Aren/NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Remove files not needed in the kernel.

Browse Source
This commit is contained in:
bouyer 2006-01-20 18:17:59 +00:00
parent c681304808
commit 87d63b6c1c
4 changed files with 0 additions and 506 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

198
sys/arch/xen/include/xen3-public/acm.h
View File

@ -1,198 +0,0 @@
/****************************************************************
* acm.h
*
* Copyright (C) 2005 IBM Corporation
*
* Author:
* Reiner Sailer <sailer@watson.ibm.com>
*
* Contributors:
* Stefan Berger <stefanb@watson.ibm.com>
* added network byte order support for binary policies
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License as
* published by the Free Software Foundation, version 2 of the
* License.
*
* sHype general access control module header file.
* here are all definitions that are shared between
* xen-core, guest-kernels, and applications.
*
* todo: move from static policy choice to compile option.
*/
#ifndef _XEN_PUBLIC_ACM_H
#define _XEN_PUBLIC_ACM_H
#include "xen.h"
#include "sched_ctl.h"
/* if ACM_DEBUG defined, all hooks should
* print a short trace message (comment it out
* when not in testing mode )
*/
/* #define ACM_DEBUG */
#ifdef ACM_DEBUG
# define printkd(fmt, args...) printk(fmt,## args)
#else
# define printkd(fmt, args...)
#endif
/* default ssid reference value if not supplied */
#define ACM_DEFAULT_SSID 0x0
#define ACM_DEFAULT_LOCAL_SSID 0x0
/* Internal ACM ERROR types */
#define ACM_OK 0
#define ACM_UNDEF -1
#define ACM_INIT_SSID_ERROR -2
#define ACM_INIT_SOID_ERROR -3
#define ACM_ERROR -4
/* External ACCESS DECISIONS */
#define ACM_ACCESS_PERMITTED 0
#define ACM_ACCESS_DENIED -111
#define ACM_NULL_POINTER_ERROR -200
/* primary policy in lower 4 bits */
#define ACM_NULL_POLICY 0
#define ACM_CHINESE_WALL_POLICY 1
#define ACM_SIMPLE_TYPE_ENFORCEMENT_POLICY 2
#define ACM_POLICY_UNDEFINED 15
/* combinations have secondary policy component in higher 4bit */
#define ACM_CHINESE_WALL_AND_SIMPLE_TYPE_ENFORCEMENT_POLICY \
((ACM_SIMPLE_TYPE_ENFORCEMENT_POLICY << 4) | ACM_CHINESE_WALL_POLICY)
/* policy: */
#define ACM_POLICY_NAME(X) \
((X) == (ACM_NULL_POLICY)) ? "NULL policy" : \
((X) == (ACM_CHINESE_WALL_POLICY)) ? "CHINESE WALL policy" : \
((X) == (ACM_SIMPLE_TYPE_ENFORCEMENT_POLICY)) ? "SIMPLE TYPE ENFORCEMENT policy" : \
((X) == (ACM_CHINESE_WALL_AND_SIMPLE_TYPE_ENFORCEMENT_POLICY)) ? "CHINESE WALL AND SIMPLE TYPE ENFORCEMENT policy" : \
"UNDEFINED policy"
/* the following policy versions must be increased
* whenever the interpretation of the related
* policy's data structure changes
*/
#define ACM_POLICY_VERSION 1
#define ACM_CHWALL_VERSION 1
#define ACM_STE_VERSION 1
/* defines a ssid reference used by xen */
typedef uint32_t ssidref_t;
/* hooks that are known to domains */
enum acm_hook_type {NONE=0, SHARING};
/* -------security policy relevant type definitions-------- */
/* type identifier; compares to "equal" or "not equal" */
typedef uint16_t domaintype_t;
/* CHINESE WALL POLICY DATA STRUCTURES
*
* current accumulated conflict type set:
* When a domain is started and has a type that is in
* a conflict set, the conflicting types are incremented in
* the aggregate set. When a domain is destroyed, the
* conflicting types to its type are decremented.
* If a domain has multiple types, this procedure works over
* all those types.
*
* conflict_aggregate_set[i] holds the number of
* running domains that have a conflict with type i.
*
* running_types[i] holds the number of running domains
* that include type i in their ssidref-referenced type set
*
* conflict_sets[i][j] is "0" if type j has no conflict
* with type i and is "1" otherwise.
*/
/* high-16 = version, low-16 = check magic */
#define ACM_MAGIC 0x0001debc
/* each offset in bytes from start of the struct they
* are part of */
/* each buffer consists of all policy information for
* the respective policy given in the policy code
*
* acm_policy_buffer, acm_chwall_policy_buffer,
* and acm_ste_policy_buffer need to stay 32-bit aligned
* because we create binary policies also with external
* tools that assume packed representations (e.g. the java tool)
*/
struct acm_policy_buffer {
uint32_t policy_version; /* ACM_POLICY_VERSION */
uint32_t magic;
uint32_t len;
uint32_t primary_policy_code;
uint32_t primary_buffer_offset;
uint32_t secondary_policy_code;
uint32_t secondary_buffer_offset;
};
struct acm_chwall_policy_buffer {
uint32_t policy_version; /* ACM_CHWALL_VERSION */
uint32_t policy_code;
uint32_t chwall_max_types;
uint32_t chwall_max_ssidrefs;
uint32_t chwall_max_conflictsets;
uint32_t chwall_ssid_offset;
uint32_t chwall_conflict_sets_offset;
uint32_t chwall_running_types_offset;
uint32_t chwall_conflict_aggregate_offset;
};
struct acm_ste_policy_buffer {
uint32_t policy_version; /* ACM_STE_VERSION */
uint32_t policy_code;
uint32_t ste_max_types;
uint32_t ste_max_ssidrefs;
uint32_t ste_ssid_offset;
};
struct acm_stats_buffer {
uint32_t magic;
uint32_t len;
uint32_t primary_policy_code;
uint32_t primary_stats_offset;
uint32_t secondary_policy_code;
uint32_t secondary_stats_offset;
};
struct acm_ste_stats_buffer {
uint32_t ec_eval_count;
uint32_t gt_eval_count;
uint32_t ec_denied_count;
uint32_t gt_denied_count;
uint32_t ec_cachehit_count;
uint32_t gt_cachehit_count;
};
struct acm_ssid_buffer {
uint32_t len;
ssidref_t ssidref;
uint32_t primary_policy_code;
uint32_t primary_max_types;
uint32_t primary_types_offset;
uint32_t secondary_policy_code;
uint32_t secondary_max_types;
uint32_t secondary_types_offset;
};
#endif
/*
* Local variables:
* mode: C
* c-set-style: "BSD"
* c-basic-offset: 4
* tab-width: 4
* indent-tabs-mode: nil
* End:
*/

107
sys/arch/xen/include/xen3-public/acm_ops.h
View File

@ -1,107 +0,0 @@
/******************************************************************************
* acm_ops.h
*
* Copyright (C) 2005 IBM Corporation
*
* Author:
* Reiner Sailer <sailer@watson.ibm.com>
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License as
* published by the Free Software Foundation, version 2 of the
* License.
*
* Process acm policy command requests from guest OS.
* access checked by policy; not restricted to DOM0
*
*/
#ifndef __XEN_PUBLIC_ACM_OPS_H__
#define __XEN_PUBLIC_ACM_OPS_H__
#include "xen.h"
#include "sched_ctl.h"
/*
* Make sure you increment the interface version whenever you modify this file!
* This makes sure that old versions of acm tools will stop working in a
* well-defined way (rather than crashing the machine, for instance).
*/
#define ACM_INTERFACE_VERSION 0xAAAA0005
/************************************************************************/
#define ACM_SETPOLICY 4
struct acm_setpolicy {
/* OUT variables */
void *pushcache;
uint32_t pushcache_size;
};
#define ACM_GETPOLICY 5
struct acm_getpolicy {
/* OUT variables */
void *pullcache;
uint32_t pullcache_size;
};
#define ACM_DUMPSTATS 6
struct acm_dumpstats {
void *pullcache;
uint32_t pullcache_size;
};
#define ACM_GETSSID 7
enum get_type {UNSET=0, SSIDREF, DOMAINID};
struct acm_getssid {
enum get_type get_ssid_by;
union {
domaintype_t domainid;
ssidref_t ssidref;
} id;
void *ssidbuf;
uint32_t ssidbuf_size;
};
#define ACM_GETDECISION 8
struct acm_getdecision {
enum get_type get_decision_by1; /* in */
enum get_type get_decision_by2;
union {
domaintype_t domainid;
ssidref_t ssidref;
} id1;
union {
domaintype_t domainid;
ssidref_t ssidref;
} id2;
enum acm_hook_type hook;
int acm_decision; /* out */
};
struct acm_op {
uint32_t cmd;
uint32_t interface_version; /* ACM_INTERFACE_VERSION */
union {
struct acm_setpolicy setpolicy;
struct acm_getpolicy getpolicy;
struct acm_dumpstats dumpstats;
struct acm_getssid getssid;
struct acm_getdecision getdecision;
} u;
};
#endif /* __XEN_PUBLIC_ACM_OPS_H__ */
/*
* Local variables:
* mode: C
* c-set-style: "BSD"
* c-basic-offset: 4
* tab-width: 4
* indent-tabs-mode: nil
* End:
*/

91
sys/arch/xen/include/xen3-public/io/ioreq.h
View File

@ -1,91 +0,0 @@
/*
* ioreq.h: I/O request definitions for device models
* Copyright (c) 2004, Intel Corporation.
*
* This program is free software; you can redistribute it and/or modify it
* under the terms and conditions of the GNU General Public License,
* version 2, as published by the Free Software Foundation.
*
* This program is distributed in the hope it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
* more details.
*
* You should have received a copy of the GNU General Public License along with
* this program; if not, write to the Free Software Foundation, Inc., 59 Temple
* Place - Suite 330, Boston, MA 02111-1307 USA.
*
*/
#ifndef _IOREQ_H_
#define _IOREQ_H_
#define IOREQ_READ 1
#define IOREQ_WRITE 0
#define STATE_INVALID 0
#define STATE_IOREQ_READY 1
#define STATE_IOREQ_INPROCESS 2
#define STATE_IORESP_READY 3
#define STATE_IORESP_HOOK 4
#define IOREQ_TYPE_PIO 0 /* pio */
#define IOREQ_TYPE_COPY 1 /* mmio ops */
#define IOREQ_TYPE_AND 2
#define IOREQ_TYPE_OR 3
#define IOREQ_TYPE_XOR 4
/*
* VMExit dispatcher should cooperate with instruction decoder to
* prepare this structure and notify service OS and DM by sending
* virq
*/
typedef struct {
uint64_t addr; /* physical address */
uint64_t size; /* size in bytes */
uint64_t count; /* for rep prefixes */
union {
uint64_t data; /* data */
void *pdata; /* pointer to data */
} u;
uint8_t state:4;
uint8_t pdata_valid:1; /* if 1, use pdata above */
uint8_t dir:1; /* 1=read, 0=write */
uint8_t df:1;
uint8_t type; /* I/O type */
} ioreq_t;
#define MAX_VECTOR 256
#define BITS_PER_BYTE 8
#define INTR_LEN (MAX_VECTOR/(BITS_PER_BYTE * sizeof(uint64_t)))
#define INTR_LEN_32 (MAX_VECTOR/(BITS_PER_BYTE * sizeof(uint32_t)))
typedef struct {
uint16_t pic_elcr;
uint16_t pic_irr;
uint16_t pic_last_irr;
uint16_t pic_clear_irr;
int eport; /* Event channel port */
} global_iodata_t;
typedef struct {
ioreq_t vp_ioreq;
unsigned long vp_intr[INTR_LEN];
} vcpu_iodata_t;
typedef struct {
global_iodata_t sp_global;
vcpu_iodata_t vcpu_iodata[1];
} shared_iopage_t;
#endif /* _IOREQ_H_ */
/*
* Local variables:
* mode: C
* c-set-style: "BSD"
* c-basic-offset: 4
* tab-width: 4
* indent-tabs-mode: nil
* End:
*/

110
sys/arch/xen/include/xen3-public/vmx_assist.h
View File

@ -1,110 +0,0 @@
/*
* vmx_assist.h: Context definitions for the VMXASSIST world switch.
*
* Leendert van Doorn, leendert@watson.ibm.com
* Copyright (c) 2005, International Business Machines Corporation.
*
* This program is free software; you can redistribute it and/or modify it
* under the terms and conditions of the GNU General Public License,
* version 2, as published by the Free Software Foundation.
*
* This program is distributed in the hope it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
* more details.
*
* You should have received a copy of the GNU General Public License along with
* this program; if not, write to the Free Software Foundation, Inc., 59 Temple
* Place - Suite 330, Boston, MA 02111-1307 USA.
*
*/
#ifndef _VMX_ASSIST_H_
#define _VMX_ASSIST_H_
#define VMXASSIST_BASE 0xD0000
#define VMXASSIST_MAGIC 0x17101966
#define VMXASSIST_MAGIC_OFFSET (VMXASSIST_BASE+8)
#define VMXASSIST_NEW_CONTEXT (VMXASSIST_BASE + 12)
#define VMXASSIST_OLD_CONTEXT (VMXASSIST_NEW_CONTEXT + 4)
#ifndef __ASSEMBLY__
union vmcs_arbytes {
struct arbyte_fields {
unsigned int seg_type : 4,
s : 1,
dpl : 2,
p : 1,
reserved0 : 4,
avl : 1,
reserved1 : 1,
default_ops_size: 1,
g : 1,
null_bit : 1,
reserved2 : 15;
} fields;
unsigned int bytes;
};
/*
* World switch state
*/
typedef struct vmx_assist_context {
uint32_t eip; /* execution pointer */
uint32_t esp; /* stack pointer */
uint32_t eflags; /* flags register */
uint32_t cr0;
uint32_t cr3; /* page table directory */
uint32_t cr4;
uint32_t idtr_limit; /* idt */
uint32_t idtr_base;
uint32_t gdtr_limit; /* gdt */
uint32_t gdtr_base;
uint32_t cs_sel; /* cs selector */
uint32_t cs_limit;
uint32_t cs_base;
union vmcs_arbytes cs_arbytes;
uint32_t ds_sel; /* ds selector */
uint32_t ds_limit;
uint32_t ds_base;
union vmcs_arbytes ds_arbytes;
uint32_t es_sel; /* es selector */
uint32_t es_limit;
uint32_t es_base;
union vmcs_arbytes es_arbytes;
uint32_t ss_sel; /* ss selector */
uint32_t ss_limit;
uint32_t ss_base;
union vmcs_arbytes ss_arbytes;
uint32_t fs_sel; /* fs selector */
uint32_t fs_limit;
uint32_t fs_base;
union vmcs_arbytes fs_arbytes;
uint32_t gs_sel; /* gs selector */
uint32_t gs_limit;
uint32_t gs_base;
union vmcs_arbytes gs_arbytes;
uint32_t tr_sel; /* task selector */
uint32_t tr_limit;
uint32_t tr_base;
union vmcs_arbytes tr_arbytes;
uint32_t ldtr_sel; /* ldtr selector */
uint32_t ldtr_limit;
uint32_t ldtr_base;
union vmcs_arbytes ldtr_arbytes;
} vmx_assist_context_t;
#endif /* __ASSEMBLY__ */
#endif /* _VMX_ASSIST_H_ */
/*
* Local variables:
* mode: C
* c-set-style: "BSD"
* c-basic-offset: 4
* tab-width: 4
* indent-tabs-mode: nil
* End:
*/