[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-changelog] Somehow this file got zeroed out?!? Replacing it

# HG changeset patch
# User djm@xxxxxxxxxxxxxxx
# Node ID 40be48f67a3379af0632cfffbd083706b02bad99
# Parent  c1a7ed266c7ee01b31f4908e6283539d014e5e54

Somehow this file got zeroed out?!? Replacing it

diff -r c1a7ed266c7e -r 40be48f67a33 xen/include/public/acm.h
--- a/xen/include/public/acm.h  Sat Jul  9 13:54:10 2005
+++ b/xen/include/public/acm.h  Sat Jul  9 14:25:29 2005
@@ -1,0 +1,157 @@
+/****************************************************************
+ * acm.h
+ * 
+ * Copyright (C) 2005 IBM Corporation
+ *
+ * Author:
+ * Reiner Sailer <sailer@xxxxxxxxxxxxxx>
+ *
+ * Contributors:
+ * Stefan Berger <stefanb@xxxxxxxxxxxxxx> 
+ *     added network byte order support for binary policies
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License as
+ * published by the Free Software Foundation, version 2 of the
+ * License.
+ *
+ * sHype general access control module header file.
+ *     here are all definitions that are shared between
+ *     xen-core, guest-kernels, and applications.
+ *
+ * todo: move from static policy choice to compile option.
+ */
+
+#ifndef _XEN_PUBLIC_ACM_H
+#define _XEN_PUBLIC_ACM_H
+
+#include "xen.h"
+#include "sched_ctl.h"
+
+/* if ACM_DEBUG defined, all hooks should
+ * print a short trace message (comment it out
+ * when not in testing mode )
+ */
+/* #define ACM_DEBUG */
+
+#ifdef ACM_DEBUG
+#  define printkd(fmt, args...) printk(fmt,## args)
+#else
+#  define printkd(fmt, args...)
+#endif
+
+/* default ssid reference value if not supplied */
+#define ACM_DEFAULT_SSID       0x0
+#define ACM_DEFAULT_LOCAL_SSID  0x0
+
+/* Internal ACM ERROR types */
+#define ACM_OK                          0
+#define ACM_UNDEF                      -1
+#define ACM_INIT_SSID_ERROR            -2
+#define ACM_INIT_SOID_ERROR            -3
+#define ACM_ERROR                      -4
+
+/* External ACCESS DECISIONS */
+#define ACM_ACCESS_PERMITTED           0
+#define ACM_ACCESS_DENIED              -111
+#define ACM_NULL_POINTER_ERROR         -200
+
+#define ACM_MAX_POLICY  3
+
+#define ACM_NULL_POLICY        0
+#define ACM_CHINESE_WALL_POLICY        1
+#define ACM_SIMPLE_TYPE_ENFORCEMENT_POLICY 2
+#define ACM_CHINESE_WALL_AND_SIMPLE_TYPE_ENFORCEMENT_POLICY 3
+
+/* policy: */
+#define ACM_POLICY_NAME(X) \
+       (X == ACM_NULL_POLICY) ? "NULL policy" : \
+       (X == ACM_CHINESE_WALL_POLICY) ? "CHINESE WALL policy" : \
+       (X == ACM_SIMPLE_TYPE_ENFORCEMENT_POLICY) ? "SIMPLE TYPE ENFORCEMENT 
policy" : \
+       (X == ACM_CHINESE_WALL_AND_SIMPLE_TYPE_ENFORCEMENT_POLICY) ? "CHINESE 
WALL AND SIMPLE TYPE ENFORCEMENT policy" : \
+       "UNDEFINED policy"
+
+/* defines a ssid reference used by xen */
+typedef u32 ssidref_t;
+
+/* -------security policy relevant type definitions-------- */
+
+/* type identifier; compares to "equal" or "not equal" */
+typedef u16 domaintype_t;
+
+/* CHINESE WALL POLICY DATA STRUCTURES
+ *
+ * current accumulated conflict type set:
+ * When a domain is started and has a type that is in
+ * a conflict set, the conflicting types are incremented in
+ * the aggregate set. When a domain is destroyed, the 
+ * conflicting types to its type are decremented.
+ * If a domain has multiple types, this procedure works over
+ * all those types.
+ *
+ * conflict_aggregate_set[i] holds the number of
+ *   running domains that have a conflict with type i.
+ *
+ * running_types[i] holds the number of running domains
+ *        that include type i in their ssidref-referenced type set
+ *
+ * conflict_sets[i][j] is "0" if type j has no conflict
+ *    with type i and is "1" otherwise.
+ */
+/* high-16 = version, low-16 = check magic */
+#define ACM_MAGIC              0x0001debc
+
+/* each offset in bytes from start of the struct they
+ *   the are part of */
+/* each buffer consists of all policy information for
+ * the respective policy given in the policy code
+ */
+struct acm_policy_buffer {
+        u32 magic;
+       u32 policyversion;
+       u32 len;
+       u16 primary_policy_code;
+       u16 primary_buffer_offset;
+       u16 secondary_policy_code;
+       u16 secondary_buffer_offset;
+};
+
+struct acm_chwall_policy_buffer {
+       u16 policy_code;
+       u16 chwall_max_types;
+       u16 chwall_max_ssidrefs;
+       u16 chwall_max_conflictsets;
+       u16 chwall_ssid_offset;
+       u16 chwall_conflict_sets_offset;
+       u16 chwall_running_types_offset;
+       u16 chwall_conflict_aggregate_offset;
+};
+
+struct acm_ste_policy_buffer {
+       u16 policy_code;
+       u16 ste_max_types;
+       u16 ste_max_ssidrefs;
+       u16 ste_ssid_offset;
+};
+
+struct acm_stats_buffer {
+        u32 magic;
+       u32 policyversion;
+       u32 len;
+       u16 primary_policy_code;
+       u16 primary_stats_offset;
+       u16 secondary_policy_code;
+       u16 secondary_stats_offset;
+};
+
+struct acm_ste_stats_buffer {
+       u32 ec_eval_count;
+       u32 gt_eval_count;
+       u32 ec_denied_count;
+       u32 gt_denied_count; 
+       u32 ec_cachehit_count;
+       u32 gt_cachehit_count;
+};
+
+
+#endif

_______________________________________________
Xen-changelog mailing list
Xen-changelog@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-changelog

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.