    uint32_t audit_deny;
61251767Sgibbs    uint32_t seqno;
62251767Sgibbs};
63251767Sgibbs
64251767Sgibbsstruct xen_flask_transition {
65251767Sgibbs    /* IN: transition SIDs and class */
66251767Sgibbs    uint32_t ssid;
67251767Sgibbs    uint32_t tsid;
68251767Sgibbs    uint32_t tclass;
69251767Sgibbs    /* OUT: new SID */
70251767Sgibbs    uint32_t newsid;
71251767Sgibbs};
72251767Sgibbs
73251767Sgibbsstruct xen_flask_userlist {
74251767Sgibbs    /* IN: starting SID for list */
75251767Sgibbs    uint32_t start_sid;
76251767Sgibbs    /* IN: size of user string and output buffer
77251767Sgibbs     * OUT: number of SIDs returned */
78251767Sgibbs    uint32_t size;
79251767Sgibbs    union {
80251767Sgibbs        /* IN: user to enumerate SIDs */
81251767Sgibbs        XEN_GUEST_HANDLE(char) user;
82251767Sgibbs        /* OUT: SID list */
83251767Sgibbs        XEN_GUEST_HANDLE(uint32) sids;
84251767Sgibbs    } u;
85251767Sgibbs};
86251767Sgibbs
87251767Sgibbsstruct xen_flask_boolean {
88251767Sgibbs    /* IN/OUT: numeric identifier for boolean [GET/SET]
89251767Sgibbs     * If -1, name will be used and bool_id will be filled in. */
90251767Sgibbs    uint32_t bool_id;
91251767Sgibbs    /* OUT: current enforcing value of boolean [GET/SET] */
92251767Sgibbs    uint8_t enforcing;
93251767Sgibbs    /* OUT: pending value of boolean [GET/SET] */
94251767Sgibbs    uint8_t pending;
95251767Sgibbs    /* IN: new value of boolean [SET] */
96251767Sgibbs    uint8_t new_value;
97251767Sgibbs    /* IN: commit new value instead of only setting pending [SET] */
98251767Sgibbs    uint8_t commit;
99251767Sgibbs    /* IN: size of boolean name buffer [GET/SET]
100251767Sgibbs     * OUT: actual size of name [GET only] */
101251767Sgibbs    uint32_t size;
102251767Sgibbs    /* IN: if bool_id is -1, used to find boolean [GET/SET]
103251767Sgibbs     * OUT: textual name of boolean [GET only]
104251767Sgibbs     */
105251767Sgibbs    XEN_GUEST_HANDLE(char) name;
106251767Sgibbs};
107251767Sgibbs
108251767Sgibbsstruct xen_flask_setavc_threshold {
109251767Sgibbs    /* IN */
110251767Sgibbs    uint32_t threshold;
111251767Sgibbs};
112251767Sgibbs
113251767Sgibbsstruct xen_flask_hash_stats {
114251767Sgibbs    /* OUT */
115251767Sgibbs    uint32_t entries;
116251767Sgibbs    uint32_t buckets_used;
117251767Sgibbs    uint32_t buckets_total;
118251767Sgibbs    uint32_t max_chain_len;
119251767Sgibbs};
120251767Sgibbs
121251767Sgibbsstruct xen_flask_cache_stats {
122251767Sgibbs    /* IN */
123251767Sgibbs    uint32_t cpu;
124251767Sgibbs    /* OUT */
125251767Sgibbs    uint32_t lookups;
126251767Sgibbs    uint32_t hits;
127251767Sgibbs    uint32_t misses;
128251767Sgibbs    uint32_t allocations;
129251767Sgibbs    uint32_t reclaims;
130251767Sgibbs    uint32_t frees;
131251767Sgibbs};
132251767Sgibbs
133251767Sgibbsstruct xen_flask_ocontext {
134251767Sgibbs    /* IN */
135251767Sgibbs    uint32_t ocon;
136251767Sgibbs    uint32_t sid;
137251767Sgibbs    uint64_t low, high;
138251767Sgibbs};
139251767Sgibbs
140251767Sgibbsstruct xen_flask_peersid {
141251767Sgibbs    /* IN */
142251767Sgibbs    evtchn_port_t evtchn;
143251767Sgibbs    /* OUT */
144251767Sgibbs    uint32_t sid;
145251767Sgibbs};
146251767Sgibbs
147288917Sroygerstruct xen_flask_relabel {
148288917Sroyger    /* IN */
149288917Sroyger    uint32_t domid;
150288917Sroyger    uint32_t sid;
151288917Sroyger};
152288917Sroyger
153288917Sroygerstruct xen_flask_devicetree_label {
154288917Sroyger    /* IN */
155288917Sroyger    uint32_t sid;
156288917Sroyger    uint32_t length;
157288917Sroyger    XEN_GUEST_HANDLE(char) path;
158288917Sroyger};
159288917Sroyger
160251767Sgibbsstruct xen_flask_op {
161251767Sgibbs    uint32_t cmd;
162251767Sgibbs#define FLASK_LOAD              1
163251767Sgibbs#define FLASK_GETENFORCE        2
164251767Sgibbs#define FLASK_SETENFORCE        3
165251767Sgibbs#define FLASK_CONTEXT_TO_SID    4
166251767Sgibbs#define FLASK_SID_TO_CONTEXT    5
167251767Sgibbs#define FLASK_ACCESS            6
168251767Sgibbs#define FLASK_CREATE            7
169251767Sgibbs#define FLASK_RELABEL           8
170251767Sgibbs#define FLASK_USER              9
171251767Sgibbs#define FLASK_POLICYVERS        10
172251767Sgibbs#define FLASK_GETBOOL           11
173251767Sgibbs#define FLASK_SETBOOL           12
174251767Sgibbs#define FLASK_COMMITBOOLS       13
175251767Sgibbs#define FLASK_MLS               14
176251767Sgibbs#define FLASK_DISABLE           15
177251767Sgibbs#define FLASK_GETAVC_THRESHOLD  16
178251767Sgibbs#define FLASK_SETAVC_THRESHOLD  17
179251767Sgibbs#define FLASK_AVC_HASHSTATS     18
180251767Sgibbs#define FLASK_AVC_CACHESTATS    19
181251767Sgibbs#define FLASK_MEMBER            20
182251767Sgibbs#define FLASK_ADD_OCONTEXT      21
183251767Sgibbs#define FLASK_DEL_OCONTEXT      22
184251767Sgibbs#define FLASK_GET_PEER_SID      23
185288917Sroyger#define FLASK_RELABEL_DOMAIN    24
186288917Sroyger#define FLASK_DEVICETREE_LABEL  25
187251767Sgibbs    uint32_t interface_version; /* XEN_FLASK_INTERFACE_VERSION */
188251767Sgibbs    union {
189251767Sgibbs        struct xen_flask_load load;
190251767Sgibbs        struct xen_flask_setenforce enforce;
191251767Sgibbs        /* FLASK_CONTEXT_TO_SID and FLASK_SID_TO_CONTEXT */
192251767Sgibbs        struct xen_flask_sid_context sid_context;
193251767Sgibbs        struct xen_flask_access access;
194251767Sgibbs        /* FLASK_CREATE, FLASK_RELABEL, FLASK_MEMBER */
195251767Sgibbs        struct xen_flask_transition transition;
196251767Sgibbs        struct xen_flask_userlist userlist;
197251767Sgibbs        /* FLASK_GETBOOL, FLASK_SETBOOL */
198251767Sgibbs        struct xen_flask_boolean boolean;
199251767Sgibbs        struct xen_flask_setavc_threshold setavc_threshold;
200251767Sgibbs        struct xen_flask_hash_stats hash_stats;
201251767Sgibbs        struct xen_flask_cache_stats cache_stats;
202251767Sgibbs        /* FLASK_ADD_OCONTEXT, FLASK_DEL_OCONTEXT */
203251767Sgibbs        struct xen_flask_ocontext ocontext;
204251767Sgibbs        struct xen_flask_peersid peersid;
205288917Sroyger        struct xen_flask_relabel relabel;
206288917Sroyger        struct xen_flask_devicetree_label devicetree_label;
207251767Sgibbs    } u;
208251767Sgibbs};
209251767Sgibbstypedef struct xen_flask_op xen_flask_op_t;
210251767SgibbsDEFINE_XEN_GUEST_HANDLE(xen_flask_op_t);
211251767Sgibbs
212251767Sgibbs#endif
213