tools: Remove bogus external uses of xc_private.h. Clean up libflask.

Signed-off-by: Keir Fraser <keir@xensource.com>

5 files changed, 30 insertions, 83 deletions

diff --git a/tools/flask/libflask/Makefile b/tools/flask/libflask/Makefile
index db57575ea5..a29411f9d5 100644
--- a/tools/flask/libflask/Makefile
+++ b/tools/flask/libflask/Makefile
@@ -39,7 +39,7 @@ install: build
 	$(INSTALL_DATA) libflask.a $(DESTDIR)/usr/$(LIBDIR)
 	ln -sf libflask.so.$(MAJOR).$(MINOR) $(DESTDIR)/usr/$(LIBDIR)/libflask.so.$(MAJOR)
 	ln -sf libflask.so.$(MAJOR) $(DESTDIR)/usr/$(LIBDIR)/libflask.so
-	$(INSTALL_DATA) include/flask_op.h $(DESTDIR)/usr/include
+	$(INSTALL_DATA) include/flask.h $(DESTDIR)/usr/include
 
 .PHONY: TAGS
 TAGS:
diff --git a/tools/flask/libflask/flask_op.c b/tools/flask/libflask/flask_op.c
index 5ebadb51b7..c0ca22d0dd 100644
--- a/tools/flask/libflask/flask_op.c
+++ b/tools/flask/libflask/flask_op.c
@@ -17,11 +17,10 @@
 #include <sys/types.h>
 #include <sys/stat.h>
 #include <stdlib.h>
+#include <stdint.h>
 #include <sys/ioctl.h>
-
-#include <xc_private.h>
-
-#include <flask_op.h>
+#include <flask.h>
+#include <xenctrl.h>
 
 int flask_load(int xc_handle, char *buf, int size)
 {
@@ -32,7 +31,7 @@ int flask_load(int xc_handle, char *buf, int size)
     op.buf = buf;
     op.size = size;
     
-    if ( (err = do_flask_op(xc_handle, &op)) != 0 )
+    if ( (err = xc_flask_op(xc_handle, &op)) != 0 )
         return err;
 
     return 0;
@@ -47,7 +46,7 @@ int flask_context_to_sid(int xc_handle, char *buf, int size, uint32_t *sid)
     op.buf = buf;
     op.size = size;
     
-    if ( (err = do_flask_op(xc_handle, &op)) != 0 )
+    if ( (err = xc_flask_op(xc_handle, &op)) != 0 )
         return err;
     
     sscanf(buf, "%u", sid);
@@ -66,35 +65,8 @@ int flask_sid_to_context(int xc_handle, int sid, char *buf, int size)
     
     snprintf(buf, size, "%u", sid);
 
-    if ( (err = do_flask_op(xc_handle, &op)) != 0 )
+    if ( (err = xc_flask_op(xc_handle, &op)) != 0 )
         return err;
 
     return 0;
 }
-
-int do_flask_op(int xc_handle, flask_op_t *op)
-{
-    int ret = -1;
-    DECLARE_HYPERCALL;
-
-    hypercall.op     = __HYPERVISOR_xsm_op;
-    hypercall.arg[0] = (unsigned long)op;
-
-    if ( mlock(op, sizeof(*op)) != 0 )
-    {
-        PERROR("Could not lock memory for Xen hypercall");
-        goto out;
-    }
-
-    if ( (ret = do_xen_hypercall(xc_handle, &hypercall)) < 0 )
-    {
-        if ( errno == EACCES )
-            fprintf(stderr, "XSM operation failed!\n");
-    }
-
-    safe_munlock(op, sizeof(*op));
-
- out:
-    return ret;
-}
-
diff --git a/tools/flask/libflask/include/flask.h b/tools/flask/libflask/include/flask.h
new file mode 100644
index 0000000000..5973933ac8
--- /dev/null
+++ b/tools/flask/libflask/include/flask.h
@@ -0,0 +1,22 @@
+/*
+ *
+ *  Authors:  Michael LeMay, <mdlemay@epoch.ncsc.mil>
+ *            George Coker, <gscoker@alpha.ncsc.mil>
+ *
+ *  This program is free software; you can redistribute it and/or modify
+ *  it under the terms of the GNU General Public License version 2,
+ *  as published by the Free Software Foundation.
+ */
+
+#ifndef __FLASK_H__
+#define __FLASK_H__
+
+#include <stdint.h>
+#include <xen/xen.h>
+#include <xen/xsm/flask_op.h>
+
+int flask_load(int xc_handle, char *buf, int size);
+int flask_context_to_sid(int xc_handle, char *buf, int size, uint32_t *sid);
+int flask_sid_to_context(int xc_handle, int sid, char *buf, int size);
+
+#endif /* __FLASK_H__ */
diff --git a/tools/flask/libflask/include/flask_op.h b/tools/flask/libflask/include/flask_op.h
deleted file mode 100644
index 4058ea85dc..0000000000
--- a/tools/flask/libflask/include/flask_op.h
+++ /dev/null
@@ -1,46 +0,0 @@
-/*
- *
- *  Authors:  Michael LeMay, <mdlemay@epoch.ncsc.mil>
- *            George Coker, <gscoker@alpha.ncsc.mil>
- *
- *  This program is free software; you can redistribute it and/or modify
- *  it under the terms of the GNU General Public License version 2,
- *  as published by the Free Software Foundation.
- */
-
-#ifndef __FLASK_OP_H
-#define __FLASK_OP_H
-
-#define FLASK_LOAD              1
-#define FLASK_GETENFORCE        2
-#define FLASK_SETENFORCE        3
-#define FLASK_CONTEXT_TO_SID    4
-#define FLASK_SID_TO_CONTEXT    5
-#define FLASK_ACCESS            6
-#define FLASK_CREATE            7
-#define FLASK_RELABEL           8
-#define FLASK_USER              9
-#define FLASK_POLICYVERS        10
-#define FLASK_GETBOOL           11
-#define FLASK_SETBOOL           12
-#define FLASK_COMMITBOOLS       13
-#define FLASK_MLS               14
-#define FLASK_DISABLE           15
-#define FLASK_GETAVC_THRESHOLD  16
-#define FLASK_SETAVC_THRESHOLD  17
-#define FLASK_AVC_HASHSTATS     18
-#define FLASK_AVC_CACHESTATS    19
-#define FLASK_MEMBER            20
-
-typedef struct flask_op {
-    int   cmd;
-    int   size;
-    char *buf;
-} flask_op_t;
-
-int flask_load(int xc_handle, char *buf, int size);
-int flask_context_to_sid(int xc_handle, char *buf, int size, uint32_t *sid);
-int flask_sid_to_context(int xc_handle, int sid, char *buf, int size);
-int do_flask_op(int xc_handle, flask_op_t *op);
-
-#endif
diff --git a/tools/flask/loadpolicy/loadpolicy.c b/tools/flask/loadpolicy/loadpolicy.c
index 285aec4331..bb6eeb8de5 100644
--- a/tools/flask/loadpolicy/loadpolicy.c
+++ b/tools/flask/loadpolicy/loadpolicy.c
@@ -17,8 +17,7 @@
 #include <sys/stat.h>
 #include <string.h>
 #include <unistd.h>
-
-#include <flask_op.h>
+#include <flask.h>
 
 #define USE_MMAP