ia64/xen-unstable

changeset 7938:6a666940fa04

Merge with xen-ia64-unstable.hg.
author kaf24@firebug.cl.cam.ac.uk
date Sun Nov 20 10:19:38 2005 +0100 (2005-11-20)
parents c35a32f96d20 715184c81749
children 675862d22347
files xen/Rules.mk
line diff
     1.1 --- a/Config.mk	Sat Nov 19 15:41:08 2005 -0600
     1.2 +++ b/Config.mk	Sun Nov 20 10:19:38 2005 +0100
     1.3 @@ -44,13 +44,21 @@ CFLAGS += $(foreach i, $(EXTRA_INCLUDES)
     1.4  # Choose the best mirror to download linux kernel
     1.5  KERNEL_REPO = http://www.kernel.org
     1.6  
     1.7 -# ACM_USE_SECURITY_POLICY is set to security policy of Xen
     1.8 +# If ACM_SECURITY = y, then the access control module is compiled
     1.9 +# into Xen and the policy type can be set by the boot policy file
    1.10 +#        y - Build the Xen ACM framework
    1.11 +#        n - Do not build the Xen ACM framework
    1.12 +ACM_SECURITY ?= n
    1.13 +
    1.14 +# If ACM_SECURITY = y and no boot policy file is installed,
    1.15 +# then the ACM defaults to the security policy set by
    1.16 +# ACM_DEFAULT_SECURITY_POLICY
    1.17  # Supported models are:
    1.18 -#	ACM_NULL_POLICY (ACM will not be built with this policy)
    1.19 +#	ACM_NULL_POLICY
    1.20  #	ACM_CHINESE_WALL_POLICY
    1.21  #	ACM_SIMPLE_TYPE_ENFORCEMENT_POLICY
    1.22  #	ACM_CHINESE_WALL_AND_SIMPLE_TYPE_ENFORCEMENT_POLICY
    1.23 -ACM_USE_SECURITY_POLICY ?= ACM_NULL_POLICY
    1.24 +ACM_DEFAULT_SECURITY_POLICY ?= ACM_NULL_POLICY
    1.25  
    1.26  # Optional components
    1.27  XENSTAT_XENTOP ?= y
     2.1 --- a/linux-2.6-xen-sparse/arch/xen/x86_64/Kconfig	Sat Nov 19 15:41:08 2005 -0600
     2.2 +++ b/linux-2.6-xen-sparse/arch/xen/x86_64/Kconfig	Sun Nov 20 10:19:38 2005 +0100
     2.3 @@ -288,10 +288,10 @@ config HAVE_DEC_LOCK
     2.4  # actually 64 maximum, but you need to fix the APIC code first
     2.5  # to use clustered mode or whatever your big iron needs
     2.6  config NR_CPUS
     2.7 -	int "Maximum number of CPUs (2-8)"
     2.8 -	range 2 8
     2.9 +	int "Maximum number of CPUs (2-255)"
    2.10 +	range 2 255
    2.11  	depends on SMP
    2.12 -	default "8"
    2.13 +	default "16"
    2.14  	help
    2.15  	  This allows you to specify the maximum number of CPUs which this
    2.16  	  kernel will support.  The maximum supported value is 32 and the
     3.1 --- a/linux-2.6-xen-sparse/drivers/char/tpm/tpm_xen.c	Sat Nov 19 15:41:08 2005 -0600
     3.2 +++ b/linux-2.6-xen-sparse/drivers/char/tpm/tpm_xen.c	Sun Nov 20 10:19:38 2005 +0100
     3.3 @@ -22,7 +22,7 @@
     3.4  
     3.5  #include <asm/uaccess.h>
     3.6  #include <linux/list.h>
     3.7 -#include <linux/tpmfe.h>
     3.8 +#include <asm-xen/tpmfe.h>
     3.9  #include <linux/device.h>
    3.10  #include <linux/interrupt.h>
    3.11  #include "tpm.h"
     4.1 --- a/linux-2.6-xen-sparse/drivers/xen/tpmfront/tpmfront.c	Sat Nov 19 15:41:08 2005 -0600
     4.2 +++ b/linux-2.6-xen-sparse/drivers/xen/tpmfront/tpmfront.c	Sun Nov 20 10:19:38 2005 +0100
     4.3 @@ -38,7 +38,7 @@
     4.4  #include <linux/errno.h>
     4.5  #include <linux/interrupt.h>
     4.6  #include <linux/init.h>
     4.7 -#include <linux/tpmfe.h>
     4.8 +#include <asm-xen/tpmfe.h>
     4.9  #include <linux/err.h>
    4.10  
    4.11  #include <asm/semaphore.h>
     5.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
     5.2 +++ b/linux-2.6-xen-sparse/include/asm-xen/tpmfe.h	Sun Nov 20 10:19:38 2005 +0100
     5.3 @@ -0,0 +1,33 @@
     5.4 +#ifndef TPM_FE_H
     5.5 +#define TPM_FE_H
     5.6 +
     5.7 +struct tpmfe_device {
     5.8 +	/*
     5.9 +	 * Let upper layer receive data from front-end
    5.10 +	 */
    5.11 +	int (*receive)(const u8 *buffer, size_t count, const void *ptr);
    5.12 +	/*
    5.13 +	 * Indicate the status of the front-end to the upper
    5.14 +	 * layer.
    5.15 +	 */
    5.16 +	void (*status)(unsigned int flags);
    5.17 +
    5.18 +	/*
    5.19 +	 * This field indicates the maximum size the driver can
    5.20 +	 * transfer in one chunk. It is filled out by the front-end
    5.21 +	 * driver and should be propagated to the generic tpm driver
    5.22 +	 * for allocation of buffers.
    5.23 +	 */
    5.24 +	unsigned int max_tx_size;
    5.25 +};
    5.26 +
    5.27 +enum {
    5.28 +	TPMFE_STATUS_DISCONNECTED = 0x0,
    5.29 +	TPMFE_STATUS_CONNECTED = 0x1
    5.30 +};
    5.31 +
    5.32 +int tpm_fe_send(const u8 * buf, size_t count, void *ptr);
    5.33 +int tpm_fe_register_receiver(struct tpmfe_device *);
    5.34 +void tpm_fe_unregister_receiver(void);
    5.35 +
    5.36 +#endif
     6.1 --- a/linux-2.6-xen-sparse/include/linux/tpmfe.h	Sat Nov 19 15:41:08 2005 -0600
     6.2 +++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
     6.3 @@ -1,33 +0,0 @@
     6.4 -#ifndef TPM_FE_H
     6.5 -#define TPM_FE_H
     6.6 -
     6.7 -struct tpmfe_device {
     6.8 -	/*
     6.9 -	 * Let upper layer receive data from front-end
    6.10 -	 */
    6.11 -	int (*receive)(const u8 *buffer, size_t count, const void *ptr);
    6.12 -	/*
    6.13 -	 * Indicate the status of the front-end to the upper
    6.14 -	 * layer.
    6.15 -	 */
    6.16 -	void (*status)(unsigned int flags);
    6.17 -
    6.18 -	/*
    6.19 -	 * This field indicates the maximum size the driver can
    6.20 -	 * transfer in one chunk. It is filled out by the front-end
    6.21 -	 * driver and should be propagated to the generic tpm driver
    6.22 -	 * for allocation of buffers.
    6.23 -	 */
    6.24 -	unsigned int max_tx_size;
    6.25 -};
    6.26 -
    6.27 -enum {
    6.28 -	TPMFE_STATUS_DISCONNECTED = 0x0,
    6.29 -	TPMFE_STATUS_CONNECTED = 0x1
    6.30 -};
    6.31 -
    6.32 -int tpm_fe_send(const u8 * buf, size_t count, void *ptr);
    6.33 -int tpm_fe_register_receiver(struct tpmfe_device *);
    6.34 -void tpm_fe_unregister_receiver(void);
    6.35 -
    6.36 -#endif
     7.1 --- a/tools/python/xen/lowlevel/xs/xs.c	Sat Nov 19 15:41:08 2005 -0600
     7.2 +++ b/tools/python/xen/lowlevel/xs/xs.c	Sun Nov 20 10:19:38 2005 +0100
     7.3 @@ -172,7 +172,7 @@ static PyObject *xspy_ls(PyObject *self,
     7.4      char *path;
     7.5  
     7.6      char **xsval;
     7.7 -    int xsval_n;
     7.8 +    unsigned int xsval_n;
     7.9  
    7.10      if (!parse_transaction_path(self, args, kwds, &xh, &th, &path))
    7.11          return NULL;
     8.1 --- a/tools/python/xen/xm/create.py	Sat Nov 19 15:41:08 2005 -0600
     8.2 +++ b/tools/python/xen/xm/create.py	Sun Nov 20 10:19:38 2005 +0100
     8.3 @@ -905,9 +905,6 @@ def parseCommandLine(argv):
     8.4              opts.setopt('name', os.path.basename(opts.getopt('defconfig')))
     8.5          config = make_config(opts.vals)
     8.6  
     8.7 -    if type(config) == str:
     8.8 -        config = sxp.parse(file(config))[0]
     8.9 -
    8.10      return (opts, config)
    8.11  
    8.12  
     9.1 --- a/tools/security/Makefile	Sat Nov 19 15:41:08 2005 -0600
     9.2 +++ b/tools/security/Makefile	Sun Nov 20 10:19:38 2005 +0100
     9.3 @@ -12,21 +12,21 @@ CFLAGS_XML2BIN += $(shell xml2-config --
     9.4  XML2VERSION = $(shell xml2-config --version )
     9.5  VALIDATE_SCHEMA=$(shell if [[ $(XML2VERSION) < 2.6.20 ]]; then echo ""; else echo "-DVALIDATE_SCHEMA"; fi; )
     9.6  
     9.7 -ifeq ($(ACM_USE_SECURITY_POLICY),ACM_NULL_POLICY)
     9.8 +ifeq ($(ACM_DEFAULT_SECURITY_POLICY),ACM_NULL_POLICY)
     9.9  POLICY=null
    9.10  endif
    9.11 -ifeq ($(ACM_USE_SECURITY_POLICY),ACM_CHINESE_WALL_POLICY)
    9.12 +ifeq ($(ACM_DEFAULT_SECURITY_POLICY),ACM_CHINESE_WALL_POLICY)
    9.13  POLICY=chwall
    9.14  endif
    9.15 -ifeq ($(ACM_USE_SECURITY_POLICY),ACM_SIMPLE_TYPE_ENFORCEMENT_POLICY)
    9.16 +ifeq ($(ACM_DEFAULT_SECURITY_POLICY),ACM_SIMPLE_TYPE_ENFORCEMENT_POLICY)
    9.17  POLICY=ste
    9.18  endif
    9.19 -ifeq ($(ACM_USE_SECURITY_POLICY),ACM_CHINESE_WALL_AND_SIMPLE_TYPE_ENFORCEMENT_POLICY)
    9.20 +ifeq ($(ACM_DEFAULT_SECURITY_POLICY),ACM_CHINESE_WALL_AND_SIMPLE_TYPE_ENFORCEMENT_POLICY)
    9.21  POLICY=chwall_ste
    9.22  endif
    9.23  POLICYFILE=./policies/$(POLICY)/$(POLICY).bin
    9.24  
    9.25 -ifneq ($(ACM_USE_SECURITY_POLICY), ACM_NULL_POLICY)
    9.26 +ifeq ($(ACM_SECURITY),y)
    9.27  all: build
    9.28  
    9.29  install:all
    9.30 @@ -55,7 +55,7 @@ secpol_xml2bin : secpol_xml2bin.c secpol
    9.31  	$(CC) $(CPPFLAGS) $(CFLAGS) $(CFLAGS_XML2BIN) $(VALIDATE_SCHEMA) -o $@ $<
    9.32  
    9.33  clean:
    9.34 -	rm -rf secpol_tool secpol_xml2bin xen
    9.35 +	rm -rf secpol_tool secpol_xml2bin xen get_decision
    9.36  
    9.37  policy_clean:
    9.38  	rm -rf policies/*/*.bin policies/*/*.map
    10.1 --- a/tools/security/install.txt	Sat Nov 19 15:41:08 2005 -0600
    10.2 +++ b/tools/security/install.txt	Sun Nov 20 10:19:38 2005 +0100
    10.3 @@ -24,11 +24,13 @@ 1. enable access control in Xen
    10.4         # cd "xen_root"
    10.5         # edit/xemacs/vi Config.mk
    10.6  
    10.7 -       change the line:
    10.8 -       ACM_USE_SECURITY_POLICY ?= ACM_NULL_POLICY
    10.9 +       change the lines:
   10.10 +       ACM_SECURITY ?= n
   10.11 +       ACM_DEFAULT_SECURITY_POLICY ?= ACM_NULL_POLICY
   10.12  
   10.13         to:
   10.14 -       ACM_USE_SECURITY_POLICY ?= ACM_CHINESE_WALL_AND_SIMPLE_TYPE_ENFORCEMENT_POLICY
   10.15 +       ACM_SECURITY ?= y
   10.16 +       ACM_DEFAULT_SECURITY_POLICY ?= ACM_CHINESE_WALL_AND_SIMPLE_TYPE_ENFORCEMENT_POLICY
   10.17  
   10.18         # make all
   10.19         # ./install.sh
    11.1 --- a/tools/xenmon/xenmon.py	Sat Nov 19 15:41:08 2005 -0600
    11.2 +++ b/tools/xenmon/xenmon.py	Sun Nov 20 10:19:38 2005 +0100
    11.3 @@ -58,6 +58,8 @@ IOCOUNT = "I/O Count"
    11.4  EXCOUNT = "Exec Count"
    11.5  
    11.6  # globals
    11.7 +dom_in_use = []
    11.8 +
    11.9  # our curses screen
   11.10  stdscr = None
   11.11  
   11.12 @@ -88,18 +90,18 @@ def setup_cmdline_parser():
   11.13  # encapsulate information about a domain
   11.14  class DomainInfo:
   11.15      def __init__(self):
   11.16 -        self.allocated_samples = []
   11.17 -        self.gotten_samples = []
   11.18 -        self.blocked_samples = []
   11.19 -        self.waited_samples = []
   11.20 -        self.execcount_samples = []
   11.21 -        self.iocount_samples = []
   11.22 +        self.allocated_sum = 0
   11.23 +        self.gotten_sum = 0
   11.24 +        self.blocked_sum = 0
   11.25 +        self.waited_sum = 0
   11.26 +        self.exec_count = 0;
   11.27 +        self.iocount_sum = 0
   11.28          self.ffp_samples = []
   11.29  
   11.30      def gotten_stats(self, passed):
   11.31 -        total = float(sum(self.gotten_samples))
   11.32 +        total = float(self.gotten_sum)
   11.33          per = 100*total/passed
   11.34 -        exs = sum(self.execcount_samples)
   11.35 +        exs = self.exec_count
   11.36          if exs > 0:
   11.37              avg = total/exs
   11.38          else:
   11.39 @@ -107,9 +109,9 @@ class DomainInfo:
   11.40          return [total/(float(passed)/10**9), per, avg]
   11.41  
   11.42      def waited_stats(self, passed):
   11.43 -        total = float(sum(self.waited_samples))
   11.44 +        total = float(self.waited_sum)
   11.45          per = 100*total/passed
   11.46 -        exs = sum(self.execcount_samples)
   11.47 +        exs = self.exec_count
   11.48          if exs > 0:
   11.49              avg = total/exs
   11.50          else:
   11.51 @@ -117,9 +119,9 @@ class DomainInfo:
   11.52          return [total/(float(passed)/10**9), per, avg]
   11.53  
   11.54      def blocked_stats(self, passed):
   11.55 -        total = float(sum(self.blocked_samples))
   11.56 +        total = float(self.blocked_sum)
   11.57          per = 100*total/passed
   11.58 -        ios = sum(self.iocount_samples)
   11.59 +        ios = self.iocount_sum
   11.60          if ios > 0:
   11.61              avg = total/float(ios)
   11.62          else:
   11.63 @@ -127,20 +129,20 @@ class DomainInfo:
   11.64          return [total/(float(passed)/10**9), per, avg]
   11.65  
   11.66      def allocated_stats(self, passed):
   11.67 -        total = sum(self.allocated_samples)
   11.68 -        exs = sum(self.execcount_samples)
   11.69 +        total = self.allocated_sum
   11.70 +        exs = self.exec_count
   11.71          if exs > 0:
   11.72              return float(total)/exs
   11.73          else:
   11.74              return 0
   11.75  
   11.76      def ec_stats(self, passed):
   11.77 -        total = float(sum(self.execcount_samples))/(float(passed)/10**9)
   11.78 -        return total
   11.79 +        total = float(self.exec_count/(float(passed)/10**9))
   11.80 +	return total
   11.81  
   11.82      def io_stats(self, passed):
   11.83 -        total = float(sum(self.iocount_samples))
   11.84 -        exs = sum(self.execcount_samples)
   11.85 +        total = float(self.iocount_sum)
   11.86 +        exs = self.exec_count
   11.87          if exs > 0:
   11.88              avg = total/exs
   11.89          else:
   11.90 @@ -165,12 +167,13 @@ def summarize(startat, endat, duration, 
   11.91      
   11.92      while passed < duration:
   11.93          for i in range(0, NDOMAINS):
   11.94 -            dominfos[i].gotten_samples.append(samples[curid][0*NDOMAINS + i])
   11.95 -            dominfos[i].allocated_samples.append(samples[curid][1*NDOMAINS + i])
   11.96 -            dominfos[i].waited_samples.append(samples[curid][2*NDOMAINS + i])
   11.97 -            dominfos[i].blocked_samples.append(samples[curid][3*NDOMAINS + i])
   11.98 -            dominfos[i].execcount_samples.append(samples[curid][4*NDOMAINS + i])
   11.99 -            dominfos[i].iocount_samples.append(samples[curid][5*NDOMAINS + i])
  11.100 +            if dom_in_use[i]:
  11.101 +                dominfos[i].gotten_sum += samples[curid][0*NDOMAINS + i]
  11.102 +                dominfos[i].allocated_sum += samples[curid][1*NDOMAINS + i]
  11.103 +                dominfos[i].waited_sum += samples[curid][2*NDOMAINS + i]
  11.104 +                dominfos[i].blocked_sum += samples[curid][3*NDOMAINS + i]
  11.105 +                dominfos[i].exec_count += samples[curid][4*NDOMAINS + i]
  11.106 +                dominfos[i].iocount_sum += samples[curid][5*NDOMAINS + i]
  11.107      
  11.108          passed += samples[curid][6*NDOMAINS]
  11.109          lost_samples.append(samples[curid][6*NDOMAINS + 2])
  11.110 @@ -187,7 +190,13 @@ def summarize(startat, endat, duration, 
  11.111  
  11.112      lostinfo = [min(lost_samples), sum(lost_samples), max(lost_samples)]
  11.113      ffpinfo = [min(ffp_samples), sum(ffp_samples), max(ffp_samples)]
  11.114 -    ldoms = map(lambda x: dominfos[x].stats(passed), range(0, NDOMAINS))
  11.115 +
  11.116 +    ldoms = []
  11.117 +    for x in range(0, NDOMAINS):
  11.118 +        if dom_in_use[x]:
  11.119 +            ldoms.append(dominfos[x].stats(passed))
  11.120 +        else:
  11.121 +            ldoms.append(0)
  11.122  
  11.123      return [ldoms, lostinfo, ffpinfo]
  11.124  
  11.125 @@ -222,6 +231,7 @@ def show_livestats():
  11.126      cpu = 0          # cpu of interest to display data for
  11.127      ncpu = 1         # number of cpu's on this platform
  11.128      slen = 0         # size of shared data structure, incuding padding
  11.129 +    global dom_in_use
  11.130      
  11.131      # mmap the (the first chunk of the) file
  11.132      shmf = open(SHM_FILE, "r+")
  11.133 @@ -229,6 +239,7 @@ def show_livestats():
  11.134  
  11.135      samples = []
  11.136      doms = []
  11.137 +    dom_in_use = []
  11.138  
  11.139      # initialize curses
  11.140      stdscr = _c.initscr()
  11.141 @@ -238,9 +249,7 @@ def show_livestats():
  11.142      stdscr.keypad(1)
  11.143      stdscr.timeout(1000)
  11.144      [maxy, maxx] = stdscr.getmaxyx()
  11.145 -
  11.146      
  11.147 -
  11.148      # display in a loop
  11.149      while True:
  11.150  
  11.151 @@ -264,6 +273,11 @@ def show_livestats():
  11.152                  len = struct.calcsize(ST_DOM_INFO)
  11.153                  dom = struct.unpack(ST_DOM_INFO, shm[idx:idx+len])
  11.154                  doms.append(dom)
  11.155 +#		(last_update_time, start_time, runnable_start_time, blocked_start_time,
  11.156 +#		 ns_since_boot, ns_oncpu_since_boot, runnable_at_last_update,
  11.157 +#		 runnable, in_use, domid, name) = dom
  11.158 +#		dom_in_use.append(in_use)
  11.159 +                dom_in_use.append(dom[8])
  11.160                  idx += len
  11.161  
  11.162              len = struct.calcsize("4i")
  11.163 @@ -293,6 +307,7 @@ def show_livestats():
  11.164          [h1, l1, f1] = summarize(startat, endat, 10**9, samples)
  11.165          [h2, l2, f2] = summarize(startat, endat, 10 * 10**9, samples)
  11.166  
  11.167 +
  11.168          # the actual display code
  11.169          row = 0
  11.170          display(stdscr, row, 1, "CPU = %d" % cpu, _c.A_STANDOUT)
  11.171 @@ -305,6 +320,9 @@ def show_livestats():
  11.172          total_h2_cpu = 0
  11.173  
  11.174          for dom in range(0, NDOMAINS):
  11.175 +            if not dom_in_use[dom]:
  11.176 +                continue
  11.177 +
  11.178              if h1[dom][0][1] > 0 or dom == NDOMAINS - 1:
  11.179                  # display gotten
  11.180                  row += 1 
  11.181 @@ -475,6 +493,7 @@ class Delayed(file):
  11.182  
  11.183  def writelog():
  11.184      global options
  11.185 +    global dom_in_use
  11.186  
  11.187      ncpu = 1        # number of cpu's
  11.188      slen = 0        # size of shared structure inc. padding
  11.189 @@ -490,11 +509,13 @@ def writelog():
  11.190  
  11.191      while options.duration == 0 or interval < (options.duration * 1000):
  11.192          for cpuidx in range(0, ncpu):
  11.193 +
  11.194              idx = cpuidx * slen      # offset needed in mmap file
  11.195  
  11.196  
  11.197              samples = []
  11.198              doms = []
  11.199 +            dom_in_use = []
  11.200  
  11.201              for i in range(0, NSAMPLES):
  11.202                  len = struct.calcsize(ST_QDATA)
  11.203 @@ -505,7 +526,11 @@ def writelog():
  11.204              for i in range(0, NDOMAINS):
  11.205                  len = struct.calcsize(ST_DOM_INFO)
  11.206                  dom = struct.unpack(ST_DOM_INFO, shm[idx:idx+len])
  11.207 -                doms.append(dom)
  11.208 +#                doms.append(dom)
  11.209 +#		(last_update_time, start_time, runnable_start_time, blocked_start_time,
  11.210 +#		 ns_since_boot, ns_oncpu_since_boot, runnable_at_last_update,
  11.211 +#		 runnable, in_use, domid, name) = dom
  11.212 +                dom_in_use.append(dom[8])
  11.213                  idx += len
  11.214  
  11.215              len = struct.calcsize("4i")
  11.216 @@ -524,6 +549,8 @@ def writelog():
  11.217  
  11.218              [h1,l1, f1] = summarize(startat, endat, options.interval * 10**6, samples)
  11.219              for dom in range(0, NDOMAINS):
  11.220 +                if not dom_in_use[dom]:
  11.221 +                    continue
  11.222                  if h1[dom][0][1] > 0 or dom == NDOMAINS - 1:
  11.223                      outfiles[dom].write("%.3f %d %d %.3f %.3f %.3f %.3f %.3f %.3f %.3f %.3f %.3f %.3f %.3f %.3f %.3f\n" %
  11.224                                       (interval, cpuidx, dom,
    12.1 --- a/xen/Makefile	Sat Nov 19 15:41:08 2005 -0600
    12.2 +++ b/xen/Makefile	Sun Nov 20 10:19:38 2005 +0100
    12.3 @@ -57,7 +57,7 @@ clean: delete-unfresh-files
    12.4  	$(MAKE) include/asm-$(TARGET_ARCH)/asm-offsets.h
    12.5  	$(MAKE) -C common
    12.6  	$(MAKE) -C drivers
    12.7 -ifneq ($(ACM_USE_SECURITY_POLICY),ACM_NULL_POLICY)
    12.8 +ifeq ($(ACM_SECURITY),y)
    12.9  	$(MAKE) -C acm
   12.10  endif
   12.11  	$(MAKE) -C arch/$(TARGET_ARCH)
   12.12 @@ -79,8 +79,8 @@ include/xen/acm_policy.h:
   12.13  	  echo " *"; \
   12.14  	  echo " */"; \
   12.15  	  echo ""; \
   12.16 -	  echo "#ifndef ACM_USE_SECURITY_POLICY"; \
   12.17 -	  echo "#define ACM_USE_SECURITY_POLICY $(ACM_USE_SECURITY_POLICY)"; \
   12.18 +	  echo "#ifndef ACM_DEFAULT_SECURITY_POLICY"; \
   12.19 +	  echo "#define ACM_DEFAULT_SECURITY_POLICY $(ACM_DEFAULT_SECURITY_POLICY)"; \
   12.20  	  echo "#endif") >$@
   12.21  
   12.22  # compile.h contains dynamic build info. Rebuilt on every 'make' invocation.
    13.1 --- a/xen/Rules.mk	Sat Nov 19 15:41:08 2005 -0600
    13.2 +++ b/xen/Rules.mk	Sun Nov 20 10:19:38 2005 +0100
    13.3 @@ -37,8 +37,9 @@ OBJS    += $(patsubst %.c,%.o,$(C_SRCS))
    13.4  ALL_OBJS := $(BASEDIR)/common/common.o
    13.5  ALL_OBJS += $(BASEDIR)/drivers/char/driver.o
    13.6  ALL_OBJS += $(BASEDIR)/drivers/acpi/driver.o
    13.7 -ifneq ($(ACM_USE_SECURITY_POLICY),ACM_NULL_POLICY)
    13.8 +ifeq ($(ACM_SECURITY),y)
    13.9  ALL_OBJS += $(BASEDIR)/acm/acm.o
   13.10 +CFLAGS += -DACM_SECURITY
   13.11  endif
   13.12  ALL_OBJS += $(BASEDIR)/arch/$(TARGET_ARCH)/arch.o
   13.13  
    14.1 --- a/xen/acm/acm_core.c	Sat Nov 19 15:41:08 2005 -0600
    14.2 +++ b/xen/acm/acm_core.c	Sun Nov 20 10:19:38 2005 +0100
    14.3 @@ -49,6 +49,9 @@ void acm_init_ste_policy(void);
    14.4  extern struct acm_operations acm_chinesewall_ops, 
    14.5      acm_simple_type_enforcement_ops, acm_null_ops;
    14.6  
    14.7 +/* global ACM policy  (now dynamically determined at boot time) */
    14.8 +u16 acm_active_security_policy = ACM_POLICY_UNDEFINED;
    14.9 +
   14.10  /* global ops structs called by the hooks */
   14.11  struct acm_operations *acm_primary_ops = NULL;
   14.12  /* called in hook if-and-only-if primary succeeds */
   14.13 @@ -61,7 +64,8 @@ rwlock_t acm_bin_pol_rwlock = RW_LOCK_UN
   14.14  
   14.15  /* until we have endian support in Xen, we discover it at runtime */
   14.16  u8 little_endian = 1;
   14.17 -void acm_set_endian(void)
   14.18 +void
   14.19 +acm_set_endian(void)
   14.20  {
   14.21      u32 test = 1;
   14.22      if (*((u8 *)&test) == 1)
   14.23 @@ -76,14 +80,82 @@ void acm_set_endian(void)
   14.24      }
   14.25  }
   14.26  
   14.27 -/* initialize global security policy for Xen; policy write-locked already */
   14.28 -static void
   14.29 -acm_init_binary_policy(void *primary, void *secondary)
   14.30 +int
   14.31 +acm_init_binary_policy(u32 policy_code)
   14.32  {
   14.33 -    acm_bin_pol.primary_policy_code = 0;
   14.34 -    acm_bin_pol.secondary_policy_code = 0;
   14.35 -    acm_bin_pol.primary_binary_policy = primary;
   14.36 -    acm_bin_pol.secondary_binary_policy = secondary;
   14.37 +    int ret = ACM_OK;
   14.38 +
   14.39 +    acm_bin_pol.primary_policy_code = (policy_code & 0x0f);
   14.40 +    acm_bin_pol.secondary_policy_code = (policy_code >> 4) & 0x0f;
   14.41 +
   14.42 +    write_lock(&acm_bin_pol_rwlock);
   14.43 +
   14.44 +    /* set primary policy component */
   14.45 +    switch ((policy_code) & 0x0f)
   14.46 +    {
   14.47 +
   14.48 +    case ACM_CHINESE_WALL_POLICY:
   14.49 +        acm_init_chwall_policy();
   14.50 +        acm_bin_pol.primary_policy_code = ACM_CHINESE_WALL_POLICY;
   14.51 +        acm_primary_ops = &acm_chinesewall_ops;
   14.52 +        break;
   14.53 +
   14.54 +    case ACM_SIMPLE_TYPE_ENFORCEMENT_POLICY:
   14.55 +        acm_init_ste_policy();
   14.56 +        acm_bin_pol.primary_policy_code = ACM_SIMPLE_TYPE_ENFORCEMENT_POLICY;
   14.57 +        acm_primary_ops = &acm_simple_type_enforcement_ops;
   14.58 +        break;
   14.59 +
   14.60 +    case ACM_NULL_POLICY:
   14.61 +        acm_bin_pol.primary_policy_code = ACM_NULL_POLICY;
   14.62 +        acm_primary_ops = &acm_null_ops;
   14.63 +        break;
   14.64 +
   14.65 +    default:
   14.66 +        /* Unknown policy not allowed primary */
   14.67 +        ret = -EINVAL;
   14.68 +        goto out;
   14.69 +    }
   14.70 +
   14.71 +    /* secondary policy component part */
   14.72 +    switch ((policy_code) >> 4)
   14.73 +    {
   14.74 +
   14.75 +    case ACM_NULL_POLICY:
   14.76 +        acm_bin_pol.secondary_policy_code = ACM_NULL_POLICY;
   14.77 +        acm_secondary_ops = &acm_null_ops;
   14.78 +        break;
   14.79 +
   14.80 +    case ACM_CHINESE_WALL_POLICY:
   14.81 +        if (acm_bin_pol.primary_policy_code == ACM_CHINESE_WALL_POLICY)
   14.82 +        {   /* not a valid combination */
   14.83 +            ret = -EINVAL;
   14.84 +            goto out;
   14.85 +        }
   14.86 +        acm_init_chwall_policy();
   14.87 +        acm_bin_pol.secondary_policy_code = ACM_CHINESE_WALL_POLICY;
   14.88 +        acm_secondary_ops = &acm_chinesewall_ops;
   14.89 +        break;
   14.90 +
   14.91 +    case ACM_SIMPLE_TYPE_ENFORCEMENT_POLICY:
   14.92 +        if (acm_bin_pol.primary_policy_code == ACM_SIMPLE_TYPE_ENFORCEMENT_POLICY)
   14.93 +        {   /* not a valid combination */
   14.94 +            ret = -EINVAL;
   14.95 +            goto out;
   14.96 +        }
   14.97 +        acm_init_ste_policy();
   14.98 +        acm_bin_pol.secondary_policy_code = ACM_SIMPLE_TYPE_ENFORCEMENT_POLICY;
   14.99 +        acm_secondary_ops = &acm_simple_type_enforcement_ops;
  14.100 +        break;
  14.101 +
  14.102 +    default:
  14.103 +        ret = -EINVAL;
  14.104 +        goto out;
  14.105 +    }
  14.106 +
  14.107 + out:
  14.108 +    write_unlock(&acm_bin_pol_rwlock);
  14.109 +    return ret;
  14.110  }
  14.111  
  14.112  static int
  14.113 @@ -161,83 +233,35 @@ acm_init(unsigned int *initrdidx,
  14.114      int ret = ACM_OK;
  14.115  
  14.116      acm_set_endian();
  14.117 -    write_lock(&acm_bin_pol_rwlock);
  14.118 -    acm_init_binary_policy(NULL, NULL);
  14.119  
  14.120 -    /* set primary policy component */
  14.121 -    switch ((ACM_USE_SECURITY_POLICY) & 0x0f)
  14.122 -    {
  14.123 +    /* first try to load the boot policy (uses its own locks) */
  14.124 +    acm_setup(initrdidx, mbi, initial_images_start);
  14.125  
  14.126 -    case ACM_CHINESE_WALL_POLICY:
  14.127 -        acm_init_chwall_policy();
  14.128 -        acm_bin_pol.primary_policy_code = ACM_CHINESE_WALL_POLICY;
  14.129 -        acm_primary_ops = &acm_chinesewall_ops;
  14.130 -        break;
  14.131 +    if (acm_active_security_policy != ACM_POLICY_UNDEFINED)
  14.132 +    {
  14.133 +        printk("%s: Boot-Policy. Enforcing %s: Primary %s, Secondary %s.\n", __func__,
  14.134 +               ACM_POLICY_NAME(acm_active_security_policy),
  14.135 +               ACM_POLICY_NAME(acm_bin_pol.primary_policy_code),
  14.136 +               ACM_POLICY_NAME(acm_bin_pol.secondary_policy_code));
  14.137 +        goto out;
  14.138 +    }
  14.139 +    /* else continue with the minimal hardcoded default startup policy */
  14.140 +    printk("%s: Loading default policy (%s).\n",
  14.141 +           __func__, ACM_POLICY_NAME(ACM_DEFAULT_SECURITY_POLICY));
  14.142  
  14.143 -    case ACM_SIMPLE_TYPE_ENFORCEMENT_POLICY:
  14.144 -        acm_init_ste_policy();
  14.145 -        acm_bin_pol.primary_policy_code = ACM_SIMPLE_TYPE_ENFORCEMENT_POLICY;
  14.146 -        acm_primary_ops = &acm_simple_type_enforcement_ops;
  14.147 -        break;
  14.148 -
  14.149 -    default:
  14.150 -        /* NULL or Unknown policy not allowed primary;
  14.151 -         * NULL/NULL will not compile this code */
  14.152 +    if (acm_init_binary_policy(ACM_DEFAULT_SECURITY_POLICY)) {
  14.153          ret = -EINVAL;
  14.154          goto out;
  14.155      }
  14.156 -
  14.157 -    /* secondary policy component part */
  14.158 -    switch ((ACM_USE_SECURITY_POLICY) >> 4) {
  14.159 -    case ACM_NULL_POLICY:
  14.160 -        acm_bin_pol.secondary_policy_code = ACM_NULL_POLICY;
  14.161 -        acm_secondary_ops = &acm_null_ops;
  14.162 -        break;
  14.163 -
  14.164 -    case ACM_CHINESE_WALL_POLICY:
  14.165 -        if (acm_bin_pol.primary_policy_code == ACM_CHINESE_WALL_POLICY)
  14.166 -        {   /* not a valid combination */
  14.167 -            ret = -EINVAL;
  14.168 -            goto out;
  14.169 -        }
  14.170 -        acm_init_chwall_policy();
  14.171 -        acm_bin_pol.secondary_policy_code = ACM_CHINESE_WALL_POLICY;
  14.172 -        acm_secondary_ops = &acm_chinesewall_ops;
  14.173 -        break;
  14.174 -
  14.175 -    case ACM_SIMPLE_TYPE_ENFORCEMENT_POLICY:
  14.176 -        if (acm_bin_pol.primary_policy_code == ACM_SIMPLE_TYPE_ENFORCEMENT_POLICY)
  14.177 -        {   /* not a valid combination */
  14.178 -            ret = -EINVAL;
  14.179 -            goto out;
  14.180 -        }
  14.181 -        acm_init_ste_policy();
  14.182 -        acm_bin_pol.secondary_policy_code = ACM_SIMPLE_TYPE_ENFORCEMENT_POLICY;
  14.183 -        acm_secondary_ops = &acm_simple_type_enforcement_ops;
  14.184 -        break;
  14.185 -
  14.186 -    default:
  14.187 -        ret = -EINVAL;
  14.188 -        goto out;
  14.189 -    }
  14.190 +    acm_active_security_policy = ACM_DEFAULT_SECURITY_POLICY;
  14.191  
  14.192   out:
  14.193 -    write_unlock(&acm_bin_pol_rwlock);
  14.194 -
  14.195      if (ret != ACM_OK)
  14.196      {
  14.197          printk("%s: Error initializing policies.\n", __func__);
  14.198          /* here one could imagine a clean panic */
  14.199          return -EINVAL;
  14.200      }
  14.201 -    if (acm_setup(initrdidx, mbi, initial_images_start) != ACM_OK)
  14.202 -    {
  14.203 -        printk("%s: Error loading policy at boot time.\n", __func__);
  14.204 -        /* ignore, just continue with the minimal hardcoded startup policy */
  14.205 -    }
  14.206 -    printk("%s: Enforcing Primary %s, Secondary %s.\n", __func__, 
  14.207 -           ACM_POLICY_NAME(acm_bin_pol.primary_policy_code),
  14.208 -           ACM_POLICY_NAME(acm_bin_pol.secondary_policy_code));
  14.209      return ret;
  14.210  }
  14.211  
  14.212 @@ -265,7 +289,7 @@ acm_init_domain_ssid(domid_t id, ssidref
  14.213      ssid->primary_ssid   = NULL;
  14.214      ssid->secondary_ssid = NULL;
  14.215  
  14.216 -    if (ACM_USE_SECURITY_POLICY != ACM_NULL_POLICY)
  14.217 +    if (acm_active_security_policy != ACM_NULL_POLICY)
  14.218          ssid->ssidref = ssidref;
  14.219      else
  14.220          ssid->ssidref = ACM_DEFAULT_SSID;
    15.1 --- a/xen/acm/acm_policy.c	Sat Nov 19 15:41:08 2005 -0600
    15.2 +++ b/xen/acm/acm_policy.c	Sun Nov 20 10:19:38 2005 +0100
    15.3 @@ -56,17 +56,29 @@ acm_set_policy(void *buf, u32 buf_size, 
    15.4      /* 2. some sanity checking */
    15.5      pol = (struct acm_policy_buffer *)policy_buffer;
    15.6  
    15.7 -    if ((ntohl(pol->magic) != ACM_MAGIC) || 
    15.8 -        (ntohl(pol->policy_version) != ACM_POLICY_VERSION) ||
    15.9 -        (ntohl(pol->primary_policy_code) != acm_bin_pol.primary_policy_code) ||
   15.10 +    if ((ntohl(pol->magic) != ACM_MAGIC) ||
   15.11 +        (buf_size != ntohl(pol->len)) ||
   15.12 +        (ntohl(pol->policy_version) != ACM_POLICY_VERSION))
   15.13 +    {
   15.14 +        printk("%s: ERROR in Magic, Version, or buf size.\n", __func__);
   15.15 +        goto error_free;
   15.16 +    }
   15.17 +
   15.18 +    if (acm_active_security_policy == ACM_POLICY_UNDEFINED) {
   15.19 +        /* setup the policy with the boot policy */
   15.20 +        if (acm_init_binary_policy((ntohl(pol->secondary_policy_code) << 4) |
   15.21 +                                   ntohl(pol->primary_policy_code))) {
   15.22 +            goto error_free;
   15.23 +        }
   15.24 +        acm_active_security_policy =
   15.25 +            (acm_bin_pol.secondary_policy_code << 4) | acm_bin_pol.primary_policy_code;
   15.26 +    }
   15.27 +
   15.28 +    /* once acm_active_security_policy is set, it cannot be changed */
   15.29 +    if ((ntohl(pol->primary_policy_code) != acm_bin_pol.primary_policy_code) ||
   15.30          (ntohl(pol->secondary_policy_code) != acm_bin_pol.secondary_policy_code))
   15.31      {
   15.32 -        printkd("%s: Wrong policy magics or versions!\n", __func__);
   15.33 -        goto error_free;
   15.34 -    }
   15.35 -    if (buf_size != ntohl(pol->len))
   15.36 -    {
   15.37 -        printk("%s: ERROR in buf size.\n", __func__);
   15.38 +        printkd("%s: Wrong policy type in boot policy!\n", __func__);
   15.39          goto error_free;
   15.40      }
   15.41  
    16.1 --- a/xen/arch/x86/shadow.c	Sat Nov 19 15:41:08 2005 -0600
    16.2 +++ b/xen/arch/x86/shadow.c	Sun Nov 20 10:19:38 2005 +0100
    16.3 @@ -47,13 +47,14 @@ static void mark_shadows_as_reflecting_s
    16.4  #if CONFIG_PAGING_LEVELS == 3
    16.5  static unsigned long shadow_l3_table(
    16.6      struct domain *d, unsigned long gpfn, unsigned long gmfn);
    16.7 -static inline void validate_bl2e_change( struct domain *d,
    16.8 -    guest_root_pgentry_t *new_gle_p, pgentry_64_t *shadow_l3, int index);
    16.9  #endif
   16.10  
   16.11  #if CONFIG_PAGING_LEVELS == 4
   16.12  static unsigned long shadow_l4_table(
   16.13      struct domain *d, unsigned long gpfn, unsigned long gmfn);
   16.14 +#endif
   16.15 +
   16.16 +#if CONFIG_PAGING_LEVELS >= 3
   16.17  static void shadow_map_into_current(struct vcpu *v,
   16.18      unsigned long va, unsigned int from, unsigned int to);
   16.19  static inline void validate_bl2e_change( struct domain *d,
   16.20 @@ -669,6 +670,7 @@ static void shadow_map_l1_into_current_l
   16.21      }
   16.22  }
   16.23  
   16.24 +#if CONFIG_PAGING_LEVELS == 2
   16.25  static void
   16.26  shadow_set_l1e(unsigned long va, l1_pgentry_t new_spte, int create_l1_shadow)
   16.27  {
   16.28 @@ -750,7 +752,6 @@ shadow_set_l1e(unsigned long va, l1_pgen
   16.29      shadow_update_min_max(l2e_get_pfn(sl2e), l1_table_offset(va));
   16.30  }
   16.31  
   16.32 -#if CONFIG_PAGING_LEVELS == 2
   16.33  static void shadow_invlpg_32(struct vcpu *v, unsigned long va)
   16.34  {
   16.35      struct domain *d = v->domain;
   16.36 @@ -781,6 +782,73 @@ static void shadow_invlpg_32(struct vcpu
   16.37  }
   16.38  #endif /* CONFIG_PAGING_LEVELS == 2 */
   16.39  
   16.40 +#if CONFIG_PAGING_LEVELS >= 3
   16.41 +static void shadow_set_l1e_64(
   16.42 +    unsigned long va, pgentry_64_t *sl1e_p,
   16.43 +    int create_l1_shadow)
   16.44 +{
   16.45 +    struct vcpu *v = current;
   16.46 +    struct domain *d = v->domain;
   16.47 +    pgentry_64_t sle;
   16.48 +    pgentry_64_t sle_up = {0};
   16.49 +    l1_pgentry_t old_spte;
   16.50 +    l1_pgentry_t sl1e = *(l1_pgentry_t *)sl1e_p;
   16.51 +    int i;
   16.52 +    unsigned long orig_va = 0;
   16.53 +
   16.54 +    if ( d->arch.ops->guest_paging_levels == PAGING_L2 ) 
   16.55 +    {
   16.56 +        /* This is for 32-bit VMX guest on 64-bit host */
   16.57 +        orig_va = va;
   16.58 +        va = va & (~((1<<L2_PAGETABLE_SHIFT_32)-1));
   16.59 +    }
   16.60 +
   16.61 +    for ( i = PAGING_L4; i >= PAGING_L2; i-- )
   16.62 +    {
   16.63 +        if ( !__rw_entry(v, va, &sle, SHADOW_ENTRY | GET_ENTRY | i) )
   16.64 +        {
   16.65 +            sl1e = l1e_empty();
   16.66 +            goto out;
   16.67 +        }
   16.68 +        if ( !(entry_get_flags(sle) & _PAGE_PRESENT) )
   16.69 +        {
   16.70 +            if ( create_l1_shadow )
   16.71 +            {
   16.72 +                perfc_incrc(shadow_set_l3e_force_map);
   16.73 +                shadow_map_into_current(v, va, i-1, i);
   16.74 +                __rw_entry(v, va, &sle, SHADOW_ENTRY | GET_ENTRY | i);
   16.75 +            }
   16.76 +        }
   16.77 +        if ( i < PAGING_L4 )
   16.78 +            shadow_update_min_max(entry_get_pfn(sle_up), table_offset_64(va, i));
   16.79 +        sle_up = sle;
   16.80 +    }
   16.81 +
   16.82 +    if ( d->arch.ops->guest_paging_levels == PAGING_L2 )
   16.83 +    {
   16.84 +        va = orig_va;
   16.85 +    }
   16.86 +
   16.87 +    if ( shadow_mode_refcounts(d) )
   16.88 +    {
   16.89 +        __shadow_get_l1e(v, va, &old_spte);
   16.90 +        if ( l1e_has_changed(old_spte, sl1e, _PAGE_RW | _PAGE_PRESENT) )
   16.91 +        {
   16.92 +            if ( (l1e_get_flags(sl1e) & _PAGE_PRESENT) &&
   16.93 +                 !shadow_get_page_from_l1e(sl1e, d) )
   16.94 +                sl1e = l1e_empty();
   16.95 +            if ( l1e_get_flags(old_spte) & _PAGE_PRESENT )
   16.96 +                put_page_from_l1e(old_spte, d);
   16.97 +        }
   16.98 +    }
   16.99 +
  16.100 +out:
  16.101 +    __shadow_set_l1e(v, va, &sl1e);
  16.102 +
  16.103 +    shadow_update_min_max(entry_get_pfn(sle_up), guest_l1_table_offset(va));
  16.104 +}
  16.105 +#endif /* CONFIG_PAGING_LEVELS >= 3 */
  16.106 +
  16.107  static struct out_of_sync_entry *
  16.108  shadow_alloc_oos_entry(struct domain *d)
  16.109  {
  16.110 @@ -1996,8 +2064,11 @@ static int do_update_va_mapping(unsigned
  16.111      __shadow_sync_va(v, va);
  16.112  
  16.113      l1pte_propagate_from_guest(d, *(guest_l1_pgentry_t *)&val, &spte);
  16.114 +#if CONFIG_PAGING_LEVELS == 2
  16.115      shadow_set_l1e(va, spte, 0);
  16.116 -
  16.117 +#elif CONFIG_PAGING_LEVELS >= 3
  16.118 +    shadow_set_l1e_64(va, (pgentry_64_t *) &spte, 0);
  16.119 +#endif
  16.120      /*
  16.121       * If we're in log-dirty mode then we need to note that we've updated
  16.122       * the PTE in the PT-holding page. We need the machine frame number
  16.123 @@ -3012,71 +3083,6 @@ static void shadow_set_l2e_64(unsigned l
  16.124  }
  16.125  
  16.126  
  16.127 -static void shadow_set_l1e_64(
  16.128 -    unsigned long va, pgentry_64_t *sl1e_p,
  16.129 -    int create_l1_shadow)
  16.130 -{
  16.131 -    struct vcpu *v = current;
  16.132 -    struct domain *d = v->domain;
  16.133 -    pgentry_64_t sle;
  16.134 -    pgentry_64_t sle_up = {0};
  16.135 -    l1_pgentry_t old_spte;
  16.136 -    l1_pgentry_t sl1e = *(l1_pgentry_t *)sl1e_p;
  16.137 -    int i;
  16.138 -    unsigned long orig_va = 0;
  16.139 -
  16.140 -    if ( d->arch.ops->guest_paging_levels == PAGING_L2 ) 
  16.141 -    {
  16.142 -        /* This is for 32-bit VMX guest on 64-bit host */
  16.143 -        orig_va = va;
  16.144 -        va = va & (~((1<<L2_PAGETABLE_SHIFT_32)-1));
  16.145 -    }
  16.146 -
  16.147 -    for (i = PAGING_L4; i >= PAGING_L2; i--) 
  16.148 -    {
  16.149 -        if (!__rw_entry(v, va, &sle, SHADOW_ENTRY | GET_ENTRY | i)) {
  16.150 -            printk("<%s> i = %d\n", __func__, i);
  16.151 -            BUG();
  16.152 -        }
  16.153 -        if ( !(entry_get_flags(sle) & _PAGE_PRESENT) ) {
  16.154 -            if ( create_l1_shadow ) {
  16.155 -                perfc_incrc(shadow_set_l3e_force_map);
  16.156 -                shadow_map_into_current(v, va, i-1, i);
  16.157 -                __rw_entry(v, va, &sle, SHADOW_ENTRY | GET_ENTRY | i);
  16.158 -            } else {
  16.159 -#if 0
  16.160 -                printk("For non VMX shadow, create_l1_shadow:%d\n", create_l1_shadow);
  16.161 -#endif
  16.162 -            }
  16.163 -        }
  16.164 -        if( i < PAGING_L4 )
  16.165 -            shadow_update_min_max(entry_get_pfn(sle_up), table_offset_64(va, i));
  16.166 -        sle_up = sle;
  16.167 -    }
  16.168 -
  16.169 -    if ( d->arch.ops->guest_paging_levels == PAGING_L2 ) {
  16.170 -        va = orig_va;
  16.171 -    }
  16.172 -
  16.173 -    if ( shadow_mode_refcounts(d) )
  16.174 -    {
  16.175 -        __shadow_get_l1e(v, va, &old_spte);
  16.176 -        ESH_LOG("old_sl1e: %lx, new_sl1e: %lx\n", l1e_get_intpte(old_spte), l1e_get_intpte(sl1e));
  16.177 -        if ( l1e_has_changed(old_spte, sl1e, _PAGE_RW | _PAGE_PRESENT) )
  16.178 -            {
  16.179 -                if ( (l1e_get_flags(sl1e) & _PAGE_PRESENT) &&
  16.180 -                     !shadow_get_page_from_l1e(sl1e, d) )
  16.181 -                    sl1e = l1e_empty();
  16.182 -                if ( l1e_get_flags(old_spte) & _PAGE_PRESENT )
  16.183 -                    put_page_from_l1e(old_spte, d);
  16.184 -            }
  16.185 -    }
  16.186 -
  16.187 -    __shadow_set_l1e(v, va, &sl1e);
  16.188 -
  16.189 -    shadow_update_min_max(entry_get_pfn(sle_up), guest_l1_table_offset(va));
  16.190 -}
  16.191 -
  16.192  /* As 32-bit guest don't support 4M page yet,
  16.193   * we don't concern double compile for this function
  16.194   */
    17.1 --- a/xen/common/acm_ops.c	Sat Nov 19 15:41:08 2005 -0600
    17.2 +++ b/xen/common/acm_ops.c	Sun Nov 20 10:19:38 2005 +0100
    17.3 @@ -29,7 +29,7 @@
    17.4  #include <public/sched_ctl.h>
    17.5  #include <acm/acm_hooks.h>
    17.6  
    17.7 -#if (ACM_USE_SECURITY_POLICY == ACM_NULL_POLICY)
    17.8 +#ifndef ACM_SECURITY
    17.9  
   17.10  long do_acm_op(struct acm_op * u_acm_op)
   17.11  {
    18.1 --- a/xen/include/acm/acm_core.h	Sat Nov 19 15:41:08 2005 -0600
    18.2 +++ b/xen/include/acm/acm_core.h	Sun Nov 20 10:19:38 2005 +0100
    18.3 @@ -28,9 +28,6 @@
    18.4  struct acm_binary_policy {
    18.5      u16 primary_policy_code;
    18.6      u16 secondary_policy_code;
    18.7 -    void *primary_binary_policy;                                 
    18.8 -    void *secondary_binary_policy;
    18.9 - 
   18.10  };
   18.11  
   18.12  struct chwall_binary_policy {
   18.13 @@ -53,6 +50,7 @@ struct ste_binary_policy {
   18.14  };
   18.15  
   18.16  /* global acm policy */
   18.17 +extern u16 acm_active_security_policy;
   18.18  extern struct acm_binary_policy acm_bin_pol;
   18.19  extern struct chwall_binary_policy chwall_bin_pol;
   18.20  extern struct ste_binary_policy ste_bin_pol;
   18.21 @@ -120,6 +118,7 @@ struct ste_ssid {
   18.22  /* protos */
   18.23  int acm_init_domain_ssid(domid_t id, ssidref_t ssidref);
   18.24  void acm_free_domain_ssid(struct acm_ssid_domain *ssid);
   18.25 +int acm_init_binary_policy(u32 policy_code);
   18.26  int acm_set_policy(void *buf, u32 buf_size, int isuserbuffer);
   18.27  int acm_get_policy(void *buf, u32 buf_size);
   18.28  int acm_dump_statistics(void *buf, u16 buf_size);
    19.1 --- a/xen/include/acm/acm_hooks.h	Sat Nov 19 15:41:08 2005 -0600
    19.2 +++ b/xen/include/acm/acm_hooks.h	Sun Nov 20 10:19:38 2005 +0100
    19.3 @@ -127,7 +127,7 @@ extern struct acm_operations *acm_second
    19.4  # define traceprintk(fmt, args...)
    19.5  #endif
    19.6  
    19.7 -#if (ACM_USE_SECURITY_POLICY == ACM_NULL_POLICY)
    19.8 +#ifndef ACM_SECURITY
    19.9  
   19.10  static inline int acm_pre_dom0_op(dom0_op_t *op, void **ssid) 
   19.11  { return 0; }
    20.1 --- a/xen/include/public/acm.h	Sat Nov 19 15:41:08 2005 -0600
    20.2 +++ b/xen/include/public/acm.h	Sun Nov 20 10:19:38 2005 +0100
    20.3 @@ -60,6 +60,7 @@
    20.4  #define ACM_NULL_POLICY 0
    20.5  #define ACM_CHINESE_WALL_POLICY 1
    20.6  #define ACM_SIMPLE_TYPE_ENFORCEMENT_POLICY 2
    20.7 +#define ACM_POLICY_UNDEFINED 15
    20.8  
    20.9  /* combinations have secondary policy component in higher 4bit */
   20.10  #define ACM_CHINESE_WALL_AND_SIMPLE_TYPE_ENFORCEMENT_POLICY \