ia64/xen-unstable

changeset 5957:d18f732c0a5f

The patches below clean-up sHype-related file names in the tools subtree
and security policy-versioning and data structures in the xen subtree
(ACM):

* the very generic tools directory name "policy" is changed to
"security" and the included "policy_tool" to "secpol_tool"

* the single constant POLICY_INTERFACE_VERSION is replaced
by ACM_INTERFACE_VERSION; the security policy headers are
versioned independently since the policy can be supplied
at boot time instead of through the hypervisor interface

Signed-off-by: Reiner Sailer <sailer@watson.ibm.com>
Signed-off-by: Steven Hand <steven@xensource.com>
author smh22@firebug.cl.cam.ac.uk
date Tue Aug 02 09:37:00 2005 +0000 (2005-08-02)
parents 0301cccd14f1
children 433402c64c77
files tools/Makefile tools/misc/policyprocessor/XmlToBin.java tools/misc/policyprocessor/XmlToBinInterface.java tools/misc/policyprocessor/xen_sample_def.xml xen/acm/acm_chinesewall_hooks.c xen/acm/acm_core.c xen/acm/acm_policy.c xen/acm/acm_simple_type_enforcement_hooks.c xen/arch/x86/x86_32/entry.S xen/arch/x86/x86_64/entry.S xen/include/acm/acm_core.h xen/include/public/acm.h xen/include/public/xen.h
line diff
     1.1 --- a/tools/Makefile	Tue Aug 02 09:31:47 2005 +0000
     1.2 +++ b/tools/Makefile	Tue Aug 02 09:37:00 2005 +0000
     1.3 @@ -12,7 +12,7 @@ SUBDIRS += xcs
     1.4  SUBDIRS += xcutils
     1.5  SUBDIRS += pygrub
     1.6  SUBDIRS += firmware
     1.7 -SUBDIRS += policy
     1.8 +SUBDIRS += security
     1.9  
    1.10  .PHONY: all install clean check check_clean ioemu eioemuinstall ioemuclean
    1.11  
     2.1 --- a/tools/misc/policyprocessor/XmlToBin.java	Tue Aug 02 09:31:47 2005 +0000
     2.2 +++ b/tools/misc/policyprocessor/XmlToBin.java	Tue Aug 02 09:37:00 2005 +0000
     2.3 @@ -5,6 +5,9 @@
     2.4   *
     2.5   * Author: Ray Valdez
     2.6   *
     2.7 + * Contributors:
     2.8 + *         Reiner Sailer - adjust type-lengths
     2.9 + *
    2.10   * This program is free software; you can redistribute it and/or
    2.11   * modify it under the terms of the GNU General Public License as
    2.12   * published by the Free Software Foundation, version 2 of the
    2.13 @@ -490,175 +493,139 @@ public class XmlToBin
    2.14  	
    2.15  
    2.16    try {
    2.17 -	/* Write magic */
    2.18 -	writeIntToStream(binBuffer,ACM_MAGIC,index);
    2.19 -	index = u32Size;
    2.20 +	  index = 0;
    2.21 +	  /* fill in General Policy Version */
    2.22 +	  writeIntToStream(binBuffer, ACM_POLICY_VERSION, index);
    2.23 +	  index += u32Size;
    2.24  
    2.25 -	/* Write policy version */
    2.26 -	writeIntToStream(binBuffer,POLICY_INTERFACE_VERSION,index);
    2.27 -  	index = index + u32Size;
    2.28 +	  /* Write magic */
    2.29 +	  writeIntToStream(binBuffer, ACM_MAGIC, index);
    2.30 +	  index += u32Size;
    2.31  
    2.32 -	/* write len */
    2.33 -	writeIntToStream(binBuffer,binBuffer.length,index);
    2.34 -  	index = index + u32Size;
    2.35 +	  /* write len */
    2.36 +	  writeIntToStream(binBuffer, binBuffer.length, index);
    2.37 +	  index += u32Size;
    2.38  
    2.39    } catch (IOException ee) {
    2.40 -    	System.out.println(" GBPB:: got exception : " + ee); 
    2.41 -	return null;
    2.42 +	  System.out.println(" GBPB:: got exception : " + ee);
    2.43 +	  return null;
    2.44    }
    2.45  
    2.46    int offset, address;
    2.47    address = index;
    2.48  
    2.49    if (null != partMap) 
    2.50 -	offset = binaryBufferHeaderSz + resourceOffsetSz; 
    2.51 +	  offset = binaryBufferHeaderSz + resourceOffsetSz;
    2.52    else
    2.53 -	offset = binaryBufferHeaderSz; 
    2.54 +	  offset = binaryBufferHeaderSz;
    2.55  
    2.56    try {
    2.57 -
    2.58 -	if (null == chwPolicy || null == stePolicy) 
    2.59 -	{
    2.60 -	  writeShortToStream(binBuffer,ACM_NULL_POLICY,index);
    2.61 -  	  index = index + u16Size;
    2.62 -
    2.63 -	  writeShortToStream(binBuffer,(short) 0,index);
    2.64 -  	  index = index + u16Size;
    2.65 -
    2.66 -	  writeShortToStream(binBuffer,ACM_NULL_POLICY,index);
    2.67 -  	  index = index + u16Size;
    2.68 -
    2.69 -	  writeShortToStream(binBuffer,(short) 0,index);
    2.70 -  	  index = index + u16Size;
    2.71 +	  int skip = 0;
    2.72  
    2.73 -	}
    2.74 -    	index = address;
    2.75 -	if (null != chwPolicy) 
    2.76 -	{
    2.77 +	  /* init with NULL policy setting */
    2.78 +	  writeIntToStream(binBuffer, ACM_NULL_POLICY, index);
    2.79 +	  writeIntToStream(binBuffer, 0, index + u32Size);
    2.80 +	  writeIntToStream(binBuffer, ACM_NULL_POLICY, index + 2*u32Size);
    2.81 +	  writeIntToStream(binBuffer, 0, index + 3*u32Size);
    2.82  	  
    2.83 -	  /* Write policy name */
    2.84 -	  writeShortToStream(binBuffer,ACM_CHINESE_WALL_POLICY,index);
    2.85 -  	  index = index + u16Size;
    2.86 +	  index = address;
    2.87 +	  if (null != chwPolicy) {
    2.88 +	  
    2.89 +		  /* Write policy name */
    2.90 +		  writeIntToStream(binBuffer, ACM_CHINESE_WALL_POLICY, index);
    2.91 +		  index += u32Size;
    2.92  
    2.93 -	  /* Write offset */
    2.94 -	  writeShortToStream(binBuffer,(short) offset,index);
    2.95 -  	  index = index + u16Size;
    2.96 +		  /* Write offset */
    2.97 +		  writeIntToStream(binBuffer, offset, index);
    2.98 +		  index += u32Size;
    2.99  
   2.100 -	  /* Write payload. No need increment index */
   2.101 -	  address = offset;
   2.102 -	  System.arraycopy(chwPolicy, 0, binBuffer,address, chwPolicy.length);
   2.103 -	  address = address + chwPolicy.length;
   2.104 -	  
   2.105 +		  /* Write payload. No need increment index */
   2.106 +		  address = offset;
   2.107 +		  System.arraycopy(chwPolicy, 0, binBuffer,address, chwPolicy.length);
   2.108 +		  address = address + chwPolicy.length;
   2.109 +	  } else
   2.110 +		  skip += 2*u32Size;
   2.111 +
   2.112  	  if (null != stePolicy) 
   2.113  	  {	
   2.114  	  	/* Write policy name */
   2.115 -	  	writeShortToStream(binBuffer,ACM_SIMPLE_TYPE_ENFORCEMENT_POLICY,index);
   2.116 -  	  	index = index + u16Size;
   2.117 +	  	writeIntToStream(binBuffer, ACM_SIMPLE_TYPE_ENFORCEMENT_POLICY, index);
   2.118 +  	  	index += u32Size;
   2.119  
   2.120  	  	/* Write offset */
   2.121 -	  	writeShortToStream(binBuffer,(short) address,index);
   2.122 -  	  	index = index + u16Size;
   2.123 +	  	writeIntToStream(binBuffer, address, index);
   2.124 +  	  	index += u32Size;
   2.125  
   2.126  		/* Copy array */
   2.127  	  	System.arraycopy(stePolicy, 0, binBuffer,address, stePolicy.length);
   2.128  		/* Update address */
   2.129  		address = address + stePolicy.length;
   2.130 -	  } else {
   2.131 -	  	/* Skip writing policy name and offset */
   2.132 -  	  	index = index +  2 * u16Size;
   2.133 +	  } else
   2.134 +		 skip += 2*u32Size;
   2.135  
   2.136 -          }
   2.137 +	  /* Skip writing policy name and offset for each null policy*/
   2.138 +	  index +=  skip;
   2.139  
   2.140 -	} else {
   2.141 +	  int size;
   2.142 +	  /* Assumes that you will always have a partition defined in policy */
   2.143 +	  if ( 0 < partMap.length) {
   2.144 +		  writeIntToStream(binBuffer, address, index);
   2.145 +		  index = address;
   2.146  
   2.147 -	  if (null != stePolicy) 
   2.148 -	  {	
   2.149 -	  	/* Write policy name */
   2.150 -	  	writeShortToStream(binBuffer,ACM_SIMPLE_TYPE_ENFORCEMENT_POLICY,index);
   2.151 -  	  	index = index + u16Size;
   2.152 +		  /* Compute num of VMs */
   2.153 +		  size = partMap.length / (3 * u16Size);
   2.154  
   2.155 -	  	/* Write offset */
   2.156 -		address = offset;
   2.157 -	  	writeShortToStream(binBuffer, (short) offset,index);
   2.158 -  	  	index = index + u16Size;
   2.159 -		
   2.160 -		/* Copy array */
   2.161 -	  	System.arraycopy(stePolicy, 0, binBuffer,address, stePolicy.length);
   2.162 -		/* Update address */
   2.163 -		address = address + stePolicy.length;
   2.164 +		  writeShortToStream(binBuffer, (short)size,index);
   2.165 +		  index = index + u16Size;
   2.166  
   2.167 -		/* Increment index, since there is no secondary */
   2.168 -  	  	index = index + secondaryPolicyCodeSz + secondaryBufferOffsetSz;
   2.169 -		
   2.170 -	  } 
   2.171 +		  /* part, vlan and slot: each one consists of two entries */
   2.172 +		  offset = 3 * (2 * u16Size);
   2.173 +		  writeShortToStream(binBuffer, (short) offset,index);
   2.174  
   2.175 -	}
   2.176 -   	int size;
   2.177 -	/* Assumes that you will always have a partition defined in policy */ 
   2.178 -	if ( 0 < partMap.length)
   2.179 -	{
   2.180 -	  writeShortToStream(binBuffer, (short) address,index);
   2.181 -	  index = address;
   2.182 +		  /* Write partition array at offset */
   2.183 +		  System.arraycopy(partMap, 0, binBuffer,(offset + address), partMap.length);
   2.184 +		  index = index + u16Size;
   2.185 +		  offset = offset + partMap.length;
   2.186 +	  }
   2.187  
   2.188 -	  /* Compute num of VMs */
   2.189 -	  size = partMap.length / (3 * u16Size);
   2.190 -
   2.191 -	  writeShortToStream(binBuffer, (short)size,index);
   2.192 -  	  index = index + u16Size;
   2.193 -
   2.194 -	  /* part, vlan and slot: each one consists of two entries */
   2.195 -	  offset = 3 * (2 * u16Size); 
   2.196 -	  writeShortToStream(binBuffer, (short) offset,index);
   2.197 +	  if ( 0 < vlanMap.length) {
   2.198 +		  size = vlanMap.length / (2 * u16Size);
   2.199 +		  writeShortToStream(binBuffer, (short) size,index);
   2.200 +		  index = index + u16Size;
   2.201  
   2.202 -	  /* Write partition array at offset */
   2.203 -	  System.arraycopy(partMap, 0, binBuffer,(offset + address), partMap.length);
   2.204 -  	  index = index + u16Size;
   2.205 -	  offset = offset + partMap.length;
   2.206 -	}
   2.207 -
   2.208 -	if ( 0 < vlanMap.length)
   2.209 -	{
   2.210 -	  size = vlanMap.length / (2 * u16Size);
   2.211 -	  writeShortToStream(binBuffer, (short) size,index);
   2.212 -  	  index = index + u16Size;
   2.213 -
   2.214 -	  writeShortToStream(binBuffer, (short) offset,index);
   2.215 -  	  index = index + u16Size;
   2.216 -	  System.arraycopy(vlanMap, 0, binBuffer,(offset + address), vlanMap.length);
   2.217 -	} else {
   2.218 -	  /* Write vlan max */
   2.219 -	  writeShortToStream(binBuffer, (short) 0,index);
   2.220 -  	  index = index + u16Size;
   2.221 +		  writeShortToStream(binBuffer, (short) offset,index);
   2.222 +		  index = index + u16Size;
   2.223 +		  System.arraycopy(vlanMap, 0, binBuffer,(offset + address), vlanMap.length);
   2.224 +	  } else {
   2.225 +		  /* Write vlan max */
   2.226 +		  writeShortToStream(binBuffer, (short) 0,index);
   2.227 +		  index = index + u16Size;
   2.228   
   2.229 -	  /* Write vlan offset */
   2.230 -	  writeShortToStream(binBuffer, (short) 0,index);
   2.231 -  	  index = index + u16Size;
   2.232 -	  
   2.233 -   	}
   2.234 +		  /* Write vlan offset */
   2.235 +		  writeShortToStream(binBuffer, (short) 0,index);
   2.236 +		  index = index + u16Size;
   2.237 +	  }
   2.238  
   2.239 -	offset = offset + vlanMap.length;
   2.240 -	if ( 0 < slotMap.length)
   2.241 -	{
   2.242 -	  size = slotMap.length / (3 * u16Size);
   2.243 -	  writeShortToStream(binBuffer, (short) size,index);
   2.244 -  	  index = index + u16Size;
   2.245 +	  offset = offset + vlanMap.length;
   2.246 +	  if ( 0 < slotMap.length) {
   2.247 +		  size = slotMap.length / (3 * u16Size);
   2.248 +		  writeShortToStream(binBuffer, (short) size,index);
   2.249 +		  index = index + u16Size;
   2.250  
   2.251 -	  writeShortToStream(binBuffer, (short) offset,index);
   2.252 -  	  index = index + u16Size;
   2.253 -	  System.arraycopy(slotMap, 0, binBuffer,(offset + address), slotMap.length);
   2.254 -	}
   2.255 +		  writeShortToStream(binBuffer, (short) offset,index);
   2.256 +		  index = index + u16Size;
   2.257 +		  System.arraycopy(slotMap, 0, binBuffer,(offset + address), slotMap.length);
   2.258 +	  }
   2.259 +  } catch (IOException ee) {
   2.260 +	  System.out.println(" GBPB:: got exception : " + ee);
   2.261 +	  return null;
   2.262 +  }
   2.263  
   2.264 -     } catch (IOException ee)
   2.265 -    {
   2.266 -    	System.out.println(" GBPB:: got exception : " + ee); 
   2.267 -	return null; 
   2.268 -    }
   2.269 +  printDebug(" GBP:: Binary Policy ==> length " + binBuffer.length);
   2.270 +  if (debug)
   2.271 +	  printHex(binBuffer,binBuffer.length);
   2.272  
   2.273 -    printDebug(" GBP:: Binary Policy ==> length " + binBuffer.length); 
   2.274 -    if (debug) 
   2.275 -   	printHex(binBuffer,binBuffer.length);
   2.276 -
   2.277 -   return  binBuffer;   
   2.278 +  return  binBuffer;
   2.279   } 
   2.280  
   2.281   public  byte[] generateChwBuffer(Vector Ssids, Vector ConflictSsids, Vector ColorTypes)
   2.282 @@ -668,28 +635,20 @@ public class XmlToBin
   2.283    int position = 0;
   2.284  
   2.285    /* Get number of rTypes */
   2.286 -  short maxTypes = (short) ColorTypes.size();
   2.287 +  int maxTypes = ColorTypes.size();
   2.288  
   2.289    /* Get number of SSids entry */
   2.290 -  short maxSsids = (short) Ssids.size();
   2.291 +  int maxSsids = Ssids.size();
   2.292  
   2.293    /* Get number of conflict sets */
   2.294 -  short maxConflict = (short) ConflictSsids.size();
   2.295 +  int maxConflict = ConflictSsids.size();
   2.296  
   2.297     
   2.298    if (maxTypes * maxSsids == 0)
   2.299  	return null; 
   2.300    /*
   2.301 -     data structure acm_chwall_policy_buffer_t;
   2.302 -    
   2.303 -     uint16 policy_code;
   2.304 -     uint16 chwall_max_types;
   2.305 -     uint16 chwall_max_ssidrefs;
   2.306 -     uint16 chwall_max_conflictsets;
   2.307 -     uint16 chwall_ssid_offset;
   2.308 -     uint16 chwall_conflict_sets_offset;
   2.309 -     uint16 chwall_running_types_offset;
   2.310 -     uint16 chwall_conflict_aggregate_offset;
   2.311 +     data structure acm_chwall_policy_buffer
   2.312 +     se XmlToBinInterface.java
   2.313    */
   2.314    int totalBytes = chwHeaderSize  + u16Size *(maxTypes * (maxSsids + maxConflict)); 
   2.315  
   2.316 @@ -699,34 +658,38 @@ public class XmlToBin
   2.317    printDebug(" gCB:: chwall totalbytes : "+totalBytes); 
   2.318  
   2.319    try {
   2.320 -	index = 0;
   2.321 -	writeShortToStream(chwBuffer,ACM_CHINESE_WALL_POLICY,index);
   2.322 -	index = u16Size; 
   2.323 +	  index = 0;
   2.324 +	  /* fill in General Policy Version */
   2.325 +	  writeIntToStream(chwBuffer, ACM_CHWALL_VERSION, index);
   2.326 +	  index += u32Size;
   2.327  
   2.328 -	writeShortToStream(chwBuffer,maxTypes,index);
   2.329 -	index = index + u16Size; 
   2.330 +	  writeIntToStream(chwBuffer, ACM_CHINESE_WALL_POLICY, index);
   2.331 +	  index += u32Size;
   2.332  
   2.333 -	writeShortToStream(chwBuffer,maxSsids,index);
   2.334 -	index = index + u16Size; 
   2.335 +	  writeIntToStream(chwBuffer, maxTypes, index);
   2.336 +	  index += u32Size;
   2.337  
   2.338 -	writeShortToStream(chwBuffer,maxConflict,index);
   2.339 -	index = index + u16Size; 
   2.340 +	  writeIntToStream(chwBuffer, maxSsids, index);
   2.341 +	  index += u32Size;
   2.342  
   2.343 -        /*  Write chwall_ssid_offset */
   2.344 -	writeShortToStream(chwBuffer,chwHeaderSize,index);
   2.345 -	index = index + u16Size; 
   2.346 +	  writeIntToStream(chwBuffer, maxConflict, index);
   2.347 +	  index += u32Size;
   2.348  
   2.349 -	/* Write chwall_conflict_sets_offset */
   2.350 -	writeShortToStream(chwBuffer,(short) address,index);
   2.351 -	index = index + u16Size; 
   2.352 +	  /*  Write chwall_ssid_offset */
   2.353 +	  writeIntToStream(chwBuffer, chwHeaderSize, index);
   2.354 +	  index += u32Size;
   2.355  
   2.356 -	/*  Write chwall_running_types_offset */
   2.357 -	writeShortToStream(chwBuffer,(short) 0,index);
   2.358 -	index = index + u16Size; 
   2.359 +	  /* Write chwall_conflict_sets_offset */
   2.360 +	  writeIntToStream(chwBuffer, address, index);
   2.361 +	  index += u32Size;
   2.362  
   2.363 -	/*  Write chwall_conflict_aggregate_offset */
   2.364 -	writeShortToStream(chwBuffer,(short) 0,index);
   2.365 -	index = index + u16Size; 
   2.366 +	  /*  Write chwall_running_types_offset */
   2.367 +	  writeIntToStream(chwBuffer, 0, index);
   2.368 +	  index += u32Size;
   2.369 +
   2.370 +	  /*  Write chwall_conflict_aggregate_offset */
   2.371 +	  writeIntToStream(chwBuffer, 0, index);
   2.372 +	  index += u32Size;
   2.373  
   2.374    } catch (IOException ee) {
   2.375      	System.out.println(" gCB:: got exception : " + ee); 
   2.376 @@ -737,7 +700,6 @@ public class XmlToBin
   2.377    /* Create the SSids entry */
   2.378    for (int i = 0; i < maxSsids; i++)
   2.379    {
   2.380 -	
   2.381  	SecurityLabel ssidEntry = (SecurityLabel) Ssids.elementAt(i);
   2.382     	/* Get chwall types */
   2.383  	ssidEntry.chwSsidPosition = i;
   2.384 @@ -821,22 +783,16 @@ public class XmlToBin
   2.385    int position = 0;
   2.386  
   2.387    /* Get number of colorTypes */
   2.388 -  short numColorTypes = (short) ColorTypes.size();
   2.389 +  int numColorTypes = ColorTypes.size();
   2.390  
   2.391    /* Get number of SSids entry */
   2.392 -  short numSsids = (short) Ssids.size();
   2.393 +  int numSsids = Ssids.size();
   2.394     
   2.395    if (numColorTypes * numSsids == 0)
   2.396  	return null; 
   2.397  
   2.398 -  /* data structure: acm_ste_policy_buffer_t
   2.399 -   * 
   2.400 -   * policy code  (uint16)    >
   2.401 -   *  max_types    (uint16)    >
   2.402 -   * max_ssidrefs (uint16)    >  steHeaderSize
   2.403 -   * ssid_offset  (uint16)    >
   2.404 -   * DATA 	(colorTypes(size) * Ssids(size) *unit16)
   2.405 -   * 
   2.406 +  /* data structure: acm_ste_policy_buffer
   2.407 +   * see XmlToBinInterface.java
   2.408     * total bytes: steHeaderSize * 2B + colorTypes(size) * Ssids(size)
   2.409     * 
   2.410    */
   2.411 @@ -844,18 +800,22 @@ public class XmlToBin
   2.412  
   2.413    try {
   2.414  	
   2.415 -	index = 0;
   2.416 -	writeShortToStream(steBuffer,ACM_SIMPLE_TYPE_ENFORCEMENT_POLICY,index);
   2.417 -	index = u16Size; 
   2.418 +	  index = 0;
   2.419 +	  writeIntToStream(steBuffer, ACM_STE_VERSION, index);
   2.420 +	  index += u32Size;
   2.421 +
   2.422 +	  writeIntToStream(steBuffer, ACM_SIMPLE_TYPE_ENFORCEMENT_POLICY, index);
   2.423 +	  index += u32Size;
   2.424  
   2.425 -	writeShortToStream(steBuffer,numColorTypes,index);
   2.426 -	index = index + u16Size; 
   2.427 +	  writeIntToStream(steBuffer, numColorTypes, index);
   2.428 +	  index += u32Size;
   2.429  
   2.430 -	writeShortToStream(steBuffer,numSsids,index);
   2.431 -	index = index + u16Size; 
   2.432 +	  writeIntToStream(steBuffer, numSsids, index);
   2.433 +	  index += u32Size;
   2.434  
   2.435 -	writeShortToStream(steBuffer,(short)steHeaderSize,index);
   2.436 -	index = index + u16Size; 
   2.437 +	  writeIntToStream(steBuffer, steHeaderSize, index);
   2.438 +	  index += u32Size;
   2.439 +
   2.440  
   2.441    } catch (IOException ee) {
   2.442  	System.out.println(" gSB:: got exception : " + ee); 
   2.443 @@ -1469,6 +1429,17 @@ public class XmlToBin
   2.444  
   2.445    XmlToBin genObj = new XmlToBin(); 
   2.446  
   2.447 +  policy_version active_policy = new policy_version();
   2.448 +
   2.449 +  if ((active_policy.ACM_POLICY_VERSION != ACM_POLICY_VERSION) ||
   2.450 +      (active_policy.ACM_CHWALL_VERSION != ACM_CHWALL_VERSION) ||
   2.451 +      (active_policy.ACM_STE_VERSION != ACM_STE_VERSION)) {
   2.452 +	  System.out.println("ACM policy versions differ.");
   2.453 +	  System.out.println("Please verify that data structures are correct");
   2.454 +	  System.out.println("and then adjust the version numbers in XmlToBinInterface.java.");
   2.455 +	  return;
   2.456 +  }
   2.457 +
   2.458  
   2.459    for (int i = 0 ; i < args.length ; i++) {
   2.460  
     3.1 --- a/tools/misc/policyprocessor/XmlToBinInterface.java	Tue Aug 02 09:31:47 2005 +0000
     3.2 +++ b/tools/misc/policyprocessor/XmlToBinInterface.java	Tue Aug 02 09:37:00 2005 +0000
     3.3 @@ -19,37 +19,37 @@
     3.4   *
     3.5   *	policy binary structures
     3.6   *
     3.7 - *	typedef struct {
     3.8 - *        u32 magic;
     3.9 - *
    3.10 - *        u32 policyversion;
    3.11 - *        u32 len;
    3.12 + * struct acm_policy_buffer {
    3.13 + *	u32 policy_version; * ACM_POLICY_VERSION *
    3.14 + *      u32 magic;
    3.15 + *	u32 len;
    3.16 + *	u32 primary_policy_code;
    3.17 + *	u32 primary_buffer_offset;
    3.18 + *	u32 secondary_policy_code;
    3.19 + *	u32 secondary_buffer_offset;
    3.20 + *      +u32 resource offset (not used yet in Xen)
    3.21 + * };
    3.22   *
    3.23 - *        u16 primary_policy_code;
    3.24 - *        u16 primary_buffer_offset;
    3.25 - *        u16 secondary_policy_code;
    3.26 - *        u16 secondary_buffer_offset;
    3.27 - *	u16 resource_offset;
    3.28 - *
    3.29 - *	} acm_policy_buffer_t;
    3.30   *
    3.31 - *	typedef struct {
    3.32 - *        u16 policy_code;
    3.33 - *        u16 ste_max_types;
    3.34 - *        u16 ste_max_ssidrefs;
    3.35 - *        u16 ste_ssid_offset;
    3.36 - *	} acm_ste_policy_buffer_t;
    3.37 + * struct acm_ste_policy_buffer {
    3.38 + *	u32 policy_version; * ACM_STE_VERSION *
    3.39 + *	u32 policy_code;
    3.40 + *	u32 ste_max_types;
    3.41 + *	u32 ste_max_ssidrefs;
    3.42 + *	u32 ste_ssid_offset;
    3.43 + * };
    3.44   *
    3.45 - *  	typedef struct {
    3.46 - *        uint16 policy_code;
    3.47 - *        uint16 chwall_max_types;
    3.48 - *        uint16 chwall_max_ssidrefs;
    3.49 - *        uint16 chwall_max_conflictsets;
    3.50 - *        uint16 chwall_ssid_offset;
    3.51 - *        uint16 chwall_conflict_sets_offset;
    3.52 - *        uint16 chwall_running_types_offset;
    3.53 - *        uint16 chwall_conflict_aggregate_offset;
    3.54 - *	} acm_chwall_policy_buffer_t;
    3.55 + * struct acm_chwall_policy_buffer {
    3.56 + *	u32 policy_version; * ACM_CHWALL_VERSION *
    3.57 + *	u32 policy_code;
    3.58 + *	u32 chwall_max_types;
    3.59 + *	u32 chwall_max_ssidrefs;
    3.60 + *	u32 chwall_max_conflictsets;
    3.61 + *	u32 chwall_ssid_offset;
    3.62 + *	u32 chwall_conflict_sets_offset;
    3.63 + *	u32 chwall_running_types_offset;
    3.64 + *	u32 chwall_conflict_aggregate_offset;
    3.65 + * };
    3.66   *
    3.67   *	typedef struct {
    3.68   *	u16 partition_max;
    3.69 @@ -100,16 +100,17 @@ public interface XmlToBinInterface
    3.70    final int u16Size = 2;
    3.71  
    3.72    /* num of bytes for acm_ste_policy_buffer_t */
    3.73 -  final short steHeaderSize = (4 * u16Size); 
    3.74 +  final int steHeaderSize = (5 * u32Size);
    3.75 +
    3.76    /* byte for acm_chinese_wall_policy_buffer_t */
    3.77 -  final short chwHeaderSize = (8 * u16Size); 
    3.78 +  final int chwHeaderSize = (9 * u32Size);
    3.79  
    3.80 -  final short primaryPolicyCodeSize = u16Size;
    3.81 -  final short primaryBufferOffsetSize = u16Size ;
    3.82 +  final int primaryPolicyCodeSize = u32Size;
    3.83 +  final int primaryBufferOffsetSize = u32Size ;
    3.84  
    3.85 -  final int secondaryPolicyCodeSz = u16Size;
    3.86 -  final int secondaryBufferOffsetSz = u16Size;
    3.87 -  final short resourceOffsetSz = u16Size;
    3.88 +  final int secondaryPolicyCodeSz = u32Size;
    3.89 +  final int secondaryBufferOffsetSz = u32Size;
    3.90 +  final int resourceOffsetSz = u32Size;
    3.91  
    3.92    final short partitionBufferSz = (2 * u16Size);
    3.93    final short partitionEntrySz = (3 * u16Size);
    3.94 @@ -120,16 +121,18 @@ public interface XmlToBinInterface
    3.95    final short vlanBufferSz = (2 * u16Size);
    3.96    final short vlanEntrySz = (2 * u16Size);
    3.97  
    3.98 -  final short binaryBufferHeaderSz = (3 * u32Size + 4* u16Size);
    3.99 -
   3.100 -  /* copied directlty from policy_ops.h */
   3.101 -  final int POLICY_INTERFACE_VERSION = 0xAAAA0003;
   3.102 +  final int binaryBufferHeaderSz = (8 * u32Size); /* 8th not used in Xen */
   3.103  
   3.104    /* copied directly from acm.h */
   3.105    final int ACM_MAGIC  =  0x0001debc;
   3.106 -  final short ACM_NULL_POLICY = 0;
   3.107 -  final short ACM_CHINESE_WALL_POLICY = 1;
   3.108 -  final short ACM_SIMPLE_TYPE_ENFORCEMENT_POLICY = 2;
   3.109 -  final short ACM_CHINESE_WALL_AND_SIMPLE_TYPE_ENFORCEMENT_POLICY = 3;
   3.110 -  final short ACM_EMPTY_POLICY = 4;
   3.111 +  final int ACM_NULL_POLICY = 0;
   3.112 +  final int ACM_CHINESE_WALL_POLICY = 1;
   3.113 +  final int ACM_SIMPLE_TYPE_ENFORCEMENT_POLICY = 2;
   3.114 +  final int ACM_CHINESE_WALL_AND_SIMPLE_TYPE_ENFORCEMENT_POLICY = 3;
   3.115 +  final int ACM_EMPTY_POLICY = 4;
   3.116 +
   3.117 +  /* version for compatibility check */
   3.118 +  final int ACM_POLICY_VERSION = 1;
   3.119 +  final int ACM_STE_VERSION    = 1;
   3.120 +  final int ACM_CHWALL_VERSION = 1;
   3.121  }
     4.1 --- a/tools/misc/policyprocessor/xen_sample_def.xml	Tue Aug 02 09:31:47 2005 +0000
     4.2 +++ b/tools/misc/policyprocessor/xen_sample_def.xml	Tue Aug 02 09:37:00 2005 +0000
     4.3 @@ -37,7 +37,7 @@ xsi:schemaLocation="http://www.ibm.com S
     4.4     </ConflictSet>
     4.5  
     4.6     <ConflictSet>
     4.7 -		 <ChWall>Q-Company</ChWall>
     4.8 +		 <ChWall>R-Company</ChWall>
     4.9  		 <ChWall>V-Company</ChWall>
    4.10  		 <ChWall>W-Company</ChWall>
    4.11     </ConflictSet>
     5.1 --- a/tools/policy/Makefile	Tue Aug 02 09:31:47 2005 +0000
     5.2 +++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
     5.3 @@ -1,36 +0,0 @@
     5.4 -XEN_ROOT = ../..
     5.5 -include $(XEN_ROOT)/tools/Rules.mk
     5.6 -
     5.7 -SRCS     = policy_tool.c
     5.8 -CFLAGS   += -static
     5.9 -CFLAGS   += -Wall
    5.10 -CFLAGS   += -Werror
    5.11 -CFLAGS   += -O3
    5.12 -CFLAGS   += -fno-strict-aliasing
    5.13 -CFLAGS   += -I.
    5.14 -
    5.15 -all: build
    5.16 -build: mk-symlinks
    5.17 -	$(MAKE) policy_tool
    5.18 -
    5.19 -default: all
    5.20 -
    5.21 -install: all
    5.22 -
    5.23 -policy_tool : policy_tool.c
    5.24 -	$(CC) $(CPPFLAGS) $(CFLAGS) -o $@ $<
    5.25 -
    5.26 -clean:
    5.27 -	rm -rf policy_tool xen
    5.28 -
    5.29 -
    5.30 -LINUX_ROOT := $(XEN_ROOT)/linux-2.6-xen-sparse
    5.31 -mk-symlinks:
    5.32 -	[ -e xen/linux ] || mkdir -p xen/linux
    5.33 -	[ -e xen/io ]    || mkdir -p xen/io
    5.34 -	( cd xen >/dev/null ; \
    5.35 -	  ln -sf ../$(XEN_ROOT)/xen/include/public/*.h . )
    5.36 -	( cd xen/io >/dev/null ; \
    5.37 -	  ln -sf ../../$(XEN_ROOT)/xen/include/public/io/*.h . )
    5.38 -	( cd xen/linux >/dev/null ; \
    5.39 -	  ln -sf ../../$(LINUX_ROOT)/include/asm-xen/linux-public/*.h . )
     6.1 --- a/tools/policy/policy_tool.c	Tue Aug 02 09:31:47 2005 +0000
     6.2 +++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
     6.3 @@ -1,552 +0,0 @@
     6.4 -/****************************************************************
     6.5 - * policy_tool.c
     6.6 - * 
     6.7 - * Copyright (C) 2005 IBM Corporation
     6.8 - *
     6.9 - * Authors:
    6.10 - * Reiner Sailer <sailer@watson.ibm.com>
    6.11 - * Stefan Berger <stefanb@watson.ibm.com>
    6.12 - *
    6.13 - * This program is free software; you can redistribute it and/or
    6.14 - * modify it under the terms of the GNU General Public License as
    6.15 - * published by the Free Software Foundation, version 2 of the
    6.16 - * License. 
    6.17 - *
    6.18 - * sHype policy management tool. This code runs in a domain and
    6.19 - *     manages the Xen security policy by interacting with the
    6.20 - *     Xen access control module via a /proc/xen/privcmd proc-ioctl, 
    6.21 - *     which is translated into a policy_op hypercall into Xen.
    6.22 - * 
    6.23 - * todo: implement setpolicy to dynamically set a policy cache.
    6.24 - */
    6.25 -#include <unistd.h>
    6.26 -#include <stdio.h>
    6.27 -#include <errno.h>
    6.28 -#include <fcntl.h>
    6.29 -#include <sys/mman.h>
    6.30 -#include <sys/types.h>
    6.31 -#include <sys/stat.h>
    6.32 -#include <stdlib.h>
    6.33 -#include <sys/ioctl.h>
    6.34 -#include <string.h>
    6.35 -#include <stdint.h>
    6.36 -#include <netinet/in.h>
    6.37 -
    6.38 -typedef uint8_t            u8;
    6.39 -typedef uint16_t           u16;
    6.40 -typedef uint32_t           u32;
    6.41 -typedef uint64_t           u64;
    6.42 -typedef int8_t             s8;
    6.43 -typedef int16_t            s16;
    6.44 -typedef int32_t            s32;
    6.45 -typedef int64_t            s64;
    6.46 -
    6.47 -#include <xen/acm.h>
    6.48 -
    6.49 -#include <xen/policy_ops.h>
    6.50 -
    6.51 -#include <xen/linux/privcmd.h>
    6.52 -
    6.53 -#define ERROR(_m, _a...)	\
    6.54 -	fprintf(stderr, "ERROR: " _m "\n" , ## _a )
    6.55 -
    6.56 -#define PERROR(_m, _a...) \
    6.57 -	fprintf(stderr, "ERROR: " _m " (%d = %s)\n" , ## _a ,	\
    6.58 -            errno, strerror(errno))
    6.59 -
    6.60 -static inline int do_policycmd(int xc_handle,
    6.61 -                             unsigned int cmd, 
    6.62 -                             unsigned long data)
    6.63 -{
    6.64 -    return ioctl(xc_handle, cmd, data);
    6.65 -}
    6.66 -
    6.67 -static inline int do_xen_hypercall(int xc_handle,
    6.68 -                                   privcmd_hypercall_t *hypercall)
    6.69 -{
    6.70 -    return do_policycmd(xc_handle,
    6.71 -                      IOCTL_PRIVCMD_HYPERCALL, 
    6.72 -                      (unsigned long)hypercall);
    6.73 -}
    6.74 -
    6.75 -static inline int do_policy_op(int xc_handle, policy_op_t *op)
    6.76 -{
    6.77 -    int ret = -1;
    6.78 -    privcmd_hypercall_t hypercall;
    6.79 -
    6.80 -    op->interface_version = POLICY_INTERFACE_VERSION;
    6.81 -
    6.82 -    hypercall.op     = __HYPERVISOR_policy_op;
    6.83 -    hypercall.arg[0] = (unsigned long)op;
    6.84 -
    6.85 -    if ( mlock(op, sizeof(*op)) != 0 )
    6.86 -    {
    6.87 -        PERROR("Could not lock memory for Xen policy hypercall");
    6.88 -        goto out1;
    6.89 -    }
    6.90 -
    6.91 -    if ( (ret = do_xen_hypercall(xc_handle, &hypercall)) < 0 )
    6.92 -    {
    6.93 -        if ( errno == EACCES )
    6.94 -            fprintf(stderr, "POLICY operation failed -- need to"
    6.95 -                    " rebuild the user-space tool set?\n");
    6.96 -        goto out2;
    6.97 -    }
    6.98 -
    6.99 - out2: (void)munlock(op, sizeof(*op));
   6.100 - out1: return ret;
   6.101 -}
   6.102 -
   6.103 -/*************************** DUMPS *******************************/
   6.104 -
   6.105 -void acm_dump_chinesewall_buffer(void *buf, int buflen) {
   6.106 -
   6.107 -	struct acm_chwall_policy_buffer *cwbuf = (struct acm_chwall_policy_buffer *)buf;
   6.108 -	domaintype_t *ssids, *conflicts, *running_types, *conflict_aggregate;
   6.109 -	int i,j;
   6.110 -
   6.111 -       
   6.112 -	if (htons(cwbuf->policy_code) != ACM_CHINESE_WALL_POLICY) {
   6.113 -		printf("CHINESE WALL POLICY CODE not found ERROR!!\n");
   6.114 -		return;
   6.115 -	}
   6.116 -	printf("\n\nChinese Wall policy:\n");
   6.117 -	printf("====================\n");
   6.118 -	printf("Max Types     = %x.\n", ntohs(cwbuf->chwall_max_types));
   6.119 -	printf("Max Ssidrefs  = %x.\n", ntohs(cwbuf->chwall_max_ssidrefs));
   6.120 -	printf("Max ConfSets  = %x.\n", ntohs(cwbuf->chwall_max_conflictsets));
   6.121 -	printf("Ssidrefs Off  = %x.\n", ntohs(cwbuf->chwall_ssid_offset));
   6.122 -	printf("Conflicts Off = %x.\n", ntohs(cwbuf->chwall_conflict_sets_offset));
   6.123 -	printf("Runing T. Off = %x.\n", ntohs(cwbuf->chwall_running_types_offset));
   6.124 -	printf("C. Agg. Off   = %x.\n", ntohs(cwbuf->chwall_conflict_aggregate_offset));
   6.125 -	printf("\nSSID To CHWALL-Type matrix:\n");
   6.126 -
   6.127 -	ssids = (domaintype_t *)(buf + ntohs(cwbuf->chwall_ssid_offset));
   6.128 -	for(i=0; i< ntohs(cwbuf->chwall_max_ssidrefs); i++) {
   6.129 -		printf("\n   ssidref%2x:  ", i);
   6.130 -		for(j=0; j< ntohs(cwbuf->chwall_max_types); j++)
   6.131 -			printf("%02x ", ntohs(ssids[i*ntohs(cwbuf->chwall_max_types) + j]));
   6.132 -	}
   6.133 -	printf("\n\nConfict Sets:\n");
   6.134 -	conflicts = (domaintype_t *)(buf + ntohs(cwbuf->chwall_conflict_sets_offset));
   6.135 -	for(i=0; i< ntohs(cwbuf->chwall_max_conflictsets); i++) {
   6.136 -		printf("\n   c-set%2x:    ", i);
   6.137 -		for(j=0; j< ntohs(cwbuf->chwall_max_types); j++)
   6.138 -			printf("%02x ", ntohs(conflicts[i*ntohs(cwbuf->chwall_max_types) +j]));
   6.139 -	}
   6.140 -	printf("\n");
   6.141 -
   6.142 -	printf("\nRunning\nTypes:         ");
   6.143 -	if (ntohs(cwbuf->chwall_running_types_offset)) {
   6.144 -		running_types = (domaintype_t *)(buf + ntohs(cwbuf->chwall_running_types_offset));
   6.145 -		for(i=0; i< ntohs(cwbuf->chwall_max_types); i++) {
   6.146 -			printf("%02x ", ntohs(running_types[i]));
   6.147 -		}
   6.148 -		printf("\n");
   6.149 -	} else {
   6.150 -		printf("Not Reported!\n");
   6.151 -	}
   6.152 -	printf("\nConflict\nAggregate Set: ");
   6.153 -	if (ntohs(cwbuf->chwall_conflict_aggregate_offset)) {
   6.154 -		conflict_aggregate = (domaintype_t *)(buf + ntohs(cwbuf->chwall_conflict_aggregate_offset));
   6.155 -		for(i=0; i< ntohs(cwbuf->chwall_max_types); i++) {
   6.156 -			printf("%02x ", ntohs(conflict_aggregate[i]));
   6.157 -		}
   6.158 -		printf("\n\n");
   6.159 -	} else {
   6.160 -		printf("Not Reported!\n");
   6.161 -	}
   6.162 -}
   6.163 -
   6.164 -void acm_dump_ste_buffer(void *buf, int buflen) {
   6.165 -
   6.166 -	struct acm_ste_policy_buffer *stebuf = (struct acm_ste_policy_buffer *)buf;
   6.167 -	domaintype_t *ssids;
   6.168 -	int i,j;
   6.169 -
   6.170 -       
   6.171 -	if (ntohs(stebuf->policy_code) != ACM_SIMPLE_TYPE_ENFORCEMENT_POLICY) {
   6.172 -		printf("SIMPLE TYPE ENFORCEMENT POLICY CODE not found ERROR!!\n");
   6.173 -		return;
   6.174 -	}
   6.175 -	printf("\nSimple Type Enforcement policy:\n");
   6.176 -	printf("===============================\n");
   6.177 -	printf("Max Types     = %x.\n", ntohs(stebuf->ste_max_types));
   6.178 -	printf("Max Ssidrefs  = %x.\n", ntohs(stebuf->ste_max_ssidrefs));
   6.179 -	printf("Ssidrefs Off  = %x.\n", ntohs(stebuf->ste_ssid_offset));
   6.180 -	printf("\nSSID To STE-Type matrix:\n");
   6.181 -	
   6.182 -	ssids = (domaintype_t *)(buf + ntohs(stebuf->ste_ssid_offset));
   6.183 -	for(i=0; i< ntohs(stebuf->ste_max_ssidrefs); i++) {
   6.184 -		printf("\n   ssidref%2x: ", i);
   6.185 -		for(j=0; j< ntohs(stebuf->ste_max_types); j++)
   6.186 -			printf("%02x ", ntohs(ssids[i*ntohs(stebuf->ste_max_types) +j]));
   6.187 -	}
   6.188 -	printf("\n\n");
   6.189 -}
   6.190 -
   6.191 -void acm_dump_policy_buffer(void *buf, int buflen) {
   6.192 -	struct acm_policy_buffer *pol = (struct acm_policy_buffer *)buf;
   6.193 -
   6.194 -	printf("\nPolicy dump:\n");
   6.195 -	printf("============\n");
   6.196 -	printf("Magic     = %x.\n", ntohl(pol->magic));
   6.197 -	printf("PolVer    = %x.\n", ntohl(pol->policyversion));
   6.198 -	printf("Len       = %x.\n", ntohl(pol->len));
   6.199 -	printf("Primary   = %s (c=%x, off=%x).\n",
   6.200 -	       ACM_POLICY_NAME(ntohs(pol->primary_policy_code)),
   6.201 -	       ntohs(pol->primary_policy_code), ntohs(pol->primary_buffer_offset));
   6.202 -	printf("Secondary = %s (c=%x, off=%x).\n",
   6.203 -	       ACM_POLICY_NAME(ntohs(pol->secondary_policy_code)),
   6.204 -	       ntohs(pol->secondary_policy_code), ntohs(pol->secondary_buffer_offset));
   6.205 -	switch (ntohs(pol->primary_policy_code)) {
   6.206 -	case ACM_CHINESE_WALL_POLICY:
   6.207 -		acm_dump_chinesewall_buffer(buf+ntohs(pol->primary_buffer_offset), 
   6.208 -					     ntohl(pol->len) - ntohs(pol->primary_buffer_offset));
   6.209 -		break;
   6.210 -	case ACM_SIMPLE_TYPE_ENFORCEMENT_POLICY:
   6.211 -		acm_dump_ste_buffer(buf+ntohs(pol->primary_buffer_offset), 
   6.212 -				    ntohl(pol->len) - ntohs(pol->primary_buffer_offset));
   6.213 -		break;
   6.214 -	case ACM_NULL_POLICY:
   6.215 -		printf("Primary policy is NULL Policy (n/a).\n");
   6.216 -		break;
   6.217 -	default:
   6.218 -		printf("UNKNOWN POLICY!\n");
   6.219 -	}
   6.220 -	switch (ntohs(pol->secondary_policy_code)) {
   6.221 -	case ACM_CHINESE_WALL_POLICY:
   6.222 -		acm_dump_chinesewall_buffer(buf+ntohs(pol->secondary_buffer_offset), 
   6.223 -					     ntohl(pol->len) - ntohs(pol->secondary_buffer_offset));
   6.224 -		break;
   6.225 -	case ACM_SIMPLE_TYPE_ENFORCEMENT_POLICY:
   6.226 -		acm_dump_ste_buffer(buf+ntohs(pol->secondary_buffer_offset), 
   6.227 -				    ntohl(pol->len) - ntohs(pol->secondary_buffer_offset));
   6.228 -		break;
   6.229 -	case ACM_NULL_POLICY:
   6.230 -		printf("Secondary policy is NULL Policy (n/a).\n");
   6.231 -		break;
   6.232 -	default:
   6.233 -		printf("UNKNOWN POLICY!\n");
   6.234 -	}
   6.235 -}
   6.236 -
   6.237 -/*************************** set policy ****************************/
   6.238 -
   6.239 -int acm_domain_set_chwallpolicy(void *bufstart, int buflen) {
   6.240 -#define CWALL_MAX_SSIDREFS      	6
   6.241 -#define CWALL_MAX_TYPES  		10
   6.242 -#define CWALL_MAX_CONFLICTSETS		2
   6.243 -
   6.244 -     struct acm_chwall_policy_buffer *chwall_bin_pol = (struct acm_chwall_policy_buffer *)bufstart;
   6.245 -     domaintype_t *ssidrefs, *conflicts;
   6.246 -     int ret = 0;
   6.247 -     int j;
   6.248 -
   6.249 -     chwall_bin_pol->chwall_max_types = htons(CWALL_MAX_TYPES);
   6.250 -     chwall_bin_pol->chwall_max_ssidrefs = htons(CWALL_MAX_SSIDREFS);
   6.251 -     chwall_bin_pol->policy_code = htons(ACM_CHINESE_WALL_POLICY);
   6.252 -     chwall_bin_pol->chwall_ssid_offset = htons(sizeof(struct acm_chwall_policy_buffer));
   6.253 -     chwall_bin_pol->chwall_max_conflictsets = htons(CWALL_MAX_CONFLICTSETS);
   6.254 -     chwall_bin_pol->chwall_conflict_sets_offset =
   6.255 -	 htons(
   6.256 -	     ntohs(chwall_bin_pol->chwall_ssid_offset) + 
   6.257 -	     sizeof(domaintype_t)*CWALL_MAX_SSIDREFS*CWALL_MAX_TYPES);
   6.258 -     chwall_bin_pol->chwall_running_types_offset = 0; /* not set */
   6.259 -     chwall_bin_pol->chwall_conflict_aggregate_offset = 0; /* not set */
   6.260 -     ret += sizeof(struct acm_chwall_policy_buffer);
   6.261 -     /* now push example ssids into the buffer (max_ssidrefs x max_types entries) */
   6.262 -     /* check buffer size */
   6.263 -     if ((buflen - ret) < (CWALL_MAX_TYPES*CWALL_MAX_SSIDREFS*sizeof(domaintype_t)))
   6.264 -			   return -1; /* not enough space */
   6.265 -
   6.266 -     ssidrefs = (domaintype_t *)(bufstart+ntohs(chwall_bin_pol->chwall_ssid_offset));
   6.267 -     memset(ssidrefs, 0, CWALL_MAX_TYPES*CWALL_MAX_SSIDREFS*sizeof(domaintype_t));
   6.268 -
   6.269 -     /* now set type j-1 for ssidref i+1 */
   6.270 -     for(j=0; j<= CWALL_MAX_SSIDREFS; j++)
   6.271 -         if ((0 < j) &&( j <= CWALL_MAX_TYPES))
   6.272 -             ssidrefs[j*CWALL_MAX_TYPES + j - 1] = htons(1);
   6.273 -
   6.274 -     ret += CWALL_MAX_TYPES*CWALL_MAX_SSIDREFS*sizeof(domaintype_t);
   6.275 -     if ((buflen - ret) < (CWALL_MAX_CONFLICTSETS*CWALL_MAX_TYPES*sizeof(domaintype_t)))
   6.276 -			   return -1; /* not enough space */
   6.277 -
   6.278 -     /* now the chinese wall policy conflict sets*/
   6.279 -     conflicts = (domaintype_t *)(bufstart + 
   6.280 -				  ntohs(chwall_bin_pol->chwall_conflict_sets_offset));
   6.281 -     memset((void *)conflicts, 0, CWALL_MAX_CONFLICTSETS*CWALL_MAX_TYPES*sizeof(domaintype_t));
   6.282 -     /* just 1 conflict set [0]={2,3}, [1]={1,5,6} */
   6.283 -     if (CWALL_MAX_TYPES > 3) {
   6.284 -	     conflicts[2] = htons(1); conflicts[3] = htons(1); /* {2,3} */
   6.285 -	     conflicts[CWALL_MAX_TYPES+1] = htons(1); conflicts[CWALL_MAX_TYPES+5] = htons(1); 
   6.286 -	     conflicts[CWALL_MAX_TYPES+6] = htons(1);/* {0,5,6} */
   6.287 -     }
   6.288 -     ret += sizeof(domaintype_t)*CWALL_MAX_CONFLICTSETS*CWALL_MAX_TYPES;
   6.289 -     return ret;
   6.290 -}
   6.291 -
   6.292 -int acm_domain_set_stepolicy(void *bufstart, int buflen) {
   6.293 -#define STE_MAX_SSIDREFS        6
   6.294 -#define STE_MAX_TYPES  	        5
   6.295 -	
   6.296 -    struct acm_ste_policy_buffer *ste_bin_pol = (struct acm_ste_policy_buffer *)bufstart;
   6.297 -    domaintype_t *ssidrefs;
   6.298 -    int j, ret = 0;
   6.299 -
   6.300 -    ste_bin_pol->ste_max_types = htons(STE_MAX_TYPES);
   6.301 -    ste_bin_pol->ste_max_ssidrefs = htons(STE_MAX_SSIDREFS);
   6.302 -    ste_bin_pol->policy_code = htons(ACM_SIMPLE_TYPE_ENFORCEMENT_POLICY);
   6.303 -    ste_bin_pol->ste_ssid_offset = htons(sizeof(struct acm_ste_policy_buffer));
   6.304 -    ret += sizeof(struct acm_ste_policy_buffer);
   6.305 -    /* check buffer size */
   6.306 -    if ((buflen - ret) < (STE_MAX_TYPES*STE_MAX_SSIDREFS*sizeof(domaintype_t)))
   6.307 -	    return -1; /* not enough space */
   6.308 -
   6.309 -     ssidrefs = (domaintype_t *)(bufstart+ntohs(ste_bin_pol->ste_ssid_offset));
   6.310 -     memset(ssidrefs, 0, STE_MAX_TYPES*STE_MAX_SSIDREFS*sizeof(domaintype_t));
   6.311 -     /* all types 1 for ssidref 1 */
   6.312 -     for(j=0; j< STE_MAX_TYPES; j++)
   6.313 -	 ssidrefs[1*STE_MAX_TYPES +j] = htons(1);
   6.314 -     /* now set type j-1 for ssidref j */
   6.315 -     for(j=0; j< STE_MAX_SSIDREFS; j++)
   6.316 -	     if ((0 < j) &&( j <= STE_MAX_TYPES))
   6.317 -		     ssidrefs[j*STE_MAX_TYPES + j - 1] = htons(1);
   6.318 -     ret += STE_MAX_TYPES*STE_MAX_SSIDREFS*sizeof(domaintype_t);
   6.319 -     return ret;
   6.320 -}
   6.321 -
   6.322 -#define MAX_PUSH_BUFFER 	16384
   6.323 -u8 push_buffer[MAX_PUSH_BUFFER];
   6.324 -
   6.325 -int acm_domain_setpolicy(int xc_handle)
   6.326 -{
   6.327 -     int ret;
   6.328 -     struct acm_policy_buffer *bin_pol;
   6.329 -     policy_op_t op;
   6.330 -
   6.331 -     /* future: read policy from file and set it */
   6.332 -     bin_pol = (struct acm_policy_buffer *)push_buffer;
   6.333 -     bin_pol->magic = htonl(ACM_MAGIC);
   6.334 -     bin_pol->policyversion = htonl(POLICY_INTERFACE_VERSION);
   6.335 -     bin_pol->primary_policy_code = htons(ACM_CHINESE_WALL_POLICY);
   6.336 -     bin_pol->secondary_policy_code = htons(ACM_SIMPLE_TYPE_ENFORCEMENT_POLICY);
   6.337 -
   6.338 -     bin_pol->len = htonl(sizeof(struct acm_policy_buffer));
   6.339 -     bin_pol->primary_buffer_offset = htons(ntohl(bin_pol->len));
   6.340 -     ret = acm_domain_set_chwallpolicy(push_buffer + ntohs(bin_pol->primary_buffer_offset), 
   6.341 -				       MAX_PUSH_BUFFER - ntohs(bin_pol->primary_buffer_offset));
   6.342 -     if (ret < 0) {
   6.343 -	     printf("ERROR creating chwallpolicy buffer.\n");
   6.344 -	     return -1;
   6.345 -     }
   6.346 -     bin_pol->len = htonl(ntohl(bin_pol->len) + ret);
   6.347 -     bin_pol->secondary_buffer_offset = htons(ntohl(bin_pol->len));
   6.348 -     ret = acm_domain_set_stepolicy(push_buffer + ntohs(bin_pol->secondary_buffer_offset), 
   6.349 -				    MAX_PUSH_BUFFER - ntohs(bin_pol->secondary_buffer_offset));
   6.350 -     if (ret < 0) {
   6.351 -	     printf("ERROR creating chwallpolicy buffer.\n");
   6.352 -	     return -1;
   6.353 -     }
   6.354 -     bin_pol->len = htonl(ntohl(bin_pol->len) + ret);
   6.355 -
   6.356 -     /* dump it and then push it down into xen/acm */
   6.357 -     acm_dump_policy_buffer(push_buffer, ntohl(bin_pol->len));
   6.358 -     op.cmd = POLICY_SETPOLICY;
   6.359 -     op.u.setpolicy.pushcache = (void *)push_buffer;
   6.360 -     op.u.setpolicy.pushcache_size = ntohl(bin_pol->len);
   6.361 -     op.u.setpolicy.policy_type = ACM_CHINESE_WALL_AND_SIMPLE_TYPE_ENFORCEMENT_POLICY;
   6.362 -     ret = do_policy_op(xc_handle, &op);
   6.363 -
   6.364 -     if (ret)
   6.365 -	     printf("ERROR setting policy. Use 'xm dmesg' to see details.\n");
   6.366 -     else
   6.367 -	     printf("Successfully changed policy.\n");
   6.368 -     return ret;
   6.369 -}
   6.370 -
   6.371 -/******************************* get policy ******************************/
   6.372 -
   6.373 -#define PULL_CACHE_SIZE		8192
   6.374 -u8 pull_buffer[PULL_CACHE_SIZE];
   6.375 -int acm_domain_getpolicy(int xc_handle)
   6.376 -{
   6.377 -     policy_op_t op;
   6.378 -     int ret;
   6.379 -
   6.380 -     memset(pull_buffer, 0x00, sizeof(pull_buffer));
   6.381 -     op.cmd = POLICY_GETPOLICY;
   6.382 -     op.u.getpolicy.pullcache = (void *)pull_buffer;
   6.383 -     op.u.getpolicy.pullcache_size = sizeof(pull_buffer);
   6.384 -     ret = do_policy_op(xc_handle, &op);
   6.385 -     /* dump policy  */
   6.386 -     acm_dump_policy_buffer(pull_buffer, sizeof(pull_buffer));
   6.387 -     return ret;
   6.388 -}
   6.389 -
   6.390 -/************************ load binary policy ******************************/
   6.391 -
   6.392 -int acm_domain_loadpolicy(int xc_handle,
   6.393 -                          const char *filename)
   6.394 -{
   6.395 -     struct stat mystat;
   6.396 -     int ret, fd;
   6.397 -     off_t len;
   6.398 -     u8 *buffer;
   6.399 -
   6.400 -     if ((ret = stat(filename, &mystat))) {
   6.401 -	     printf("File %s not found.\n",filename);
   6.402 -	     goto out;
   6.403 -     }
   6.404 -
   6.405 -     len = mystat.st_size;
   6.406 -     if ((buffer = malloc(len)) == NULL) {
   6.407 -	     ret = -ENOMEM;
   6.408 -	     goto out;
   6.409 -     }
   6.410 -     if ((fd = open(filename, O_RDONLY)) <= 0) {
   6.411 -	     ret = -ENOENT;
   6.412 -	     printf("File %s not found.\n",filename);
   6.413 -	     goto free_out;
   6.414 -     }
   6.415 -     if (len == read(fd, buffer, len)) {
   6.416 -	     policy_op_t op;
   6.417 -	     /* dump it and then push it down into xen/acm */
   6.418 -	     acm_dump_policy_buffer(buffer, len);
   6.419 -	     op.cmd = POLICY_SETPOLICY;
   6.420 -	     op.u.setpolicy.pushcache = (void *)buffer;
   6.421 -	     op.u.setpolicy.pushcache_size = len;
   6.422 -	     op.u.setpolicy.policy_type = ACM_CHINESE_WALL_AND_SIMPLE_TYPE_ENFORCEMENT_POLICY;
   6.423 -	     ret = do_policy_op(xc_handle, &op);
   6.424 -                     
   6.425 -	     if (ret)
   6.426 -		     printf("ERROR setting policy. Use 'xm dmesg' to see details.\n");
   6.427 -	     else
   6.428 -		     printf("Successfully changed policy.\n");
   6.429 -                     
   6.430 -     } else {
   6.431 -	     ret = -1;
   6.432 -     }
   6.433 -     close(fd);
   6.434 - free_out:
   6.435 -     free(buffer);
   6.436 - out:
   6.437 -     return ret;
   6.438 -}
   6.439 -
   6.440 -/************************ dump hook statistics ******************************/
   6.441 -void 
   6.442 -dump_ste_stats(struct acm_ste_stats_buffer *ste_stats)
   6.443 -{
   6.444 -    printf("STE-Policy Security Hook Statistics:\n");
   6.445 -    printf("ste: event_channel eval_count      = %d\n", ntohl(ste_stats->ec_eval_count));
   6.446 -    printf("ste: event_channel denied_count    = %d\n", ntohl(ste_stats->ec_denied_count)); 
   6.447 -    printf("ste: event_channel cache_hit_count = %d\n", ntohl(ste_stats->ec_cachehit_count));
   6.448 -    printf("ste:\n");
   6.449 -    printf("ste: grant_table   eval_count      = %d\n", ntohl(ste_stats->gt_eval_count));
   6.450 -    printf("ste: grant_table   denied_count    = %d\n", ntohl(ste_stats->gt_denied_count)); 
   6.451 -    printf("ste: grant_table   cache_hit_count = %d\n", ntohl(ste_stats->gt_cachehit_count));
   6.452 -}
   6.453 -
   6.454 -#define PULL_STATS_SIZE		8192
   6.455 -int acm_domain_dumpstats(int xc_handle)
   6.456 -{
   6.457 -    u8 stats_buffer[PULL_STATS_SIZE];
   6.458 -    policy_op_t op;
   6.459 -    int ret;
   6.460 -    struct acm_stats_buffer *stats;
   6.461 -
   6.462 -    memset(stats_buffer, 0x00, sizeof(stats_buffer));
   6.463 -    op.cmd = POLICY_DUMPSTATS;
   6.464 -    op.u.dumpstats.pullcache = (void *)stats_buffer;
   6.465 -    op.u.dumpstats.pullcache_size = sizeof(stats_buffer);
   6.466 -    ret = do_policy_op(xc_handle, &op);
   6.467 -
   6.468 -    if (ret < 0) {
   6.469 -	printf("ERROR dumping policy stats. Use 'xm dmesg' to see details.\n"); 
   6.470 -	return ret;
   6.471 -    }
   6.472 -    stats = (struct acm_stats_buffer *)stats_buffer;
   6.473 -
   6.474 -    printf("\nPolicy dump:\n");
   6.475 -    printf("============\n");
   6.476 -    printf("Magic     = %x.\n", ntohl(stats->magic));
   6.477 -    printf("PolVer    = %x.\n", ntohl(stats->policyversion));
   6.478 -    printf("Len       = %x.\n", ntohl(stats->len));
   6.479 -
   6.480 -    switch(ntohs(stats->primary_policy_code)) {
   6.481 -    case ACM_NULL_POLICY:
   6.482 -	    printf("NULL Policy: No statistics apply.\n");
   6.483 -	    break;
   6.484 -    case ACM_CHINESE_WALL_POLICY:
   6.485 -	    printf("Chinese Wall Policy: No statistics apply.\n");
   6.486 -	    break;
   6.487 -    case ACM_SIMPLE_TYPE_ENFORCEMENT_POLICY:
   6.488 -	    dump_ste_stats((struct acm_ste_stats_buffer *)(stats_buffer + ntohs(stats->primary_stats_offset)));
   6.489 -	    break;
   6.490 -    default:
   6.491 -	    printf("UNKNOWN PRIMARY POLICY ERROR!\n");
   6.492 -    }
   6.493 -    switch(ntohs(stats->secondary_policy_code)) {
   6.494 -    case ACM_NULL_POLICY:
   6.495 -	    printf("NULL Policy: No statistics apply.\n");
   6.496 -	    break;
   6.497 -    case ACM_CHINESE_WALL_POLICY:
   6.498 -	    printf("Chinese Wall Policy: No statistics apply.\n");
   6.499 -	    break;
   6.500 -    case ACM_SIMPLE_TYPE_ENFORCEMENT_POLICY:
   6.501 -	    dump_ste_stats((struct acm_ste_stats_buffer *)(stats_buffer + ntohs(stats->secondary_stats_offset)));
   6.502 -	    break;
   6.503 -    default:
   6.504 -	    printf("UNKNOWN SECONDARY POLICY ERROR!\n");
   6.505 -    }                
   6.506 -    return ret;
   6.507 -}
   6.508 -
   6.509 -/***************************** main **************************************/
   6.510 -
   6.511 -void
   6.512 -usage(char *progname){
   6.513 -	printf("Use: %s \n"
   6.514 -	       "\t setpolicy\n"
   6.515 -	       "\t getpolicy\n"
   6.516 -	       "\t dumpstats\n"
   6.517 -	       "\t loadpolicy <binary policy file>\n", progname);
   6.518 -	exit(-1);
   6.519 -}
   6.520 -
   6.521 -int
   6.522 -main(int argc, char **argv) {
   6.523 -
   6.524 -	int policycmd_fd, ret;
   6.525 -
   6.526 -	if (argc < 2) 
   6.527 -		usage(argv[0]);
   6.528 -		
   6.529 -	if ((policycmd_fd = open("/proc/xen/privcmd", O_RDONLY)) <= 0) {
   6.530 -		    printf("ERROR: Could not open xen privcmd device!\n");
   6.531 -		    exit(-1);
   6.532 -	}
   6.533 -	    
   6.534 -	if (!strcmp(argv[1], "setpolicy")) {
   6.535 -		if (argc != 2)
   6.536 -			usage(argv[0]);
   6.537 -		ret = acm_domain_setpolicy(policycmd_fd);
   6.538 -	} else if (!strcmp(argv[1], "getpolicy")) {
   6.539 -		if (argc != 2)
   6.540 -			usage(argv[0]);
   6.541 -		ret = acm_domain_getpolicy(policycmd_fd);
   6.542 -	} else if (!strcmp(argv[1], "loadpolicy")) {
   6.543 -		if (argc != 3) 
   6.544 -			usage(argv[0]);
   6.545 -		ret = acm_domain_loadpolicy(policycmd_fd, argv[2]);
   6.546 -	} else if (!strcmp(argv[1], "dumpstats")) {
   6.547 -		if (argc != 2) 
   6.548 -			usage(argv[0]);
   6.549 -		ret = acm_domain_dumpstats(policycmd_fd);
   6.550 -	} else
   6.551 -		usage(argv[0]);
   6.552 -
   6.553 -	close(policycmd_fd);
   6.554 -	return ret;
   6.555 -}
     7.1 --- a/xen/acm/acm_chinesewall_hooks.c	Tue Aug 02 09:31:47 2005 +0000
     7.2 +++ b/xen/acm/acm_chinesewall_hooks.c	Tue Aug 02 09:37:00 2005 +0000
     7.3 @@ -110,45 +110,45 @@ chwall_dump_policy(u8 *buf, u16 buf_size
     7.4       struct acm_chwall_policy_buffer *chwall_buf = (struct acm_chwall_policy_buffer *)buf;
     7.5       int ret = 0;
     7.6  
     7.7 -     chwall_buf->chwall_max_types = htons(chwall_bin_pol.max_types);
     7.8 -     chwall_buf->chwall_max_ssidrefs = htons(chwall_bin_pol.max_ssidrefs);
     7.9 -     chwall_buf->policy_code = htons(ACM_CHINESE_WALL_POLICY);
    7.10 -     chwall_buf->chwall_ssid_offset = htons(sizeof(struct acm_chwall_policy_buffer));
    7.11 -     chwall_buf->chwall_max_conflictsets = htons(chwall_bin_pol.max_conflictsets);
    7.12 +     chwall_buf->chwall_max_types = htonl(chwall_bin_pol.max_types);
    7.13 +     chwall_buf->chwall_max_ssidrefs = htonl(chwall_bin_pol.max_ssidrefs);
    7.14 +     chwall_buf->policy_code = htonl(ACM_CHINESE_WALL_POLICY);
    7.15 +     chwall_buf->chwall_ssid_offset = htonl(sizeof(struct acm_chwall_policy_buffer));
    7.16 +     chwall_buf->chwall_max_conflictsets = htonl(chwall_bin_pol.max_conflictsets);
    7.17       chwall_buf->chwall_conflict_sets_offset =
    7.18 -	     htons(
    7.19 -		   ntohs(chwall_buf->chwall_ssid_offset) + 
    7.20 +	     htonl(
    7.21 +		   ntohl(chwall_buf->chwall_ssid_offset) +
    7.22  		   sizeof(domaintype_t) * chwall_bin_pol.max_ssidrefs * 
    7.23  		   chwall_bin_pol.max_types);
    7.24  
    7.25       chwall_buf->chwall_running_types_offset = 
    7.26 -	     htons(
    7.27 -		   ntohs(chwall_buf->chwall_conflict_sets_offset) +
    7.28 +	     htonl(
    7.29 +		   ntohl(chwall_buf->chwall_conflict_sets_offset) +
    7.30  		   sizeof(domaintype_t) * chwall_bin_pol.max_conflictsets *
    7.31  		   chwall_bin_pol.max_types);
    7.32  
    7.33       chwall_buf->chwall_conflict_aggregate_offset =
    7.34 -	     htons(
    7.35 -		   ntohs(chwall_buf->chwall_running_types_offset) +
    7.36 +	     htonl(
    7.37 +		   ntohl(chwall_buf->chwall_running_types_offset) +
    7.38  		   sizeof(domaintype_t) * chwall_bin_pol.max_types);
    7.39  
    7.40 -     ret = ntohs(chwall_buf->chwall_conflict_aggregate_offset) +
    7.41 +     ret = ntohl(chwall_buf->chwall_conflict_aggregate_offset) +
    7.42  	     sizeof(domaintype_t) * chwall_bin_pol.max_types;
    7.43  
    7.44       /* now copy buffers over */
    7.45 -     arrcpy16((u16 *)(buf + ntohs(chwall_buf->chwall_ssid_offset)),
    7.46 +     arrcpy16((u16 *)(buf + ntohl(chwall_buf->chwall_ssid_offset)),
    7.47  	      chwall_bin_pol.ssidrefs,
    7.48  	      chwall_bin_pol.max_ssidrefs * chwall_bin_pol.max_types);
    7.49  
    7.50 -     arrcpy16((u16 *)(buf + ntohs(chwall_buf->chwall_conflict_sets_offset)),
    7.51 +     arrcpy16((u16 *)(buf + ntohl(chwall_buf->chwall_conflict_sets_offset)),
    7.52  	      chwall_bin_pol.conflict_sets,
    7.53  	      chwall_bin_pol.max_conflictsets * chwall_bin_pol.max_types);
    7.54  
    7.55 -     arrcpy16((u16 *)(buf + ntohs(chwall_buf->chwall_running_types_offset)),
    7.56 +     arrcpy16((u16 *)(buf + ntohl(chwall_buf->chwall_running_types_offset)),
    7.57  	      chwall_bin_pol.running_types,
    7.58  	      chwall_bin_pol.max_types);
    7.59  
    7.60 -     arrcpy16((u16 *)(buf + ntohs(chwall_buf->chwall_conflict_aggregate_offset)),
    7.61 +     arrcpy16((u16 *)(buf + ntohl(chwall_buf->chwall_conflict_aggregate_offset)),
    7.62  	      chwall_bin_pol.conflict_aggregate_set,
    7.63  	      chwall_bin_pol.max_types);
    7.64       return ret;
    7.65 @@ -226,14 +226,20 @@ chwall_set_policy(u8 *buf, u16 buf_size)
    7.66  	void *ssids = NULL, *conflict_sets = NULL, *running_types = NULL, *conflict_aggregate_set = NULL;	
    7.67  
    7.68          /* rewrite the policy due to endianess */
    7.69 -        chwall_buf->policy_code                      = ntohs(chwall_buf->policy_code);
    7.70 -        chwall_buf->chwall_max_types                 = ntohs(chwall_buf->chwall_max_types);
    7.71 -        chwall_buf->chwall_max_ssidrefs              = ntohs(chwall_buf->chwall_max_ssidrefs);
    7.72 -        chwall_buf->chwall_max_conflictsets          = ntohs(chwall_buf->chwall_max_conflictsets);
    7.73 -        chwall_buf->chwall_ssid_offset               = ntohs(chwall_buf->chwall_ssid_offset);
    7.74 -        chwall_buf->chwall_conflict_sets_offset      = ntohs(chwall_buf->chwall_conflict_sets_offset);
    7.75 -        chwall_buf->chwall_running_types_offset      = ntohs(chwall_buf->chwall_running_types_offset);
    7.76 -        chwall_buf->chwall_conflict_aggregate_offset = ntohs(chwall_buf->chwall_conflict_aggregate_offset);
    7.77 +        chwall_buf->policy_code                      = ntohl(chwall_buf->policy_code);
    7.78 +        chwall_buf->policy_version                   = ntohl(chwall_buf->policy_version);
    7.79 +        chwall_buf->chwall_max_types                 = ntohl(chwall_buf->chwall_max_types);
    7.80 +        chwall_buf->chwall_max_ssidrefs              = ntohl(chwall_buf->chwall_max_ssidrefs);
    7.81 +        chwall_buf->chwall_max_conflictsets          = ntohl(chwall_buf->chwall_max_conflictsets);
    7.82 +        chwall_buf->chwall_ssid_offset               = ntohl(chwall_buf->chwall_ssid_offset);
    7.83 +        chwall_buf->chwall_conflict_sets_offset      = ntohl(chwall_buf->chwall_conflict_sets_offset);
    7.84 +        chwall_buf->chwall_running_types_offset      = ntohl(chwall_buf->chwall_running_types_offset);
    7.85 +        chwall_buf->chwall_conflict_aggregate_offset = ntohl(chwall_buf->chwall_conflict_aggregate_offset);
    7.86 +
    7.87 +	/* policy type and version checks */
    7.88 +	if ((chwall_buf->policy_code != ACM_CHINESE_WALL_POLICY) ||
    7.89 +	    (chwall_buf->policy_version != ACM_CHWALL_VERSION))
    7.90 +		return -EINVAL;
    7.91  
    7.92  	/* 1. allocate new buffers */
    7.93  	ssids = xmalloc_array(domaintype_t, chwall_buf->chwall_max_types*chwall_buf->chwall_max_ssidrefs);
     8.1 --- a/xen/acm/acm_core.c	Tue Aug 02 09:31:47 2005 +0000
     8.2 +++ b/xen/acm/acm_core.c	Tue Aug 02 09:37:00 2005 +0000
     8.3 @@ -120,7 +120,6 @@ acm_setup(unsigned int *initrdidx,
     8.4          if (ntohl(pol->magic) == ACM_MAGIC) {
     8.5              rc = acm_set_policy((void *)_policy_start,
     8.6                                  (u16)_policy_len,
     8.7 -                                ACM_USE_SECURITY_POLICY,
     8.8                                  0);
     8.9              if (rc == ACM_OK) {
    8.10                  printf("Policy len  0x%lx, start at %p.\n",_policy_len,_policy_start);
     9.1 --- a/xen/acm/acm_policy.c	Tue Aug 02 09:31:47 2005 +0000
     9.2 +++ b/xen/acm/acm_policy.c	Tue Aug 02 09:37:00 2005 +0000
     9.3 @@ -6,9 +6,8 @@
     9.4   * Author:
     9.5   * Reiner Sailer <sailer@watson.ibm.com>
     9.6   *
     9.7 - * Contributions:
     9.8 + * Contributors:
     9.9   * Stefan Berger <stefanb@watson.ibm.com>
    9.10 - *	support for network-byte-order binary policies
    9.11   *
    9.12   * This program is free software; you can redistribute it and/or
    9.13   * modify it under the terms of the GNU General Public License as
    9.14 @@ -27,29 +26,20 @@
    9.15  #include <xen/lib.h>
    9.16  #include <xen/delay.h>
    9.17  #include <xen/sched.h>
    9.18 -#include <public/policy_ops.h>
    9.19 +#include <public/acm_ops.h>
    9.20  #include <acm/acm_core.h>
    9.21  #include <acm/acm_hooks.h>
    9.22  #include <acm/acm_endian.h>
    9.23  
    9.24  int
    9.25 -acm_set_policy(void *buf, u16 buf_size, u16 policy, int isuserbuffer)
    9.26 +acm_set_policy(void *buf, u16 buf_size, int isuserbuffer)
    9.27  {
    9.28  	u8 *policy_buffer = NULL;
    9.29  	struct acm_policy_buffer *pol;
    9.30  	
    9.31 -	if (policy != ACM_USE_SECURITY_POLICY) {
    9.32 -		printk("%s: Loading incompatible policy (running: %s).\n", __func__,
    9.33 -		       ACM_POLICY_NAME(ACM_USE_SECURITY_POLICY));
    9.34 -		return -EFAULT;
    9.35 -	}
    9.36 -	/* now check correct buffer sizes for policy combinations */
    9.37 -	if (policy == ACM_NULL_POLICY) {
    9.38 -		printkd("%s: NULL Policy, no policy needed.\n", __func__);
    9.39 -		goto out;
    9.40 -	}
    9.41       	if (buf_size < sizeof(struct acm_policy_buffer))
    9.42  		return -EFAULT;
    9.43 +
    9.44  	/* 1. copy buffer from domain */
    9.45  	if ((policy_buffer = xmalloc_array(u8, buf_size)) == NULL)
    9.46  	    goto error_free;
    9.47 @@ -58,17 +48,17 @@ acm_set_policy(void *buf, u16 buf_size, 
    9.48  			printk("%s: Error copying!\n",__func__);
    9.49  			goto error_free;
    9.50  		}
    9.51 -	} else {
    9.52 +	} else
    9.53  		memcpy(policy_buffer, buf, buf_size);
    9.54 -	}
    9.55 +
    9.56  	/* 2. some sanity checking */
    9.57  	pol = (struct acm_policy_buffer *)policy_buffer;
    9.58  
    9.59  	if ((ntohl(pol->magic) != ACM_MAGIC) || 
    9.60 -	    (ntohs(pol->primary_policy_code) != acm_bin_pol.primary_policy_code) ||
    9.61 -	    (ntohs(pol->secondary_policy_code) != acm_bin_pol.secondary_policy_code) ||
    9.62 -	    (ntohl(pol->policyversion) != POLICY_INTERFACE_VERSION)) {
    9.63 -		printkd("%s: Wrong policy magics!\n", __func__);
    9.64 +	    (ntohl(pol->policy_version) != ACM_POLICY_VERSION) ||
    9.65 +	    (ntohl(pol->primary_policy_code) != acm_bin_pol.primary_policy_code) ||
    9.66 +	    (ntohl(pol->secondary_policy_code) != acm_bin_pol.secondary_policy_code)) {
    9.67 +		printkd("%s: Wrong policy magics or versions!\n", __func__);
    9.68  		goto error_free;
    9.69  	}
    9.70  	if (buf_size != ntohl(pol->len)) {
    9.71 @@ -79,21 +69,19 @@ acm_set_policy(void *buf, u16 buf_size, 
    9.72  	/* get bin_policy lock and rewrite policy (release old one) */
    9.73  	write_lock(&acm_bin_pol_rwlock);
    9.74  
    9.75 -	/* 3. now get/set primary policy data */
    9.76 -	if (acm_primary_ops->set_binary_policy(buf + ntohs(pol->primary_buffer_offset), 
    9.77 -                                               ntohs(pol->secondary_buffer_offset) -
    9.78 -					       ntohs(pol->primary_buffer_offset))) {
    9.79 +	/* 3. set primary policy data */
    9.80 +	if (acm_primary_ops->set_binary_policy(buf + ntohl(pol->primary_buffer_offset),
    9.81 +                                               ntohl(pol->secondary_buffer_offset) -
    9.82 +					       ntohl(pol->primary_buffer_offset))) {
    9.83  		goto error_lock_free;
    9.84  	}
    9.85 -	/* 4. now get/set secondary policy data */
    9.86 -	if (acm_secondary_ops->set_binary_policy(buf + ntohs(pol->secondary_buffer_offset),
    9.87 +	/* 4. set secondary policy data */
    9.88 +	if (acm_secondary_ops->set_binary_policy(buf + ntohl(pol->secondary_buffer_offset),
    9.89  						 ntohl(pol->len) - 
    9.90 -						 ntohs(pol->secondary_buffer_offset))) {
    9.91 +						 ntohl(pol->secondary_buffer_offset))) {
    9.92  		goto error_lock_free;
    9.93  	}
    9.94  	write_unlock(&acm_bin_pol_rwlock);
    9.95 - out:
    9.96 -	printk("%s: Done .\n", __func__);
    9.97  	if (policy_buffer != NULL)
    9.98  		xfree(policy_buffer);
    9.99  	return ACM_OK;
   9.100 @@ -121,26 +109,25 @@ acm_get_policy(void *buf, u16 buf_size)
   9.101       /* future: read policy from file and set it */
   9.102       bin_pol = (struct acm_policy_buffer *)policy_buffer;
   9.103       bin_pol->magic = htonl(ACM_MAGIC);
   9.104 -     bin_pol->policyversion = htonl(POLICY_INTERFACE_VERSION);
   9.105 -     bin_pol->primary_policy_code = htons(acm_bin_pol.primary_policy_code);
   9.106 -     bin_pol->secondary_policy_code = htons(acm_bin_pol.secondary_policy_code);
   9.107 +     bin_pol->primary_policy_code = htonl(acm_bin_pol.primary_policy_code);
   9.108 +     bin_pol->secondary_policy_code = htonl(acm_bin_pol.secondary_policy_code);
   9.109  
   9.110       bin_pol->len = htonl(sizeof(struct acm_policy_buffer));
   9.111 -     bin_pol->primary_buffer_offset = htons(ntohl(bin_pol->len));
   9.112 -     bin_pol->secondary_buffer_offset = htons(ntohl(bin_pol->len));
   9.113 +     bin_pol->primary_buffer_offset = htonl(ntohl(bin_pol->len));
   9.114 +     bin_pol->secondary_buffer_offset = htonl(ntohl(bin_pol->len));
   9.115       
   9.116 -     ret = acm_primary_ops->dump_binary_policy (policy_buffer + ntohs(bin_pol->primary_buffer_offset),
   9.117 -				       buf_size - ntohs(bin_pol->primary_buffer_offset));
   9.118 +     ret = acm_primary_ops->dump_binary_policy (policy_buffer + ntohl(bin_pol->primary_buffer_offset),
   9.119 +				       buf_size - ntohl(bin_pol->primary_buffer_offset));
   9.120       if (ret < 0) {
   9.121  	     printk("%s: ERROR creating chwallpolicy buffer.\n", __func__);
   9.122  	     read_unlock(&acm_bin_pol_rwlock);
   9.123  	     return -1;
   9.124       }
   9.125       bin_pol->len = htonl(ntohl(bin_pol->len) + ret);
   9.126 -     bin_pol->secondary_buffer_offset = htons(ntohl(bin_pol->len));
   9.127 +     bin_pol->secondary_buffer_offset = htonl(ntohl(bin_pol->len));
   9.128  
   9.129 -     ret = acm_secondary_ops->dump_binary_policy(policy_buffer + ntohs(bin_pol->secondary_buffer_offset), 
   9.130 -				    buf_size - ntohs(bin_pol->secondary_buffer_offset));
   9.131 +     ret = acm_secondary_ops->dump_binary_policy(policy_buffer + ntohl(bin_pol->secondary_buffer_offset),
   9.132 +				    buf_size - ntohl(bin_pol->secondary_buffer_offset));
   9.133       if (ret < 0) {
   9.134  	     printk("%s: ERROR creating chwallpolicy buffer.\n", __func__);
   9.135  	     read_unlock(&acm_bin_pol_rwlock);
   9.136 @@ -178,11 +165,10 @@ acm_dump_statistics(void *buf, u16 buf_s
   9.137  	     goto error_lock_free;
   9.138  
   9.139       acm_stats.magic = htonl(ACM_MAGIC);
   9.140 -     acm_stats.policyversion = htonl(POLICY_INTERFACE_VERSION);
   9.141 -     acm_stats.primary_policy_code = htons(acm_bin_pol.primary_policy_code);
   9.142 -     acm_stats.secondary_policy_code = htons(acm_bin_pol.secondary_policy_code);
   9.143 -     acm_stats.primary_stats_offset = htons(sizeof(struct acm_stats_buffer));
   9.144 -     acm_stats.secondary_stats_offset = htons(sizeof(struct acm_stats_buffer) + len1);
   9.145 +     acm_stats.primary_policy_code = htonl(acm_bin_pol.primary_policy_code);
   9.146 +     acm_stats.secondary_policy_code = htonl(acm_bin_pol.secondary_policy_code);
   9.147 +     acm_stats.primary_stats_offset = htonl(sizeof(struct acm_stats_buffer));
   9.148 +     acm_stats.secondary_stats_offset = htonl(sizeof(struct acm_stats_buffer) + len1);
   9.149       acm_stats.len = htonl(sizeof(struct acm_stats_buffer) + len1 + len2);
   9.150       memcpy(stats_buffer, &acm_stats, sizeof(struct acm_stats_buffer));
   9.151  
    10.1 --- a/xen/acm/acm_simple_type_enforcement_hooks.c	Tue Aug 02 09:31:47 2005 +0000
    10.2 +++ b/xen/acm/acm_simple_type_enforcement_hooks.c	Tue Aug 02 09:37:00 2005 +0000
    10.3 @@ -140,15 +140,15 @@ ste_dump_policy(u8 *buf, u16 buf_size) {
    10.4       struct acm_ste_policy_buffer *ste_buf = (struct acm_ste_policy_buffer *)buf;
    10.5       int ret = 0;
    10.6  
    10.7 -     ste_buf->ste_max_types = htons(ste_bin_pol.max_types);
    10.8 -     ste_buf->ste_max_ssidrefs = htons(ste_bin_pol.max_ssidrefs);
    10.9 -     ste_buf->policy_code = htons(ACM_SIMPLE_TYPE_ENFORCEMENT_POLICY);
   10.10 -     ste_buf->ste_ssid_offset = htons(sizeof(struct acm_ste_policy_buffer));
   10.11 -     ret = ntohs(ste_buf->ste_ssid_offset) +
   10.12 +     ste_buf->ste_max_types = htonl(ste_bin_pol.max_types);
   10.13 +     ste_buf->ste_max_ssidrefs = htonl(ste_bin_pol.max_ssidrefs);
   10.14 +     ste_buf->policy_code = htonl(ACM_SIMPLE_TYPE_ENFORCEMENT_POLICY);
   10.15 +     ste_buf->ste_ssid_offset = htonl(sizeof(struct acm_ste_policy_buffer));
   10.16 +     ret = ntohl(ste_buf->ste_ssid_offset) +
   10.17  	     sizeof(domaintype_t)*ste_bin_pol.max_ssidrefs*ste_bin_pol.max_types;
   10.18  
   10.19       /* now copy buffer over */
   10.20 -     arrcpy(buf + ntohs(ste_buf->ste_ssid_offset),
   10.21 +     arrcpy(buf + ntohl(ste_buf->ste_ssid_offset),
   10.22  	    ste_bin_pol.ssidrefs,
   10.23  	    sizeof(domaintype_t),
   10.24               ste_bin_pol.max_ssidrefs*ste_bin_pol.max_types);
   10.25 @@ -276,10 +276,16 @@ ste_set_policy(u8 *buf, u16 buf_size)
   10.26       int i;
   10.27  
   10.28       /* Convert endianess of policy */
   10.29 -     ste_buf->policy_code = ntohs(ste_buf->policy_code);
   10.30 -     ste_buf->ste_max_types = ntohs(ste_buf->ste_max_types);
   10.31 -     ste_buf->ste_max_ssidrefs = ntohs(ste_buf->ste_max_ssidrefs);
   10.32 -     ste_buf->ste_ssid_offset = ntohs(ste_buf->ste_ssid_offset);
   10.33 +     ste_buf->policy_code = ntohl(ste_buf->policy_code);
   10.34 +     ste_buf->policy_version = ntohl(ste_buf->policy_version);
   10.35 +     ste_buf->ste_max_types = ntohl(ste_buf->ste_max_types);
   10.36 +     ste_buf->ste_max_ssidrefs = ntohl(ste_buf->ste_max_ssidrefs);
   10.37 +     ste_buf->ste_ssid_offset = ntohl(ste_buf->ste_ssid_offset);
   10.38 +
   10.39 +     /* policy type and version checks */
   10.40 +     if ((ste_buf->policy_code != ACM_SIMPLE_TYPE_ENFORCEMENT_POLICY) ||
   10.41 +	 (ste_buf->policy_version != ACM_STE_VERSION))
   10.42 +	     return -EINVAL;
   10.43  
   10.44       /* 1. create and copy-in new ssidrefs buffer */
   10.45       ssidrefsbuf = xmalloc_array(u8, sizeof(domaintype_t)*ste_buf->ste_max_types*ste_buf->ste_max_ssidrefs);
    11.1 --- a/xen/arch/x86/x86_32/entry.S	Tue Aug 02 09:31:47 2005 +0000
    11.2 +++ b/xen/arch/x86/x86_32/entry.S	Tue Aug 02 09:37:00 2005 +0000
    11.3 @@ -751,7 +751,7 @@ ENTRY(hypercall_table)
    11.4          .long do_boot_vcpu
    11.5          .long do_ni_hypercall       /* 25 */
    11.6          .long do_mmuext_op
    11.7 -	 .long do_policy_op          /* 27 */
    11.8 +        .long do_acm_op             /* 27 */
    11.9          .rept NR_hypercalls-((.-hypercall_table)/4)
   11.10          .long do_ni_hypercall
   11.11          .endr
    12.1 --- a/xen/arch/x86/x86_64/entry.S	Tue Aug 02 09:31:47 2005 +0000
    12.2 +++ b/xen/arch/x86/x86_64/entry.S	Tue Aug 02 09:37:00 2005 +0000
    12.3 @@ -587,7 +587,7 @@ ENTRY(hypercall_table)
    12.4          .quad do_boot_vcpu
    12.5          .quad do_set_segment_base   /* 25 */
    12.6          .quad do_mmuext_op
    12.7 -        .quad do_policy_op
    12.8 +        .quad do_acm_op
    12.9          .rept NR_hypercalls-((.-hypercall_table)/4)
   12.10          .quad do_ni_hypercall
   12.11          .endr
    13.1 --- a/xen/common/policy_ops.c	Tue Aug 02 09:31:47 2005 +0000
    13.2 +++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
    13.3 @@ -1,133 +0,0 @@
    13.4 -/******************************************************************************
    13.5 - * policy_ops.c
    13.6 - * 
    13.7 - * Copyright (C) 2005 IBM Corporation
    13.8 - *
    13.9 - * Author:
   13.10 - * Reiner Sailer <sailer@watson.ibm.com>
   13.11 - *
   13.12 - * This program is free software; you can redistribute it and/or
   13.13 - * modify it under the terms of the GNU General Public License as
   13.14 - * published by the Free Software Foundation, version 2 of the
   13.15 - * License.
   13.16 - *
   13.17 - * Process policy command requests from guest OS.
   13.18 - *
   13.19 - */
   13.20 -
   13.21 -#include <xen/config.h>
   13.22 -#include <xen/types.h>
   13.23 -#include <xen/lib.h>
   13.24 -#include <xen/mm.h>
   13.25 -#include <public/policy_ops.h>
   13.26 -#include <xen/sched.h>
   13.27 -#include <xen/event.h>
   13.28 -#include <xen/trace.h>
   13.29 -#include <xen/console.h>
   13.30 -#include <asm/shadow.h>
   13.31 -#include <public/sched_ctl.h>
   13.32 -#include <acm/acm_hooks.h>
   13.33 -
   13.34 -#if (ACM_USE_SECURITY_POLICY == ACM_NULL_POLICY)
   13.35 -
   13.36 -long do_policy_op(policy_op_t *u_policy_op)
   13.37 -{
   13.38 -    return -ENOSYS;
   13.39 -}
   13.40 -
   13.41 -#else
   13.42 -
   13.43 -typedef enum policyoperation {
   13.44 -    POLICY,     /* access to policy interface (early drop) */
   13.45 -    GETPOLICY,  /* dump policy cache */
   13.46 -    SETPOLICY,  /* set policy cache (controls security) */
   13.47 -    DUMPSTATS   /* dump policy statistics */
   13.48 -} policyoperation_t;
   13.49 -
   13.50 -int
   13.51 -acm_authorize_policyops(struct domain *d, policyoperation_t pops)
   13.52 -{
   13.53 -    /* all policy management functions are restricted to privileged domains,
   13.54 -     * soon we will introduce finer-grained privileges for policy operations 
   13.55 -     */
   13.56 -    if (!IS_PRIV(d)) {
   13.57 -        printk("%s: Policy management authorization denied ERROR!\n",
   13.58 -               __func__);
   13.59 -        return ACM_ACCESS_DENIED;
   13.60 -    }
   13.61 -    return ACM_ACCESS_PERMITTED;
   13.62 -}
   13.63 -
   13.64 -long do_policy_op(policy_op_t *u_policy_op)
   13.65 -{
   13.66 -    long ret = 0;
   13.67 -    policy_op_t curop, *op = &curop;
   13.68 -
   13.69 -    /* check here policy decision for policy commands */
   13.70 -    /* for now allow DOM0 only, later indepedently    */
   13.71 -    if (acm_authorize_policyops(current->domain, POLICY))
   13.72 -        return -EACCES;
   13.73 -
   13.74 -    if ( copy_from_user(op, u_policy_op, sizeof(*op)) )
   13.75 -        return -EFAULT;
   13.76 -
   13.77 -    if ( op->interface_version != POLICY_INTERFACE_VERSION )
   13.78 -        return -EACCES;
   13.79 -
   13.80 -    switch ( op->cmd )
   13.81 -    {
   13.82 -    case POLICY_SETPOLICY:
   13.83 -    {
   13.84 -        if (acm_authorize_policyops(current->domain, SETPOLICY))
   13.85 -            return -EACCES;
   13.86 -        printkd("%s: setting policy.\n", __func__);
   13.87 -        ret = acm_set_policy(
   13.88 -            op->u.setpolicy.pushcache, 
   13.89 -            op->u.setpolicy.pushcache_size, 
   13.90 -            op->u.setpolicy.policy_type,
   13.91 -            1);
   13.92 -        if (ret == ACM_OK)
   13.93 -            ret = 0;
   13.94 -        else
   13.95 -            ret = -ESRCH;
   13.96 -    }
   13.97 -    break;
   13.98 -
   13.99 -    case POLICY_GETPOLICY:
  13.100 -    {
  13.101 -        if (acm_authorize_policyops(current->domain, GETPOLICY))
  13.102 -            return -EACCES;
  13.103 -        printkd("%s: getting policy.\n", __func__);
  13.104 -        ret = acm_get_policy(
  13.105 -            op->u.getpolicy.pullcache, 
  13.106 -            op->u.getpolicy.pullcache_size);
  13.107 -        if (ret == ACM_OK)
  13.108 -            ret = 0;
  13.109 -        else
  13.110 -            ret = -ESRCH;
  13.111 -    }
  13.112 -    break;
  13.113 -
  13.114 -    case POLICY_DUMPSTATS:
  13.115 -    {
  13.116 -        if (acm_authorize_policyops(current->domain, DUMPSTATS))
  13.117 -            return -EACCES;
  13.118 -        printkd("%s: dumping statistics.\n", __func__);
  13.119 -        ret = acm_dump_statistics(
  13.120 -            op->u.dumpstats.pullcache, 
  13.121 -            op->u.dumpstats.pullcache_size);
  13.122 -        if (ret == ACM_OK)
  13.123 -            ret = 0;
  13.124 -        else
  13.125 -            ret = -ESRCH;
  13.126 -    }
  13.127 -    break;
  13.128 -
  13.129 -    default:
  13.130 -        ret = -ESRCH;
  13.131 -
  13.132 -    }
  13.133 -    return ret;
  13.134 -}
  13.135 -
  13.136 -#endif
    14.1 --- a/xen/include/acm/acm_core.h	Tue Aug 02 09:31:47 2005 +0000
    14.2 +++ b/xen/include/acm/acm_core.h	Tue Aug 02 09:37:00 2005 +0000
    14.3 @@ -21,7 +21,7 @@
    14.4  #include <xen/spinlock.h>
    14.5  #include <public/acm.h>
    14.6  #include <xen/acm_policy.h>
    14.7 -#include <public/policy_ops.h>
    14.8 +#include <public/acm_ops.h>
    14.9  
   14.10  /* Xen-internal representation of the binary policy */
   14.11  struct acm_binary_policy {
   14.12 @@ -113,7 +113,7 @@ struct ste_ssid {
   14.13  /* protos */
   14.14  int acm_init_domain_ssid(domid_t id, ssidref_t ssidref);
   14.15  int acm_free_domain_ssid(struct acm_ssid_domain *ssid);
   14.16 -int acm_set_policy(void *buf, u16 buf_size, u16 policy, int isuserbuffer);
   14.17 +int acm_set_policy(void *buf, u16 buf_size, int isuserbuffer);
   14.18  int acm_get_policy(void *buf, u16 buf_size);
   14.19  int acm_dump_statistics(void *buf, u16 buf_size);
   14.20  
    15.1 --- a/xen/include/public/acm.h	Tue Aug 02 09:31:47 2005 +0000
    15.2 +++ b/xen/include/public/acm.h	Tue Aug 02 09:37:00 2005 +0000
    15.3 @@ -71,6 +71,14 @@
    15.4  	(X == ACM_CHINESE_WALL_AND_SIMPLE_TYPE_ENFORCEMENT_POLICY) ? "CHINESE WALL AND SIMPLE TYPE ENFORCEMENT policy" : \
    15.5  	"UNDEFINED policy"
    15.6  
    15.7 +/* the following policy versions must be increased
    15.8 + * whenever the interpretation of the related
    15.9 + * policy's data structure changes
   15.10 + */
   15.11 +#define ACM_POLICY_VERSION	1
   15.12 +#define ACM_CHWALL_VERSION	1
   15.13 +#define ACM_STE_VERSION		1
   15.14 +
   15.15  /* defines a ssid reference used by xen */
   15.16  typedef u32 ssidref_t;
   15.17  
   15.18 @@ -102,46 +110,53 @@ typedef u16 domaintype_t;
   15.19  #define ACM_MAGIC		0x0001debc
   15.20  
   15.21  /* each offset in bytes from start of the struct they
   15.22 - *   the are part of */
   15.23 + * are part of */
   15.24 +
   15.25  /* each buffer consists of all policy information for
   15.26   * the respective policy given in the policy code
   15.27 + *
   15.28 + * acm_policy_buffer, acm_chwall_policy_buffer,
   15.29 + * and acm_ste_policy_buffer need to stay 32-bit aligned
   15.30 + * because we create binary policies also with external
   15.31 + * tools that assume packed representations (e.g. the java tool)
   15.32   */
   15.33  struct acm_policy_buffer {
   15.34 +	u32 policy_version; /* ACM_POLICY_VERSION */
   15.35          u32 magic;
   15.36 -	u32 policyversion;
   15.37  	u32 len;
   15.38 -	u16 primary_policy_code;
   15.39 -	u16 primary_buffer_offset;
   15.40 -	u16 secondary_policy_code;
   15.41 -	u16 secondary_buffer_offset;
   15.42 +	u32 primary_policy_code;
   15.43 +	u32 primary_buffer_offset;
   15.44 +	u32 secondary_policy_code;
   15.45 +	u32 secondary_buffer_offset;
   15.46  };
   15.47  
   15.48  struct acm_chwall_policy_buffer {
   15.49 -	u16 policy_code;
   15.50 -	u16 chwall_max_types;
   15.51 -	u16 chwall_max_ssidrefs;
   15.52 -	u16 chwall_max_conflictsets;
   15.53 -	u16 chwall_ssid_offset;
   15.54 -	u16 chwall_conflict_sets_offset;
   15.55 -	u16 chwall_running_types_offset;
   15.56 -	u16 chwall_conflict_aggregate_offset;
   15.57 +	u32 policy_version; /* ACM_CHWALL_VERSION */
   15.58 +	u32 policy_code;
   15.59 +	u32 chwall_max_types;
   15.60 +	u32 chwall_max_ssidrefs;
   15.61 +	u32 chwall_max_conflictsets;
   15.62 +	u32 chwall_ssid_offset;
   15.63 +	u32 chwall_conflict_sets_offset;
   15.64 +	u32 chwall_running_types_offset;
   15.65 +	u32 chwall_conflict_aggregate_offset;
   15.66  };
   15.67  
   15.68  struct acm_ste_policy_buffer {
   15.69 -	u16 policy_code;
   15.70 -	u16 ste_max_types;
   15.71 -	u16 ste_max_ssidrefs;
   15.72 -	u16 ste_ssid_offset;
   15.73 +	u32 policy_version; /* ACM_STE_VERSION */
   15.74 +	u32 policy_code;
   15.75 +	u32 ste_max_types;
   15.76 +	u32 ste_max_ssidrefs;
   15.77 +	u32 ste_ssid_offset;
   15.78  };
   15.79  
   15.80  struct acm_stats_buffer {
   15.81          u32 magic;
   15.82 -	u32 policyversion;
   15.83  	u32 len;
   15.84 -	u16 primary_policy_code;
   15.85 -	u16 primary_stats_offset;
   15.86 -	u16 secondary_policy_code;
   15.87 -	u16 secondary_stats_offset;
   15.88 +	u32 primary_policy_code;
   15.89 +	u32 primary_stats_offset;
   15.90 +	u32 secondary_policy_code;
   15.91 +	u32 secondary_stats_offset;
   15.92  };
   15.93  
   15.94  struct acm_ste_stats_buffer {
    16.1 --- a/xen/include/public/policy_ops.h	Tue Aug 02 09:31:47 2005 +0000
    16.2 +++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
    16.3 @@ -1,70 +0,0 @@
    16.4 -/******************************************************************************
    16.5 - * policy_ops.h
    16.6 - * 
    16.7 - * Copyright (C) 2005 IBM Corporation
    16.8 - *
    16.9 - * Author:
   16.10 - * Reiner Sailer <sailer@watson.ibm.com>
   16.11 - *
   16.12 - * This program is free software; you can redistribute it and/or
   16.13 - * modify it under the terms of the GNU General Public License as
   16.14 - * published by the Free Software Foundation, version 2 of the
   16.15 - * License. 
   16.16 - *
   16.17 - * Process policy command requests from guest OS.
   16.18 - * access checked by policy; not restricted to DOM0
   16.19 - * 
   16.20 - */
   16.21 -
   16.22 -#ifndef __XEN_PUBLIC_POLICY_OPS_H__
   16.23 -#define __XEN_PUBLIC_POLICY_OPS_H__
   16.24 -
   16.25 -#include "xen.h"
   16.26 -#include "sched_ctl.h"
   16.27 -
   16.28 -/*
   16.29 - * Make sure you increment the interface version whenever you modify this file!
   16.30 - * This makes sure that old versions of policy tools will stop working in a
   16.31 - * well-defined way (rather than crashing the machine, for instance).
   16.32 - */
   16.33 -#define POLICY_INTERFACE_VERSION   0xAAAA0003
   16.34 -
   16.35 -/************************************************************************/
   16.36 -
   16.37 -#define POLICY_SETPOLICY        	4
   16.38 -typedef struct policy_setpolicy {
   16.39 -    /* IN variables. */
   16.40 -    u16           policy_type;
   16.41 -    /* OUT variables */
   16.42 -    void  	  *pushcache;
   16.43 -    u16           pushcache_size;
   16.44 -} policy_setpolicy_t;          
   16.45 -
   16.46 -
   16.47 -#define POLICY_GETPOLICY        	5
   16.48 -typedef struct policy_getpolicy {
   16.49 -    /* IN variables. */
   16.50 -    u16           policy_type;
   16.51 -    /* OUT variables */
   16.52 -    void  	  *pullcache;
   16.53 -    u16           pullcache_size;
   16.54 -} policy_getpolicy_t;       
   16.55 -
   16.56 -#define POLICY_DUMPSTATS        	6
   16.57 -typedef struct policy_dumpstats {
   16.58 -    void  	  *pullcache;
   16.59 -    u16           pullcache_size;
   16.60 -} policy_dumpstats_t;            
   16.61 - 
   16.62 -
   16.63 -typedef struct policy_op {
   16.64 -    u32 cmd;
   16.65 -    u32 interface_version;       /* POLICY_INTERFACE_VERSION */
   16.66 -    union {
   16.67 -	policy_setpolicy_t       setpolicy;
   16.68 -        policy_getpolicy_t       getpolicy;
   16.69 -	policy_dumpstats_t	 dumpstats;
   16.70 -    } u;
   16.71 -} policy_op_t;
   16.72 -
   16.73 -#endif /* __XEN_PUBLIC_POLICY_OPS_H__ */
    17.1 --- a/xen/include/public/xen.h	Tue Aug 02 09:31:47 2005 +0000
    17.2 +++ b/xen/include/public/xen.h	Tue Aug 02 09:37:00 2005 +0000
    17.3 @@ -58,7 +58,7 @@
    17.4  #define __HYPERVISOR_boot_vcpu            24
    17.5  #define __HYPERVISOR_set_segment_base     25 /* x86/64 only */
    17.6  #define __HYPERVISOR_mmuext_op            26
    17.7 -#define __HYPERVISOR_policy_op            27
    17.8 +#define __HYPERVISOR_acm_op               27
    17.9  
   17.10  /* 
   17.11   * VIRTUAL INTERRUPTS