ia64/xen-unstable

changeset 15569:f01cb504cf28

[libxen] C-bindings for the extensions of the Xen-API for managing security policies
Signed-off-by: Stefan Berger <stefanb@us.ibm.com>
author kfraser@localhost.localdomain
date Tue Jul 10 14:57:04 2007 +0100 (2007-07-10)
parents 0eec072e870a
children 26eef8426110
files tools/libxen/include/xen/api/xen_acmpolicy.h tools/libxen/include/xen/api/xen_vdi.h tools/libxen/include/xen/api/xen_vm.h tools/libxen/include/xen/api/xen_xspolicy.h tools/libxen/include/xen/api/xen_xspolicy_decl.h tools/libxen/src/xen_acmpolicy.c tools/libxen/src/xen_vdi.c tools/libxen/src/xen_vm.c tools/libxen/src/xen_xspolicy.c
line diff
     1.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
     1.2 +++ b/tools/libxen/include/xen/api/xen_acmpolicy.h	Tue Jul 10 14:57:04 2007 +0100
     1.3 @@ -0,0 +1,117 @@
     1.4 +/*
     1.5 + * Copyright (c) 2007, IBM Corp.
     1.6 + * Copyright (c) 2007, XenSource Inc.
     1.7 + *
     1.8 + * This library is free software; you can redistribute it and/or
     1.9 + * modify it under the terms of the GNU Lesser General Public
    1.10 + * License as published by the Free Software Foundation; either
    1.11 + * version 2.1 of the License, or (at your option) any later version.
    1.12 + *
    1.13 + * This library is distributed in the hope that it will be useful,
    1.14 + * but WITHOUT ANY WARRANTY; without even the implied warranty of
    1.15 + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
    1.16 + * Lesser General Public License for more details.
    1.17 + *
    1.18 + * You should have received a copy of the GNU Lesser General Public
    1.19 + * License along with this library; if not, write to the Free Software
    1.20 + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307  USA
    1.21 + */
    1.22 +
    1.23 +#ifndef XEN_ACMPOLICY_H
    1.24 +#define XEN_ACMPOLICY_H
    1.25 +
    1.26 +#include "xen_common.h"
    1.27 +#include "xen_string_string_map.h"
    1.28 +#include "xen_xspolicy_decl.h"
    1.29 +#include "xen_vm_decl.h"
    1.30 +
    1.31 +/*
    1.32 + * Data structures.
    1.33 + */
    1.34 +
    1.35 +typedef struct xen_acmpolicy_record
    1.36 +{
    1.37 +    xen_xspolicy handle;
    1.38 +    char *uuid;
    1.39 +    char *repr;
    1.40 +    xs_instantiationflags flags;
    1.41 +    xs_type type;
    1.42 +} xen_acmpolicy_record;
    1.43 +
    1.44 +/**
    1.45 + * Allocate a xen_acmpolicy_record.
    1.46 + */
    1.47 +extern xen_acmpolicy_record *
    1.48 +xen_acmpolicy_record_alloc(void);
    1.49 +
    1.50 +/**
    1.51 + * Free the given xen_xspolicy_record, and all referenced values.  The
    1.52 + * given record must have been allocated by this library.
    1.53 + */
    1.54 +extern void
    1.55 +xen_acmpolicy_record_free(xen_acmpolicy_record *record);
    1.56 +
    1.57 +
    1.58 +/**
    1.59 + * Data structures for the policy's header
    1.60 + */
    1.61 +typedef struct xen_acm_header
    1.62 +{
    1.63 +    char *policyname;
    1.64 +    char *policyurl;
    1.65 +    char *date;
    1.66 +    char *reference;
    1.67 +    char *namespaceurl;
    1.68 +    char *version;
    1.69 +} xen_acm_header;
    1.70 +
    1.71 +extern xen_acm_header *
    1.72 +xen_acm_header_alloc(void);
    1.73 +
    1.74 +extern void
    1.75 +xen_acm_header_free(xen_acm_header *hdr);
    1.76 +
    1.77 +/**
    1.78 + * Get the referenced policy's record.
    1.79 + */
    1.80 +bool
    1.81 +xen_acmpolicy_get_record(xen_session *session, xen_acmpolicy_record **result,
    1.82 +                         xen_xspolicy xspolicy);
    1.83 +
    1.84 +/**
    1.85 + * Get the header of a  policy.
    1.86 + */
    1.87 +extern bool
    1.88 +xen_acmpolicy_get_header(xen_session *session, xen_acm_header **hdr,
    1.89 +                         xen_xspolicy xspolicy);
    1.90 +
    1.91 +
    1.92 +/**
    1.93 + * Get the XML representation of the policy.
    1.94 + */
    1.95 +extern bool
    1.96 +xen_acmpolicy_get_xml(xen_session *session, char **xml,
    1.97 +                      xen_xspolicy xspolicy);
    1.98 +
    1.99 +/**
   1.100 + * Get the mapping file of the policy.
   1.101 + */
   1.102 +extern bool
   1.103 +xen_acmpolicy_get_map(xen_session *session, char **map,
   1.104 +                      xen_xspolicy xspolicy);
   1.105 +
   1.106 +/**
   1.107 + * Get the binary representation (base64-encoded) of the policy.
   1.108 + */
   1.109 +extern bool
   1.110 +xen_acmpolicy_get_binary(xen_session *session, char **binary,
   1.111 +                         xen_xspolicy xspolicy);
   1.112 +
   1.113 +/**
   1.114 + * Get the UUID filed of the given policy.
   1.115 + */
   1.116 +bool
   1.117 +xen_acmpolicy_get_uuid(xen_session *session, char **result,
   1.118 +                       xen_xspolicy xspolicy);
   1.119 +
   1.120 +#endif
     2.1 --- a/tools/libxen/include/xen/api/xen_vdi.h	Tue Jul 10 14:42:23 2007 +0100
     2.2 +++ b/tools/libxen/include/xen/api/xen_vdi.h	Tue Jul 10 14:57:04 2007 +0100
     2.3 @@ -344,4 +344,17 @@ extern bool
     2.4  xen_vdi_get_all(xen_session *session, struct xen_vdi_set **result);
     2.5  
     2.6  
     2.7 +/**
     2.8 + * Set the security label of a VDI.
     2.9 + */
    2.10 +extern bool
    2.11 +xen_vdi_set_security_label(xen_session *session, int64_t *result, xen_vdi vdi,
    2.12 +                           char *label, char *oldlabel);
    2.13 +
    2.14 +/**
    2.15 + * Get the security label of a VDI.
    2.16 + */
    2.17 +extern bool
    2.18 +xen_vdi_get_security_label(xen_session *session, char **result, xen_vdi vdi);
    2.19 +
    2.20  #endif
     3.1 --- a/tools/libxen/include/xen/api/xen_vm.h	Tue Jul 10 14:42:23 2007 +0100
     3.2 +++ b/tools/libxen/include/xen/api/xen_vm.h	Tue Jul 10 14:57:04 2007 +0100
     3.3 @@ -112,6 +112,7 @@ typedef struct xen_vm_record
     3.4      bool is_control_domain;
     3.5      struct xen_vm_metrics_record_opt *metrics;
     3.6      struct xen_vm_guest_metrics_record_opt *guest_metrics;
     3.7 +    char *security_label;
     3.8  } xen_vm_record;
     3.9  
    3.10  /**
    3.11 @@ -891,4 +892,17 @@ extern bool
    3.12  xen_vm_get_all(xen_session *session, struct xen_vm_set **result);
    3.13  
    3.14  
    3.15 +/**
    3.16 + * Set the security label of a domain.
    3.17 + */
    3.18 +extern bool
    3.19 +xen_vm_set_security_label(xen_session *session, int64_t *result, xen_vm vm,
    3.20 +                          char *label, char *oldlabel);
    3.21 +
    3.22 +/**
    3.23 + * Get the security label of a domain.
    3.24 + */
    3.25 +extern bool
    3.26 +xen_vm_get_security_label(xen_session *session, char **result, xen_vm vm);
    3.27 +
    3.28  #endif
     4.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
     4.2 +++ b/tools/libxen/include/xen/api/xen_xspolicy.h	Tue Jul 10 14:57:04 2007 +0100
     4.3 @@ -0,0 +1,271 @@
     4.4 +/*
     4.5 + * Copyright (c) 2007, IBM Corp.
     4.6 + * Copyright (c) 2007, XenSource Inc.
     4.7 + *
     4.8 + * This library is free software; you can redistribute it and/or
     4.9 + * modify it under the terms of the GNU Lesser General Public
    4.10 + * License as published by the Free Software Foundation; either
    4.11 + * version 2.1 of the License, or (at your option) any later version.
    4.12 + *
    4.13 + * This library is distributed in the hope that it will be useful,
    4.14 + * but WITHOUT ANY WARRANTY; without even the implied warranty of
    4.15 + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
    4.16 + * Lesser General Public License for more details.
    4.17 + *
    4.18 + * You should have received a copy of the GNU Lesser General Public
    4.19 + * License along with this library; if not, write to the Free Software
    4.20 + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307  USA
    4.21 + */
    4.22 +
    4.23 +#ifndef XEN_XSPOLICY_H
    4.24 +#define XEN_XSPOLICY_H
    4.25 +
    4.26 +#include "xen_common.h"
    4.27 +#include "xen_xspolicy_decl.h"
    4.28 +#include "xen_string_string_map.h"
    4.29 +
    4.30 +
    4.31 +/*
    4.32 + * The XSPolicy and associated data structures.
    4.33 + *
    4.34 + */
    4.35 +typedef int64_t xs_type;
    4.36 +typedef int64_t xs_instantiationflags;
    4.37 +
    4.38 +enum xs_type {
    4.39 +    XS_POLICY_ACM = (1 << 0),
    4.40 +};
    4.41 +
    4.42 +enum xs_instantiationflags {
    4.43 +    XS_INST_NONE = 0,
    4.44 +    XS_INST_BOOT = (1 << 0),
    4.45 +    XS_INST_LOAD = (1 << 1),
    4.46 +};
    4.47 +
    4.48 +
    4.49 +/* Error codes returned by xend following XSPolicy operations */
    4.50 +#define XSERR_BASE                       0x1000
    4.51 +
    4.52 +#define XSERR_SUCCESS                    0
    4.53 +#define XSERR_GENERAL_FAILURE            1 + XSERR_BASE
    4.54 +#define XSERR_BAD_XML                    2 + XSERR_BASE
    4.55 +#define XSERR_XML_PROCESSING             3 + XSERR_BASE
    4.56 +#define XSERR_POLICY_INCONSISTENT        4 + XSERR_BASE
    4.57 +#define XSERR_FILE_ERROR                 5 + XSERR_BASE
    4.58 +#define XSERR_BAD_RESOURCE_FORMAT        6 + XSERR_BASE
    4.59 +#define XSERR_BAD_LABEL_FORMAT           7 + XSERR_BASE
    4.60 +#define XSERR_RESOURCE_NOT_LABELED       8 + XSERR_BASE
    4.61 +#define XSERR_RESOURCE_ALREADY_LABELED   9 + XSERR_BASE
    4.62 +#define XSERR_WRONG_POLICY_TYPE         10 + XSERR_BASE
    4.63 +#define XSERR_BOOTPOLICY_INSTALLED      11 + XSERR_BASE
    4.64 +#define XSERR_NO_DEFAULT_BOOT_TITLE     12 + XSERR_BASE
    4.65 +#define XSERR_POLICY_LOAD_FAILED        13 + XSERR_BASE
    4.66 +#define XSERR_POLICY_LOADED             14 + XSERR_BASE
    4.67 +#define XSERR_POLICY_TYPE_UNSUPPORTED   15 + XSERR_BASE
    4.68 +#define XSERR_BAD_CONFLICTSET           20 + XSERR_BASE
    4.69 +#define XSERR_RESOURCE_IN_USE           21 + XSERR_BASE
    4.70 +#define XSERR_BAD_POLICY_NAME           22 + XSERR_BASE
    4.71 +#define XSERR_RESOURCE_ACCESS           23 + XSERR_BASE
    4.72 +#define XSERR_HV_OP_FAILED              24 + XSERR_BASE
    4.73 +#define XSERR_BOOTPOLICY_INSTALL_ERROR  25 + XSERR_BASE
    4.74 +
    4.75 +
    4.76 +/**
    4.77 + * Free the given xen_xspolicy.  The given handle must have been allocated
    4.78 + * by this library.
    4.79 + */
    4.80 +extern void
    4.81 +xen_xspolicy_free(xen_xspolicy xspolicy);
    4.82 +
    4.83 +
    4.84 +typedef struct xen_xspolicy_set
    4.85 +{
    4.86 +    size_t size;
    4.87 +    xen_xspolicy *contents[];
    4.88 +} xen_xspolicy_set;
    4.89 +
    4.90 +/**
    4.91 + * Allocate a xen_xspolicy_set of the given size.
    4.92 + */
    4.93 +extern xen_xspolicy_set *
    4.94 +xen_xspolicy_set_alloc(size_t size);
    4.95 +
    4.96 +/**
    4.97 + * Free the given xen_xspolicy_set.  The given set must have been allocated
    4.98 + * by this library.
    4.99 + */
   4.100 +extern void
   4.101 +xen_xspolicy_set_free(xen_xspolicy_set *set);
   4.102 +
   4.103 +
   4.104 +typedef struct xen_xspolicy_record
   4.105 +{
   4.106 +    xen_xspolicy handle;
   4.107 +    char *uuid;
   4.108 +    char *repr;
   4.109 +    xs_instantiationflags flags;
   4.110 +    xs_type type;
   4.111 +} xen_xspolicy_record;
   4.112 +
   4.113 +/**
   4.114 + * Allocate a xen_xspolicy_record.
   4.115 + */
   4.116 +extern xen_xspolicy_record *
   4.117 +xen_xspolicy_record_alloc(void);
   4.118 +
   4.119 +/**
   4.120 + * Free the given xen_xspolicy_record, and all referenced values.  The
   4.121 + * given record must have been allocated by this library.
   4.122 + */
   4.123 +extern void
   4.124 +xen_xspolicy_record_free(xen_xspolicy_record *record);
   4.125 +
   4.126 +
   4.127 +typedef struct xen_xspolicy_record_opt
   4.128 +{
   4.129 +    bool is_record;
   4.130 +    union
   4.131 +    {
   4.132 +        xen_xspolicy handle;
   4.133 +        xen_xspolicy_record *record;
   4.134 +    } u;
   4.135 +} xen_xspolicy_record_opt;
   4.136 +
   4.137 +/**
   4.138 + * Allocate a xen_xspolicy_record_opt.
   4.139 + */
   4.140 +extern xen_xspolicy_record_opt *
   4.141 +xen_xspolicy_record_opt_alloc(void);
   4.142 +
   4.143 +/**
   4.144 + * Free the given xen_xspolicy_record_opt, and all referenced values.  The
   4.145 + * given record_opt must have been allocated by this library.
   4.146 + */
   4.147 +extern void
   4.148 +xen_xspolicy_record_opt_free(xen_xspolicy_record_opt *record_opt);
   4.149 +
   4.150 +
   4.151 +typedef struct xen_xspolicy_record_set
   4.152 +{
   4.153 +    size_t size;
   4.154 +    xen_xspolicy_record *contents[];
   4.155 +} xen_xspolicy_record_set;
   4.156 +
   4.157 +/**
   4.158 + * Allocate a xen_xspolicy_record_set of the given size.
   4.159 + */
   4.160 +extern xen_xspolicy_record_set *
   4.161 +xen_xspolicy_record_set_alloc(size_t size);
   4.162 +
   4.163 +/**
   4.164 + * Free the given xen_xspolicy_record_set, and all referenced values.  The
   4.165 + * given set must have been allocated by this library.
   4.166 + */
   4.167 +extern void
   4.168 +xen_xspolicy_record_set_free(xen_xspolicy_record_set *set);
   4.169 +
   4.170 +/**
   4.171 + * Data structures and function declarations for an XS Policy's state
   4.172 + * information.
   4.173 + */
   4.174 +typedef struct xen_xs_policystate
   4.175 +{
   4.176 +    xen_xspolicy_record_opt *xs_ref;
   4.177 +    int64_t xserr;
   4.178 +    char *repr;
   4.179 +    xs_type type;
   4.180 +    xs_instantiationflags flags;
   4.181 +    char *version;
   4.182 +    char *errors;
   4.183 +} xen_xs_policystate;
   4.184 +
   4.185 +void
   4.186 +xen_xs_policystate_free(xen_xs_policystate *state);
   4.187 +
   4.188 +
   4.189 +/**
   4.190 + * Get the referenced policy's record.
   4.191 + */
   4.192 +bool
   4.193 +xen_xspolicy_get_record(xen_session *session, xen_xspolicy_record **result,
   4.194 +                        xen_xspolicy xspolicy);
   4.195 +
   4.196 +/**
   4.197 + * Get the UUID field of the given policy.
   4.198 + */
   4.199 +bool
   4.200 +xen_xspolicy_get_uuid(xen_session *session, char **result,
   4.201 +                      xen_xspolicy xspolicy);
   4.202 +
   4.203 +/**
   4.204 + * Get a policy given it's UUID
   4.205 + */
   4.206 +bool
   4.207 +xen_xspolicy_get_by_uuid(xen_session *session, xen_xspolicy *result,
   4.208 +                         char *uuid);
   4.209 +
   4.210 +
   4.211 +/**
   4.212 + * Get the types of policies supported by the system.
   4.213 + */
   4.214 +bool
   4.215 +xen_xspolicy_get_xstype(xen_session *session, xs_type *result);
   4.216 +
   4.217 +
   4.218 +/**
   4.219 + * Get information about the currently managed policy.
   4.220 + * (The API allows only one policy to be on the system.)
   4.221 + */
   4.222 +bool
   4.223 +xen_xspolicy_get_xspolicy(xen_session *session, xen_xs_policystate **result);
   4.224 +
   4.225 +/**
   4.226 + * Activate the referenced policy by loading it into the hypervisor.
   4.227 + */
   4.228 +bool
   4.229 +xen_xspolicy_activate_xspolicy(xen_session *session, int64_t *result,
   4.230 +                               xen_xspolicy xspolicy,
   4.231 +                               xs_instantiationflags flags);
   4.232 +
   4.233 +
   4.234 +/**
   4.235 + * Set the system's policy to the given information comprising
   4.236 + * type of policy, the xml representation of the policy, some flags
   4.237 + * on whether to load the policy immediately and whether to overwrite
   4.238 + * an existing policy on the system.
   4.239 + */
   4.240 +bool
   4.241 +xen_xspolicy_set_xspolicy(xen_session *session, xen_xs_policystate **result,
   4.242 +                          xs_type type, char *repr, int64_t flags,
   4.243 +                          bool overwrite);
   4.244 +
   4.245 +
   4.246 +/**
   4.247 + * Remove any policy from having the system booted with.
   4.248 + */
   4.249 +extern bool
   4.250 +xen_xspolicy_rm_xsbootpolicy(xen_session *session);
   4.251 +
   4.252 +/**
   4.253 + * Retrieve all labeled resources.
   4.254 + */
   4.255 +extern bool
   4.256 +xen_xspolicy_get_labeled_resources(xen_session *session,
   4.257 +                                   xen_string_string_map **resources);
   4.258 +
   4.259 +/**
   4.260 + * Label a resource such as for example a hard drive partition or file
   4.261 + */
   4.262 +extern bool
   4.263 +xen_xspolicy_set_resource_label(xen_session *session,
   4.264 +                                char *resource, char *label,
   4.265 +                                char *oldlabel);
   4.266 +
   4.267 +/**
   4.268 + * Get the label of a resource.
   4.269 + */
   4.270 +extern bool
   4.271 +xen_xspolicy_get_resource_label(xen_session *session, char **label,
   4.272 +                                char *resource);
   4.273 +
   4.274 +#endif
     5.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
     5.2 +++ b/tools/libxen/include/xen/api/xen_xspolicy_decl.h	Tue Jul 10 14:57:04 2007 +0100
     5.3 @@ -0,0 +1,31 @@
     5.4 +/*
     5.5 + * Copyright (c) 2007, IBM Corp.
     5.6 + * Copyright (c) 2007, XenSource Inc.
     5.7 + *
     5.8 + * This library is free software; you can redistribute it and/or
     5.9 + * modify it under the terms of the GNU Lesser General Public
    5.10 + * License as published by the Free Software Foundation; either
    5.11 + * version 2.1 of the License, or (at your option) any later version.
    5.12 + *
    5.13 + * This library is distributed in the hope that it will be useful,
    5.14 + * but WITHOUT ANY WARRANTY; without even the implied warranty of
    5.15 + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
    5.16 + * Lesser General Public License for more details.
    5.17 + *
    5.18 + * You should have received a copy of the GNU Lesser General Public
    5.19 + * License along with this library; if not, write to the Free Software
    5.20 + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307  USA
    5.21 + */
    5.22 +
    5.23 +#ifndef XEN_XSPOLICY_DECL_H
    5.24 +#define XEN_XSPOLICY_DECL_H
    5.25 +
    5.26 +typedef void *xen_xspolicy;
    5.27 +
    5.28 +struct xen_xspolicy_set;
    5.29 +struct xen_xspolicy_record;
    5.30 +struct xen_xspolicy_record_set;
    5.31 +struct xen_xspolicy_record_opt;
    5.32 +struct xen_xspolicy_record_opt_set;
    5.33 +
    5.34 +#endif
     6.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
     6.2 +++ b/tools/libxen/src/xen_acmpolicy.c	Tue Jul 10 14:57:04 2007 +0100
     6.3 @@ -0,0 +1,234 @@
     6.4 +/*
     6.5 + * Copyright (c) 2007, IBM Corp.
     6.6 + * Copyright (c) 2007, XenSource Inc.
     6.7 + *
     6.8 + * This library is free software; you can redistribute it and/or
     6.9 + * modify it under the terms of the GNU Lesser General Public
    6.10 + * License as published by the Free Software Foundation; either
    6.11 + * version 2.1 of the License, or (at your option) any later version.
    6.12 + *
    6.13 + * This library is distributed in the hope that it will be useful,
    6.14 + * but WITHOUT ANY WARRANTY; without even the implied warranty of
    6.15 + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
    6.16 + * Lesser General Public License for more details.
    6.17 + *
    6.18 + * You should have received a copy of the GNU Lesser General Public
    6.19 + * License along with this library; if not, write to the Free Software
    6.20 + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307  USA
    6.21 + */
    6.22 +
    6.23 +
    6.24 +#include <stddef.h>
    6.25 +#include <stdlib.h>
    6.26 +
    6.27 +#include "xen_internal.h"
    6.28 +#include "xen/api/xen_common.h"
    6.29 +#include "xen/api/xen_xspolicy.h"
    6.30 +#include "xen/api/xen_acmpolicy.h"
    6.31 +
    6.32 +
    6.33 +static const struct_member xen_acmpolicy_record_struct_members[] =
    6.34 +    {
    6.35 +        { .key = "uuid",
    6.36 +          .type = &abstract_type_string,
    6.37 +          .offset = offsetof(xen_acmpolicy_record, uuid) },
    6.38 +        { .key = "flags",
    6.39 +          .type = &abstract_type_int,
    6.40 +          .offset = offsetof(xen_acmpolicy_record, flags) },
    6.41 +        { .key = "repr",
    6.42 +          .type = &abstract_type_string,
    6.43 +          .offset = offsetof(xen_acmpolicy_record, repr) },
    6.44 +        { .key = "type",
    6.45 +          .type = &abstract_type_int,
    6.46 +          .offset = offsetof(xen_acmpolicy_record, type) },
    6.47 +    };
    6.48 +
    6.49 +const abstract_type xen_acmpolicy_record_abstract_type_ =
    6.50 +    {
    6.51 +       .typename = STRUCT,
    6.52 +       .struct_size = sizeof(xen_acmpolicy_record),
    6.53 +       .member_count =
    6.54 +          sizeof(xen_acmpolicy_record_struct_members) / sizeof(struct_member),
    6.55 +       .members = xen_acmpolicy_record_struct_members
    6.56 +    };
    6.57 +
    6.58 +
    6.59 +static const struct_member xen_acm_header_struct_members[] =
    6.60 +    {
    6.61 +        { .key = "policyname",
    6.62 +          .type = &abstract_type_string,
    6.63 +          .offset = offsetof(xen_acm_header, policyname) },
    6.64 +        { .key = "policyurl",
    6.65 +          .type = &abstract_type_string,
    6.66 +          .offset = offsetof(xen_acm_header, policyurl) },
    6.67 +        { .key = "date",
    6.68 +          .type = &abstract_type_string,
    6.69 +          .offset = offsetof(xen_acm_header, date) },
    6.70 +        { .key = "reference",
    6.71 +          .type = &abstract_type_string,
    6.72 +          .offset = offsetof(xen_acm_header, reference) },
    6.73 +        { .key = "namespaceurl",
    6.74 +          .type = &abstract_type_string,
    6.75 +          .offset = offsetof(xen_acm_header, namespaceurl) },
    6.76 +        { .key = "version",
    6.77 +          .type = &abstract_type_string,
    6.78 +          .offset = offsetof(xen_acm_header, version) },
    6.79 +    };
    6.80 +
    6.81 +const abstract_type xen_acm_header_abstract_type_ =
    6.82 +    {
    6.83 +        .typename = STRUCT,
    6.84 +        .struct_size = sizeof(xen_acm_header),
    6.85 +        .member_count =
    6.86 +            sizeof(xen_acm_header_struct_members) /
    6.87 +            sizeof(struct_member),
    6.88 +        .members = xen_acm_header_struct_members,
    6.89 +    };
    6.90 +
    6.91 +void
    6.92 +xen_acm_header_free(xen_acm_header *shdr)
    6.93 +{
    6.94 +    if (shdr == NULL)
    6.95 +    {
    6.96 +        return;
    6.97 +    }
    6.98 +    free(shdr->policyname);
    6.99 +    free(shdr->policyurl);
   6.100 +    free(shdr->date);
   6.101 +    free(shdr->reference);
   6.102 +    free(shdr->namespaceurl);
   6.103 +    free(shdr->version);
   6.104 +    free(shdr);
   6.105 +}
   6.106 +
   6.107 +
   6.108 +void
   6.109 +xen_acmpolicy_record_free(xen_acmpolicy_record *record)
   6.110 +{
   6.111 +    if (record == NULL)
   6.112 +    {
   6.113 +        return;
   6.114 +    }
   6.115 +    free(record->handle);
   6.116 +    free(record->uuid);
   6.117 +    free(record->repr);
   6.118 +    free(record);
   6.119 +}
   6.120 +
   6.121 +
   6.122 +
   6.123 +bool
   6.124 +xen_acmpolicy_get_record(xen_session *session, xen_acmpolicy_record **result,
   6.125 +                         xen_xspolicy xspolicy)
   6.126 +{
   6.127 +    abstract_value param_values[] =
   6.128 +        {
   6.129 +            { .type = &abstract_type_string,
   6.130 +              .u.string_val = xspolicy }
   6.131 +        };
   6.132 +
   6.133 +    abstract_type result_type = xen_acmpolicy_record_abstract_type_;
   6.134 +
   6.135 +    *result = NULL;
   6.136 +    XEN_CALL_("ACMPolicy.get_record");
   6.137 +
   6.138 +    if (session->ok)
   6.139 +    {
   6.140 +       (*result)->handle = xen_strdup_((*result)->uuid);
   6.141 +    }
   6.142 +
   6.143 +    return session->ok;
   6.144 +}
   6.145 +
   6.146 +
   6.147 +bool
   6.148 +xen_acmpolicy_get_header(xen_session *session,
   6.149 +                         xen_acm_header **result,
   6.150 +                         xen_xspolicy xspolicy)
   6.151 +{
   6.152 +    abstract_value param_values[] =
   6.153 +        {
   6.154 +            { .type = &abstract_type_string,
   6.155 +              .u.string_val = xspolicy },
   6.156 +        };
   6.157 +
   6.158 +    abstract_type result_type = xen_acm_header_abstract_type_;
   6.159 +
   6.160 +    *result = NULL;
   6.161 +    XEN_CALL_("ACMPolicy.get_header");
   6.162 +    return session->ok;
   6.163 +}
   6.164 +
   6.165 +
   6.166 +bool
   6.167 +xen_acmpolicy_get_xml(xen_session *session,
   6.168 +                      char **result,
   6.169 +                      xen_xspolicy xspolicy)
   6.170 +{
   6.171 +    abstract_value param_values[] =
   6.172 +        {
   6.173 +            { .type = &abstract_type_string,
   6.174 +              .u.string_val = xspolicy },
   6.175 +        };
   6.176 +
   6.177 +    abstract_type result_type = abstract_type_string;
   6.178 +
   6.179 +    *result = NULL;
   6.180 +    XEN_CALL_("ACMPolicy.get_xml");
   6.181 +    return session->ok;
   6.182 +}
   6.183 +
   6.184 +
   6.185 +bool
   6.186 +xen_acmpolicy_get_map(xen_session *session,
   6.187 +                      char **result,
   6.188 +                      xen_xspolicy xspolicy)
   6.189 +{
   6.190 +    abstract_value param_values[] =
   6.191 +        {
   6.192 +            { .type = &abstract_type_string,
   6.193 +              .u.string_val = xspolicy },
   6.194 +        };
   6.195 +
   6.196 +    abstract_type result_type = abstract_type_string;
   6.197 +
   6.198 +    *result = NULL;
   6.199 +    XEN_CALL_("ACMPolicy.get_map");
   6.200 +    return session->ok;
   6.201 +}
   6.202 +
   6.203 +
   6.204 +bool
   6.205 +xen_acmpolicy_get_binary(xen_session *session, char **result,
   6.206 +                         xen_xspolicy xspolicy)
   6.207 +{
   6.208 +    abstract_value param_values[] =
   6.209 +        {
   6.210 +            { .type = &abstract_type_string,
   6.211 +              .u.string_val = xspolicy },
   6.212 +        };
   6.213 +
   6.214 +    abstract_type result_type = abstract_type_string;
   6.215 +
   6.216 +    *result = NULL;
   6.217 +    XEN_CALL_("ACMPolicy.get_binary");
   6.218 +    return session->ok;
   6.219 +}
   6.220 +
   6.221 +
   6.222 +bool
   6.223 +xen_acmpolicy_get_uuid(xen_session *session, char **result,
   6.224 +                       xen_xspolicy xspolicy)
   6.225 +{
   6.226 +    abstract_value param_values[] =
   6.227 +        {
   6.228 +            { .type = &abstract_type_string,
   6.229 +              .u.string_val = xspolicy }
   6.230 +        };
   6.231 +
   6.232 +    abstract_type result_type = abstract_type_string;
   6.233 +
   6.234 +    *result = NULL;
   6.235 +    XEN_CALL_("ACMPolicy.get_uuid");
   6.236 +    return session->ok;
   6.237 +}
     7.1 --- a/tools/libxen/src/xen_vdi.c	Tue Jul 10 14:42:23 2007 +0100
     7.2 +++ b/tools/libxen/src/xen_vdi.c	Tue Jul 10 14:57:04 2007 +0100
     7.3 @@ -534,3 +534,42 @@ xen_vdi_get_uuid(xen_session *session, c
     7.4      XEN_CALL_("VDI.get_uuid");
     7.5      return session->ok;
     7.6  }
     7.7 +
     7.8 +
     7.9 +bool
    7.10 +xen_vdi_set_security_label(xen_session *session, int64_t *result, xen_vdi vdi,
    7.11 +                           char *label, char *oldlabel)
    7.12 +{
    7.13 +    abstract_value param_values[] =
    7.14 +        {
    7.15 +            { .type = &abstract_type_string,
    7.16 +              .u.string_val = vdi },
    7.17 +            { .type = &abstract_type_string,
    7.18 +              .u.string_val = label },
    7.19 +            { .type = &abstract_type_string,
    7.20 +              .u.string_val = oldlabel },
    7.21 +        };
    7.22 +
    7.23 +    abstract_type result_type = abstract_type_int;
    7.24 +
    7.25 +    *result = 0;
    7.26 +    XEN_CALL_("VDI.set_security_label");
    7.27 +    return session->ok;
    7.28 +}
    7.29 +
    7.30 +
    7.31 +bool
    7.32 +xen_vdi_get_security_label(xen_session *session, char **result, xen_vdi vdi)
    7.33 +{
    7.34 +    abstract_value param_values[] =
    7.35 +        {
    7.36 +            { .type = &abstract_type_string,
    7.37 +              .u.string_val = vdi },
    7.38 +        };
    7.39 +
    7.40 +    abstract_type result_type = abstract_type_string;
    7.41 +
    7.42 +    *result = NULL;
    7.43 +    XEN_CALL_("VDI.get_security_label");
    7.44 +    return session->ok;
    7.45 +}
     8.1 --- a/tools/libxen/src/xen_vm.c	Tue Jul 10 14:42:23 2007 +0100
     8.2 +++ b/tools/libxen/src/xen_vm.c	Tue Jul 10 14:57:04 2007 +0100
     8.3 @@ -162,7 +162,10 @@ static const struct_member xen_vm_record
     8.4            .offset = offsetof(xen_vm_record, metrics) },
     8.5          { .key = "guest_metrics",
     8.6            .type = &abstract_type_ref,
     8.7 -          .offset = offsetof(xen_vm_record, guest_metrics) }
     8.8 +          .offset = offsetof(xen_vm_record, guest_metrics) },
     8.9 +        { .key = "security_label",
    8.10 +          .type = &abstract_type_string,
    8.11 +          .offset = offsetof(xen_vm_record, security_label) }
    8.12      };
    8.13  
    8.14  const abstract_type xen_vm_record_abstract_type_ =
    8.15 @@ -206,6 +209,7 @@ xen_vm_record_free(xen_vm_record *record
    8.16      xen_string_string_map_free(record->other_config);
    8.17      xen_vm_metrics_record_opt_free(record->metrics);
    8.18      xen_vm_guest_metrics_record_opt_free(record->guest_metrics);
    8.19 +    free(record->security_label);
    8.20      free(record);
    8.21  }
    8.22  
    8.23 @@ -1738,3 +1742,42 @@ xen_vm_get_uuid(xen_session *session, ch
    8.24      XEN_CALL_("VM.get_uuid");
    8.25      return session->ok;
    8.26  }
    8.27 +
    8.28 +
    8.29 +bool
    8.30 +xen_vm_set_security_label(xen_session *session, int64_t *result, xen_vm vm,
    8.31 +                          char *label, char *oldlabel)
    8.32 +{
    8.33 +    abstract_value param_values[] =
    8.34 +        {
    8.35 +            { .type = &abstract_type_string,
    8.36 +              .u.string_val = vm },
    8.37 +            { .type = &abstract_type_string,
    8.38 +              .u.string_val = label },
    8.39 +            { .type = &abstract_type_string,
    8.40 +              .u.string_val = oldlabel },
    8.41 +        };
    8.42 +
    8.43 +    abstract_type result_type = abstract_type_int;
    8.44 +
    8.45 +    *result = 0;
    8.46 +    XEN_CALL_("VM.set_security_label");
    8.47 +    return session->ok;
    8.48 +}
    8.49 +
    8.50 +
    8.51 +bool
    8.52 +xen_vm_get_security_label(xen_session *session, char **result, xen_vm vm)
    8.53 +{
    8.54 +    abstract_value param_values[] =
    8.55 +        {
    8.56 +            { .type = &abstract_type_string,
    8.57 +              .u.string_val = vm },
    8.58 +        };
    8.59 +
    8.60 +    abstract_type result_type = abstract_type_string;
    8.61 +
    8.62 +    *result = NULL;
    8.63 +    XEN_CALL_("VM.get_security_label");
    8.64 +    return session->ok;
    8.65 +}
     9.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
     9.2 +++ b/tools/libxen/src/xen_xspolicy.c	Tue Jul 10 14:57:04 2007 +0100
     9.3 @@ -0,0 +1,327 @@
     9.4 +/*
     9.5 + * Copyright (c) 2007, IBM Corp.
     9.6 + * Copyright (c) 2007, XenSource Inc.
     9.7 + *
     9.8 + * This library is free software; you can redistribute it and/or
     9.9 + * modify it under the terms of the GNU Lesser General Public
    9.10 + * License as published by the Free Software Foundation; either
    9.11 + * version 2.1 of the License, or (at your option) any later version.
    9.12 + *
    9.13 + * This library is distributed in the hope that it will be useful,
    9.14 + * but WITHOUT ANY WARRANTY; without even the implied warranty of
    9.15 + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
    9.16 + * Lesser General Public License for more details.
    9.17 + *
    9.18 + * You should have received a copy of the GNU Lesser General Public
    9.19 + * License along with this library; if not, write to the Free Software
    9.20 + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307  USA
    9.21 + */
    9.22 +
    9.23 +
    9.24 +#include <stddef.h>
    9.25 +#include <stdlib.h>
    9.26 +
    9.27 +#include "xen/api/xen_common.h"
    9.28 +#include "xen/api/xen_internal.h"
    9.29 +#include "xen/api/xen_xspolicy.h"
    9.30 +
    9.31 +
    9.32 +XEN_FREE(xen_xspolicy)
    9.33 +XEN_SET_ALLOC_FREE(xen_xspolicy)
    9.34 +XEN_RECORD_OPT_FREE(xen_xspolicy)
    9.35 +
    9.36 +static const struct_member xen_xspolicy_record_struct_members[] =
    9.37 +    {
    9.38 +        { .key = "uuid",
    9.39 +          .type = &abstract_type_string,
    9.40 +          .offset = offsetof(xen_xspolicy_record, uuid) },
    9.41 +        { .key = "flags",
    9.42 +          .type = &abstract_type_int,
    9.43 +          .offset = offsetof(xen_xspolicy_record, flags) },
    9.44 +        { .key = "repr",
    9.45 +          .type = &abstract_type_string,
    9.46 +          .offset = offsetof(xen_xspolicy_record, repr) },
    9.47 +        { .key = "type",
    9.48 +          .type = &abstract_type_int,
    9.49 +          .offset = offsetof(xen_xspolicy_record, type) },
    9.50 +    };
    9.51 +
    9.52 +const abstract_type xen_xspolicy_record_abstract_type_ =
    9.53 +    {
    9.54 +       .typename = STRUCT,
    9.55 +       .struct_size = sizeof(xen_xspolicy_record),
    9.56 +       .member_count =
    9.57 +           sizeof(xen_xspolicy_record_struct_members) / sizeof(struct_member),
    9.58 +       .members = xen_xspolicy_record_struct_members
    9.59 +    };
    9.60 +
    9.61 +
    9.62 +static const struct_member xen_xs_policystate_struct_members[] =
    9.63 +    {
    9.64 +        { .key = "xs_ref",
    9.65 +          .type = &abstract_type_ref,
    9.66 +          .offset = offsetof(xen_xs_policystate, xs_ref) },
    9.67 +        { .key = "xserr",
    9.68 +          .type = &abstract_type_int,
    9.69 +          .offset = offsetof(xen_xs_policystate, xserr) },
    9.70 +        { .key = "repr",
    9.71 +          .type = &abstract_type_string,
    9.72 +          .offset = offsetof(xen_xs_policystate, repr) },
    9.73 +        { .key = "type",
    9.74 +          .type = &abstract_type_int,
    9.75 +          .offset = offsetof(xen_xs_policystate, type) },
    9.76 +        { .key = "flags",
    9.77 +          .type = &abstract_type_int,
    9.78 +          .offset = offsetof(xen_xs_policystate, flags) },
    9.79 +        { .key = "version",
    9.80 +          .type = &abstract_type_string,
    9.81 +          .offset = offsetof(xen_xs_policystate, version) },
    9.82 +        { .key = "errors",
    9.83 +          .type = &abstract_type_string,
    9.84 +          .offset = offsetof(xen_xs_policystate, errors) },
    9.85 +    };
    9.86 +
    9.87 +const abstract_type xen_xs_policystate_abstract_type_ =
    9.88 +    {
    9.89 +        .typename = STRUCT,
    9.90 +        .struct_size = sizeof(xen_xs_policystate),
    9.91 +        .member_count =
    9.92 +            sizeof(xen_xs_policystate_struct_members) /
    9.93 +            sizeof(struct_member),
    9.94 +        .members = xen_xs_policystate_struct_members,
    9.95 +    };
    9.96 +
    9.97 +
    9.98 +
    9.99 +
   9.100 +void
   9.101 +xen_xs_policystate_free(xen_xs_policystate *state)
   9.102 +{
   9.103 +    if (state == NULL)
   9.104 +    {
   9.105 +        return;
   9.106 +    }
   9.107 +    xen_xspolicy_record_opt_free(state->xs_ref);
   9.108 +    free(state->repr);
   9.109 +    free(state->errors);
   9.110 +    free(state->version);
   9.111 +    free(state);
   9.112 +}
   9.113 +
   9.114 +
   9.115 +void
   9.116 +xen_xspolicy_record_free(xen_xspolicy_record *record)
   9.117 +{
   9.118 +    if (record == NULL)
   9.119 +    {
   9.120 +        return;
   9.121 +    }
   9.122 +    free(record->handle);
   9.123 +    free(record->uuid);
   9.124 +    free(record->repr);
   9.125 +    free(record);
   9.126 +}
   9.127 +
   9.128 +
   9.129 +bool
   9.130 +xen_xspolicy_get_record(xen_session *session, xen_xspolicy_record **result,
   9.131 +                        xen_xspolicy xspolicy)
   9.132 +{
   9.133 +    abstract_value param_values[] =
   9.134 +        {
   9.135 +            { .type = &abstract_type_string,
   9.136 +              .u.string_val = xspolicy }
   9.137 +        };
   9.138 +
   9.139 +    abstract_type result_type = xen_xspolicy_record_abstract_type_;
   9.140 +
   9.141 +    *result = NULL;
   9.142 +    XEN_CALL_("XSPolicy.get_record");
   9.143 +
   9.144 +    if (session->ok)
   9.145 +    {
   9.146 +       (*result)->handle = xen_strdup_((*result)->uuid);
   9.147 +    }
   9.148 +
   9.149 +    return session->ok;
   9.150 +}
   9.151 +
   9.152 +
   9.153 +bool
   9.154 +xen_xspolicy_get_uuid(xen_session *session, char **result,
   9.155 +                      xen_xspolicy xspolicy)
   9.156 +{
   9.157 +    abstract_value param_values[] =
   9.158 +        {
   9.159 +            { .type = &abstract_type_string,
   9.160 +              .u.string_val = xspolicy }
   9.161 +        };
   9.162 +
   9.163 +    abstract_type result_type = abstract_type_string;
   9.164 +
   9.165 +    *result = NULL;
   9.166 +    XEN_CALL_("XSPolicy.get_uuid");
   9.167 +    return session->ok;
   9.168 +}
   9.169 +
   9.170 +
   9.171 +bool
   9.172 +xen_xspolicy_get_by_uuid(xen_session *session, xen_xspolicy *result,
   9.173 +                         char *uuid)
   9.174 +{
   9.175 +    abstract_value param_values[] =
   9.176 +        {
   9.177 +            { .type = &abstract_type_string,
   9.178 +              .u.string_val = uuid }
   9.179 +        };
   9.180 +
   9.181 +    abstract_type result_type = abstract_type_string;
   9.182 +
   9.183 +    *result = NULL;
   9.184 +    XEN_CALL_("XSPolicy.get_by_uuid");
   9.185 +    return session->ok;
   9.186 +}
   9.187 +
   9.188 +
   9.189 +bool
   9.190 +xen_xspolicy_get_xstype(xen_session *session, xs_type *result)
   9.191 +{
   9.192 +    abstract_value param_values[] =
   9.193 +        {
   9.194 +        };
   9.195 +
   9.196 +    abstract_type result_type = abstract_type_int;
   9.197 +
   9.198 +    *result = 0;
   9.199 +    XEN_CALL_("XSPolicy.get_xstype");
   9.200 +    return session->ok;
   9.201 +}
   9.202 +
   9.203 +
   9.204 +bool
   9.205 +xen_xspolicy_set_xspolicy(xen_session *session, xen_xs_policystate **result,
   9.206 +                          xs_type type, char *repr,
   9.207 +                          xs_instantiationflags flags,
   9.208 +                          bool overwrite)
   9.209 +{
   9.210 +    abstract_value param_values[] =
   9.211 +        {
   9.212 +            { .type = &abstract_type_int,
   9.213 +              .u.int_val = type },
   9.214 +            { .type = &abstract_type_string,
   9.215 +              .u.string_val = repr },
   9.216 +            { .type = &abstract_type_int,
   9.217 +              .u.int_val = flags },
   9.218 +            { .type = &abstract_type_bool,
   9.219 +              .u.bool_val = overwrite }
   9.220 +        };
   9.221 +
   9.222 +    abstract_type result_type = xen_xs_policystate_abstract_type_;
   9.223 +
   9.224 +    *result = NULL;
   9.225 +    XEN_CALL_("XSPolicy.set_xspolicy");
   9.226 +    return session->ok;
   9.227 +}
   9.228 +
   9.229 +
   9.230 +bool
   9.231 +xen_xspolicy_get_xspolicy(xen_session *session, xen_xs_policystate **result)
   9.232 +{
   9.233 +    abstract_value param_values[] =
   9.234 +        {
   9.235 +        };
   9.236 +
   9.237 +    abstract_type result_type = xen_xs_policystate_abstract_type_;
   9.238 +
   9.239 +    *result = NULL;
   9.240 +    XEN_CALL_("XSPolicy.get_xspolicy");
   9.241 +    return session->ok;
   9.242 +}
   9.243 +
   9.244 +
   9.245 +bool
   9.246 +xen_xspolicy_get_labeled_resources(xen_session *session,
   9.247 +                                   xen_string_string_map **result)
   9.248 +{
   9.249 +    abstract_value param_values[] =
   9.250 +        {
   9.251 +        };
   9.252 +
   9.253 +    abstract_type result_type = abstract_type_string_string_map;
   9.254 +
   9.255 +    *result = NULL;
   9.256 +    XEN_CALL_("XSPolicy.get_labeled_resources");
   9.257 +    return session->ok;
   9.258 +}
   9.259 +
   9.260 +
   9.261 +bool
   9.262 +xen_xspolicy_set_resource_label(xen_session *session,
   9.263 +                                char *resource, char *label,
   9.264 +                                char *oldlabel)
   9.265 +{
   9.266 +    abstract_value param_values[] =
   9.267 +        {
   9.268 +            { .type = &abstract_type_string,
   9.269 +              .u.string_val = resource },
   9.270 +            { .type = &abstract_type_string,
   9.271 +              .u.string_val = label },
   9.272 +            { .type = &abstract_type_string,
   9.273 +              .u.string_val = oldlabel },
   9.274 +        };
   9.275 +
   9.276 +    xen_call_(session, "XSPolicy.set_resource_label", param_values, 3,
   9.277 +                       NULL, NULL);
   9.278 +    return session->ok;
   9.279 +}
   9.280 +
   9.281 +
   9.282 +bool
   9.283 +xen_xspolicy_get_resource_label(xen_session *session, char **result,
   9.284 +                                char *resource)
   9.285 +{
   9.286 +    abstract_value param_values[] =
   9.287 +        {
   9.288 +            { .type = &abstract_type_string,
   9.289 +              .u.string_val = resource },
   9.290 +        };
   9.291 +
   9.292 +    abstract_type result_type = abstract_type_string;
   9.293 +    XEN_CALL_("XSPolicy.get_resource_label");
   9.294 +    return session->ok;
   9.295 +}
   9.296 +
   9.297 +
   9.298 +bool
   9.299 +xen_xspolicy_rm_xsbootpolicy(xen_session *session)
   9.300 +{
   9.301 +    abstract_value param_values[] =
   9.302 +        {
   9.303 +        };
   9.304 +
   9.305 +    xen_call_(session, "XSPolicy.rm_xsbootpolicy", param_values, 0,
   9.306 +                       NULL, NULL);
   9.307 +    return session->ok;
   9.308 +}
   9.309 +
   9.310 +
   9.311 +bool
   9.312 +xen_xspolicy_activate_xspolicy(xen_session *session,
   9.313 +                               xs_instantiationflags *result,
   9.314 +                               xen_xspolicy xspolicy,
   9.315 +                               xs_instantiationflags flags)
   9.316 +{
   9.317 +    abstract_value param_values[] =
   9.318 +        {
   9.319 +            { .type = &abstract_type_string,
   9.320 +              .u.string_val = xspolicy },
   9.321 +            { .type = &abstract_type_int,
   9.322 +              .u.int_val = flags },
   9.323 +        };
   9.324 +
   9.325 +    abstract_type result_type = abstract_type_int;
   9.326 +
   9.327 +    *result = 0;
   9.328 +    XEN_CALL_("XSPolicy.activate_xspolicy");
   9.329 +    return session->ok;
   9.330 +}