ia64/xen-unstable

changeset 6540:81576d3d1ca8

Merge.
author adsharma@los-vmm.sc.intel.com
date Fri Aug 19 10:19:28 2005 -0800 (2005-08-19)
parents 99914b54f7bf 0608852073c8
children 483ac5017c9c
files .hgignore Config.mk Makefile buildconfigs/Rules.mk buildconfigs/mk.linux-2.6-xen buildconfigs/mk.linux-2.6-xen0 buildconfigs/mk.linux-2.6-xenU docs/src/user.tex linux-2.4-xen-sparse/arch/xen/Makefile linux-2.4-xen-sparse/arch/xen/config.in linux-2.4-xen-sparse/arch/xen/kernel/time.c linux-2.4-xen-sparse/include/asm-xen/bugs.h linux-2.4-xen-sparse/include/asm-xen/fixmap.h linux-2.4-xen-sparse/include/asm-xen/highmem.h linux-2.4-xen-sparse/include/asm-xen/hw_irq.h linux-2.4-xen-sparse/include/asm-xen/io.h linux-2.4-xen-sparse/include/asm-xen/irq.h linux-2.4-xen-sparse/include/asm-xen/mmu_context.h linux-2.4-xen-sparse/include/asm-xen/page.h linux-2.4-xen-sparse/include/asm-xen/pci.h linux-2.4-xen-sparse/include/asm-xen/pgalloc.h linux-2.4-xen-sparse/include/asm-xen/pgtable.h linux-2.4-xen-sparse/include/asm-xen/processor.h linux-2.4-xen-sparse/include/asm-xen/segment.h linux-2.4-xen-sparse/include/asm-xen/smp.h linux-2.4-xen-sparse/include/asm-xen/system.h linux-2.4-xen-sparse/include/asm-xen/vga.h linux-2.4-xen-sparse/include/linux/blk.h linux-2.4-xen-sparse/include/linux/highmem.h linux-2.4-xen-sparse/include/linux/irq.h linux-2.4-xen-sparse/include/linux/mm.h linux-2.4-xen-sparse/include/linux/sched.h linux-2.4-xen-sparse/include/linux/skbuff.h linux-2.4-xen-sparse/include/linux/timer.h linux-2.4-xen-sparse/mkbuildtree linux-2.6-xen-sparse/arch/xen/Kconfig linux-2.6-xen-sparse/arch/xen/configs/xen0_defconfig_x86_32 linux-2.6-xen-sparse/arch/xen/configs/xen0_defconfig_x86_64 linux-2.6-xen-sparse/arch/xen/configs/xenU_defconfig_x86_32 linux-2.6-xen-sparse/arch/xen/configs/xenU_defconfig_x86_64 linux-2.6-xen-sparse/arch/xen/configs/xen_defconfig_x86_32 linux-2.6-xen-sparse/arch/xen/configs/xen_defconfig_x86_64 linux-2.6-xen-sparse/arch/xen/i386/Kconfig linux-2.6-xen-sparse/arch/xen/i386/kernel/Makefile linux-2.6-xen-sparse/arch/xen/i386/kernel/cpu/common.c linux-2.6-xen-sparse/arch/xen/i386/kernel/entry.S linux-2.6-xen-sparse/arch/xen/i386/kernel/head.S linux-2.6-xen-sparse/arch/xen/i386/kernel/i386_ksyms.c linux-2.6-xen-sparse/arch/xen/i386/kernel/init_task.c linux-2.6-xen-sparse/arch/xen/i386/kernel/ioport.c linux-2.6-xen-sparse/arch/xen/i386/kernel/irq.c linux-2.6-xen-sparse/arch/xen/i386/kernel/ldt.c linux-2.6-xen-sparse/arch/xen/i386/kernel/mpparse.c linux-2.6-xen-sparse/arch/xen/i386/kernel/pci-dma.c linux-2.6-xen-sparse/arch/xen/i386/kernel/process.c linux-2.6-xen-sparse/arch/xen/i386/kernel/setup.c linux-2.6-xen-sparse/arch/xen/i386/kernel/smp.c linux-2.6-xen-sparse/arch/xen/i386/kernel/smpboot.c linux-2.6-xen-sparse/arch/xen/i386/kernel/swiotlb.c linux-2.6-xen-sparse/arch/xen/i386/kernel/time.c linux-2.6-xen-sparse/arch/xen/i386/kernel/traps.c linux-2.6-xen-sparse/arch/xen/i386/mm/fault.c linux-2.6-xen-sparse/arch/xen/i386/mm/highmem.c linux-2.6-xen-sparse/arch/xen/i386/mm/hypervisor.c linux-2.6-xen-sparse/arch/xen/i386/mm/init.c linux-2.6-xen-sparse/arch/xen/i386/mm/ioremap.c linux-2.6-xen-sparse/arch/xen/i386/mm/pgtable.c linux-2.6-xen-sparse/arch/xen/i386/pci/irq.c linux-2.6-xen-sparse/arch/xen/kernel/evtchn.c linux-2.6-xen-sparse/arch/xen/kernel/gnttab.c linux-2.6-xen-sparse/arch/xen/kernel/reboot.c linux-2.6-xen-sparse/arch/xen/kernel/skbuff.c linux-2.6-xen-sparse/arch/xen/x86_64/Kconfig linux-2.6-xen-sparse/arch/xen/x86_64/Makefile linux-2.6-xen-sparse/arch/xen/x86_64/kernel/Makefile linux-2.6-xen-sparse/arch/xen/x86_64/kernel/apic.c linux-2.6-xen-sparse/arch/xen/x86_64/kernel/e820.c linux-2.6-xen-sparse/arch/xen/x86_64/kernel/entry.S linux-2.6-xen-sparse/arch/xen/x86_64/kernel/genapic.c linux-2.6-xen-sparse/arch/xen/x86_64/kernel/genapic_xen.c linux-2.6-xen-sparse/arch/xen/x86_64/kernel/head.S linux-2.6-xen-sparse/arch/xen/x86_64/kernel/ioport.c linux-2.6-xen-sparse/arch/xen/x86_64/kernel/irq.c linux-2.6-xen-sparse/arch/xen/x86_64/kernel/pci-nommu.c linux-2.6-xen-sparse/arch/xen/x86_64/kernel/process.c linux-2.6-xen-sparse/arch/xen/x86_64/kernel/setup.c linux-2.6-xen-sparse/arch/xen/x86_64/kernel/setup64.c linux-2.6-xen-sparse/arch/xen/x86_64/kernel/smp.c linux-2.6-xen-sparse/arch/xen/x86_64/kernel/smpboot.c linux-2.6-xen-sparse/arch/xen/x86_64/kernel/traps.c linux-2.6-xen-sparse/arch/xen/x86_64/kernel/xen_entry.S linux-2.6-xen-sparse/arch/xen/x86_64/mm/fault.c linux-2.6-xen-sparse/arch/xen/x86_64/mm/init.c linux-2.6-xen-sparse/arch/xen/x86_64/mm/ioremap.c linux-2.6-xen-sparse/drivers/xen/Makefile linux-2.6-xen-sparse/drivers/xen/balloon/balloon.c linux-2.6-xen-sparse/drivers/xen/blkback/Makefile linux-2.6-xen-sparse/drivers/xen/blkback/blkback.c linux-2.6-xen-sparse/drivers/xen/blkback/common.h linux-2.6-xen-sparse/drivers/xen/blkback/interface.c linux-2.6-xen-sparse/drivers/xen/blkback/vbd.c linux-2.6-xen-sparse/drivers/xen/blkback/xenbus.c linux-2.6-xen-sparse/drivers/xen/blkfront/blkfront.c linux-2.6-xen-sparse/drivers/xen/blkfront/block.h linux-2.6-xen-sparse/drivers/xen/blkfront/vbd.c linux-2.6-xen-sparse/drivers/xen/blktap/blktap.c linux-2.6-xen-sparse/drivers/xen/blktap/blktap.h linux-2.6-xen-sparse/drivers/xen/blktap/blktap_controlmsg.c linux-2.6-xen-sparse/drivers/xen/blktap/blktap_datapath.c linux-2.6-xen-sparse/drivers/xen/blktap/blktap_userdev.c linux-2.6-xen-sparse/drivers/xen/netback/common.h linux-2.6-xen-sparse/drivers/xen/netback/interface.c linux-2.6-xen-sparse/drivers/xen/netback/netback.c linux-2.6-xen-sparse/drivers/xen/netfront/netfront.c linux-2.6-xen-sparse/drivers/xen/privcmd/privcmd.c linux-2.6-xen-sparse/drivers/xen/usbback/common.h linux-2.6-xen-sparse/drivers/xen/usbback/interface.c linux-2.6-xen-sparse/drivers/xen/usbback/usbback.c linux-2.6-xen-sparse/drivers/xen/usbfront/usbfront.c linux-2.6-xen-sparse/drivers/xen/usbfront/xhci.h linux-2.6-xen-sparse/drivers/xen/xenbus/Makefile linux-2.6-xen-sparse/drivers/xen/xenbus/xenbus_comms.c linux-2.6-xen-sparse/drivers/xen/xenbus/xenbus_comms.h linux-2.6-xen-sparse/drivers/xen/xenbus/xenbus_probe.c linux-2.6-xen-sparse/drivers/xen/xenbus/xenbus_xs.c linux-2.6-xen-sparse/include/asm-generic/pgtable.h linux-2.6-xen-sparse/include/asm-xen/asm-i386/desc.h linux-2.6-xen-sparse/include/asm-xen/asm-i386/dma-mapping.h linux-2.6-xen-sparse/include/asm-xen/asm-i386/fixmap.h linux-2.6-xen-sparse/include/asm-xen/asm-i386/hypercall.h linux-2.6-xen-sparse/include/asm-xen/asm-i386/kmap_types.h linux-2.6-xen-sparse/include/asm-xen/asm-i386/mach-xen/irq_vectors.h linux-2.6-xen-sparse/include/asm-xen/asm-i386/mmu_context.h linux-2.6-xen-sparse/include/asm-xen/asm-i386/page.h linux-2.6-xen-sparse/include/asm-xen/asm-i386/pci.h linux-2.6-xen-sparse/include/asm-xen/asm-i386/pgalloc.h linux-2.6-xen-sparse/include/asm-xen/asm-i386/pgtable-2level.h linux-2.6-xen-sparse/include/asm-xen/asm-i386/pgtable-3level.h linux-2.6-xen-sparse/include/asm-xen/asm-i386/pgtable.h linux-2.6-xen-sparse/include/asm-xen/asm-i386/scatterlist.h linux-2.6-xen-sparse/include/asm-xen/asm-i386/swiotlb.h linux-2.6-xen-sparse/include/asm-xen/asm-x86_64/desc.h linux-2.6-xen-sparse/include/asm-xen/asm-x86_64/dma-mapping.h linux-2.6-xen-sparse/include/asm-xen/asm-x86_64/hypercall.h linux-2.6-xen-sparse/include/asm-xen/asm-x86_64/io.h linux-2.6-xen-sparse/include/asm-xen/asm-x86_64/mach-xen/irq_vectors.h linux-2.6-xen-sparse/include/asm-xen/asm-x86_64/page.h linux-2.6-xen-sparse/include/asm-xen/asm-x86_64/pci.h linux-2.6-xen-sparse/include/asm-xen/asm-x86_64/pgtable.h linux-2.6-xen-sparse/include/asm-xen/asm-x86_64/processor.h linux-2.6-xen-sparse/include/asm-xen/balloon.h linux-2.6-xen-sparse/include/asm-xen/ctrl_if.h linux-2.6-xen-sparse/include/asm-xen/evtchn.h linux-2.6-xen-sparse/include/asm-xen/gnttab.h linux-2.6-xen-sparse/include/asm-xen/hypervisor.h linux-2.6-xen-sparse/include/asm-xen/xenbus.h linux-2.6-xen-sparse/include/linux/highmem.h linux-2.6-xen-sparse/include/linux/mm.h linux-2.6-xen-sparse/kernel/irq/manage.c linux-2.6-xen-sparse/mkbuildtree linux-2.6-xen-sparse/mm/highmem.c linux-2.6-xen-sparse/mm/memory.c patches/linux-2.6.12/patch-2.6.12.5 patches/linux-2.6.12/smp-alts.patch patches/linux-2.6.12/workaround_double_br_del_if.patch tools/Makefile tools/blktap/blktaplib.c tools/console/client/main.c tools/console/daemon/io.c tools/console/daemon/utils.c tools/debugger/gdb/gdbbuild tools/debugger/libxendebug/xendebug.c tools/debugger/libxendebug/xendebug.h tools/debugger/pdb/Domain.ml tools/debugger/pdb/Domain.mli tools/debugger/pdb/Makefile tools/debugger/pdb/PDB.ml tools/debugger/pdb/Process.ml tools/debugger/pdb/Process.mli tools/debugger/pdb/Util.ml tools/debugger/pdb/Xen_domain.ml tools/debugger/pdb/Xen_domain.mli tools/debugger/pdb/debugger.ml tools/debugger/pdb/linux-2.6-module/Makefile tools/debugger/pdb/linux-2.6-module/debug.c tools/debugger/pdb/linux-2.6-module/module.c tools/debugger/pdb/linux-2.6-module/pdb_debug.h tools/debugger/pdb/linux-2.6-module/pdb_module.h tools/debugger/pdb/linux-2.6-patches/Makefile tools/debugger/pdb/linux-2.6-patches/i386_ksyms.patch tools/debugger/pdb/linux-2.6-patches/kdebug.patch tools/debugger/pdb/linux-2.6-patches/makefile.patch tools/debugger/pdb/linux-2.6-patches/ptrace.patch tools/debugger/pdb/linux-2.6-patches/traps.patch tools/debugger/pdb/pdb_caml_domain.c tools/debugger/pdb/pdb_caml_process.c tools/debugger/pdb/pdb_caml_xcs.c tools/debugger/pdb/pdb_caml_xen.h tools/debugger/pdb/readme tools/debugger/pdb/server.ml tools/examples/Makefile tools/examples/network-bridge tools/examples/xend-config.sxp tools/examples/xmexample.vmx tools/firmware/rombios/rombios.c tools/ioemu/hw/pc.c tools/ioemu/hw/pckbd.c tools/ioemu/monitor.c tools/ioemu/target-i386-dm/Makefile tools/ioemu/target-i386-dm/helper2.c tools/ioemu/target-i386-dm/qemu-dm.debug tools/ioemu/vl.c tools/ioemu/vl.h tools/ioemu/vnc.c tools/libxc/Makefile tools/libxc/linux_boot_params.h tools/libxc/xc.h tools/libxc/xc_core.c tools/libxc/xc_domain.c tools/libxc/xc_gnttab.c tools/libxc/xc_linux_build.c tools/libxc/xc_linux_restore.c tools/libxc/xc_linux_save.c tools/libxc/xc_load_elf.c tools/libxc/xc_private.c tools/libxc/xc_private.h tools/libxc/xc_ptrace.c tools/libxc/xc_vmx_build.c tools/misc/Makefile tools/misc/xend tools/python/setup.py tools/python/xen/lowlevel/xc/xc.c tools/python/xen/lowlevel/xs/xs.c tools/python/xen/lowlevel/xu/xu.c tools/python/xen/sv/CreateDomain.py tools/python/xen/sv/DomInfo.py tools/python/xen/sv/GenTabbed.py tools/python/xen/sv/HTMLBase.py tools/python/xen/sv/Main.py tools/python/xen/sv/NodeInfo.py tools/python/xen/sv/RestoreDomain.py tools/python/xen/sv/Wizard.py tools/python/xen/sv/__init__.py tools/python/xen/sv/util.py tools/python/xen/web/SrvBase.py tools/python/xen/web/SrvDir.py tools/python/xen/web/__init__.py tools/python/xen/web/connection.py tools/python/xen/web/httpserver.py tools/python/xen/web/protocol.py tools/python/xen/web/reactor.py tools/python/xen/web/resource.py tools/python/xen/web/static.py tools/python/xen/web/tcp.py tools/python/xen/web/unix.py tools/python/xen/xend/Args.py tools/python/xen/xend/EventServer.py tools/python/xen/xend/PrettyPrint.py tools/python/xen/xend/Vifctl.py tools/python/xen/xend/XendCheckpoint.py tools/python/xen/xend/XendClient.py tools/python/xen/xend/XendDB.py tools/python/xen/xend/XendDmesg.py tools/python/xen/xend/XendDomain.py tools/python/xen/xend/XendDomainInfo.py tools/python/xen/xend/XendError.py tools/python/xen/xend/XendLogging.py tools/python/xen/xend/XendNode.py tools/python/xen/xend/XendProtocol.py tools/python/xen/xend/XendRoot.py tools/python/xen/xend/XendVnet.py tools/python/xen/xend/encode.py tools/python/xen/xend/image.py tools/python/xen/xend/scheduler.py tools/python/xen/xend/server/SrvDaemon.py tools/python/xen/xend/server/SrvDmesg.py tools/python/xen/xend/server/SrvDomain.py tools/python/xen/xend/server/SrvDomainDir.py tools/python/xen/xend/server/SrvNode.py tools/python/xen/xend/server/SrvRoot.py tools/python/xen/xend/server/SrvServer.py tools/python/xen/xend/server/SrvVnetDir.py tools/python/xen/xend/server/SrvXendLog.py tools/python/xen/xend/server/blkif.py tools/python/xen/xend/server/channel.py tools/python/xen/xend/server/controller.py tools/python/xen/xend/server/event.py tools/python/xen/xend/server/messages.py tools/python/xen/xend/server/netif.py tools/python/xen/xend/server/params.py tools/python/xen/xend/server/pciif.py tools/python/xen/xend/server/relocate.py tools/python/xen/xend/sxp.py tools/python/xen/xend/uuid.py tools/python/xen/xend/xenstore/__init__.py tools/python/xen/xend/xenstore/xsnode.py tools/python/xen/xend/xenstore/xsobj.py tools/python/xen/xend/xenstore/xsresource.py tools/python/xen/xm/create.py tools/python/xen/xm/destroy.py tools/python/xen/xm/help.py tools/python/xen/xm/main.py tools/python/xen/xm/migrate.py tools/python/xen/xm/opts.py tools/python/xen/xm/shutdown.py tools/python/xen/xm/sysrq.py tools/security/Makefile tools/security/example.txt tools/security/install.txt tools/security/policies/chwall/chwall-security_label_template.xml tools/security/policies/chwall/chwall-security_policy.xml tools/security/policies/chwall_ste/chwall_ste-security_label_template.xml tools/security/policies/chwall_ste/chwall_ste-security_policy.xml tools/security/policies/null/null-security_label_template.xml tools/security/policies/null/null-security_policy.xml tools/security/policies/security_policy.xsd tools/security/policies/ste/ste-security_label_template.xml tools/security/policies/ste/ste-security_policy.xml tools/security/policy.txt tools/security/readme.txt tools/security/secpol_compat.h tools/security/secpol_tool.c tools/security/secpol_xml2bin.c tools/security/secpol_xml2bin.h tools/security/setlabel.sh tools/security/updategrub.sh tools/sv/Makefile tools/sv/images/destroy.png tools/sv/images/finish.png tools/sv/images/next.png tools/sv/images/pause.png tools/sv/images/previous.png tools/sv/images/reboot.png tools/sv/images/shutdown.png tools/sv/images/small-destroy.png tools/sv/images/small-pause.png tools/sv/images/small-unpause.png tools/sv/images/unpause.png tools/sv/images/xen.png tools/sv/inc/script.js tools/sv/inc/style.css tools/sv/index.psp tools/xcs/xcs.h tools/xcutils/xc_restore.c tools/xenstore/Makefile tools/xenstore/TODO tools/xenstore/testsuite/test.sh tools/xenstore/utils.c tools/xenstore/utils.h tools/xenstore/xenstored.h tools/xenstore/xenstored_core.c tools/xenstore/xenstored_core.h tools/xenstore/xenstored_domain.c tools/xenstore/xenstored_domain.h tools/xenstore/xenstored_transaction.c tools/xenstore/xenstored_transaction.h tools/xenstore/xenstored_watch.c tools/xenstore/xenstored_watch.h tools/xenstore/xs.c tools/xenstore/xs.h tools/xenstore/xs_lib.c tools/xenstore/xs_lib.h tools/xenstore/xs_random.c tools/xenstore/xs_test.c tools/xentrace/xentrace.c xen/Makefile xen/Rules.mk xen/acm/acm_core.c xen/acm/acm_policy.c xen/arch/ia64/Makefile xen/arch/ia64/Rules.mk xen/arch/ia64/asm-offsets.c xen/arch/ia64/asm-xsi-offsets.c xen/arch/ia64/dom_fw.c xen/arch/ia64/domain.c xen/arch/ia64/grant_table.c xen/arch/ia64/hypercall.c xen/arch/ia64/hyperprivop.S xen/arch/ia64/mmio.c xen/arch/ia64/pal_emul.c xen/arch/ia64/patch/linux-2.6.11/irq_ia64.c xen/arch/ia64/patch/linux-2.6.11/kregs.h xen/arch/ia64/pcdp.c xen/arch/ia64/process.c xen/arch/ia64/regionreg.c xen/arch/ia64/tools/mkbuildtree xen/arch/ia64/vcpu.c xen/arch/ia64/vlsapic.c xen/arch/ia64/vmmu.c xen/arch/ia64/vmx_hypercall.c xen/arch/ia64/vmx_ivt.S xen/arch/ia64/vmx_support.c xen/arch/ia64/vmx_vcpu.c xen/arch/ia64/vmx_virt.c xen/arch/ia64/vtlb.c xen/arch/ia64/xenasm.S xen/arch/ia64/xenmem.c xen/arch/ia64/xenmisc.c xen/arch/ia64/xensetup.c xen/arch/ia64/xentime.c xen/arch/x86/Makefile xen/arch/x86/acpi/boot.c xen/arch/x86/apic.c xen/arch/x86/audit.c xen/arch/x86/cpu/common.c xen/arch/x86/dom0_ops.c xen/arch/x86/domain.c xen/arch/x86/domain_build.c xen/arch/x86/genapic/es7000plat.c xen/arch/x86/i8259.c xen/arch/x86/io_apic.c xen/arch/x86/mm.c xen/arch/x86/mpparse.c xen/arch/x86/physdev.c xen/arch/x86/setup.c xen/arch/x86/shadow.c xen/arch/x86/shadow32.c xen/arch/x86/shadow_public.c xen/arch/x86/smpboot.c xen/arch/x86/time.c xen/arch/x86/traps.c xen/arch/x86/vmx.c xen/arch/x86/vmx_intercept.c xen/arch/x86/vmx_io.c xen/arch/x86/vmx_platform.c xen/arch/x86/vmx_vmcs.c xen/arch/x86/x86_32/entry.S xen/arch/x86/x86_32/mm.c xen/arch/x86/x86_32/traps.c xen/arch/x86/x86_64/entry.S xen/arch/x86/x86_64/mm.c xen/arch/x86/x86_64/traps.c xen/common/ac_timer.c xen/common/dom0_ops.c xen/common/dom_mem_ops.c xen/common/domain.c xen/common/event_channel.c xen/common/grant_table.c xen/common/lib.c xen/common/page_alloc.c xen/common/perfc.c xen/common/sched_sedf.c xen/common/schedule.c xen/common/symbols.c xen/common/trace.c xen/common/xmalloc.c xen/drivers/char/console.c xen/drivers/char/ns16550.c xen/include/acm/acm_core.h xen/include/acm/acm_hooks.h xen/include/asm-ia64/config.h xen/include/asm-ia64/domain.h xen/include/asm-ia64/event.h xen/include/asm-ia64/ia64_int.h xen/include/asm-ia64/privop.h xen/include/asm-ia64/regionreg.h xen/include/asm-ia64/regs.h xen/include/asm-ia64/vcpu.h xen/include/asm-ia64/vmx.h xen/include/asm-ia64/vmx_uaccess.h xen/include/asm-ia64/vmx_vcpu.h xen/include/asm-ia64/vmx_vpd.h xen/include/asm-ia64/xensystem.h xen/include/asm-x86/apicdef.h xen/include/asm-x86/config.h xen/include/asm-x86/e820.h xen/include/asm-x86/event.h xen/include/asm-x86/fixmap.h xen/include/asm-x86/genapic.h xen/include/asm-x86/hpet.h xen/include/asm-x86/io.h xen/include/asm-x86/mach-bigsmp/mach_apic.h xen/include/asm-x86/mach-default/mach_apic.h xen/include/asm-x86/mach-es7000/mach_apic.h xen/include/asm-x86/mach-generic/mach_apic.h xen/include/asm-x86/mach-summit/mach_apic.h xen/include/asm-x86/mach-summit/mach_mpparse.h xen/include/asm-x86/mm.h xen/include/asm-x86/page.h xen/include/asm-x86/shadow.h xen/include/asm-x86/shadow_64.h xen/include/asm-x86/shadow_public.h xen/include/asm-x86/time.h xen/include/asm-x86/types.h xen/include/asm-x86/uaccess.h xen/include/asm-x86/vmx.h xen/include/asm-x86/vmx_virpit.h xen/include/asm-x86/vmx_vmcs.h xen/include/asm-x86/x86_32/uaccess.h xen/include/asm-x86/x86_64/page.h xen/include/public/arch-ia64.h xen/include/public/arch-x86_32.h xen/include/public/arch-x86_64.h xen/include/public/dom0_ops.h xen/include/public/grant_table.h xen/include/public/io/blkif.h xen/include/public/io/domain_controller.h xen/include/public/io/netif.h xen/include/public/physdev.h xen/include/public/trace.h xen/include/public/xen.h xen/include/xen/ac_timer.h xen/include/xen/domain.h xen/include/xen/event.h xen/include/xen/grant_table.h xen/include/xen/mm.h xen/include/xen/perfc_defn.h xen/include/xen/sched.h xen/include/xen/serial.h xen/include/xen/symbols.h xen/include/xen/time.h xen/include/xen/trace.h xen/tools/Makefile xen/tools/symbols.c
line diff
     1.1 --- a/Config.mk	Thu Aug 18 10:40:02 2005 -0800
     1.2 +++ b/Config.mk	Fri Aug 19 10:19:28 2005 -0800
     1.3 @@ -35,3 +35,11 @@ CFLAGS += $(foreach i, $(EXTRA_INCLUDES)
     1.4  
     1.5  # Choose the best mirror to download linux kernel
     1.6  KERNEL_REPO = http://www.kernel.org
     1.7 +
     1.8 +# ACM_USE_SECURITY_POLICY is set to security policy of Xen
     1.9 +# Supported models are:
    1.10 +#	ACM_NULL_POLICY (ACM will not be built with this policy)
    1.11 +#	ACM_CHINESE_WALL_POLICY
    1.12 +#	ACM_SIMPLE_TYPE_ENFORCEMENT_POLICY
    1.13 +#	ACM_CHINESE_WALL_AND_SIMPLE_TYPE_ENFORCEMENT_POLICY
    1.14 +ACM_USE_SECURITY_POLICY ?= ACM_NULL_POLICY
     2.1 --- a/docs/misc/shype4xen_readme.txt	Thu Aug 18 10:40:02 2005 -0800
     2.2 +++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
     2.3 @@ -1,588 +0,0 @@
     2.4 -Copyright: IBM Corporation (C)
     2.5 -20 June 2005
     2.6 -Author: Reiner Sailer
     2.7 -
     2.8 -This document is a very short introduction into the sHype access control 
     2.9 -security architecture implementation and how it is perceived by users. It 
    2.10 -is a very preliminary draft  for the courageous ones to get "their feet wet" 
    2.11 -and to be able to give feedback (via the xen-devel/xense-devel mailing lists).
    2.12 -
    2.13 -Install:
    2.14 -
    2.15 -cd into xeno-unstable.bk 
    2.16 -(use --dry-run option if you want to test the patch only)
    2.17 -patch -p1 -g0 < *tools.diff
    2.18 -patch -p1 -g0 < *xen.diff
    2.19 -
    2.20 -(no rejects, probably some line offsets)
    2.21 -
    2.22 -make uninstall; make mrproper; make; ./install.sh should install the default 
    2.23 -sHype into Xen (rebuild your initrd images if necessary). Reboot.
    2.24 -
    2.25 -Debug output: there are two triggers for debug output:
    2.26 -a) General sHype debug:
    2.27 -    xeno-unstable.bk/xen/include/public/acm.h
    2.28 -    undefine ACM_DEBUG to switch this debug off
    2.29 -
    2.30 -b) sHype enforcement hook trace: This prints a small trace for each enforcement 
    2.31 -hook that is executed. The trigger is in
    2.32 -    xeno-unstable.bk/xen/include/acm/acm_hooks.h
    2.33 -    undefine ACM_TRACE_MODE to switch this debug off
    2.34 -
    2.35 -1. The default NULL policy
    2.36 -***************************
    2.37 -When you apply the patches and startup xen, you should at first not notice any 
    2.38 -difference because the default policy is the "NULL" policy, which as the name 
    2.39 -implies does not enforce anything.
    2.40 -
    2.41 -To display the currently enforced policy, use the policy tool under xeno-
    2.42 -unstable.bk/tools/policy: policy_tool getpolicy. You should see output like the 
    2.43 -one below.
    2.44 -
    2.45 -[root@laptop policy]#./policy_tool getpolicy
    2.46 -
    2.47 -Policy dump:
    2.48 -============
    2.49 -Magic     = 1debc.
    2.50 -PolVer    = aaaa0000.
    2.51 -Len       = 14.
    2.52 -Primary   = NULL policy (c=0, off=14).
    2.53 -Secondary = NULL policy (c=0, off=14).
    2.54 -No primary policy (NULL).
    2.55 -No secondary policy (NULL).
    2.56 -
    2.57 -Policy dump End.
    2.58 -
    2.59 -Since this is a dump of a binary policy, it's not pretty. The important parts 
    2.60 -are the "Primary" and "Secondary" policy fields set to "NULL policy". sHype 
    2.61 -currently allows to set two independent policies; thus the two SSID-REF parts 
    2.62 -shown in 'xm list'. Right here: primary policy only means this policy is 
    2.63 -checked first, the secondary policy is checked if the primary results in 
    2.64 -"permitted access". The result of the combined policy is "permitted" if both 
    2.65 -policies return permitted (NULL policy always returns permitted). The result is 
    2.66 -"denied" if at least one of the policies returns "denied". Look into xeno-
    2.67 -unstable.bk/xen/include/acm/acm_hooks.h for the general hook structure 
    2.68 -integrating the policy decisions (if you like, you won't need it for the rest 
    2.69 -of the Readme file).
    2.70 -
    2.71 -2. Setting Chinese Wall and Simple Type Enforcement policies:
    2.72 -*************************************************************
    2.73 -
    2.74 -We'll get fast to the point. However, in order to understand what we are doing, 
    2.75 -we must at least understand the purpose of the policies that we are going to 
    2.76 -enforce. The two policies presented here are just examples and the 
    2.77 -implementation encourages adding new policies easily.
    2.78 -
    2.79 -2.1. Chinese Wall policy: "decides whether a domain can be started based on 
    2.80 -this domain's ssidref and the ssidrefs of the currently running domains". 
    2.81 -Generally, the Chinese wall policy allows specifying certain types (or classes 
    2.82 -or categories, whatever the preferred word) that conflict; we usually assign a 
    2.83 -type to a workload and the set of types of those workloads running in a domain 
    2.84 -make up the type set for this domain.  Each domain is assigned a set of types 
    2.85 -through its SSID-REF (we register Chinese Wall as primary policy, so the 
    2.86 -ssidref used for determining the Chinese Wall types is the one annotated with 
    2.87 -"p:" in xm list) since each SSID-REF points at a set of types. We'll see how 
    2.88 -SSIDREFs are represented in Xen later when we will look at the policy. (A good 
    2.89 -read for Chinese Wall is: Brewer/Nash The Chinese Wall Security Policy 1989.)
    2.90 -
    2.91 -So let's assume the Chinese Wall policy we are running distinguishes 10 types: 
    2.92 -t0 ... t9. Let us assume further that each SSID-REF points to a set that 
    2.93 -includes exactly one type (attached to domains that run workloads of a single 
    2.94 -type). SSID-REF 0 points to {t0}, ssidref 1 points to {t1} ... 9 points to 
    2.95 -{t9}. [This is actually the example policy we are going to push into xen later]
    2.96 -
    2.97 -Now the Chinese Wall policy allows you to define "Conflict type sets" and it 
    2.98 -guarantees that of any conflict set at most one type is "running" at any time. 
    2.99 -As an example, we have defined 2 conflict set: {t2, t3} and {t0, t5, t6}. 
   2.100 -Specifying these conflict sets, sHype ensures that at most one type of each set 
   2.101 -is running (either t2 or t3 but not both; either t0 or t5 or t6 but not 
   2.102 -multiple of them).
   2.103 -
   2.104 -The effect is that administrators can define which workload types cannot run 
   2.105 -simultaneously on a single Xen system. This is useful to limit the covert 
   2.106 -timing channels between such payloads or to ensure that payloads don't 
   2.107 -interfere with each other through existing resource dependencies.
   2.108 -
   2.109 -2.2. Simple Type Enforcement (ste) policy: "decides whether two domains can 
   2.110 -share data, e.g., setup event channels or grant tables to each other, based on 
   2.111 -the two domains' ssidref. This, as the name says, is a simple policy. Think of 
   2.112 -each type as of a single color. Each domain has one or more colors, i.e., the 
   2.113 -domains ssid for the ste policy points to a set that has set one or multiple 
   2.114 -types. Let us assume in our example policy we differentiate 5 colors (types) 
   2.115 -and define 5 different ssids referenced by ssidref=0..4. Each ssid shall have 
   2.116 -exactly one type set, i.e., describes a uni-color. Only ssid(0) has all types 
   2.117 -set, i.e., has all defined colors.
   2.118 -
   2.119 -Sharing is enforced by the ste policy by requiring that two domains that want 
   2.120 -to establish an event channel or grant pages to each other must have a common 
   2.121 -color. Currently all domains communicate through DOM0 by default; i.e., Domain0 
   2.122 -will necessarily have all colors to be able to create domains (thus, we will 
   2.123 -assign ssidref(0) to Domain0 in our example below.
   2.124 -
   2.125 -More complex mandatory access control policies governing sharing will follow; 
   2.126 -such policies are more sophisticated than the "color" scheme above by allowing 
   2.127 -more flexible (and complex :_) access control decisions than "share a color" or 
   2.128 -"don't share a color" and will be able to express finer-grained policies.
   2.129 -
   2.130 -
   2.131 -2.3 Binary Policy:
   2.132 -In the future, we will have a policy tool that takes as input a more humane 
   2.133 -policy description, using types such as development, home-banking, donated-
   2.134 -Grid, CorpA-Payload ... and translates the respective policy into what we see 
   2.135 -today as the binary policy using 1s and 0s and sets of them. For now, we must 
   2.136 -live with the binary policy when working with sHype.
   2.137 -
   2.138 -    
   2.139 -2.4 Exemplary use of a real sHype policy on Xen. To activate a real policy, 
   2.140 -edit the file (yes, this will soon be a compile option):
   2.141 -  xeno-unstable.bk/xen/include/public/acm.h
   2.142 -  Change: #define ACM_USE_SECURITY_POLICY ACM_NULL_POLICY
   2.143 -   To : #define ACM_USE_SECURITY_POLICY ACM_CHINESE_WALL_AND_SIMPLE_TYPE_ENFORCEMENT_POLICY
   2.144 -   cd xeno-unstable.bk
   2.145 -   make mrproper
   2.146 -   make uninstall (manually remove /etc/xen.old if necessary)
   2.147 -   make
   2.148 -   ./install.sh      (recreate your kernel initrd's if necessary)
   2.149 -   Reboot into new xen.gz
   2.150 -     
   2.151 -After booting, check out 'xm dmesg'; should show somewhere in the middle:
   2.152 -
   2.153 -(XEN) acm_init: Enforcing Primary CHINESE WALL policy, Secondary SIMPLE TYPE 
   2.154 -ENFORCEMENT policy.
   2.155 -
   2.156 -Even though you can activate those policies in any combination and also 
   2.157 -independently, the policy tool currently only supports setting the policy for 
   2.158 -the above combination.
   2.159 -
   2.160 -Now look at the minimal startup policy with:
   2.161 -                xeno-unstable.bk/tools/policytool getpolicy
   2.162 -
   2.163 -You should see something like:
   2.164 -
   2.165 -[root@laptop policy]# ./policy_tool getpolicy
   2.166 -
   2.167 -Policy dump:
   2.168 -============
   2.169 -Magic     = 1debc.
   2.170 -PolVer    = aaaa0000.
   2.171 -Len       = 36.
   2.172 -Primary   = CHINESE WALL policy (c=1, off=14).
   2.173 -Secondary = SIMPLE TYPE ENFORCEMENT policy (c=2, off=2c).
   2.174 -
   2.175 -
   2.176 -Chinese Wall policy:
   2.177 -====================
   2.178 -Max Types     = 1.
   2.179 -Max Ssidrefs  = 1.
   2.180 -Max ConfSets  = 1.
   2.181 -Ssidrefs Off  = 10.
   2.182 -Conflicts Off = 12.
   2.183 -Runing T. Off = 14.
   2.184 -C. Agg. Off   = 16.
   2.185 -
   2.186 -SSID To CHWALL-Type matrix:
   2.187 -
   2.188 -   ssidref 0:  00 
   2.189 -
   2.190 -Confict Sets:
   2.191 -
   2.192 -   c-set 0:    00 
   2.193 -
   2.194 -Running
   2.195 -Types:         00 
   2.196 -
   2.197 -Conflict
   2.198 -Aggregate Set: 00 
   2.199 -
   2.200 -
   2.201 -Simple Type Enforcement policy:
   2.202 -===============================
   2.203 -Max Types     = 1.
   2.204 -Max Ssidrefs  = 1.
   2.205 -Ssidrefs Off  = 8.
   2.206 -
   2.207 -SSID To STE-Type matrix:
   2.208 -
   2.209 -   ssidref 0: 01 
   2.210 -
   2.211 -
   2.212 -Policy dump End.
   2.213 -
   2.214 -This is a minimal policy (of little use), except it will disable starting any 
   2.215 -domain that does not have ssidref set to 0x0. The Chinese Wall policy has 
   2.216 -nothing to enforce and the ste policy only knows one type, which is set for the 
   2.217 -only defined ssidref.
   2.218 -
   2.219 -The item that defines the ssidref in a domain configuration is:
   2.220 -
   2.221 -ssidref = 0x12345678
   2.222 -
   2.223 -Where ssidref is interpreted as a 32bit number, where the lower 16bits become 
   2.224 -the ssidref for the primary policy and the higher 16bits become the ssidref for 
   2.225 -the secondary policy. sHype currently supports two policies but this is an 
   2.226 -implementation decision and can be extended if necessary.
   2.227 -
   2.228 -This reference defines the security information of a domain. The meaning of the 
   2.229 -SSID-REF depends on the policy, so we explain it when we explain the real 
   2.230 -policies.
   2.231 -
   2.232 -
   2.233 -Setting a new Security Policy:
   2.234 -******************************
   2.235 -The policy tool with all its current limitations has one usable example policy 
   2.236 -compiled-in. Please try at this time to use the setpolicy command:
   2.237 -       xeno-unstable.bk/tools/policy/policy_tool setpolicy
   2.238 -
   2.239 -You should see a dump of the policy you are setting. It should say at the very 
   2.240 -end: 
   2.241 -
   2.242 -Policy successfully set.
   2.243 -
   2.244 -Now try to dump the currently enforced policy, which is the policy we have just 
   2.245 -set and the dynamic security state information of this policy 
   2.246 -(<<< ... some additional explanations)
   2.247 -
   2.248 -[root@laptop policy]# ./policy_tool getpolicy
   2.249 -
   2.250 -Policy dump:
   2.251 -============
   2.252 -Magic     = 1debc.
   2.253 -PolVer    = aaaa0000.
   2.254 -Len       = 112.
   2.255 -Primary   = CHINESE WALL policy (c=1, off=14).
   2.256 -Secondary = SIMPLE TYPE ENFORCEMENT policy (c=2, off=d8).
   2.257 -
   2.258 -
   2.259 -Chinese Wall policy:
   2.260 -====================
   2.261 -Max Types     = a.
   2.262 -Max Ssidrefs  = 5.
   2.263 -Max ConfSets  = 2.
   2.264 -Ssidrefs Off  = 10.
   2.265 -Conflicts Off = 74.
   2.266 -Runing T. Off = 9c.
   2.267 -C. Agg. Off   = b0.
   2.268 -
   2.269 -SSID To CHWALL-Type matrix:
   2.270 -
   2.271 -   ssidref 0:  01 00 00 00 00 00 00 00 00 00  <<< type0 is set for ssidref0
   2.272 -   ssidref 1:  00 01 00 00 00 00 00 00 00 00 
   2.273 -   ssidref 2:  00 00 01 00 00 00 00 00 00 00 
   2.274 -   ssidref 3:  00 00 00 01 00 00 00 00 00 00 
   2.275 -   ssidref 4:  00 00 00 00 01 00 00 00 00 00  <<< type4 is set for ssidref4
   2.276 -                                              <<< types 5-9 are unused
   2.277 -Confict Sets:
   2.278 -
   2.279 -   c-set 0:    00 00 01 01 00 00 00 00 00 00  <<< type2 and type3 never run together
   2.280 -   c-set 1:    01 00 00 00 00 01 01 00 00 00  <<< only one of types 0, 5 or 6 
   2.281 -                                              <<<   can run simultaneously
   2.282 -Running
   2.283 -Types:         01 00 00 00 00 00 00 00 00 00  <<< ref-count for types of running domains
   2.284 -
   2.285 -Conflict
   2.286 -Aggregate Set: 00 00 00 00 00 01 01 00 00 00  <<< aggregated set of types that                  
   2.287 -                                              <<< cannot run because they 
   2.288 -                                              <<< are in conflict set 1 and
   2.289 -                                              <<< (domain 0 is running w t0)
   2.290 -                                             
   2.291 -
   2.292 -Simple Type Enforcement policy:
   2.293 -===============================
   2.294 -Max Types     = 5.
   2.295 -Max Ssidrefs  = 5.
   2.296 -Ssidrefs Off  = 8.
   2.297 -
   2.298 -SSID To STE-Type matrix:
   2.299 -
   2.300 -   ssidref 0: 01 01 01 01 01                  <<< ssidref0 points to a set that                  
   2.301 -                                              <<< has all types set (colors)
   2.302 -   ssidref 1: 00 01 00 00 00                  <<< ssidref1 has color1 set
   2.303 -   ssidref 2: 00 00 01 00 00                  <<< ...
   2.304 -   ssidref 3: 00 00 00 01 00 
   2.305 -   ssidref 4: 00 00 00 00 01 
   2.306 -
   2.307 -
   2.308 -Policy dump End.
   2.309 -
   2.310 -
   2.311 -This is a small example policy with which we will demonstrate the enforcement.
   2.312 -
   2.313 -Starting Domains with policy enforcement
   2.314 -========================================
   2.315 -Now let us play with this policy. 
   2.316 -
   2.317 -Define 3 or 4 domain configurations. I use the following config using a ramdisk 
   2.318 -only and about 8MBytes of memory for each DomU (test purposes):
   2.319 -
   2.320 -#-------configuration xmsec1-------------------------
   2.321 -kernel = "/boot/vmlinuz-2.6.11-xenU"
   2.322 -ramdisk="/boot/U1_ramdisk.img"
   2.323 -#security reference identifier
   2.324 -ssidref= 0x00010001
   2.325 -memory = 10
   2.326 -name = "xmsec1"
   2.327 -cpu = -1   # leave to Xen to pick
   2.328 -# Number of network interfaces. Default is 1.
   2.329 -nics=1
   2.330 -dhcp="dhcp"
   2.331 -#-----------------------------------------------------
   2.332 -
   2.333 -xmsec2 and xmsec3 look the same except for the name and the ssidref line. Use 
   2.334 -your domain config file and add "ssidref = 0x00010001" to the first (xmsec1),  
   2.335 -"ssidref= 0x00020002" to the second (call it xmsec2), and "ssidref=0x00030003"  
   2.336 -to the third (we will call this one xmsec3).
   2.337 -
   2.338 -First start xmsec1: xm create -c xmsec1 (succeeds)
   2.339 -
   2.340 -Then
   2.341 -[root@laptop policy]# xm list 
   2.342 -Name              Id  Mem(MB)  CPU  State  Time(s)  Console  
   2.343 -Domain-0           0      620   0  r----     42.3            s:00/p:00
   2.344 -xmnosec            1        9   0  -b---      0.3    9601    s:00/p:05
   2.345 -xmsec1             2        9   0  -b---      0.2    9602    s:01/p:01
   2.346 -
   2.347 -Shows a new domain xmsec1 running with primary (here: chinese wall) ssidref 1 
   2.348 -and secondary (here: simple type enforcement) ssidref 1. The ssidrefs are  
   2.349 -independent and can differ for a domain.
   2.350 -
   2.351 -[root@laptop policy]# ./policy_tool getpolicy
   2.352 -
   2.353 -Policy dump:
   2.354 -============
   2.355 -Magic     = 1debc.
   2.356 -PolVer    = aaaa0000.
   2.357 -Len       = 112.
   2.358 -Primary   = CHINESE WALL policy (c=1, off=14).
   2.359 -Secondary = SIMPLE TYPE ENFORCEMENT policy (c=2, off=d8).
   2.360 -
   2.361 -
   2.362 -Chinese Wall policy:
   2.363 -====================
   2.364 -Max Types     = a.
   2.365 -Max Ssidrefs  = 5.
   2.366 -Max ConfSets  = 2.
   2.367 -Ssidrefs Off  = 10.
   2.368 -Conflicts Off = 74.
   2.369 -Runing T. Off = 9c.
   2.370 -C. Agg. Off   = b0.
   2.371 -
   2.372 -SSID To CHWALL-Type matrix:
   2.373 -
   2.374 -   ssidref 0:  01 00 00 00 00 00 00 00 00 00
   2.375 -   ssidref 1:  00 01 00 00 00 00 00 00 00 00
   2.376 -   ssidref 2:  00 00 01 00 00 00 00 00 00 00
   2.377 -   ssidref 3:  00 00 00 01 00 00 00 00 00 00
   2.378 -   ssidref 4:  00 00 00 00 01 00 00 00 00 00
   2.379 -
   2.380 -Confict Sets:
   2.381 -
   2.382 -   c-set 0:    00 00 01 01 00 00 00 00 00 00
   2.383 -   c-set 1:    01 00 00 00 00 01 01 00 00 00   <<< t1 is not part of any c-set
   2.384 -
   2.385 -Running
   2.386 -Types:         01 01 00 00 00 00 00 00 00 00   <<< xmsec1 has ssidref 1->type1
   2.387 -                  ^^                           <<< ref-count at position 1 incr
   2.388 -Conflict
   2.389 -Aggregate Set: 00 00 00 00 00 01 01 00 00 00   <<< domain 1 was allowed to       
   2.390 -                                               <<< start since type 1 was not
   2.391 -                                               <<< in conflict with running 
   2.392 -                                               <<< types
   2.393 -                                            
   2.394 -Simple Type Enforcement policy:
   2.395 -===============================
   2.396 -Max Types     = 5.
   2.397 -Max Ssidrefs  = 5.
   2.398 -Ssidrefs Off  = 8.
   2.399 -
   2.400 -SSID To STE-Type matrix:
   2.401 -
   2.402 -   ssidref 0: 01 01 01 01 01           <<< the ste policy does not maintain; we
   2.403 -   ssidref 1: 00 01 00 00 00   <--     <<< see that domain xmsec1 has ste 
   2.404 -   ssidref 2: 00 00 01 00 00           <<< ssidref1->type1 and has this type in
   2.405 -   ssidref 3: 00 00 00 01 00           <<< common with dom0
   2.406 -   ssidref 4: 00 00 00 00 01
   2.407 -
   2.408 -
   2.409 -Policy dump End.
   2.410 -
   2.411 -Look at sHype output in xen dmesg:
   2.412 -
   2.413 -[root@laptop xen]# xm dmesg
   2.414 -.
   2.415 -.
   2.416 -[somewhere near the very end]
   2.417 -(XEN) chwall_init_domain_ssid: determined chwall_ssidref to 1.
   2.418 -(XEN) ste_init_domain_ssid.
   2.419 -(XEN) ste_init_domain_ssid: determined ste_ssidref to 1.
   2.420 -(XEN) acm_init_domain_ssid: Instantiated individual ssid for domain 0x01.
   2.421 -(XEN) chwall_post_domain_create.
   2.422 -(XEN) ste_pre_eventchannel_interdomain.
   2.423 -(XEN) ste_pre_eventchannel_interdomain: (evtchn 0 --> 1) common type #01.
   2.424 -(XEN) shype_authorize_domops.
   2.425 -(XEN) ste_pre_eventchannel_interdomain.
   2.426 -(XEN) ste_pre_eventchannel_interdomain: (evtchn 0 --> 1) common type #01.
   2.427 -(XEN) ste_pre_eventchannel_interdomain.
   2.428 -(XEN) ste_pre_eventchannel_interdomain: (evtchn 0 --> 1) common type #01.
   2.429 -
   2.430 -
   2.431 -You can see that the chinese wall policy does not complain and that the ste 
   2.432 -policy makes three access control decisions for three event-channels setup 
   2.433 -between domain 0 and the new domain 1. Each time, the two domains share the 
   2.434 -type1 and setting up the eventchannel is permitted.
   2.435 -
   2.436 -
   2.437 -Starting up a second domain xmsec2:
   2.438 -
   2.439 -[root@laptop xen]# xm create -c xmsec2
   2.440 -Using config file "xmsec2".
   2.441 -Started domain xmsec2, console on port 9602
   2.442 -************ REMOTE CONSOLE: CTRL-] TO QUIT ********
   2.443 -Linux version 2.6.11-xenU (root@laptop.home.org) (gcc version 3.4.2 20041017 
   2.444 -(Red Hat 3.4.2-6.fc3)) #1 Wed Mar 30 13:14:31 EST 2005
   2.445 -.
   2.446 -.
   2.447 -.
   2.448 -[root@laptop policy]# xm list
   2.449 -Name              Id  Mem(MB)  CPU  State  Time(s)  Console  
   2.450 -Domain-0           0      620   0  r----     71.7            s:00/p:00
   2.451 -xmsec1             1        9   0  -b---      0.3    9601    s:01/p:01
   2.452 -xmsec2             2        7   0  -b---      0.3    9602    s:02/p:02   << our domain runs both policies with ssidref 2
   2.453 -
   2.454 -
   2.455 -[root@laptop policy]# ./policy_tool getpolicy
   2.456 -
   2.457 -Policy dump:
   2.458 -============
   2.459 -Magic     = 1debc.
   2.460 -PolVer    = aaaa0000.
   2.461 -Len       = 112.
   2.462 -Primary   = CHINESE WALL policy (c=1, off=14).
   2.463 -Secondary = SIMPLE TYPE ENFORCEMENT policy (c=2, off=d8).
   2.464 -
   2.465 -
   2.466 -Chinese Wall policy:
   2.467 -====================
   2.468 -Max Types     = a.
   2.469 -Max Ssidrefs  = 5.
   2.470 -Max ConfSets  = 2.
   2.471 -Ssidrefs Off  = 10.
   2.472 -Conflicts Off = 74.
   2.473 -Runing T. Off = 9c.
   2.474 -C. Agg. Off   = b0.
   2.475 -
   2.476 -SSID To CHWALL-Type matrix:
   2.477 -
   2.478 -   ssidref 0:  01 00 00 00 00 00 00 00 00 00
   2.479 -   ssidref 1:  00 01 00 00 00 00 00 00 00 00
   2.480 -   ssidref 2:  00 00 01 00 00 00 00 00 00 00   <<< our domain has type 2 set
   2.481 -   ssidref 3:  00 00 00 01 00 00 00 00 00 00
   2.482 -   ssidref 4:  00 00 00 00 01 00 00 00 00 00
   2.483 -
   2.484 -Confict Sets:
   2.485 -
   2.486 -   c-set 0:    00 00 01 01 00 00 00 00 00 00   <<< t2 is in c-set0 with type 3
   2.487 -   c-set 1:    01 00 00 00 00 01 01 00 00 00
   2.488 -
   2.489 -Running
   2.490 -Types:         01 01 01 00 00 00 00 00 00 00   <<< t2 is running since the 
   2.491 -                     ^^                        <<< current aggregate conflict
   2.492 -                                               <<< set (see above) does not 
   2.493 -                                               <<< include type 2
   2.494 -Conflict
   2.495 -Aggregate Set: 00 00 00 01 00 01 01 00 00 00   <<< type 3 is added to the 
   2.496 -                                               <<< conflict aggregate
   2.497 -
   2.498 -
   2.499 -Simple Type Enforcement policy:
   2.500 -===============================
   2.501 -Max Types     = 5.
   2.502 -Max Ssidrefs  = 5.
   2.503 -Ssidrefs Off  = 8.
   2.504 -
   2.505 -SSID To STE-Type matrix:
   2.506 -
   2.507 -   ssidref 0: 01 01 01 01 01
   2.508 -   ssidref 1: 00 01 00 00 00
   2.509 -   ssidref 2: 00 00 01 00 00
   2.510 -   ssidref 3: 00 00 00 01 00
   2.511 -   ssidref 4: 00 00 00 00 01
   2.512 -
   2.513 -
   2.514 -Policy dump End.
   2.515 -
   2.516 -
   2.517 -The sHype xen dmesg output looks similar to the one above when starting the 
   2.518 -first domain.
   2.519 -
   2.520 -Now we start xmsec3 and it has ssidref3. Thus, it tries to run as type3 which 
   2.521 -conflicts with running type2 (from xmsec2). As expected, creating this domain 
   2.522 -fails for security policy enforcement reasons.
   2.523 -
   2.524 -[root@laptop xen]# xm create -c xmsec3
   2.525 -Using config file "xmsec3".
   2.526 -Error: Error creating domain: (22, 'Invalid argument')
   2.527 -[root@laptop xen]#
   2.528 -
   2.529 -[root@laptop xen]# xm dmesg
   2.530 -.
   2.531 -.
   2.532 -[somewhere near the very end]
   2.533 -(XEN) chwall_pre_domain_create.
   2.534 -(XEN) chwall_pre_domain_create: CHINESE WALL CONFLICT in type 03.
   2.535 -
   2.536 -xmsec3 ssidref3 points to type3, which is in the current conflict aggregate 
   2.537 -set. This domain cannot start until domain xmsec2 is destroyed, at which time 
   2.538 -the aggregate conflict set is reduced and type3 is excluded from it. Then, 
   2.539 -xmsec3 can start. Of course, afterwards, xmsec2 cannot be restarted. Try it.
   2.540 -
   2.541 -3. Policy tool
   2.542 -**************
   2.543 -toos/policy/policy_tool.c
   2.544 -
   2.545 -a) ./policy_tool getpolicy
   2.546 -      prints the currently enforced policy
   2.547 -      (see for example section 1.)
   2.548 -
   2.549 -b) ./policy_tool setpolicy
   2.550 -      sets a predefined and hardcoded security
   2.551 -      policy (the one described in section 2.)
   2.552 -
   2.553 -c) ./policy_tool dumpstats
   2.554 -      prints some status information about the caching
   2.555 -      of access control decisions (number of cache hits
   2.556 -      and number of policy evaluations for grant_table
   2.557 -      and event channels).
   2.558 -
   2.559 -d) ./policy_tool loadpolicy <binary_policy_file>
   2.560 -      sets the policy defined in the <binary_policy_file>
   2.561 -      please use the policy_processor that is posted to this
   2.562 -      mailing list to create such a binary policy from an XML
   2.563 -      policy description
   2.564 -
   2.565 -4. Policy interface:
   2.566 -********************
   2.567 -The Policy interface is working in "network-byte-order" (big endian). The reason for this
   2.568 -is that policy files/management should be portable and independent of the platforms.
   2.569 -
   2.570 -Our policy interface enables managers to create a single binary policy file in a trusted
   2.571 -environment and distributed it to multiple systems for enforcement.
   2.572 -
   2.573 -5. Booting with a binary policy:
   2.574 -********************************
   2.575 -The grub configuration file can be adapted to boot the hypervisor with an
   2.576 -already active policy. To do this, a binary policy file - this can be
   2.577 -the same file as used by the policy_tool - should be placed into the boot
   2.578 -partition. The following entry from the grub configuration file shows how
   2.579 -a binary policy can be added to the system during boot time. Note that the 
   2.580 -binary policy must be of the same type that the hypervisor was compiled 
   2.581 -for. The policy module line should also only be added as the last module
   2.582 -line if XEN was compiled with the access control module (ACM).
   2.583 -
   2.584 -title XEN0 3.0 Devel
   2.585 -	kernel /xen.gz dom0_mem=400000
   2.586 -	module /vmlinuz-2.6.12-xen0 root=/dev/hda2 ro console=tty0
   2.587 -	module /initrd-2.6.12-xen0.img
   2.588 -	module /xen_sample_policy.bin
   2.589 -
   2.590 -
   2.591 -====================end-of file=======================================
     3.1 --- a/docs/src/user.tex	Thu Aug 18 10:40:02 2005 -0800
     3.2 +++ b/docs/src/user.tex	Fri Aug 19 10:19:28 2005 -0800
     3.3 @@ -1763,7 +1763,7 @@ editing \path{grub.conf}.
     3.4   physical address in the memory map will be ignored. This parameter
     3.5   may be specified with a B, K, M or G suffix, representing bytes,
     3.6   kilobytes, megabytes and gigabytes respectively. The
     3.7 - default unit, if no suffix is specified, is bytes.
     3.8 + default unit, if no suffix is specified, is kilobytes.
     3.9  
    3.10  \item [dom0\_mem=xxx ] 
    3.11   Set the amount of memory to be allocated to domain0. In Xen 3.x the parameter
     4.1 --- a/linux-2.6-xen-sparse/arch/xen/i386/kernel/Makefile	Thu Aug 18 10:40:02 2005 -0800
     4.2 +++ b/linux-2.6-xen-sparse/arch/xen/i386/kernel/Makefile	Fri Aug 19 10:19:28 2005 -0800
     4.3 @@ -14,8 +14,7 @@ obj-y	:= process.o signal.o entry.o trap
     4.4  
     4.5  c-obj-y	:= semaphore.o vm86.o \
     4.6  		ptrace.o sys_i386.o \
     4.7 -		i387.o dmi_scan.o bootflag.o \
     4.8 -		doublefault.o
     4.9 +		i387.o dmi_scan.o bootflag.o
    4.10  s-obj-y	:=
    4.11  
    4.12  obj-y				+= cpu/
    4.13 @@ -85,7 +84,7 @@ SYSCFLAGS_vsyscall-syms.o = -r
    4.14  			$(obj)/vsyscall-sysenter.o FORCE
    4.15  	$(call if_changed,syscall)
    4.16  
    4.17 -c-link	:= init_task.o
    4.18 +c-link	:=
    4.19  s-link	:= vsyscall-int80.o vsyscall-sysenter.o vsyscall-sigreturn.o vsyscall.lds.o syscall_table.o
    4.20  
    4.21  $(patsubst %.o,$(obj)/%.c,$(c-obj-y) $(c-obj-m) $(c-link)) $(patsubst %.o,$(obj)/%.S,$(s-obj-y) $(s-link)):
     5.1 --- a/linux-2.6-xen-sparse/arch/xen/i386/kernel/cpu/common.c	Thu Aug 18 10:40:02 2005 -0800
     5.2 +++ b/linux-2.6-xen-sparse/arch/xen/i386/kernel/cpu/common.c	Fri Aug 19 10:19:28 2005 -0800
     5.3 @@ -569,7 +569,7 @@ void __init cpu_gdt_init(struct Xgt_desc
     5.4  	for (va = gdt_descr->address, f = 0;
     5.5  	     va < gdt_descr->address + gdt_descr->size;
     5.6  	     va += PAGE_SIZE, f++) {
     5.7 -		frames[f] = virt_to_machine(va) >> PAGE_SHIFT;
     5.8 +		frames[f] = virt_to_mfn(va);
     5.9  		make_page_readonly((void *)va);
    5.10  	}
    5.11  	if (HYPERVISOR_set_gdt(frames, gdt_descr->size / 8))
     6.1 --- a/linux-2.6-xen-sparse/arch/xen/i386/kernel/head.S	Thu Aug 18 10:40:02 2005 -0800
     6.2 +++ b/linux-2.6-xen-sparse/arch/xen/i386/kernel/head.S	Fri Aug 19 10:19:28 2005 -0800
     6.3 @@ -136,9 +136,6 @@ cpu_gdt_descr:
     6.4  ENTRY(empty_zero_page)
     6.5  
     6.6  .org 0x2000
     6.7 -ENTRY(swapper_pg_dir)
     6.8 -
     6.9 -.org 0x3000
    6.10  ENTRY(cpu_gdt_table)
    6.11  	.quad 0x0000000000000000	/* NULL descriptor */
    6.12  	.quad 0x0000000000000000	/* 0x0b reserved */
    6.13 @@ -190,10 +187,10 @@ ENTRY(cpu_gdt_table)
    6.14  	.quad 0x0000000000000000	/* 0xf8 - GDT entry 31: double-fault TSS */
    6.15  	.fill GDT_ENTRIES-32,8,0
    6.16  
    6.17 -.org 0x4000
    6.18 +.org 0x3000
    6.19  ENTRY(default_ldt)
    6.20  
    6.21 -.org 0x5000
    6.22 +.org 0x4000
    6.23  /*
    6.24   * Real beginning of normal "text" segment
    6.25   */
     7.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
     7.2 +++ b/linux-2.6-xen-sparse/arch/xen/i386/kernel/init_task.c	Fri Aug 19 10:19:28 2005 -0800
     7.3 @@ -0,0 +1,49 @@
     7.4 +#include <linux/mm.h>
     7.5 +#include <linux/module.h>
     7.6 +#include <linux/sched.h>
     7.7 +#include <linux/init.h>
     7.8 +#include <linux/init_task.h>
     7.9 +#include <linux/fs.h>
    7.10 +#include <linux/mqueue.h>
    7.11 +
    7.12 +#include <asm/uaccess.h>
    7.13 +#include <asm/pgtable.h>
    7.14 +#include <asm/desc.h>
    7.15 +
    7.16 +static struct fs_struct init_fs = INIT_FS;
    7.17 +static struct files_struct init_files = INIT_FILES;
    7.18 +static struct signal_struct init_signals = INIT_SIGNALS(init_signals);
    7.19 +static struct sighand_struct init_sighand = INIT_SIGHAND(init_sighand);
    7.20 +
    7.21 +#define swapper_pg_dir ((pgd_t *)NULL)
    7.22 +struct mm_struct init_mm = INIT_MM(init_mm);
    7.23 +#undef swapper_pg_dir
    7.24 +
    7.25 +EXPORT_SYMBOL(init_mm);
    7.26 +
    7.27 +/*
    7.28 + * Initial thread structure.
    7.29 + *
    7.30 + * We need to make sure that this is THREAD_SIZE aligned due to the
    7.31 + * way process stacks are handled. This is done by having a special
    7.32 + * "init_task" linker map entry..
    7.33 + */
    7.34 +union thread_union init_thread_union 
    7.35 +	__attribute__((__section__(".data.init_task"))) =
    7.36 +		{ INIT_THREAD_INFO(init_task) };
    7.37 +
    7.38 +/*
    7.39 + * Initial task structure.
    7.40 + *
    7.41 + * All other task structs will be allocated on slabs in fork.c
    7.42 + */
    7.43 +struct task_struct init_task = INIT_TASK(init_task);
    7.44 +
    7.45 +EXPORT_SYMBOL(init_task);
    7.46 +
    7.47 +/*
    7.48 + * per-CPU TSS segments. Threads are completely 'soft' on Linux,
    7.49 + * no more per-task TSS's.
    7.50 + */ 
    7.51 +DEFINE_PER_CPU(struct tss_struct, init_tss) ____cacheline_maxaligned_in_smp = INIT_TSS;
    7.52 +
     8.1 --- a/linux-2.6-xen-sparse/arch/xen/i386/kernel/ioport.c	Thu Aug 18 10:40:02 2005 -0800
     8.2 +++ b/linux-2.6-xen-sparse/arch/xen/i386/kernel/ioport.c	Fri Aug 19 10:19:28 2005 -0800
     8.3 @@ -80,7 +80,7 @@ asmlinkage long sys_ioperm(unsigned long
     8.4  		t->io_bitmap_ptr = bitmap;
     8.5  
     8.6  		op.cmd = PHYSDEVOP_SET_IOBITMAP;
     8.7 -		op.u.set_iobitmap.bitmap   = (unsigned long)bitmap;
     8.8 +		op.u.set_iobitmap.bitmap   = (char *)bitmap;
     8.9  		op.u.set_iobitmap.nr_ports = IO_BITMAP_BITS;
    8.10  		HYPERVISOR_physdev_op(&op);
    8.11  	}
     9.1 --- a/linux-2.6-xen-sparse/arch/xen/i386/kernel/ldt.c	Thu Aug 18 10:40:02 2005 -0800
     9.2 +++ b/linux-2.6-xen-sparse/arch/xen/i386/kernel/ldt.c	Fri Aug 19 10:19:28 2005 -0800
     9.3 @@ -198,7 +198,7 @@ static int write_ldt(void __user * ptr, 
     9.4  {
     9.5  	struct mm_struct * mm = current->mm;
     9.6  	__u32 entry_1, entry_2, *lp;
     9.7 -	unsigned long mach_lp;
     9.8 +	maddr_t mach_lp;
     9.9  	int error;
    9.10  	struct user_desc ldt_info;
    9.11  
    9.12 @@ -245,7 +245,8 @@ static int write_ldt(void __user * ptr, 
    9.13  
    9.14  	/* Install the new entry ...  */
    9.15  install:
    9.16 -	error = HYPERVISOR_update_descriptor(mach_lp, entry_1, entry_2);
    9.17 +	error = HYPERVISOR_update_descriptor(
    9.18 +		mach_lp, (u64)entry_1 | ((u64)entry_2<<32));
    9.19  
    9.20  out_unlock:
    9.21  	up(&mm->context.sem);
    10.1 --- a/linux-2.6-xen-sparse/arch/xen/i386/kernel/process.c	Thu Aug 18 10:40:02 2005 -0800
    10.2 +++ b/linux-2.6-xen-sparse/arch/xen/i386/kernel/process.c	Fri Aug 19 10:19:28 2005 -0800
    10.3 @@ -115,20 +115,12 @@ void xen_idle(void)
    10.4  /* We don't actually take CPU down, just spin without interrupts. */
    10.5  static inline void play_dead(void)
    10.6  {
    10.7 -	/* Ack it */
    10.8 -	__get_cpu_var(cpu_state) = CPU_DEAD;
    10.9 -
   10.10 -	/* We shouldn't have to disable interrupts while dead, but
   10.11 -	 * some interrupts just don't seem to go away, and this makes
   10.12 -	 * it "work" for testing purposes. */
   10.13  	/* Death loop */
   10.14  	while (__get_cpu_var(cpu_state) != CPU_UP_PREPARE)
   10.15  		HYPERVISOR_yield();
   10.16  
   10.17 -	local_irq_disable();
   10.18  	__flush_tlb_all();
   10.19  	cpu_set(smp_processor_id(), cpu_online_map);
   10.20 -	local_irq_enable();
   10.21  }
   10.22  #else
   10.23  static inline void play_dead(void)
   10.24 @@ -156,12 +148,19 @@ void cpu_idle (void)
   10.25  			rmb();
   10.26  
   10.27  			if (cpu_is_offline(cpu)) {
   10.28 +				local_irq_disable();
   10.29 +				/* Ack it.  From this point on until
   10.30 +				   we get woken up, we're not allowed
   10.31 +				   to take any locks.  In particular,
   10.32 +				   don't printk. */
   10.33 +				__get_cpu_var(cpu_state) = CPU_DEAD;
   10.34  #if defined(CONFIG_XEN) && defined(CONFIG_HOTPLUG_CPU)
   10.35  				/* Tell hypervisor to take vcpu down. */
   10.36  				HYPERVISOR_vcpu_down(cpu);
   10.37  #endif
   10.38  				play_dead();
   10.39 -         }
   10.40 +				local_irq_enable();
   10.41 +			}
   10.42  
   10.43  			__get_cpu_var(irq_stat).idle_timestamp = jiffies;
   10.44  			xen_idle();
   10.45 @@ -523,16 +522,15 @@ struct task_struct fastcall * __switch_t
   10.46  	 * Load the per-thread Thread-Local Storage descriptor.
   10.47  	 * This is load_TLS(next, cpu) with multicalls.
   10.48  	 */
   10.49 -#define C(i) do {                                                       \
   10.50 -	if (unlikely(next->tls_array[i].a != prev->tls_array[i].a ||    \
   10.51 -		     next->tls_array[i].b != prev->tls_array[i].b)) {   \
   10.52 -		mcl->op      = __HYPERVISOR_update_descriptor;          \
   10.53 -		mcl->args[0] = virt_to_machine(&get_cpu_gdt_table(cpu)  \
   10.54 -					 [GDT_ENTRY_TLS_MIN + i]);      \
   10.55 -		mcl->args[1] = ((u32 *)&next->tls_array[i])[0];         \
   10.56 -		mcl->args[2] = ((u32 *)&next->tls_array[i])[1];         \
   10.57 -		mcl++;                                                  \
   10.58 -	}                                                               \
   10.59 +#define C(i) do {							\
   10.60 +	if (unlikely(next->tls_array[i].a != prev->tls_array[i].a ||	\
   10.61 +		     next->tls_array[i].b != prev->tls_array[i].b)) {	\
   10.62 +		mcl->op = __HYPERVISOR_update_descriptor;		\
   10.63 +		*(u64 *)&mcl->args[0] =	virt_to_machine(		\
   10.64 +			&get_cpu_gdt_table(cpu)[GDT_ENTRY_TLS_MIN + i]);\
   10.65 +		*(u64 *)&mcl->args[2] = *(u64 *)&next->tls_array[i];	\
   10.66 +		mcl++;							\
   10.67 +	}								\
   10.68  } while (0)
   10.69  	C(0); C(1); C(2);
   10.70  #undef C
   10.71 @@ -549,7 +547,7 @@ struct task_struct fastcall * __switch_t
   10.72  		iobmp_op.cmd                     =
   10.73  			PHYSDEVOP_SET_IOBITMAP;
   10.74  		iobmp_op.u.set_iobitmap.bitmap   =
   10.75 -			(unsigned long)next->io_bitmap_ptr;
   10.76 +			(char *)next->io_bitmap_ptr;
   10.77  		iobmp_op.u.set_iobitmap.nr_ports =
   10.78  			next->io_bitmap_ptr ? IO_BITMAP_BITS : 0;
   10.79  		mcl->op      = __HYPERVISOR_physdev_op;
   10.80 @@ -791,3 +789,10 @@ unsigned long arch_align_stack(unsigned 
   10.81  		sp -= get_random_int() % 8192;
   10.82  	return sp & ~0xf;
   10.83  }
   10.84 +
   10.85 +
   10.86 +#ifndef CONFIG_X86_SMP
   10.87 +void _restore_vcpu(void)
   10.88 +{
   10.89 +}
   10.90 +#endif
    11.1 --- a/linux-2.6-xen-sparse/arch/xen/i386/kernel/setup.c	Thu Aug 18 10:40:02 2005 -0800
    11.2 +++ b/linux-2.6-xen-sparse/arch/xen/i386/kernel/setup.c	Fri Aug 19 10:19:28 2005 -0800
    11.3 @@ -1604,11 +1604,10 @@ void __init setup_arch(char **cmdline_p)
    11.4  	for ( i=0, j=0; i < max_pfn; i+=(PAGE_SIZE/sizeof(unsigned long)), j++ )
    11.5  	{	
    11.6  	     pfn_to_mfn_frame_list[j] = 
    11.7 -		  virt_to_machine(&phys_to_machine_mapping[i]) >> PAGE_SHIFT;
    11.8 +		  virt_to_mfn(&phys_to_machine_mapping[i]);
    11.9  	}
   11.10  	HYPERVISOR_shared_info->arch.pfn_to_mfn_frame_list =
   11.11 -	     virt_to_machine(pfn_to_mfn_frame_list) >> PAGE_SHIFT;
   11.12 -
   11.13 +	     virt_to_mfn(pfn_to_mfn_frame_list);
   11.14  
   11.15  	/*
   11.16  	 * NOTE: at this point the bootmem allocator is fully available.
    12.1 --- a/linux-2.6-xen-sparse/arch/xen/i386/kernel/smpboot.c	Thu Aug 18 10:40:02 2005 -0800
    12.2 +++ b/linux-2.6-xen-sparse/arch/xen/i386/kernel/smpboot.c	Fri Aug 19 10:19:28 2005 -0800
    12.3 @@ -904,7 +904,7 @@ static int __init do_boot_cpu(int apicid
    12.4  		for (va = cpu_gdt_descr[cpu].address, f = 0;
    12.5  		     va < cpu_gdt_descr[cpu].address + cpu_gdt_descr[cpu].size;
    12.6  		     va += PAGE_SIZE, f++) {
    12.7 -			ctxt.gdt_frames[f] = virt_to_machine(va) >> PAGE_SHIFT;
    12.8 +			ctxt.gdt_frames[f] = virt_to_mfn(va);
    12.9  			make_page_readonly((void *)va);
   12.10  		}
   12.11  		ctxt.gdt_ents = cpu_gdt_descr[cpu].size / 8;
   12.12 @@ -920,7 +920,7 @@ static int __init do_boot_cpu(int apicid
   12.13  	ctxt.failsafe_callback_cs  = __KERNEL_CS;
   12.14  	ctxt.failsafe_callback_eip = (unsigned long)failsafe_callback;
   12.15  
   12.16 -	ctxt.ctrlreg[3] = (unsigned long)virt_to_machine(swapper_pg_dir);
   12.17 +	ctxt.ctrlreg[3] = virt_to_mfn(swapper_pg_dir) << PAGE_SHIFT;
   12.18  
   12.19  	boot_error = HYPERVISOR_boot_vcpu(cpu, &ctxt);
   12.20  	printk("boot error: %ld\n", boot_error);
   12.21 @@ -1616,3 +1616,21 @@ void smp_resume(void)
   12.22  	smp_intr_init();
   12.23  	local_setup_timer_irq();
   12.24  }
   12.25 +
   12.26 +DECLARE_PER_CPU(int, timer_irq);
   12.27 +
   12.28 +void _restore_vcpu(void)
   12.29 +{
   12.30 +	int cpu = smp_processor_id();
   12.31 +	extern atomic_t vcpus_rebooting;
   12.32 +
   12.33 +	/* We are the first thing the vcpu runs when it comes back,
   12.34 +	   and we are supposed to restore the IPIs and timer
   12.35 +	   interrupts etc.  When we return, the vcpu's idle loop will
   12.36 +	   start up again. */
   12.37 +	_bind_virq_to_irq(VIRQ_TIMER, cpu, per_cpu(timer_irq, cpu));
   12.38 +	_bind_virq_to_irq(VIRQ_DEBUG, cpu, per_cpu(ldebug_irq, cpu));
   12.39 +	_bind_ipi_to_irq(RESCHEDULE_VECTOR, cpu, per_cpu(resched_irq, cpu) );
   12.40 +	_bind_ipi_to_irq(CALL_FUNCTION_VECTOR, cpu, per_cpu(callfunc_irq, cpu) );
   12.41 +	atomic_dec(&vcpus_rebooting);
   12.42 +}
    13.1 --- a/linux-2.6-xen-sparse/arch/xen/i386/kernel/swiotlb.c	Thu Aug 18 10:40:02 2005 -0800
    13.2 +++ b/linux-2.6-xen-sparse/arch/xen/i386/kernel/swiotlb.c	Fri Aug 19 10:19:28 2005 -0800
    13.3 @@ -94,9 +94,6 @@ setup_io_tlb_npages(char *str)
    13.4  		iotlb_nslabs = simple_strtoul(str, &str, 0) <<
    13.5  			(20 - IO_TLB_SHIFT);
    13.6  		iotlb_nslabs = ALIGN(iotlb_nslabs, IO_TLB_SEGSIZE);
    13.7 -		/* Round up to power of two (xen_create_contiguous_region). */
    13.8 -		while (iotlb_nslabs & (iotlb_nslabs-1))
    13.9 -			iotlb_nslabs += iotlb_nslabs & ~(iotlb_nslabs-1);
   13.10  	}
   13.11  	if (*str == ',')
   13.12  		++str;
   13.13 @@ -123,9 +120,6 @@ swiotlb_init_with_default_size (size_t d
   13.14  	if (!iotlb_nslabs) {
   13.15  		iotlb_nslabs = (default_size >> IO_TLB_SHIFT);
   13.16  		iotlb_nslabs = ALIGN(iotlb_nslabs, IO_TLB_SEGSIZE);
   13.17 -		/* Round up to power of two (xen_create_contiguous_region). */
   13.18 -		while (iotlb_nslabs & (iotlb_nslabs-1))
   13.19 -			iotlb_nslabs += iotlb_nslabs & ~(iotlb_nslabs-1);
   13.20  	}
   13.21  
   13.22  	bytes = iotlb_nslabs * (1UL << IO_TLB_SHIFT);
   13.23 @@ -135,10 +129,14 @@ swiotlb_init_with_default_size (size_t d
   13.24  	 */
   13.25  	iotlb_virt_start = alloc_bootmem_low_pages(bytes);
   13.26  	if (!iotlb_virt_start)
   13.27 -		panic("Cannot allocate SWIOTLB buffer");
   13.28 +		panic("Cannot allocate SWIOTLB buffer!\n"
   13.29 +		      "Use dom0_mem Xen boot parameter to reserve\n"
   13.30 +		      "some DMA memory (e.g., dom0_mem=-128M).\n");
   13.31  
   13.32 -	xen_create_contiguous_region(
   13.33 -		(unsigned long)iotlb_virt_start, get_order(bytes));
   13.34 +	for (i = 0; i < iotlb_nslabs; i += IO_TLB_SEGSIZE)
   13.35 +		xen_create_contiguous_region(
   13.36 +			(unsigned long)iotlb_virt_start + (i << IO_TLB_SHIFT),
   13.37 +			get_order(IO_TLB_SEGSIZE << IO_TLB_SHIFT));
   13.38  
   13.39  	iotlb_virt_end = iotlb_virt_start + bytes;
   13.40  
    14.1 --- a/linux-2.6-xen-sparse/arch/xen/i386/kernel/time.c	Thu Aug 18 10:40:02 2005 -0800
    14.2 +++ b/linux-2.6-xen-sparse/arch/xen/i386/kernel/time.c	Fri Aug 19 10:19:28 2005 -0800
    14.3 @@ -745,7 +745,7 @@ static void __init hpet_time_init(void)
    14.4  #endif
    14.5  
    14.6  /* Dynamically-mapped IRQ. */
    14.7 -static DEFINE_PER_CPU(int, timer_irq);
    14.8 +DEFINE_PER_CPU(int, timer_irq);
    14.9  
   14.10  static struct irqaction irq_timer = {
   14.11  	timer_interrupt, SA_INTERRUPT, CPU_MASK_NONE, "timer0",
    15.1 --- a/linux-2.6-xen-sparse/arch/xen/i386/mm/init.c	Thu Aug 18 10:40:02 2005 -0800
    15.2 +++ b/linux-2.6-xen-sparse/arch/xen/i386/mm/init.c	Fri Aug 19 10:19:28 2005 -0800
    15.3 @@ -342,11 +342,15 @@ unsigned long long __PAGE_KERNEL_EXEC = 
    15.4  extern void __init remap_numa_kva(void);
    15.5  #endif
    15.6  
    15.7 +pgd_t *swapper_pg_dir;
    15.8 +
    15.9  static void __init pagetable_init (void)
   15.10  {
   15.11  	unsigned long vaddr;
   15.12 -	pgd_t *pgd_base = swapper_pg_dir;
   15.13 -	pgd_t *old_pgd = (pgd_t *)xen_start_info.pt_base;
   15.14 +	pgd_t *pgd_base = (pgd_t *)xen_start_info.pt_base;
   15.15 +
   15.16 +	swapper_pg_dir = pgd_base;
   15.17 +	init_mm.pgd    = pgd_base;
   15.18  
   15.19  #ifdef CONFIG_X86_PAE
   15.20  	int i;
   15.21 @@ -367,44 +371,6 @@ static void __init pagetable_init (void)
   15.22  		__PAGE_KERNEL_EXEC |= _PAGE_GLOBAL;
   15.23  	}
   15.24  
   15.25 -	/*
   15.26 -	 * Switch to proper mm_init page directory. Initialise from the current
   15.27 -	 * page directory, write-protect the new page directory, then switch to
   15.28 -	 * it. We clean up by write-enabling and then freeing the old page dir.
   15.29 -	 */
   15.30 -#ifndef CONFIG_X86_PAE
   15.31 -	memcpy(pgd_base, old_pgd, PTRS_PER_PGD_NO_HV*sizeof(pgd_t));
   15.32 -	make_page_readonly(pgd_base);
   15.33 -	xen_pgd_pin(__pa(pgd_base));
   15.34 -	load_cr3(pgd_base);
   15.35 -	xen_pgd_unpin(__pa(old_pgd));
   15.36 -	make_page_writable(old_pgd);
   15.37 -	__flush_tlb_all();
   15.38 -	free_bootmem(__pa(old_pgd), PAGE_SIZE);
   15.39 -#else
   15.40 -	{
   15.41 -		pud_t *old_pud = pud_offset(old_pgd+3, PAGE_OFFSET);
   15.42 -		pmd_t *old_pmd = pmd_offset(old_pud, PAGE_OFFSET);
   15.43 -		pmd_t *new_pmd = alloc_bootmem_low_pages(PAGE_SIZE);
   15.44 -
   15.45 -		memcpy(new_pmd,  old_pmd, PAGE_SIZE);
   15.46 -		memcpy(pgd_base, old_pgd, PTRS_PER_PGD_NO_HV*sizeof(pgd_t));
   15.47 -		set_pgd(&pgd_base[3], __pgd(__pa(new_pmd) | _PAGE_PRESENT));
   15.48 -
   15.49 -		make_page_readonly(new_pmd);
   15.50 -		make_page_readonly(pgd_base);
   15.51 -		xen_pgd_pin(__pa(pgd_base));
   15.52 -		load_cr3(pgd_base);
   15.53 -		xen_pgd_unpin(__pa(old_pgd));
   15.54 -		make_page_writable(old_pgd);
   15.55 -		make_page_writable(old_pmd);
   15.56 -		__flush_tlb_all();
   15.57 -
   15.58 -		free_bootmem(__pa(old_pgd), PAGE_SIZE);
   15.59 -		free_bootmem(__pa(old_pmd), PAGE_SIZE);
   15.60 -	}
   15.61 -#endif
   15.62 -
   15.63  	init_mm.context.pinned = 1;
   15.64  	kernel_physical_mapping_init(pgd_base);
   15.65  	remap_numa_kva();
    16.1 --- a/linux-2.6-xen-sparse/arch/xen/i386/mm/ioremap.c	Thu Aug 18 10:40:02 2005 -0800
    16.2 +++ b/linux-2.6-xen-sparse/arch/xen/i386/mm/ioremap.c	Fri Aug 19 10:19:28 2005 -0800
    16.3 @@ -306,7 +306,7 @@ static int direct_remap_area_pte_fn(pte_
    16.4  {
    16.5  	mmu_update_t **v = (mmu_update_t **)data;
    16.6  
    16.7 -	(*v)->ptr = ((physaddr_t)pfn_to_mfn(page_to_pfn(pte_page)) <<
    16.8 +	(*v)->ptr = ((maddr_t)pfn_to_mfn(page_to_pfn(pte_page)) <<
    16.9  		     PAGE_SHIFT) | ((unsigned long)pte & ~PAGE_MASK);
   16.10  	(*v)++;
   16.11  
    17.1 --- a/linux-2.6-xen-sparse/arch/xen/i386/mm/pgtable.c	Thu Aug 18 10:40:02 2005 -0800
    17.2 +++ b/linux-2.6-xen-sparse/arch/xen/i386/mm/pgtable.c	Fri Aug 19 10:19:28 2005 -0800
    17.3 @@ -170,7 +170,7 @@ void set_pmd_pfn(unsigned long vaddr, un
    17.4  	__flush_tlb_one(vaddr);
    17.5  }
    17.6  
    17.7 -void __set_fixmap (enum fixed_addresses idx, unsigned long phys, pgprot_t flags)
    17.8 +void __set_fixmap (enum fixed_addresses idx, maddr_t phys, pgprot_t flags)
    17.9  {
   17.10  	unsigned long address = __fix_to_virt(idx);
   17.11  
    18.1 --- a/linux-2.6-xen-sparse/arch/xen/kernel/evtchn.c	Thu Aug 18 10:40:02 2005 -0800
    18.2 +++ b/linux-2.6-xen-sparse/arch/xen/kernel/evtchn.c	Fri Aug 19 10:19:28 2005 -0800
    18.3 @@ -144,7 +144,7 @@ asmlinkage void evtchn_do_upcall(struct 
    18.4      vcpu_info_t   *vcpu_info = &s->vcpu_data[cpu];
    18.5  
    18.6      vcpu_info->evtchn_upcall_pending = 0;
    18.7 -    
    18.8 +
    18.9      /* NB. No need for a barrier here -- XCHG is a barrier on x86. */
   18.10      l1 = xchg(&vcpu_info->evtchn_pending_sel, 0);
   18.11      while ( l1 != 0 )
   18.12 @@ -158,9 +158,9 @@ asmlinkage void evtchn_do_upcall(struct 
   18.13              l2 &= ~(1 << l2i);
   18.14              
   18.15              port = (l1i << 5) + l2i;
   18.16 -            if ( (irq = evtchn_to_irq[port]) != -1 )
   18.17 +            if ( (irq = evtchn_to_irq[port]) != -1 ) {
   18.18                  do_IRQ(irq, regs);
   18.19 -            else
   18.20 +	    } else
   18.21                  evtchn_device_upcall(port);
   18.22          }
   18.23      }
   18.24 @@ -245,6 +245,74 @@ void unbind_virq_from_irq(int virq)
   18.25      spin_unlock(&irq_mapping_update_lock);
   18.26  }
   18.27  
   18.28 +/* This is only used when a vcpu from an xm save.  The ipi is expected
   18.29 +   to have been bound before we suspended, and so all of the xenolinux
   18.30 +   state is set up; we only need to restore the Xen side of things.
   18.31 +   The irq number has to be the same, but the evtchn number can
   18.32 +   change. */
   18.33 +void _bind_ipi_to_irq(int ipi, int vcpu, int irq)
   18.34 +{
   18.35 +    evtchn_op_t op;
   18.36 +    int evtchn;
   18.37 +
   18.38 +    spin_lock(&irq_mapping_update_lock);
   18.39 +
   18.40 +    op.cmd = EVTCHNOP_bind_ipi;
   18.41 +    if ( HYPERVISOR_event_channel_op(&op) != 0 )
   18.42 +	panic("Failed to bind virtual IPI %d on cpu %d\n", ipi, vcpu);
   18.43 +    evtchn = op.u.bind_ipi.port;
   18.44 +
   18.45 +    printk("<0>IPI %d, old evtchn %d, evtchn %d.\n",
   18.46 +	   ipi, per_cpu(ipi_to_evtchn, vcpu)[ipi],
   18.47 +	   evtchn);
   18.48 +
   18.49 +    evtchn_to_irq[irq_to_evtchn[irq]] = -1;
   18.50 +    irq_to_evtchn[irq] = -1;
   18.51 +
   18.52 +    evtchn_to_irq[evtchn] = irq;
   18.53 +    irq_to_evtchn[irq]    = evtchn;
   18.54 +
   18.55 +    printk("<0>evtchn_to_irq[%d] = %d.\n", evtchn,
   18.56 +	   evtchn_to_irq[evtchn]);
   18.57 +    per_cpu(ipi_to_evtchn, vcpu)[ipi] = evtchn;
   18.58 +
   18.59 +    bind_evtchn_to_cpu(evtchn, vcpu);
   18.60 +
   18.61 +    spin_unlock(&irq_mapping_update_lock);
   18.62 +
   18.63 +    clear_bit(evtchn, (unsigned long *)HYPERVISOR_shared_info->evtchn_mask);
   18.64 +    clear_bit(evtchn, (unsigned long *)HYPERVISOR_shared_info->evtchn_pending);
   18.65 +}
   18.66 +
   18.67 +void _bind_virq_to_irq(int virq, int cpu, int irq)
   18.68 +{
   18.69 +    evtchn_op_t op;
   18.70 +    int evtchn;
   18.71 +
   18.72 +    spin_lock(&irq_mapping_update_lock);
   18.73 +
   18.74 +    op.cmd              = EVTCHNOP_bind_virq;
   18.75 +    op.u.bind_virq.virq = virq;
   18.76 +    if ( HYPERVISOR_event_channel_op(&op) != 0 )
   18.77 +            panic("Failed to bind virtual IRQ %d\n", virq);
   18.78 +    evtchn = op.u.bind_virq.port;
   18.79 +
   18.80 +    evtchn_to_irq[irq_to_evtchn[irq]] = -1;
   18.81 +    irq_to_evtchn[irq] = -1;
   18.82 +
   18.83 +    evtchn_to_irq[evtchn] = irq;
   18.84 +    irq_to_evtchn[irq]    = evtchn;
   18.85 +
   18.86 +    per_cpu(virq_to_irq, cpu)[virq] = irq;
   18.87 +
   18.88 +    bind_evtchn_to_cpu(evtchn, cpu);
   18.89 +
   18.90 +    spin_unlock(&irq_mapping_update_lock);
   18.91 +
   18.92 +    clear_bit(evtchn, (unsigned long *)HYPERVISOR_shared_info->evtchn_mask);
   18.93 +    clear_bit(evtchn, (unsigned long *)HYPERVISOR_shared_info->evtchn_pending);
   18.94 +}
   18.95 +
   18.96  int bind_ipi_to_irq(int ipi)
   18.97  {
   18.98      evtchn_op_t op;
    19.1 --- a/linux-2.6-xen-sparse/arch/xen/kernel/reboot.c	Thu Aug 18 10:40:02 2005 -0800
    19.2 +++ b/linux-2.6-xen-sparse/arch/xen/kernel/reboot.c	Fri Aug 19 10:19:28 2005 -0800
    19.3 @@ -16,6 +16,8 @@
    19.4  #include <asm-xen/queues.h>
    19.5  #include <asm-xen/xenbus.h>
    19.6  #include <asm-xen/ctrl_if.h>
    19.7 +#include <linux/cpu.h>
    19.8 +#include <linux/kthread.h>
    19.9  
   19.10  #define SHUTDOWN_INVALID  -1
   19.11  #define SHUTDOWN_POWEROFF  0
   19.12 @@ -58,20 +60,74 @@ EXPORT_SYMBOL(machine_power_off);
   19.13  /* Ignore multiple shutdown requests. */
   19.14  static int shutting_down = SHUTDOWN_INVALID;
   19.15  
   19.16 -static void __do_suspend(void)
   19.17 +#ifndef CONFIG_HOTPLUG_CPU
   19.18 +#define cpu_down(x) (-EOPNOTSUPP)
   19.19 +#define cpu_up(x) (-EOPNOTSUPP)
   19.20 +#endif
   19.21 +
   19.22 +static void save_vcpu_context(int vcpu, vcpu_guest_context_t *ctxt)
   19.23 +{
   19.24 +    int r;
   19.25 +    int gdt_pages;
   19.26 +    r = HYPERVISOR_vcpu_pickle(vcpu, ctxt);
   19.27 +    if (r != 0)
   19.28 +	panic("pickling vcpu %d -> %d!\n", vcpu, r);
   19.29 +
   19.30 +    /* Translate from machine to physical addresses where necessary,
   19.31 +       so that they can be translated to our new machine address space
   19.32 +       after resume.  libxc is responsible for doing this to vcpu0,
   19.33 +       but we do it to the others. */
   19.34 +    gdt_pages = (ctxt->gdt_ents + 511) / 512;
   19.35 +    ctxt->ctrlreg[3] = machine_to_phys(ctxt->ctrlreg[3]);
   19.36 +    for (r = 0; r < gdt_pages; r++)
   19.37 +	ctxt->gdt_frames[r] = mfn_to_pfn(ctxt->gdt_frames[r]);
   19.38 +}
   19.39 +
   19.40 +void _restore_vcpu(int cpu);
   19.41 +
   19.42 +atomic_t vcpus_rebooting;
   19.43 +
   19.44 +static int restore_vcpu_context(int vcpu, vcpu_guest_context_t *ctxt)
   19.45 +{
   19.46 +    int r;
   19.47 +    int gdt_pages = (ctxt->gdt_ents + 511) / 512;
   19.48 +
   19.49 +    /* This is kind of a hack, and implicitly relies on the fact that
   19.50 +       the vcpu stops in a place where all of the call clobbered
   19.51 +       registers are already dead. */
   19.52 +    ctxt->user_regs.esp -= 4;
   19.53 +    ((unsigned long *)ctxt->user_regs.esp)[0] = ctxt->user_regs.eip;
   19.54 +    ctxt->user_regs.eip = (unsigned long)_restore_vcpu;
   19.55 +
   19.56 +    /* De-canonicalise.  libxc handles this for vcpu 0, but we need
   19.57 +       to do it for the other vcpus. */
   19.58 +    ctxt->ctrlreg[3] = phys_to_machine(ctxt->ctrlreg[3]);
   19.59 +    for (r = 0; r < gdt_pages; r++)
   19.60 +	ctxt->gdt_frames[r] = pfn_to_mfn(ctxt->gdt_frames[r]);
   19.61 +
   19.62 +    atomic_set(&vcpus_rebooting, 1);
   19.63 +    r = HYPERVISOR_boot_vcpu(vcpu, ctxt);
   19.64 +    if (r != 0) {
   19.65 +	printk(KERN_EMERG "Failed to reboot vcpu %d (%d)\n", vcpu, r);
   19.66 +	return -1;
   19.67 +    }
   19.68 +
   19.69 +    /* Make sure we wait for the new vcpu to come up before trying to do
   19.70 +       anything with it or starting the next one. */
   19.71 +    while (atomic_read(&vcpus_rebooting))
   19.72 +	barrier();
   19.73 +
   19.74 +    return 0;
   19.75 +}
   19.76 +
   19.77 +static int __do_suspend(void *ignore)
   19.78  {
   19.79      int i, j;
   19.80      suspend_record_t *suspend_record;
   19.81 +    static vcpu_guest_context_t suspended_cpu_records[NR_CPUS];
   19.82  
   19.83      /* Hmmm... a cleaner interface to suspend/resume blkdevs would be nice. */
   19.84  	/* XXX SMH: yes it would :-( */	
   19.85 -#ifdef CONFIG_XEN_BLKDEV_FRONTEND
   19.86 -    extern void blkdev_suspend(void);
   19.87 -    extern void blkdev_resume(void);
   19.88 -#else
   19.89 -#define blkdev_suspend() do{}while(0)
   19.90 -#define blkdev_resume()  do{}while(0)
   19.91 -#endif
   19.92  
   19.93  #ifdef CONFIG_XEN_NETDEV_FRONTEND
   19.94      extern void netif_suspend(void);
   19.95 @@ -104,14 +160,64 @@ static void __do_suspend(void)
   19.96      extern unsigned long max_pfn;
   19.97      extern unsigned int *pfn_to_mfn_frame_list;
   19.98  
   19.99 +    cpumask_t prev_online_cpus, prev_present_cpus;
  19.100 +    int err = 0;
  19.101 +
  19.102 +    BUG_ON(smp_processor_id() != 0);
  19.103 +    BUG_ON(in_interrupt());
  19.104 +
  19.105 +#if defined(CONFIG_SMP) && !defined(CONFIG_HOTPLUG_CPU)
  19.106 +    if (num_online_cpus() > 1) {
  19.107 +	printk(KERN_WARNING "Can't suspend SMP guests without CONFIG_HOTPLUG_CPU\n");
  19.108 +	return -EOPNOTSUPP;
  19.109 +    }
  19.110 +#endif
  19.111 +
  19.112      suspend_record = (suspend_record_t *)__get_free_page(GFP_KERNEL);
  19.113      if ( suspend_record == NULL )
  19.114          goto out;
  19.115  
  19.116 +    /* Take all of the other cpus offline.  We need to be careful not
  19.117 +       to get preempted between the final test for num_online_cpus()
  19.118 +       == 1 and disabling interrupts, since otherwise userspace could
  19.119 +       bring another cpu online, and then we'd be stuffed.  At the
  19.120 +       same time, cpu_down can reschedule, so we need to enable
  19.121 +       preemption while doing that.  This kind of sucks, but should be
  19.122 +       correct. */
  19.123 +    /* (We don't need to worry about other cpus bringing stuff up,
  19.124 +       since by the time num_online_cpus() == 1, there aren't any
  19.125 +       other cpus) */
  19.126 +    cpus_clear(prev_online_cpus);
  19.127 +    preempt_disable();
  19.128 +    while (num_online_cpus() > 1) {
  19.129 +	preempt_enable();
  19.130 +	for_each_online_cpu(i) {
  19.131 +	    if (i == 0)
  19.132 +		continue;
  19.133 +	    err = cpu_down(i);
  19.134 +	    if (err != 0) {
  19.135 +		printk(KERN_CRIT "Failed to take all CPUs down: %d.\n", err);
  19.136 +		goto out_reenable_cpus;
  19.137 +	    }
  19.138 +	    cpu_set(i, prev_online_cpus);
  19.139 +	}
  19.140 +	preempt_disable();
  19.141 +    }
  19.142 +
  19.143      suspend_record->nr_pfns = max_pfn; /* final number of pfns */
  19.144  
  19.145      __cli();
  19.146  
  19.147 +    preempt_enable();
  19.148 +
  19.149 +    cpus_clear(prev_present_cpus);
  19.150 +    for_each_present_cpu(i) {
  19.151 +	if (i == 0)
  19.152 +	    continue;
  19.153 +	save_vcpu_context(i, &suspended_cpu_records[i]);
  19.154 +	cpu_set(i, prev_present_cpus);
  19.155 +    }
  19.156 +
  19.157  #ifdef __i386__
  19.158      mm_pin_all();
  19.159      kmem_cache_shrink(pgd_cache);
  19.160 @@ -119,8 +225,6 @@ static void __do_suspend(void)
  19.161  
  19.162      netif_suspend();
  19.163  
  19.164 -    blkdev_suspend();
  19.165 -
  19.166      time_suspend();
  19.167  
  19.168  #ifdef CONFIG_SMP
  19.169 @@ -141,7 +245,9 @@ static void __do_suspend(void)
  19.170      memcpy(&suspend_record->resume_info, &xen_start_info,
  19.171             sizeof(xen_start_info));
  19.172  
  19.173 -    HYPERVISOR_suspend(virt_to_machine(suspend_record) >> PAGE_SHIFT);
  19.174 +    /* We'll stop somewhere inside this hypercall.  When it returns,
  19.175 +       we'll start resuming after the restore. */
  19.176 +    HYPERVISOR_suspend(virt_to_mfn(suspend_record));
  19.177  
  19.178      shutting_down = SHUTDOWN_INVALID; 
  19.179  
  19.180 @@ -157,10 +263,10 @@ static void __do_suspend(void)
  19.181      for ( i=0, j=0; i < max_pfn; i+=(PAGE_SIZE/sizeof(unsigned long)), j++ )
  19.182      {
  19.183          pfn_to_mfn_frame_list[j] = 
  19.184 -            virt_to_machine(&phys_to_machine_mapping[i]) >> PAGE_SHIFT;
  19.185 +            virt_to_mfn(&phys_to_machine_mapping[i]);
  19.186      }
  19.187      HYPERVISOR_shared_info->arch.pfn_to_mfn_frame_list =
  19.188 -        virt_to_machine(pfn_to_mfn_frame_list) >> PAGE_SHIFT;
  19.189 +        virt_to_mfn(pfn_to_mfn_frame_list);
  19.190  
  19.191      gnttab_resume();
  19.192  
  19.193 @@ -176,17 +282,30 @@ static void __do_suspend(void)
  19.194  
  19.195      time_resume();
  19.196  
  19.197 -    blkdev_resume();
  19.198 -
  19.199      netif_resume();
  19.200  
  19.201      usbif_resume();
  19.202  
  19.203 +    for_each_cpu_mask(i, prev_present_cpus) {
  19.204 +	restore_vcpu_context(i, &suspended_cpu_records[i]);
  19.205 +    }
  19.206 +
  19.207      __sti();
  19.208  
  19.209 + out_reenable_cpus:
  19.210 +    for_each_cpu_mask(i, prev_online_cpus) {
  19.211 +	j = cpu_up(i);
  19.212 +	if (j != 0) {
  19.213 +	    printk(KERN_CRIT "Failed to bring cpu %d back up (%d).\n",
  19.214 +		   i, j);
  19.215 +	    err = j;
  19.216 +	}
  19.217 +    }
  19.218 +
  19.219   out:
  19.220      if ( suspend_record != NULL )
  19.221          free_page((unsigned long)suspend_record);
  19.222 +    return err;
  19.223  }
  19.224  
  19.225  static int shutdown_process(void *__unused)
  19.226 @@ -233,6 +352,18 @@ static int shutdown_process(void *__unus
  19.227      return 0;
  19.228  }
  19.229  
  19.230 +static struct task_struct *kthread_create_on_cpu(int (*f)(void *arg),
  19.231 +						 void *arg,
  19.232 +						 const char *name,
  19.233 +						 int cpu)
  19.234 +{
  19.235 +    struct task_struct *p;
  19.236 +    p = kthread_create(f, arg, name);
  19.237 +    kthread_bind(p, cpu);
  19.238 +    wake_up_process(p);
  19.239 +    return p;
  19.240 +}
  19.241 +
  19.242  static void __shutdown_handler(void *unused)
  19.243  {
  19.244      int err;
  19.245 @@ -245,7 +376,7 @@ static void __shutdown_handler(void *unu
  19.246      }
  19.247      else
  19.248      {
  19.249 -        __do_suspend();
  19.250 +	kthread_create_on_cpu(__do_suspend, NULL, "suspender", 0);
  19.251      }
  19.252  }
  19.253  
    20.1 --- a/linux-2.6-xen-sparse/arch/xen/x86_64/kernel/process.c	Thu Aug 18 10:40:02 2005 -0800
    20.2 +++ b/linux-2.6-xen-sparse/arch/xen/x86_64/kernel/process.c	Fri Aug 19 10:19:28 2005 -0800
    20.3 @@ -453,8 +453,8 @@ struct task_struct *__switch_to(struct t
    20.4  #define C(i) do {							\
    20.5  	if (unlikely(next->tls_array[i] != prev->tls_array[i])) {	\
    20.6  		mcl->op      = __HYPERVISOR_update_descriptor;		\
    20.7 -		mcl->args[0] = virt_to_machine(&get_cpu_gdt_table(cpu)	\
    20.8 -					       [GDT_ENTRY_TLS_MIN + i]); \
    20.9 +		mcl->args[0] = virt_to_machine(				\
   20.10 +			&get_cpu_gdt_table(cpu)[GDT_ENTRY_TLS_MIN + i]);\
   20.11  		mcl->args[1] = next->tls_array[i];			\
   20.12  		mcl++;							\
   20.13  	}								\
   20.14 @@ -474,7 +474,7 @@ struct task_struct *__switch_to(struct t
   20.15  		iobmp_op.cmd                     =
   20.16  			PHYSDEVOP_SET_IOBITMAP;
   20.17  		iobmp_op.u.set_iobitmap.bitmap   =
   20.18 -			(unsigned long)next->io_bitmap_ptr;
   20.19 +			(char *)next->io_bitmap_ptr;
   20.20  		iobmp_op.u.set_iobitmap.nr_ports =
   20.21  			next->io_bitmap_ptr ? IO_BITMAP_BITS : 0;
   20.22  		mcl->op      = __HYPERVISOR_physdev_op;
   20.23 @@ -743,3 +743,9 @@ unsigned long arch_align_stack(unsigned 
   20.24  		sp -= get_random_int() % 8192;
   20.25  	return sp & ~0xf;
   20.26  }
   20.27 +
   20.28 +#ifndef CONFIG_SMP
   20.29 +void _restore_vcpu(void)
   20.30 +{
   20.31 +}
   20.32 +#endif
    21.1 --- a/linux-2.6-xen-sparse/arch/xen/x86_64/kernel/setup.c	Thu Aug 18 10:40:02 2005 -0800
    21.2 +++ b/linux-2.6-xen-sparse/arch/xen/x86_64/kernel/setup.c	Fri Aug 19 10:19:28 2005 -0800
    21.3 @@ -795,7 +795,7 @@ void __init setup_arch(char **cmdline_p)
    21.4  		for ( i=0, j=0; i < end_pfn; i+=(PAGE_SIZE/sizeof(unsigned long)), j++ )
    21.5  		{	
    21.6  			pfn_to_mfn_frame_list[j] = 
    21.7 -				virt_to_machine(&phys_to_machine_mapping[i]) >> PAGE_SHIFT;
    21.8 +				virt_to_mfn(&phys_to_machine_mapping[i]);
    21.9  		}
   21.10  
   21.11  	}
    22.1 --- a/linux-2.6-xen-sparse/arch/xen/x86_64/kernel/setup64.c	Thu Aug 18 10:40:02 2005 -0800
    22.2 +++ b/linux-2.6-xen-sparse/arch/xen/x86_64/kernel/setup64.c	Fri Aug 19 10:19:28 2005 -0800
    22.3 @@ -139,7 +139,7 @@ void __init cpu_gdt_init(struct desc_ptr
    22.4  	for (va = gdt_descr->address, f = 0;
    22.5  	     va < gdt_descr->address + gdt_descr->size;
    22.6  	     va += PAGE_SIZE, f++) {
    22.7 -		frames[f] = virt_to_machine(va) >> PAGE_SHIFT;
    22.8 +		frames[f] = virt_to_mfn(va);
    22.9  		make_page_readonly((void *)va);
   22.10  	}
   22.11  	if (HYPERVISOR_set_gdt(frames, gdt_descr->size /
   22.12 @@ -280,19 +280,16 @@ void __init cpu_init (void)
   22.13  	if (cpu) {
   22.14  		memcpy(cpu_gdt_table[cpu], cpu_gdt_table[0], GDT_SIZE);
   22.15  	}	
   22.16 -#endif
   22.17  
   22.18  	cpu_gdt_descr[cpu].size = GDT_SIZE;
   22.19  	cpu_gdt_descr[cpu].address = (unsigned long)cpu_gdt_table[cpu];
   22.20  
   22.21 -        cpu_gdt_init(&cpu_gdt_descr[cpu]);
   22.22 -
   22.23 -#ifndef CONFIG_XEN 
   22.24  	memcpy(me->thread.tls_array, cpu_gdt_table[cpu], GDT_ENTRY_TLS_ENTRIES * 8);
   22.25 -
   22.26  #else
   22.27   	memcpy(me->thread.tls_array, &get_cpu_gdt_table(cpu)[GDT_ENTRY_TLS_MIN],
   22.28  	    GDT_ENTRY_TLS_ENTRIES * 8);
   22.29 +
   22.30 +    cpu_gdt_init(&cpu_gdt_descr[cpu]);
   22.31  #endif
   22.32         
   22.33  	/*
    23.1 --- a/linux-2.6-xen-sparse/arch/xen/x86_64/kernel/smpboot.c	Thu Aug 18 10:40:02 2005 -0800
    23.2 +++ b/linux-2.6-xen-sparse/arch/xen/x86_64/kernel/smpboot.c	Fri Aug 19 10:19:28 2005 -0800
    23.3 @@ -780,7 +780,7 @@ static int __cpuinit do_boot_cpu(int cpu
    23.4  		for (va = cpu_gdt_descr[cpu].address, f = 0;
    23.5  		     va < cpu_gdt_descr[cpu].address + cpu_gdt_descr[cpu].size;
    23.6  		     va += PAGE_SIZE, f++) {
    23.7 -			ctxt.gdt_frames[f] = virt_to_machine(va) >> PAGE_SHIFT;
    23.8 +			ctxt.gdt_frames[f] = virt_to_mfn(va);
    23.9  			make_page_readonly((void *)va);
   23.10  		}
   23.11  		ctxt.gdt_ents = GDT_ENTRIES;
   23.12 @@ -795,7 +795,7 @@ static int __cpuinit do_boot_cpu(int cpu
   23.13  	ctxt.failsafe_callback_eip = (unsigned long)failsafe_callback;
   23.14  	ctxt.syscall_callback_eip  = (unsigned long)system_call;
   23.15  
   23.16 -	ctxt.ctrlreg[3] = (unsigned long)virt_to_machine(init_level4_pgt);
   23.17 +	ctxt.ctrlreg[3] = virt_to_mfn(init_level4_pgt) << PAGE_SHIFT;
   23.18  
   23.19  	boot_error = HYPERVISOR_boot_vcpu(cpu, &ctxt);
   23.20  
   23.21 @@ -1286,4 +1286,10 @@ void smp_resume(void)
   23.22  	smp_intr_init();
   23.23  	local_setup_timer_irq();
   23.24  }
   23.25 +
   23.26 +void _restore_vcpu(void)
   23.27 +{
   23.28 +	/* XXX need to write this */
   23.29 +}
   23.30 +
   23.31  #endif
    24.1 --- a/linux-2.6-xen-sparse/arch/xen/x86_64/mm/init.c	Thu Aug 18 10:40:02 2005 -0800
    24.2 +++ b/linux-2.6-xen-sparse/arch/xen/x86_64/mm/init.c	Fri Aug 19 10:19:28 2005 -0800
    24.3 @@ -742,7 +742,7 @@ void __init paging_init(void)
    24.4  				set_fixmap(FIX_ISAMAP_BEGIN - i, i * PAGE_SIZE);
    24.5  			else
    24.6  				__set_fixmap(FIX_ISAMAP_BEGIN - i,
    24.7 -					     virt_to_machine(empty_zero_page),
    24.8 +					     virt_to_mfn(empty_zero_page) << PAGE_SHIFT,
    24.9  					     PAGE_KERNEL_RO);
   24.10  	}
   24.11  #endif
    25.1 --- a/linux-2.6-xen-sparse/drivers/xen/blkback/Makefile	Thu Aug 18 10:40:02 2005 -0800
    25.2 +++ b/linux-2.6-xen-sparse/drivers/xen/blkback/Makefile	Fri Aug 19 10:19:28 2005 -0800
    25.3 @@ -1,2 +1,2 @@
    25.4  
    25.5 -obj-y	:= blkback.o control.o interface.o vbd.o
    25.6 +obj-y	:= blkback.o xenbus.o interface.o vbd.o
    26.1 --- a/linux-2.6-xen-sparse/drivers/xen/blkback/blkback.c	Thu Aug 18 10:40:02 2005 -0800
    26.2 +++ b/linux-2.6-xen-sparse/drivers/xen/blkback/blkback.c	Fri Aug 19 10:19:28 2005 -0800
    26.3 @@ -104,7 +104,6 @@ static inline domid_t ID_TO_DOM(unsigned
    26.4  #endif
    26.5  
    26.6  static int do_block_io_op(blkif_t *blkif, int max_to_do);
    26.7 -static void dispatch_probe(blkif_t *blkif, blkif_request_t *req);
    26.8  static void dispatch_rw_block_io(blkif_t *blkif, blkif_request_t *req);
    26.9  static void make_response(blkif_t *blkif, unsigned long id, 
   26.10                            unsigned short op, int st);
   26.11 @@ -349,10 +348,6 @@ static int do_block_io_op(blkif_t *blkif
   26.12              dispatch_rw_block_io(blkif, req);
   26.13              break;
   26.14  
   26.15 -        case BLKIF_OP_PROBE:
   26.16 -            dispatch_probe(blkif, req);
   26.17 -            break;
   26.18 -
   26.19          default:
   26.20              DPRINTK("error: unknown block io operation [%d]\n",
   26.21                      req->operation);
   26.22 @@ -365,66 +360,6 @@ static int do_block_io_op(blkif_t *blkif
   26.23      return more_to_do;
   26.24  }
   26.25  
   26.26 -static void dispatch_probe(blkif_t *blkif, blkif_request_t *req)
   26.27 -{
   26.28 -    int rsp = BLKIF_RSP_ERROR;
   26.29 -    int pending_idx = pending_ring[MASK_PEND_IDX(pending_cons)];
   26.30 -
   26.31 -    /* We expect one buffer only. */
   26.32 -    if ( unlikely(req->nr_segments != 1) )
   26.33 -        goto out;
   26.34 -
   26.35 -    /* Make sure the buffer is page-sized. */
   26.36 -    if ( (blkif_first_sect(req->frame_and_sects[0]) != 0) ||
   26.37 -         (blkif_last_sect(req->frame_and_sects[0]) != ((PAGE_SIZE/512)-1)) )
   26.38 -        goto out;
   26.39 -
   26.40 -#ifdef CONFIG_XEN_BLKDEV_GRANT
   26.41 -    {
   26.42 -        struct gnttab_map_grant_ref map;
   26.43 -
   26.44 -        map.host_addr = MMAP_VADDR(pending_idx, 0);
   26.45 -        map.flags = GNTMAP_host_map;
   26.46 -        map.ref = blkif_gref_from_fas(req->frame_and_sects[0]);
   26.47 -        map.dom = blkif->domid;
   26.48 -
   26.49 -        if ( unlikely(HYPERVISOR_grant_table_op(
   26.50 -                        GNTTABOP_map_grant_ref, &map, 1)))
   26.51 -            BUG();
   26.52 -
   26.53 -        if ( map.handle < 0 )
   26.54 -            goto out;
   26.55 -
   26.56 -        pending_handle(pending_idx, 0) = map.handle;
   26.57 -    }
   26.58 -#else /* else CONFIG_XEN_BLKDEV_GRANT */
   26.59 -
   26.60 -#ifdef CONFIG_XEN_BLKDEV_TAP_BE
   26.61 -    /* Grab the real frontend out of the probe message. */
   26.62 -    if (req->frame_and_sects[1] == BLKTAP_COOKIE) 
   26.63 -        blkif->is_blktap = 1;
   26.64 -#endif
   26.65 -
   26.66 -
   26.67 -    if ( HYPERVISOR_update_va_mapping_otherdomain(
   26.68 -        MMAP_VADDR(pending_idx, 0),
   26.69 -        pfn_pte_ma(req->frame_and_sects[0] >> PAGE_SHIFT, PAGE_KERNEL),
   26.70 -#ifdef CONFIG_XEN_BLKDEV_TAP_BE
   26.71 -        0, (blkif->is_blktap ? ID_TO_DOM(req->id) : blkif->domid) ) )
   26.72 -#else
   26.73 -        0, blkif->domid) )
   26.74 -#endif
   26.75 -        goto out;
   26.76 -#endif /* endif CONFIG_XEN_BLKDEV_GRANT */
   26.77 -   
   26.78 -    rsp = vbd_probe(blkif, (vdisk_t *)MMAP_VADDR(pending_idx, 0), 
   26.79 -                    PAGE_SIZE / sizeof(vdisk_t));
   26.80 -
   26.81 - out:
   26.82 -    fast_flush_area(pending_idx, 1);
   26.83 -    make_response(blkif, req->id, req->operation, rsp);
   26.84 -}
   26.85 -
   26.86  static void dispatch_rw_block_io(blkif_t *blkif, blkif_request_t *req)
   26.87  {
   26.88      extern void ll_rw_block(int rw, int nr, struct buffer_head * bhs[]); 
   26.89 @@ -460,7 +395,7 @@ static void dispatch_rw_block_io(blkif_t
   26.90          goto bad_descriptor;
   26.91      }
   26.92  
   26.93 -    preq.dev           = req->device;
   26.94 +    preq.dev           = req->handle;
   26.95      preq.sector_number = req->sector_number;
   26.96      preq.nr_sects      = 0;
   26.97  
   26.98 @@ -730,8 +665,8 @@ static int __init blkif_init(void)
   26.99          0, SLAB_HWCACHE_ALIGN, NULL, NULL);
  26.100  #endif
  26.101  
  26.102 -    blkif_ctrlif_init();
  26.103 -    
  26.104 +    blkif_xenbus_init();
  26.105 +
  26.106  #ifdef CONFIG_XEN_BLKDEV_GRANT
  26.107      memset( pending_grant_handles,  BLKBACK_INVALID_HANDLE, MMAP_PAGES );
  26.108      printk(KERN_ALERT "Blkif backend is using grant tables.\n");
    27.1 --- a/linux-2.6-xen-sparse/drivers/xen/blkback/common.h	Thu Aug 18 10:40:02 2005 -0800
    27.2 +++ b/linux-2.6-xen-sparse/drivers/xen/blkback/common.h	Fri Aug 19 10:19:28 2005 -0800
    27.3 @@ -13,7 +13,6 @@
    27.4  #include <asm/io.h>
    27.5  #include <asm/setup.h>
    27.6  #include <asm/pgalloc.h>
    27.7 -#include <asm-xen/ctrl_if.h>
    27.8  #include <asm-xen/evtchn.h>
    27.9  #include <asm-xen/hypervisor.h>
   27.10  #include <asm-xen/xen-public/io/blkif.h>
   27.11 @@ -47,6 +46,7 @@ typedef struct blkif_st {
   27.12      /* Physical parameters of the comms window. */
   27.13      unsigned long     shmem_frame;
   27.14      unsigned int      evtchn;
   27.15 +    unsigned int      remote_evtchn;
   27.16      /* Comms information. */
   27.17      blkif_back_ring_t blk_ring;
   27.18      /* VBDs attached to this interface. */
   27.19 @@ -71,7 +71,7 @@ typedef struct blkif_st {
   27.20      struct work_struct work;
   27.21  #ifdef CONFIG_XEN_BLKDEV_GRANT
   27.22      u16 shmem_handle;
   27.23 -    memory_t shmem_vaddr;
   27.24 +    unsigned long shmem_vaddr;
   27.25      grant_ref_t shmem_ref;
   27.26  #endif
   27.27  } blkif_t;
   27.28 @@ -81,17 +81,29 @@ void blkif_destroy(blkif_be_destroy_t *d
   27.29  void blkif_connect(blkif_be_connect_t *connect);
   27.30  int  blkif_disconnect(blkif_be_disconnect_t *disconnect, u8 rsp_id);
   27.31  void blkif_disconnect_complete(blkif_t *blkif);
   27.32 -blkif_t *blkif_find_by_handle(domid_t domid, unsigned int handle);
   27.33 +blkif_t *blkif_find(domid_t domid);
   27.34 +void free_blkif(blkif_t *blkif);
   27.35 +int blkif_map(blkif_t *blkif, unsigned long shared_page, unsigned int evtchn);
   27.36 +
   27.37  #define blkif_get(_b) (atomic_inc(&(_b)->refcnt))
   27.38  #define blkif_put(_b)                             \
   27.39      do {                                          \
   27.40          if ( atomic_dec_and_test(&(_b)->refcnt) ) \
   27.41 -            blkif_disconnect_complete(_b);        \
   27.42 +            free_blkif(_b);			  \
   27.43      } while (0)
   27.44  
   27.45 -void vbd_create(blkif_be_vbd_create_t *create); 
   27.46 +struct vbd;
   27.47 +void vbd_free(blkif_t *blkif, struct vbd *vbd);
   27.48 +
   27.49 +/* Creates inactive vbd. */
   27.50 +struct vbd *vbd_create(blkif_t *blkif, blkif_vdev_t vdevice, blkif_pdev_t pdevice, int readonly);
   27.51 +int vbd_is_active(struct vbd *vbd);
   27.52 +void vbd_activate(blkif_t *blkif, struct vbd *vbd);
   27.53 +
   27.54 +unsigned long vbd_size(struct vbd *vbd);
   27.55 +unsigned int vbd_info(struct vbd *vbd);
   27.56 +unsigned long vbd_secsize(struct vbd *vbd);
   27.57  void vbd_destroy(blkif_be_vbd_destroy_t *delete); 
   27.58 -int vbd_probe(blkif_t *blkif, vdisk_t *vbd_info, int max_vbds);
   27.59  void destroy_all_vbds(blkif_t *blkif);
   27.60  
   27.61  struct phys_req {
   27.62 @@ -104,10 +116,11 @@ struct phys_req {
   27.63  int vbd_translate(struct phys_req *req, blkif_t *blkif, int operation); 
   27.64  
   27.65  void blkif_interface_init(void);
   27.66 -void blkif_ctrlif_init(void);
   27.67  
   27.68  void blkif_deschedule(blkif_t *blkif);
   27.69  
   27.70 +void blkif_xenbus_init(void);
   27.71 +
   27.72  irqreturn_t blkif_be_int(int irq, void *dev_id, struct pt_regs *regs);
   27.73  
   27.74  #endif /* __BLKIF__BACKEND__COMMON_H__ */
    28.1 --- a/linux-2.6-xen-sparse/drivers/xen/blkback/control.c	Thu Aug 18 10:40:02 2005 -0800
    28.2 +++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
    28.3 @@ -1,61 +0,0 @@
    28.4 -/******************************************************************************
    28.5 - * arch/xen/drivers/blkif/backend/control.c
    28.6 - * 
    28.7 - * Routines for interfacing with the control plane.
    28.8 - * 
    28.9 - * Copyright (c) 2004, Keir Fraser
   28.10 - */
   28.11 -
   28.12 -#include "common.h"
   28.13 -
   28.14 -static void blkif_ctrlif_rx(ctrl_msg_t *msg, unsigned long id)
   28.15 -{
   28.16 -    DPRINTK("Received blkif backend message, subtype=%d\n", msg->subtype);
   28.17 -    
   28.18 -    switch ( msg->subtype )
   28.19 -    {
   28.20 -    case CMSG_BLKIF_BE_CREATE:
   28.21 -        blkif_create((blkif_be_create_t *)&msg->msg[0]);
   28.22 -        break;        
   28.23 -    case CMSG_BLKIF_BE_DESTROY:
   28.24 -        blkif_destroy((blkif_be_destroy_t *)&msg->msg[0]);
   28.25 -        break;        
   28.26 -    case CMSG_BLKIF_BE_CONNECT:
   28.27 -        blkif_connect((blkif_be_connect_t *)&msg->msg[0]);
   28.28 -        break;        
   28.29 -    case CMSG_BLKIF_BE_DISCONNECT:
   28.30 -        if ( !blkif_disconnect((blkif_be_disconnect_t *)&msg->msg[0],msg->id) )
   28.31 -            return; /* Sending the response is deferred until later. */
   28.32 -        break;        
   28.33 -    case CMSG_BLKIF_BE_VBD_CREATE:
   28.34 -        vbd_create((blkif_be_vbd_create_t *)&msg->msg[0]);
   28.35 -        break;
   28.36 -    case CMSG_BLKIF_BE_VBD_DESTROY:
   28.37 -        vbd_destroy((blkif_be_vbd_destroy_t *)&msg->msg[0]);
   28.38 -        break;
   28.39 -    default:
   28.40 -        DPRINTK("Parse error while reading message subtype %d, len %d\n",
   28.41 -                msg->subtype, msg->length);
   28.42 -        msg->length = 0;
   28.43 -        break;
   28.44 -    }
   28.45 -
   28.46 -    ctrl_if_send_response(msg);
   28.47 -}
   28.48 -
   28.49 -void blkif_ctrlif_init(void)
   28.50 -{
   28.51 -    ctrl_msg_t cmsg;
   28.52 -    blkif_be_driver_status_t st;
   28.53 -
   28.54 -    (void)ctrl_if_register_receiver(CMSG_BLKIF_BE, blkif_ctrlif_rx, 
   28.55 -                                    CALLBACK_IN_BLOCKING_CONTEXT);
   28.56 -
   28.57 -    /* Send a driver-UP notification to the domain controller. */
   28.58 -    cmsg.type      = CMSG_BLKIF_BE;
   28.59 -    cmsg.subtype   = CMSG_BLKIF_BE_DRIVER_STATUS;
   28.60 -    cmsg.length    = sizeof(blkif_be_driver_status_t);
   28.61 -    st.status      = BLKIF_DRIVER_STATUS_UP;
   28.62 -    memcpy(cmsg.msg, &st, sizeof(st));
   28.63 -    ctrl_if_send_message_block(&cmsg, NULL, 0, TASK_UNINTERRUPTIBLE);
   28.64 -}
    29.1 --- a/linux-2.6-xen-sparse/drivers/xen/blkback/interface.c	Thu Aug 18 10:40:02 2005 -0800
    29.2 +++ b/linux-2.6-xen-sparse/drivers/xen/blkback/interface.c	Fri Aug 19 10:19:28 2005 -0800
    29.3 @@ -7,46 +7,149 @@
    29.4   */
    29.5  
    29.6  #include "common.h"
    29.7 +#include <asm-xen/ctrl_if.h>
    29.8 +#include <asm-xen/evtchn.h>
    29.9  
   29.10  #if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,0)
   29.11  #define VMALLOC_VMADDR(x) ((unsigned long)(x))
   29.12  #endif
   29.13  
   29.14  #define BLKIF_HASHSZ 1024
   29.15 -#define BLKIF_HASH(_d,_h) (((int)(_d)^(int)(_h))&(BLKIF_HASHSZ-1))
   29.16 +#define BLKIF_HASH(_d) (((int)(_d))&(BLKIF_HASHSZ-1))
   29.17  
   29.18  static kmem_cache_t *blkif_cachep;
   29.19  static blkif_t      *blkif_hash[BLKIF_HASHSZ];
   29.20  
   29.21 -blkif_t *blkif_find_by_handle(domid_t domid, unsigned int handle)
   29.22 +blkif_t *blkif_find(domid_t domid)
   29.23  {
   29.24 -    blkif_t *blkif = blkif_hash[BLKIF_HASH(domid, handle)];
   29.25 -    while ( (blkif != NULL) && 
   29.26 -            ((blkif->domid != domid) || (blkif->handle != handle)) )
   29.27 +    blkif_t *blkif = blkif_hash[BLKIF_HASH(domid)];
   29.28 +
   29.29 +    while (blkif) {
   29.30 +	if (blkif->domid == domid) {
   29.31 +	    blkif_get(blkif);
   29.32 +	    return blkif;
   29.33 +	}
   29.34          blkif = blkif->hash_next;
   29.35 +    }
   29.36 +
   29.37 +    blkif = kmem_cache_alloc(blkif_cachep, GFP_KERNEL);
   29.38 +    if (!blkif)
   29.39 +	    return ERR_PTR(-ENOMEM);
   29.40 +
   29.41 +    memset(blkif, 0, sizeof(*blkif));
   29.42 +    blkif->domid = domid;
   29.43 +    blkif->status = DISCONNECTED;
   29.44 +    spin_lock_init(&blkif->vbd_lock);
   29.45 +    spin_lock_init(&blkif->blk_ring_lock);
   29.46 +    atomic_set(&blkif->refcnt, 1);
   29.47 +
   29.48 +    blkif->hash_next = blkif_hash[BLKIF_HASH(domid)];
   29.49 +    blkif_hash[BLKIF_HASH(domid)] = blkif;
   29.50      return blkif;
   29.51  }
   29.52  
   29.53 +#ifndef CONFIG_XEN_BLKDEV_GRANT
   29.54 +static int map_frontend_page(blkif_t *blkif, unsigned long localaddr,
   29.55 +			     unsigned long shared_page)
   29.56 +{
   29.57 +    return direct_remap_area_pages(&init_mm, localaddr,
   29.58 +				   shared_page<<PAGE_SHIFT, PAGE_SIZE,
   29.59 +				   __pgprot(_KERNPG_TABLE), blkif->domid);
   29.60 +}
   29.61 +
   29.62 +static void unmap_frontend_page(blkif_t *blkif)
   29.63 +{
   29.64 +}
   29.65 +#else
   29.66 +static int map_frontend_page(blkif_t *blkif, unsigned long localaddr,
   29.67 +			     unsigned long shared_page)
   29.68 +{
   29.69 +    struct gnttab_map_grant_ref op;
   29.70 +    op.host_addr = localaddr;
   29.71 +    op.flags = GNTMAP_host_map;
   29.72 +    op.ref = shared_page;
   29.73 +    op.dom = blkif->domid;
   29.74 +       
   29.75 +    BUG_ON( HYPERVISOR_grant_table_op(GNTTABOP_map_grant_ref, &op, 1) );
   29.76 +
   29.77 +    if (op.handle < 0) {
   29.78 +	DPRINTK(" Grant table operation failure !\n");
   29.79 +	return op.handle;
   29.80 +    }
   29.81 +
   29.82 +    blkif->shmem_ref = shared_page;
   29.83 +    blkif->shmem_handle = op.handle;
   29.84 +    blkif->shmem_vaddr = localaddr;
   29.85 +    return 0;
   29.86 +}
   29.87 +
   29.88 +static void unmap_frontend_page(blkif_t *blkif)
   29.89 +{
   29.90 +    struct gnttab_unmap_grant_ref op;
   29.91 +
   29.92 +    op.host_addr = blkif->shmem_vaddr;
   29.93 +    op.handle = blkif->shmem_handle;
   29.94 +    op.dev_bus_addr = 0;
   29.95 +    BUG_ON(HYPERVISOR_grant_table_op(GNTTABOP_unmap_grant_ref, &op, 1));
   29.96 +}
   29.97 +#endif /* CONFIG_XEN_BLKDEV_GRANT */
   29.98 +
   29.99 +int blkif_map(blkif_t *blkif, unsigned long shared_page, unsigned int evtchn)
  29.100 +{
  29.101 +    struct vm_struct *vma;
  29.102 +    blkif_sring_t *sring;
  29.103 +    evtchn_op_t op = { .cmd = EVTCHNOP_bind_interdomain };
  29.104 +    int err;
  29.105 +
  29.106 +    BUG_ON(blkif->remote_evtchn);
  29.107 +
  29.108 +    if ( (vma = get_vm_area(PAGE_SIZE, VM_IOREMAP)) == NULL )
  29.109 +	return -ENOMEM;
  29.110 +
  29.111 +    err = map_frontend_page(blkif, VMALLOC_VMADDR(vma->addr), shared_page);
  29.112 +    if (err) {
  29.113 +        vfree(vma->addr);
  29.114 +	return err;
  29.115 +    }
  29.116 +
  29.117 +    op.u.bind_interdomain.dom1 = DOMID_SELF;
  29.118 +    op.u.bind_interdomain.dom2 = blkif->domid;
  29.119 +    op.u.bind_interdomain.port1 = 0;
  29.120 +    op.u.bind_interdomain.port2 = evtchn;
  29.121 +    err = HYPERVISOR_event_channel_op(&op);
  29.122 +    if (err) {
  29.123 +	unmap_frontend_page(blkif);
  29.124 +	vfree(vma->addr);
  29.125 +	return err;
  29.126 +    }
  29.127 +
  29.128 +    blkif->evtchn = op.u.bind_interdomain.port1;
  29.129 +    blkif->remote_evtchn = evtchn;
  29.130 +
  29.131 +    sring = (blkif_sring_t *)vma->addr;
  29.132 +    SHARED_RING_INIT(sring);
  29.133 +    BACK_RING_INIT(&blkif->blk_ring, sring, PAGE_SIZE);
  29.134 +
  29.135 +    bind_evtchn_to_irqhandler(blkif->evtchn, blkif_be_int, 0, "blkif-backend",
  29.136 +			      blkif);
  29.137 +    blkif->status        = CONNECTED;
  29.138 +    blkif->shmem_frame   = shared_page;
  29.139 +
  29.140 +    return 0;
  29.141 +}
  29.142 +
  29.143  static void __blkif_disconnect_complete(void *arg)
  29.144  {
  29.145      blkif_t              *blkif = (blkif_t *)arg;
  29.146      ctrl_msg_t            cmsg;
  29.147      blkif_be_disconnect_t disc;
  29.148 -#ifdef CONFIG_XEN_BLKDEV_GRANT
  29.149 -    struct gnttab_unmap_grant_ref op;
  29.150 -#endif
  29.151  
  29.152      /*
  29.153       * These can't be done in blkif_disconnect() because at that point there
  29.154       * may be outstanding requests at the disc whose asynchronous responses
  29.155       * must still be notified to the remote driver.
  29.156       */
  29.157 -#ifdef CONFIG_XEN_BLKDEV_GRANT
  29.158 -    op.host_addr      = blkif->shmem_vaddr;
  29.159 -    op.handle         = blkif->shmem_handle;
  29.160 -    op.dev_bus_addr   = 0;
  29.161 -    BUG_ON(HYPERVISOR_grant_table_op(GNTTABOP_unmap_grant_ref, &op, 1));
  29.162 -#endif
  29.163 +    unmap_frontend_page(blkif);
  29.164      vfree(blkif->blk_ring.sring);
  29.165  
  29.166      /* Construct the deferred response message. */
  29.167 @@ -81,200 +184,35 @@ void blkif_disconnect_complete(blkif_t *
  29.168      schedule_work(&blkif->work);
  29.169  }
  29.170  
  29.171 -void blkif_create(blkif_be_create_t *create)
  29.172 +void free_blkif(blkif_t *blkif)
  29.173  {
  29.174 -    domid_t       domid  = create->domid;
  29.175 -    unsigned int  handle = create->blkif_handle;
  29.176 -    blkif_t     **pblkif, *blkif;
  29.177 +    blkif_t     **pblkif;
  29.178 +    evtchn_op_t op = { .cmd = EVTCHNOP_close };
  29.179  
  29.180 -    if ( (blkif = kmem_cache_alloc(blkif_cachep, GFP_KERNEL)) == NULL )
  29.181 -    {
  29.182 -        DPRINTK("Could not create blkif: out of memory\n");
  29.183 -        create->status = BLKIF_BE_STATUS_OUT_OF_MEMORY;
  29.184 -        return;
  29.185 +    op.u.close.port = blkif->evtchn;
  29.186 +    op.u.close.dom = DOMID_SELF;
  29.187 +    HYPERVISOR_event_channel_op(&op);
  29.188 +    op.u.close.port = blkif->remote_evtchn;
  29.189 +    op.u.close.dom = blkif->domid;
  29.190 +    HYPERVISOR_event_channel_op(&op);
  29.191 +
  29.192 +    if (blkif->evtchn)
  29.193 +        unbind_evtchn_from_irqhandler(blkif->evtchn, blkif);
  29.194 +
  29.195 +    if (blkif->blk_ring.sring) {
  29.196 +	unmap_frontend_page(blkif);
  29.197 +	vfree(blkif->blk_ring.sring);
  29.198      }
  29.199  
  29.200 -    memset(blkif, 0, sizeof(*blkif));
  29.201 -    blkif->domid  = domid;
  29.202 -    blkif->handle = handle;
  29.203 -    blkif->status = DISCONNECTED;
  29.204 -    spin_lock_init(&blkif->vbd_lock);
  29.205 -    spin_lock_init(&blkif->blk_ring_lock);
  29.206 -    atomic_set(&blkif->refcnt, 0);
  29.207 -
  29.208 -    pblkif = &blkif_hash[BLKIF_HASH(domid, handle)];
  29.209 -    while ( *pblkif != NULL )
  29.210 +    pblkif = &blkif_hash[BLKIF_HASH(blkif->domid)];
  29.211 +    while ( *pblkif != blkif )
  29.212      {
  29.213 -        if ( ((*pblkif)->domid == domid) && ((*pblkif)->handle == handle) )
  29.214 -        {
  29.215 -            DPRINTK("Could not create blkif: already exists\n");
  29.216 -            create->status = BLKIF_BE_STATUS_INTERFACE_EXISTS;
  29.217 -            kmem_cache_free(blkif_cachep, blkif);
  29.218 -            return;
  29.219 -        }
  29.220 +	BUG_ON(!*pblkif);
  29.221          pblkif = &(*pblkif)->hash_next;
  29.222      }
  29.223 -
  29.224 -    blkif->hash_next = *pblkif;
  29.225 -    *pblkif = blkif;
  29.226 -
  29.227 -    DPRINTK("Successfully created blkif\n");
  29.228 -    create->status = BLKIF_BE_STATUS_OKAY;
  29.229 -}
  29.230 -
  29.231 -void blkif_destroy(blkif_be_destroy_t *destroy)
  29.232 -{
  29.233 -    domid_t       domid  = destroy->domid;
  29.234 -    unsigned int  handle = destroy->blkif_handle;
  29.235 -    blkif_t     **pblkif, *blkif;
  29.236 -
  29.237 -    pblkif = &blkif_hash[BLKIF_HASH(domid, handle)];
  29.238 -    while ( (blkif = *pblkif) != NULL )
  29.239 -    {
  29.240 -        if ( (blkif->domid == domid) && (blkif->handle == handle) )
  29.241 -        {
  29.242 -            if ( blkif->status != DISCONNECTED )
  29.243 -                goto still_connected;
  29.244 -            goto destroy;
  29.245 -        }
  29.246 -        pblkif = &blkif->hash_next;
  29.247 -    }
  29.248 -
  29.249 -    destroy->status = BLKIF_BE_STATUS_INTERFACE_NOT_FOUND;
  29.250 -    return;
  29.251 -
  29.252 - still_connected:
  29.253 -    destroy->status = BLKIF_BE_STATUS_INTERFACE_CONNECTED;
  29.254 -    return;
  29.255 -
  29.256 - destroy:
  29.257      *pblkif = blkif->hash_next;
  29.258      destroy_all_vbds(blkif);
  29.259      kmem_cache_free(blkif_cachep, blkif);
  29.260 -    destroy->status = BLKIF_BE_STATUS_OKAY;
  29.261 -}
  29.262 -
  29.263 -void blkif_connect(blkif_be_connect_t *connect)
  29.264 -{
  29.265 -    domid_t        domid  = connect->domid;
  29.266 -    unsigned int   handle = connect->blkif_handle;
  29.267 -    unsigned int   evtchn = connect->evtchn;
  29.268 -    unsigned long  shmem_frame = connect->shmem_frame;
  29.269 -    struct vm_struct *vma;
  29.270 -#ifdef CONFIG_XEN_BLKDEV_GRANT
  29.271 -    int ref = connect->shmem_ref;
  29.272 -#else
  29.273 -    pgprot_t       prot;
  29.274 -    int            error;
  29.275 -#endif
  29.276 -    blkif_t       *blkif;
  29.277 -    blkif_sring_t *sring;
  29.278 -
  29.279 -    blkif = blkif_find_by_handle(domid, handle);
  29.280 -    if ( unlikely(blkif == NULL) )
  29.281 -    {
  29.282 -        DPRINTK("blkif_connect attempted for non-existent blkif (%u,%u)\n", 
  29.283 -                connect->domid, connect->blkif_handle); 
  29.284 -        connect->status = BLKIF_BE_STATUS_INTERFACE_NOT_FOUND;
  29.285 -        return;
  29.286 -    }
  29.287 -
  29.288 -    if ( (vma = get_vm_area(PAGE_SIZE, VM_IOREMAP)) == NULL )
  29.289 -    {
  29.290 -        connect->status = BLKIF_BE_STATUS_OUT_OF_MEMORY;
  29.291 -        return;
  29.292 -    }
  29.293 -
  29.294 -#ifndef CONFIG_XEN_BLKDEV_GRANT
  29.295 -    prot = __pgprot(_KERNPG_TABLE);
  29.296 -    error = direct_remap_area_pages(&init_mm, VMALLOC_VMADDR(vma->addr),
  29.297 -                                    shmem_frame<<PAGE_SHIFT, PAGE_SIZE,
  29.298 -                                    prot, domid);
  29.299 -    if ( error != 0 )
  29.300 -    {
  29.301 -        if ( error == -ENOMEM )
  29.302 -            connect->status = BLKIF_BE_STATUS_OUT_OF_MEMORY;
  29.303 -        else if ( error == -EFAULT )
  29.304 -            connect->status = BLKIF_BE_STATUS_MAPPING_ERROR;
  29.305 -        else
  29.306 -            connect->status = BLKIF_BE_STATUS_ERROR;
  29.307 -        vfree(vma->addr);
  29.308 -        return;
  29.309 -    }
  29.310 -#else
  29.311 -    { /* Map: Use the Grant table reference */
  29.312 -        struct gnttab_map_grant_ref op;
  29.313 -        op.host_addr      = VMALLOC_VMADDR(vma->addr);
  29.314 -        op.flags          = GNTMAP_host_map;
  29.315 -        op.ref            = ref;
  29.316 -        op.dom            = domid;
  29.317 -       
  29.318 -        BUG_ON( HYPERVISOR_grant_table_op(GNTTABOP_map_grant_ref, &op, 1) );
  29.319 -       
  29.320 -        handle = op.handle;
  29.321 -       
  29.322 -        if (op.handle < 0) {
  29.323 -            DPRINTK(" Grant table operation failure !\n");
  29.324 -            connect->status = BLKIF_BE_STATUS_MAPPING_ERROR;
  29.325 -            vfree(vma->addr);
  29.326 -            return;
  29.327 -        }
  29.328 -
  29.329 -        blkif->shmem_ref = ref;
  29.330 -        blkif->shmem_handle = handle;
  29.331 -        blkif->shmem_vaddr = VMALLOC_VMADDR(vma->addr);
  29.332 -    }
  29.333 -#endif
  29.334 -
  29.335 -    if ( blkif->status != DISCONNECTED )
  29.336 -    {
  29.337 -        connect->status = BLKIF_BE_STATUS_INTERFACE_CONNECTED;
  29.338 -        vfree(vma->addr);
  29.339 -        return;
  29.340 -    }
  29.341 -    sring = (blkif_sring_t *)vma->addr;
  29.342 -    SHARED_RING_INIT(sring);
  29.343 -    BACK_RING_INIT(&blkif->blk_ring, sring, PAGE_SIZE);
  29.344 -    
  29.345 -    blkif->evtchn        = evtchn;
  29.346 -    blkif->shmem_frame   = shmem_frame;
  29.347 -    blkif->status        = CONNECTED;
  29.348 -    blkif_get(blkif);
  29.349 -
  29.350 -    bind_evtchn_to_irqhandler(
  29.351 -        blkif->evtchn, blkif_be_int, 0, "blkif-backend", blkif);
  29.352 -
  29.353 -    connect->status = BLKIF_BE_STATUS_OKAY;
  29.354 -}
  29.355 -
  29.356 -int blkif_disconnect(blkif_be_disconnect_t *disconnect, u8 rsp_id)
  29.357 -{
  29.358 -    domid_t       domid  = disconnect->domid;
  29.359 -    unsigned int  handle = disconnect->blkif_handle;
  29.360 -    blkif_t      *blkif;
  29.361 -
  29.362 -    blkif = blkif_find_by_handle(domid, handle);
  29.363 -    if ( unlikely(blkif == NULL) )
  29.364 -    {
  29.365 -        DPRINTK("blkif_disconnect attempted for non-existent blkif"
  29.366 -                " (%u,%u)\n", disconnect->domid, disconnect->blkif_handle); 
  29.367 -        disconnect->status = BLKIF_BE_STATUS_INTERFACE_NOT_FOUND;
  29.368 -        return 1; /* Caller will send response error message. */
  29.369 -    }
  29.370 -
  29.371 -    if ( blkif->status == CONNECTED )
  29.372 -    {
  29.373 -        blkif->status = DISCONNECTING;
  29.374 -        blkif->disconnect_rspid = rsp_id;
  29.375 -        wmb(); /* Let other CPUs see the status change. */
  29.376 -        unbind_evtchn_from_irqhandler(blkif->evtchn, blkif);
  29.377 -        blkif_deschedule(blkif);
  29.378 -        blkif_put(blkif);
  29.379 -        return 0; /* Caller should not send response message. */
  29.380 -    }
  29.381 -
  29.382 -    disconnect->status = BLKIF_BE_STATUS_OKAY;
  29.383 -    return 1;
  29.384  }
  29.385  
  29.386  void __init blkif_interface_init(void)
    30.1 --- a/linux-2.6-xen-sparse/drivers/xen/blkback/vbd.c	Thu Aug 18 10:40:02 2005 -0800
    30.2 +++ b/linux-2.6-xen-sparse/drivers/xen/blkback/vbd.c	Fri Aug 19 10:19:28 2005 -0800
    30.3 @@ -11,13 +11,16 @@
    30.4   */
    30.5  
    30.6  #include "common.h"
    30.7 +#include <asm-xen/xenbus.h>
    30.8  
    30.9  struct vbd { 
   30.10 -    blkif_vdev_t   vdevice;     /* what the domain refers to this vbd as */
   30.11 +    blkif_vdev_t   handle;     /* what the domain refers to this vbd as */
   30.12      unsigned char  readonly;    /* Non-zero -> read-only */
   30.13      unsigned char  type;        /* VDISK_xxx */
   30.14      blkif_pdev_t   pdevice;     /* phys device that this vbd maps to */
   30.15      struct block_device *bdev;
   30.16 +
   30.17 +    int active;
   30.18      rb_node_t      rb;          /* for linking into R-B tree lookup struct */
   30.19  }; 
   30.20  
   30.21 @@ -33,57 +36,45 @@ static inline dev_t vbd_map_devnum(blkif
   30.22  #define bdev_hardsect_size(_b) 512
   30.23  #endif
   30.24  
   30.25 -void vbd_create(blkif_be_vbd_create_t *create) 
   30.26 +unsigned long vbd_size(struct vbd *vbd)
   30.27 +{
   30.28 +	return vbd_sz(vbd);
   30.29 +}
   30.30 +
   30.31 +unsigned int vbd_info(struct vbd *vbd)
   30.32 +{
   30.33 +	return vbd->type | (vbd->readonly?VDISK_READONLY:0);
   30.34 +}
   30.35 +
   30.36 +unsigned long vbd_secsize(struct vbd *vbd)
   30.37 +{
   30.38 +	return bdev_hardsect_size(vbd->bdev);
   30.39 +}
   30.40 +
   30.41 +int vbd_is_active(struct vbd *vbd)
   30.42 +{
   30.43 +	return vbd->active;
   30.44 +}
   30.45 +
   30.46 +struct vbd *vbd_create(blkif_t *blkif, blkif_vdev_t handle,
   30.47 +		       blkif_pdev_t pdevice, int readonly)
   30.48  {
   30.49      struct vbd  *vbd; 
   30.50 -    rb_node_t  **rb_p, *rb_parent = NULL;
   30.51 -    blkif_t     *blkif;
   30.52 -    blkif_vdev_t vdevice = create->vdevice;
   30.53 -
   30.54 -    blkif = blkif_find_by_handle(create->domid, create->blkif_handle);
   30.55 -    if ( unlikely(blkif == NULL) )
   30.56 -    {
   30.57 -        DPRINTK("vbd_create attempted for non-existent blkif (%u,%u)\n", 
   30.58 -                create->domid, create->blkif_handle); 
   30.59 -        create->status = BLKIF_BE_STATUS_INTERFACE_NOT_FOUND;
   30.60 -        return;
   30.61 -    }
   30.62 -
   30.63 -    rb_p = &blkif->vbd_rb.rb_node;
   30.64 -    while ( *rb_p != NULL )
   30.65 -    {
   30.66 -        rb_parent = *rb_p;
   30.67 -        vbd = rb_entry(rb_parent, struct vbd, rb);
   30.68 -        if ( vdevice < vbd->vdevice )
   30.69 -        {
   30.70 -            rb_p = &rb_parent->rb_left;
   30.71 -        }
   30.72 -        else if ( vdevice > vbd->vdevice )
   30.73 -        {
   30.74 -            rb_p = &rb_parent->rb_right;
   30.75 -        }
   30.76 -        else
   30.77 -        {
   30.78 -            DPRINTK("vbd_create attempted for already existing vbd\n");
   30.79 -            create->status = BLKIF_BE_STATUS_VBD_EXISTS;
   30.80 -            return;
   30.81 -        }
   30.82 -    }
   30.83  
   30.84      if ( unlikely((vbd = kmalloc(sizeof(struct vbd), GFP_KERNEL)) == NULL) )
   30.85      {
   30.86          DPRINTK("vbd_create: out of memory\n");
   30.87 -        create->status = BLKIF_BE_STATUS_OUT_OF_MEMORY;
   30.88 -        return;
   30.89 +	return ERR_PTR(-ENOMEM);
   30.90      }
   30.91  
   30.92 -    vbd->vdevice  = vdevice; 
   30.93 -    vbd->readonly = create->readonly;
   30.94 +    vbd->handle   = handle; 
   30.95 +    vbd->readonly = readonly;
   30.96      vbd->type     = 0;
   30.97 +    vbd->active   = 0;
   30.98  
   30.99 -    /* Mask to 16-bit for compatibility with old tools */
  30.100 -    vbd->pdevice  = create->pdevice & 0xffff;
  30.101 +    vbd->pdevice  = pdevice;
  30.102  
  30.103 +    /* FIXME: Who frees vbd on failure? --RR */
  30.104  #if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,0)
  30.105      vbd->bdev = open_by_devnum(
  30.106          vbd_map_devnum(vbd->pdevice),
  30.107 @@ -91,16 +82,14 @@ void vbd_create(blkif_be_vbd_create_t *c
  30.108      if ( IS_ERR(vbd->bdev) )
  30.109      {
  30.110          DPRINTK("vbd_creat: device %08x doesn't exist.\n", vbd->pdevice);
  30.111 -        create->status = BLKIF_BE_STATUS_PHYSDEV_NOT_FOUND;
  30.112 -        return;
  30.113 +        return ERR_PTR(-ENOENT);
  30.114      }
  30.115  
  30.116      if ( (vbd->bdev->bd_disk == NULL) )
  30.117      {
  30.118          DPRINTK("vbd_creat: device %08x doesn't exist.\n", vbd->pdevice);
  30.119 -        create->status = BLKIF_BE_STATUS_PHYSDEV_NOT_FOUND;
  30.120          bdev_put(vbd->bdev);
  30.121 -        return;
  30.122 +        return ERR_PTR(-ENOENT);
  30.123      }
  30.124  
  30.125      if ( vbd->bdev->bd_disk->flags & GENHD_FL_CD )
  30.126 @@ -112,62 +101,64 @@ void vbd_create(blkif_be_vbd_create_t *c
  30.127      if ( (blk_size[MAJOR(vbd->pdevice)] == NULL) || (vbd_sz(vbd) == 0) )
  30.128      {
  30.129          DPRINTK("vbd_creat: device %08x doesn't exist.\n", vbd->pdevice);
  30.130 -        create->status = BLKIF_BE_STATUS_PHYSDEV_NOT_FOUND;
  30.131 -        return;
  30.132 +        return ERR_PTR(-ENOENT);
  30.133      }
  30.134  #endif
  30.135  
  30.136 +    DPRINTK("Successful creation of handle=%04x (dom=%u)\n",
  30.137 +            handle, blkif->domid);
  30.138 +    return vbd;
  30.139 +}
  30.140 +
  30.141 +void vbd_activate(blkif_t *blkif, struct vbd *vbd)
  30.142 +{
  30.143 +    rb_node_t  **rb_p, *rb_parent = NULL;
  30.144 +    struct vbd *i;
  30.145 +    BUG_ON(vbd_is_active(vbd));
  30.146 +
  30.147 +    /* Find where to put it. */
  30.148 +    rb_p = &blkif->vbd_rb.rb_node;
  30.149 +    while ( *rb_p != NULL )
  30.150 +    {
  30.151 +        rb_parent = *rb_p;
  30.152 +        i = rb_entry(rb_parent, struct vbd, rb);
  30.153 +        if ( vbd->handle < i->handle )
  30.154 +        {
  30.155 +            rb_p = &rb_parent->rb_left;
  30.156 +        }
  30.157 +        else if ( vbd->handle > i->handle )
  30.158 +        {
  30.159 +            rb_p = &rb_parent->rb_right;
  30.160 +        }
  30.161 +        else
  30.162 +        {
  30.163 +	    /* We never create two of same vbd, so not possible. */
  30.164 +	    BUG();
  30.165 +        }
  30.166 +    }
  30.167 +
  30.168 +    /* Now we're active. */
  30.169 +    vbd->active = 1;
  30.170 +    blkif_get(blkif);
  30.171 +
  30.172      spin_lock(&blkif->vbd_lock);
  30.173      rb_link_node(&vbd->rb, rb_parent, rb_p);
  30.174      rb_insert_color(&vbd->rb, &blkif->vbd_rb);
  30.175      spin_unlock(&blkif->vbd_lock);
  30.176 -
  30.177 -    DPRINTK("Successful creation of vdev=%04x (dom=%u)\n",
  30.178 -            vdevice, create->domid);
  30.179 -    create->status = BLKIF_BE_STATUS_OKAY;
  30.180  }
  30.181  
  30.182 -
  30.183 -void vbd_destroy(blkif_be_vbd_destroy_t *destroy) 
  30.184 +void vbd_free(blkif_t *blkif, struct vbd *vbd)
  30.185  {
  30.186 -    blkif_t           *blkif;
  30.187 -    struct vbd        *vbd;
  30.188 -    rb_node_t         *rb;
  30.189 -    blkif_vdev_t       vdevice = destroy->vdevice;
  30.190 -
  30.191 -    blkif = blkif_find_by_handle(destroy->domid, destroy->blkif_handle);
  30.192 -    if ( unlikely(blkif == NULL) )
  30.193 -    {
  30.194 -        DPRINTK("vbd_destroy attempted for non-existent blkif (%u,%u)\n", 
  30.195 -                destroy->domid, destroy->blkif_handle); 
  30.196 -        destroy->status = BLKIF_BE_STATUS_INTERFACE_NOT_FOUND;
  30.197 -        return;
  30.198 +    if (vbd_is_active(vbd)) {
  30.199 +	spin_lock(&blkif->vbd_lock);
  30.200 +	rb_erase(&vbd->rb, &blkif->vbd_rb);
  30.201 +	spin_unlock(&blkif->vbd_lock);
  30.202 +	blkif_put(blkif);
  30.203      }
  30.204 -
  30.205 -    rb = blkif->vbd_rb.rb_node;
  30.206 -    while ( rb != NULL )
  30.207 -    {
  30.208 -        vbd = rb_entry(rb, struct vbd, rb);
  30.209 -        if ( vdevice < vbd->vdevice )
  30.210 -            rb = rb->rb_left;
  30.211 -        else if ( vdevice > vbd->vdevice )
  30.212 -            rb = rb->rb_right;
  30.213 -        else
  30.214 -            goto found;
  30.215 -    }
  30.216 -
  30.217 -    destroy->status = BLKIF_BE_STATUS_VBD_NOT_FOUND;
  30.218 -    return;
  30.219 -
  30.220 - found:
  30.221 -    spin_lock(&blkif->vbd_lock);
  30.222 -    rb_erase(rb, &blkif->vbd_rb);
  30.223 -    spin_unlock(&blkif->vbd_lock);
  30.224      bdev_put(vbd->bdev);
  30.225      kfree(vbd);
  30.226  }
  30.227  
  30.228 -
  30.229  void destroy_all_vbds(blkif_t *blkif)
  30.230  {
  30.231      struct vbd *vbd;
  30.232 @@ -183,74 +174,12 @@ void destroy_all_vbds(blkif_t *blkif)
  30.233          bdev_put(vbd->bdev);
  30.234          kfree(vbd);
  30.235          spin_lock(&blkif->vbd_lock);
  30.236 +        blkif_put(blkif);
  30.237      }
  30.238  
  30.239      spin_unlock(&blkif->vbd_lock);
  30.240  }
  30.241  
  30.242 -
  30.243 -static void vbd_probe_single(
  30.244 -    blkif_t *blkif, vdisk_t *vbd_info, struct vbd *vbd)
  30.245 -{
  30.246 -    vbd_info->device      = vbd->vdevice; 
  30.247 -    vbd_info->info        = vbd->type | (vbd->readonly ? VDISK_READONLY : 0);
  30.248 -    vbd_info->capacity    = vbd_sz(vbd);
  30.249 -    vbd_info->sector_size = bdev_hardsect_size(vbd->bdev);
  30.250 -}
  30.251 -
  30.252 -
  30.253 -int vbd_probe(blkif_t *blkif, vdisk_t *vbd_info, int max_vbds)
  30.254 -{
  30.255 -    int        rc = 0, nr_vbds = 0;
  30.256 -    rb_node_t *rb;
  30.257 -
  30.258 -    spin_lock(&blkif->vbd_lock);
  30.259 -
  30.260 -    if ( (rb = blkif->vbd_rb.rb_node) == NULL )
  30.261 -        goto out;
  30.262 -
  30.263 - new_subtree:
  30.264 -    /* STEP 1. Find least node (it'll be left-most). */
  30.265 -    while ( rb->rb_left != NULL )
  30.266 -        rb = rb->rb_left;
  30.267 -
  30.268 -    for ( ; ; )
  30.269 -    {
  30.270 -        /* STEP 2. Dealt with left subtree. Now process current node. */
  30.271 -        vbd_probe_single(blkif, &vbd_info[nr_vbds],
  30.272 -                         rb_entry(rb, struct vbd, rb));
  30.273 -        if ( ++nr_vbds == max_vbds )
  30.274 -            goto out;
  30.275 -
  30.276 -        /* STEP 3. Process right subtree, if any. */
  30.277 -        if ( rb->rb_right != NULL )
  30.278 -        {
  30.279 -            rb = rb->rb_right;
  30.280 -            goto new_subtree;
  30.281 -        }
  30.282 -
  30.283 -        /* STEP 4. Done both subtrees. Head back through ancesstors. */
  30.284 -        for ( ; ; ) 
  30.285 -        {
  30.286 -            /* We're done when we get back to the root node. */
  30.287 -            if ( rb->rb_parent == NULL )
  30.288 -                goto out;
  30.289 -            /* If we are left of parent, then parent is next to process. */
  30.290 -            if ( rb->rb_parent->rb_left == rb )
  30.291 -                break;
  30.292 -            /* If we are right of parent, then we climb to grandparent. */
  30.293 -            rb = rb->rb_parent;
  30.294 -        }
  30.295 -
  30.296 -        rb = rb->rb_parent;
  30.297 -    }
  30.298 -
  30.299 - out:
  30.300 -    spin_unlock(&blkif->vbd_lock);
  30.301 -    return (rc == 0) ? nr_vbds : rc;  
  30.302 -}
  30.303 -
  30.304 -
  30.305  int vbd_translate(struct phys_req *req, blkif_t *blkif, int operation)
  30.306  {
  30.307      struct vbd *vbd;
  30.308 @@ -264,9 +193,9 @@ int vbd_translate(struct phys_req *req, 
  30.309      while ( rb != NULL )
  30.310      {
  30.311          vbd = rb_entry(rb, struct vbd, rb);
  30.312 -        if ( req->dev < vbd->vdevice )
  30.313 +        if ( req->dev < vbd->handle )
  30.314              rb = rb->rb_left;
  30.315 -        else if ( req->dev > vbd->vdevice )
  30.316 +        else if ( req->dev > vbd->handle )
  30.317              rb = rb->rb_right;
  30.318          else
  30.319              goto found;
    31.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    31.2 +++ b/linux-2.6-xen-sparse/drivers/xen/blkback/xenbus.c	Fri Aug 19 10:19:28 2005 -0800
    31.3 @@ -0,0 +1,308 @@
    31.4 +/*  Xenbus code for blkif backend
    31.5 +    Copyright (C) 2005 Rusty Russell <rusty@rustcorp.com.au>
    31.6 +
    31.7 +    This program is free software; you can redistribute it and/or modify
    31.8 +    it under the terms of the GNU General Public License as published by
    31.9 +    the Free Software Foundation; either version 2 of the License, or
   31.10 +    (at your option) any later version.
   31.11 +
   31.12 +    This program is distributed in the hope that it will be useful,
   31.13 +    but WITHOUT ANY WARRANTY; without even the implied warranty of
   31.14 +    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
   31.15 +    GNU General Public License for more details.
   31.16 +
   31.17 +    You should have received a copy of the GNU General Public License
   31.18 +    along with this program; if not, write to the Free Software
   31.19 +    Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
   31.20 +*/
   31.21 +#include <stdarg.h>
   31.22 +#include <linux/module.h>
   31.23 +#include <asm-xen/xenbus.h>
   31.24 +#include "common.h"
   31.25 +
   31.26 +struct backend_info
   31.27 +{
   31.28 +	struct xenbus_device *dev;
   31.29 +
   31.30 +	/* our communications channel */
   31.31 +	blkif_t *blkif;
   31.32 +	struct vbd *vbd;
   31.33 +
   31.34 +	long int frontend_id;
   31.35 +	long int pdev;
   31.36 +	long int readonly;
   31.37 +
   31.38 +	/* watch back end for changes */
   31.39 +	struct xenbus_watch backend_watch;
   31.40 +
   31.41 +	/* watch front end for changes */
   31.42 +	struct xenbus_watch watch;
   31.43 +	char *frontpath;
   31.44 +};
   31.45 +
   31.46 +static int blkback_remove(struct xenbus_device *dev)
   31.47 +{
   31.48 +	struct backend_info *be = dev->data;
   31.49 +
   31.50 +	if (be->watch.node)
   31.51 +		unregister_xenbus_watch(&be->watch);
   31.52 +	unregister_xenbus_watch(&be->backend_watch);
   31.53 +	if (be->vbd)
   31.54 +		vbd_free(be->blkif, be->vbd);
   31.55 +	if (be->blkif)
   31.56 +		blkif_put(be->blkif);
   31.57 +	if (be->frontpath)
   31.58 +		kfree(be->frontpath);
   31.59 +	kfree(be);
   31.60 +	return 0;
   31.61 +}
   31.62 +
   31.63 +/* Front end tells us frame. */
   31.64 +static void frontend_changed(struct xenbus_watch *watch, const char *node)
   31.65 +{
   31.66 +	unsigned long sharedmfn;
   31.67 +	unsigned int evtchn;
   31.68 +	int err;
   31.69 +	struct backend_info *be
   31.70 +		= container_of(watch, struct backend_info, watch);
   31.71 +
   31.72 +	/* If other end is gone, delete ourself. */
   31.73 +	if (!xenbus_exists(be->frontpath, "")) {
   31.74 +		xenbus_rm(be->dev->nodename, "");
   31.75 +		device_unregister(&be->dev->dev);
   31.76 +		return;
   31.77 +	}
   31.78 +	if (vbd_is_active(be->vbd))
   31.79 +		return;
   31.80 +
   31.81 +#ifndef CONFIG_XEN_BLKDEV_GRANT
   31.82 +	err = xenbus_gather(be->frontpath, "shared-frame", "%lu", &sharedmfn,
   31.83 +			    "event-channel", "%u", &evtchn, NULL);
   31.84 +	if (err) {
   31.85 +		xenbus_dev_error(be->dev, err, 
   31.86 +				 "reading %s/shared-frame and event-channel",
   31.87 +				 be->frontpath);
   31.88 +		return;
   31.89 +	}
   31.90 +#else
   31.91 +	err = xenbus_gather(be->frontpath, "grant-id", "%lu", &sharedmfn,
   31.92 +			    "event-channel", "%u", &evtchn, NULL);
   31.93 +	if (err) {
   31.94 +		xenbus_dev_error(be->dev, err, 
   31.95 +				 "reading %s/grant-id and event-channel",
   31.96 +				 be->frontpath);
   31.97 +		return;
   31.98 +	}
   31.99 +#endif
  31.100 +
  31.101 +	/* Domains must use same shared frame for all vbds. */
  31.102 +	if (be->blkif->status == CONNECTED &&
  31.103 +	    (evtchn != be->blkif->remote_evtchn ||
  31.104 +	     sharedmfn != be->blkif->shmem_frame)) {
  31.105 +		xenbus_dev_error(be->dev, err,
  31.106 +				 "Shared frame/evtchn %li/%u not same as"
  31.107 +				 " old %li/%u",
  31.108 +				 sharedmfn, evtchn,
  31.109 +				 be->blkif->shmem_frame,
  31.110 +				 be->blkif->remote_evtchn);
  31.111 +		return;
  31.112 +	}
  31.113 +
  31.114 +	/* Supply the information about the device the frontend needs */
  31.115 +	err = xenbus_transaction_start(be->dev->nodename);
  31.116 +	if (err) {
  31.117 +		xenbus_dev_error(be->dev, err, "starting transaction");
  31.118 +		return;
  31.119 +	}
  31.120 +
  31.121 +	err = xenbus_printf(be->dev->nodename, "sectors", "%lu",
  31.122 +			    vbd_size(be->vbd));
  31.123 +	if (err) {
  31.124 +		xenbus_dev_error(be->dev, err, "writing %s/sectors",
  31.125 +				 be->dev->nodename);
  31.126 +		goto abort;
  31.127 +	}
  31.128 +
  31.129 +	/* FIXME: use a typename instead */
  31.130 +	err = xenbus_printf(be->dev->nodename, "info", "%u",
  31.131 +			    vbd_info(be->vbd));
  31.132 +	if (err) {
  31.133 +		xenbus_dev_error(be->dev, err, "writing %s/info",
  31.134 +				 be->dev->nodename);
  31.135 +		goto abort;
  31.136 +	}
  31.137 +	err = xenbus_printf(be->dev->nodename, "sector-size", "%lu",
  31.138 +			    vbd_secsize(be->vbd));
  31.139 +	if (err) {
  31.140 +		xenbus_dev_error(be->dev, err, "writing %s/sector-size",
  31.141 +				 be->dev->nodename);
  31.142 +		goto abort;
  31.143 +	}
  31.144 +
  31.145 +	/* First vbd?  We need to map the shared frame, irq etc. */
  31.146 +	if (be->blkif->status != CONNECTED) {
  31.147 +		err = blkif_map(be->blkif, sharedmfn, evtchn);
  31.148 +		if (err) {
  31.149 +			xenbus_dev_error(be->dev, err,
  31.150 +					 "mapping shared-frame %lu port %u",
  31.151 +					 sharedmfn, evtchn);
  31.152 +			goto abort;
  31.153 +		}
  31.154 +	}
  31.155 +
  31.156 +	/* We're ready, activate. */
  31.157 +	vbd_activate(be->blkif, be->vbd);
  31.158 +
  31.159 +	xenbus_transaction_end(0);
  31.160 +	xenbus_dev_ok(be->dev);
  31.161 +
  31.162 +	return;
  31.163 +
  31.164 +abort:
  31.165 +	xenbus_transaction_end(1);
  31.166 +}
  31.167 +
  31.168 +/* 
  31.169 +   Setup supplies physical device.  
  31.170 +   We provide event channel and device details to front end.
  31.171 +   Frontend supplies shared frame and event channel.
  31.172 + */
  31.173 +static void backend_changed(struct xenbus_watch *watch, const char *node)
  31.174 +{
  31.175 +	int err;
  31.176 +	char *p;
  31.177 +	char *frontend;
  31.178 +	long int handle, pdev;
  31.179 +	struct backend_info *be
  31.180 +		= container_of(watch, struct backend_info, backend_watch);
  31.181 +	struct xenbus_device *dev = be->dev;
  31.182 +
  31.183 +	frontend = NULL;
  31.184 +	err = xenbus_gather(dev->nodename,
  31.185 +			    "frontend-id", "%li", &be->frontend_id,
  31.186 +			    "frontend", NULL, &frontend,
  31.187 +			    NULL);
  31.188 +	if (err == -ENOENT || err == -ERANGE ||
  31.189 +	    strlen(frontend) == 0 || !xenbus_exists(frontend, "")) {
  31.190 +		if (frontend)
  31.191 +			kfree(frontend);
  31.192 +		/* If we can't get a frontend path and a frontend-id,
  31.193 +		 * then our bus-id is no longer valid and we need to
  31.194 +		 * destroy the backend device.
  31.195 +		 */
  31.196 +		goto device_fail;
  31.197 +	}
  31.198 +
  31.199 +	if (!be->frontpath || strcmp(frontend, be->frontpath)) {
  31.200 +		if (be->watch.node)
  31.201 +			unregister_xenbus_watch(&be->watch);
  31.202 +		if (be->frontpath)
  31.203 +			kfree(be->frontpath);
  31.204 +		be->frontpath = frontend;
  31.205 +		be->watch.node = be->frontpath;
  31.206 +		be->watch.callback = frontend_changed;
  31.207 +		err = register_xenbus_watch(&be->watch);
  31.208 +		if (err) {
  31.209 +			be->watch.node = NULL;
  31.210 +			goto device_fail;
  31.211 +		}
  31.212 +	} else
  31.213 +		kfree(frontend);
  31.214 +
  31.215 +	err = xenbus_scanf(dev->nodename, "physical-device", "%li", &pdev);
  31.216 +	if (err == -ENOENT || err == -ERANGE)
  31.217 +		goto out;
  31.218 +	if (err < 0) {
  31.219 +		xenbus_dev_error(dev, err, "Reading physical-device");
  31.220 +		goto device_fail;
  31.221 +	}
  31.222 +	if (be->pdev && be->pdev != pdev) {
  31.223 +		printk(KERN_WARNING
  31.224 +		       "changing physical-device not supported\n");
  31.225 +		goto device_fail;
  31.226 +	}
  31.227 +	be->pdev = pdev;
  31.228 +
  31.229 +	/* If there's a read-only node, we're read only. */
  31.230 +	p = xenbus_read(dev->nodename, "read-only", NULL);
  31.231 +	if (!IS_ERR(p)) {
  31.232 +		be->readonly = 1;
  31.233 +		kfree(p);
  31.234 +	}
  31.235 +
  31.236 +	if (be->blkif == NULL) {
  31.237 +		/* Front end dir is a number, which is used as the handle. */
  31.238 +		p = strrchr(be->frontpath, '/') + 1;
  31.239 +		handle = simple_strtoul(p, NULL, 0);
  31.240 +
  31.241 +		be->blkif = blkif_find(be->frontend_id);
  31.242 +		if (IS_ERR(be->blkif)) {
  31.243 +			err = PTR_ERR(be->blkif);
  31.244 +			be->blkif = NULL;
  31.245 +			goto device_fail;
  31.246 +		}
  31.247 +
  31.248 +		be->vbd = vbd_create(be->blkif, handle, be->pdev,
  31.249 +				     be->readonly);
  31.250 +		if (IS_ERR(be->vbd)) {
  31.251 +			err = PTR_ERR(be->vbd);
  31.252 +			be->vbd = NULL;
  31.253 +			goto device_fail;
  31.254 +		}
  31.255 +
  31.256 +		frontend_changed(&be->watch, be->frontpath);
  31.257 +	}
  31.258 +
  31.259 +	return;
  31.260 +
  31.261 + device_fail:
  31.262 +	device_unregister(&be->dev->dev);
  31.263 + out:
  31.264 +	return;
  31.265 +}
  31.266 +
  31.267 +static int blkback_probe(struct xenbus_device *dev,
  31.268 +			 const struct xenbus_device_id *id)
  31.269 +{
  31.270 +	struct backend_info *be;
  31.271 +	int err;
  31.272 +
  31.273 +	be = kmalloc(sizeof(*be), GFP_KERNEL);
  31.274 +	if (!be)
  31.275 +		return -ENOMEM;
  31.276 +
  31.277 +	memset(be, 0, sizeof(*be));
  31.278 +
  31.279 +	be->dev = dev;
  31.280 +	be->backend_watch.node = dev->nodename;
  31.281 +	be->backend_watch.callback = backend_changed;
  31.282 +	err = register_xenbus_watch(&be->backend_watch);
  31.283 +	if (err)
  31.284 +		goto free_be;
  31.285 +
  31.286 +	dev->data = be;
  31.287 +
  31.288 +	backend_changed(&be->backend_watch, dev->nodename);
  31.289 +	return err;
  31.290 + free_be:
  31.291 +	kfree(be);
  31.292 +	return err;
  31.293 +}
  31.294 +
  31.295 +static struct xenbus_device_id blkback_ids[] = {
  31.296 +	{ "vbd" },
  31.297 +	{ "" }
  31.298 +};
  31.299 +
  31.300 +static struct xenbus_driver blkback = {
  31.301 +	.name = "vbd",
  31.302 +	.owner = THIS_MODULE,
  31.303 +	.ids = blkback_ids,
  31.304 +	.probe = blkback_probe,
  31.305 +	.remove = blkback_remove,
  31.306 +};
  31.307 +
  31.308 +void blkif_xenbus_init(void)
  31.309 +{
  31.310 +	xenbus_register_backend(&blkback);
  31.311 +}
    32.1 --- a/linux-2.6-xen-sparse/drivers/xen/blkfront/blkfront.c	Thu Aug 18 10:40:02 2005 -0800
    32.2 +++ b/linux-2.6-xen-sparse/drivers/xen/blkfront/blkfront.c	Fri Aug 19 10:19:28 2005 -0800
    32.3 @@ -53,8 +53,8 @@
    32.4  #include <linux/sched.h>
    32.5  #include <linux/interrupt.h>
    32.6  #include <scsi/scsi.h>
    32.7 -#include <asm-xen/ctrl_if.h>
    32.8  #include <asm-xen/evtchn.h>
    32.9 +#include <asm-xen/xenbus.h>
   32.10  #ifdef CONFIG_XEN_BLKDEV_GRANT
   32.11  #include <asm-xen/xen-public/grant_table.h>
   32.12  #include <asm-xen/gnttab.h>
   32.13 @@ -65,22 +65,14 @@ typedef unsigned char byte; /* from linu
   32.14  /* Control whether runtime update of vbds is enabled. */
   32.15  #define ENABLE_VBD_UPDATE 1
   32.16  
   32.17 -#if ENABLE_VBD_UPDATE
   32.18 -static void vbd_update(void);
   32.19 -#else
   32.20 -static void vbd_update(void){};
   32.21 -#endif
   32.22 -
   32.23  #define BLKIF_STATE_CLOSED       0
   32.24  #define BLKIF_STATE_DISCONNECTED 1
   32.25  #define BLKIF_STATE_CONNECTED    2
   32.26  
   32.27 -static int blkif_handle = 0;
   32.28  static unsigned int blkif_state = BLKIF_STATE_CLOSED;
   32.29  static unsigned int blkif_evtchn = 0;
   32.30 -
   32.31 -static int blkif_control_rsp_valid;
   32.32 -static blkif_response_t blkif_control_rsp;
   32.33 +static unsigned int blkif_vbds = 0;
   32.34 +static unsigned int blkif_vbds_connected = 0;
   32.35  
   32.36  static blkif_front_ring_t blk_ring;
   32.37  
   32.38 @@ -92,6 +84,7 @@ static grant_ref_t gref_head, gref_termi
   32.39  #define MAXIMUM_OUTSTANDING_BLOCK_REQS \
   32.40      (BLKIF_MAX_SEGMENTS_PER_REQUEST * BLKIF_RING_SIZE)
   32.41  #define GRANTREF_INVALID (1<<15)
   32.42 +static int shmem_ref;
   32.43  #endif
   32.44  
   32.45  static struct blk_shadow {
   32.46 @@ -105,7 +98,7 @@ static int recovery = 0; /* Recovery in 
   32.47  
   32.48  static void kick_pending_request_queues(void);
   32.49  
   32.50 -int __init xlblk_init(void);
   32.51 +static int __init xlblk_init(void);
   32.52  
   32.53  static void blkif_completion(struct blk_shadow *s);
   32.54  
   32.55 @@ -179,19 +172,6 @@ static inline void flush_requests(void)
   32.56  
   32.57  module_init(xlblk_init);
   32.58  
   32.59 -#if ENABLE_VBD_UPDATE
   32.60 -static void update_vbds_task(void *unused)
   32.61 -{ 
   32.62 -    xlvbd_update_vbds();
   32.63 -}
   32.64 -
   32.65 -static void vbd_update(void)
   32.66 -{
   32.67 -    static DECLARE_WORK(update_tq, update_vbds_task, NULL);
   32.68 -    schedule_work(&update_tq);
   32.69 -}
   32.70 -#endif /* ENABLE_VBD_UPDATE */
   32.71 -
   32.72  static struct xlbd_disk_info *head_waiting = NULL;
   32.73  static void kick_pending_request_queues(void)
   32.74  {
   32.75 @@ -221,16 +201,7 @@ int blkif_open(struct inode *inode, stru
   32.76  
   32.77  int blkif_release(struct inode *inode, struct file *filep)
   32.78  {
   32.79 -    struct gendisk *gd = inode->i_bdev->bd_disk;
   32.80 -    struct xlbd_disk_info *di = (struct xlbd_disk_info *)gd->private_data;
   32.81 -
   32.82 -    /*
   32.83 -     * When usage drops to zero it may allow more VBD updates to occur.
   32.84 -     * Update of usage count is protected by a per-device semaphore.
   32.85 -     */
   32.86 -    if ( --di->mi->usage == 0 )
   32.87 -        vbd_update();
   32.88 -
   32.89 +    /* FIXME: This is where we can actually free up majors, etc. --RR */
   32.90      return 0;
   32.91  }
   32.92  
   32.93 @@ -301,7 +272,7 @@ static int blkif_queue_request(struct re
   32.94      ring_req->operation = rq_data_dir(req) ? BLKIF_OP_WRITE :
   32.95          BLKIF_OP_READ;
   32.96      ring_req->sector_number = (blkif_sector_t)req->sector;
   32.97 -    ring_req->device = di->xd_device;
   32.98 +    ring_req->handle = di->handle;
   32.99  
  32.100      ring_req->nr_segments = 0;
  32.101      rq_for_each_bio(bio, req)
  32.102 @@ -446,10 +417,6 @@ static irqreturn_t blkif_int(int irq, vo
  32.103              end_that_request_last(req);
  32.104  
  32.105              break;
  32.106 -        case BLKIF_OP_PROBE:
  32.107 -            memcpy(&blkif_control_rsp, bret, sizeof(*bret));
  32.108 -            blkif_control_rsp_valid = 1;
  32.109 -            break;
  32.110          default:
  32.111              BUG();
  32.112          }
  32.113 @@ -483,28 +450,6 @@ static int nr_pending;
  32.114  #define blkif_io_lock io_request_lock
  32.115  
  32.116  /*============================================================================*/
  32.117 -#if ENABLE_VBD_UPDATE
  32.118 -
  32.119 -/*
  32.120 - * blkif_update_int/update-vbds_task - handle VBD update events.
  32.121 - *  Schedule a task for keventd to run, which will update the VBDs and perform 
  32.122 - *  the corresponding updates to our view of VBD state.
  32.123 - */
  32.124 -static void update_vbds_task(void *unused)
  32.125 -{ 
  32.126 -    xlvbd_update_vbds();
  32.127 -}
  32.128 -
  32.129 -static void vbd_update(void)
  32.130 -{
  32.131 -    static struct tq_struct update_tq;
  32.132 -    update_tq.routine = update_vbds_task;
  32.133 -    schedule_task(&update_tq);
  32.134 -}
  32.135 -
  32.136 -#endif /* ENABLE_VBD_UPDATE */
  32.137 -/*============================================================================*/
  32.138 -
  32.139  static void kick_pending_request_queues(void)
  32.140  {
  32.141      /* We kick pending request queues if the ring is reasonably empty. */
  32.142 @@ -757,7 +702,8 @@ static int blkif_queue_request(unsigned 
  32.143                                 char *          buffer,
  32.144                                 unsigned long   sector_number,
  32.145                                 unsigned short  nr_sectors,
  32.146 -                               kdev_t          device)
  32.147 +                               kdev_t          device,
  32.148 +			       blkif_vdev_t    handle)
  32.149  {
  32.150      unsigned long       buffer_ma = virt_to_bus(buffer);
  32.151      unsigned long       xid;
  32.152 @@ -871,7 +817,7 @@ static int blkif_queue_request(unsigned 
  32.153      req->id            = xid;
  32.154      req->operation     = operation;
  32.155      req->sector_number = (blkif_sector_t)sector_number;
  32.156 -    req->device        = device; 
  32.157 +    req->handle        = handle; 
  32.158      req->nr_segments   = 1;
  32.159  #ifdef CONFIG_XEN_BLKDEV_GRANT
  32.160      /* install a grant reference. */
  32.161 @@ -1047,108 +993,10 @@ static void blkif_int(int irq, void *dev
  32.162  
  32.163  /*****************************  COMMON CODE  *******************************/
  32.164  
  32.165 -#ifdef CONFIG_XEN_BLKDEV_GRANT
  32.166 -void blkif_control_probe_send(blkif_request_t *req, blkif_response_t *rsp,
  32.167 -                              unsigned long address)
  32.168 -{
  32.169 -    int ref = gnttab_claim_grant_reference(&gref_head, gref_terminal);
  32.170 -    ASSERT( ref != -ENOSPC );
  32.171 -
  32.172 -    gnttab_grant_foreign_access_ref( ref, rdomid, address >> PAGE_SHIFT, 0 );
  32.173 -
  32.174 -    req->frame_and_sects[0] = blkif_fas_from_gref(ref, 0, (PAGE_SIZE/512)-1);
  32.175 -
  32.176 -    blkif_control_send(req, rsp);
  32.177 -}
  32.178 -#endif
  32.179 -
  32.180 -void blkif_control_send(blkif_request_t *req, blkif_response_t *rsp)
  32.181 -{
  32.182 -    unsigned long flags, id;
  32.183 -    blkif_request_t *req_d;
  32.184 -
  32.185 - retry:
  32.186 -    while ( RING_FULL(&blk_ring) )
  32.187 -    {
  32.188 -        set_current_state(TASK_INTERRUPTIBLE);
  32.189 -        schedule_timeout(1);
  32.190 -    }
  32.191 -
  32.192 -    spin_lock_irqsave(&blkif_io_lock, flags);
  32.193 -    if ( RING_FULL(&blk_ring) )
  32.194 -    {
  32.195 -        spin_unlock_irqrestore(&blkif_io_lock, flags);
  32.196 -        goto retry;
  32.197 -    }
  32.198 -
  32.199 -    DISABLE_SCATTERGATHER();
  32.200 -    req_d = RING_GET_REQUEST(&blk_ring, blk_ring.req_prod_pvt);
  32.201 -    *req_d = *req;    
  32.202 -
  32.203 -    id = GET_ID_FROM_FREELIST();
  32.204 -    req_d->id = id;
  32.205 -    blk_shadow[id].request = (unsigned long)req;
  32.206 -
  32.207 -    pickle_request(&blk_shadow[id], req);
  32.208 -
  32.209 -    blk_ring.req_prod_pvt++;
  32.210 -    flush_requests();
  32.211 -
  32.212 -    spin_unlock_irqrestore(&blkif_io_lock, flags);
  32.213 -
  32.214 -    while ( !blkif_control_rsp_valid )
  32.215 -    {
  32.216 -        set_current_state(TASK_INTERRUPTIBLE);
  32.217 -        schedule_timeout(1);
  32.218 -    }
  32.219 -
  32.220 -    memcpy(rsp, &blkif_control_rsp, sizeof(*rsp));
  32.221 -    blkif_control_rsp_valid = 0;
  32.222 -}
  32.223 -
  32.224 -
  32.225 -/* Send a driver status notification to the domain controller. */
  32.226 -static void send_driver_status(int ok)
  32.227 -{
  32.228 -    ctrl_msg_t cmsg = {
  32.229 -        .type    = CMSG_BLKIF_FE,
  32.230 -        .subtype = CMSG_BLKIF_FE_DRIVER_STATUS,
  32.231 -        .length  = sizeof(blkif_fe_driver_status_t),
  32.232 -    };
  32.233 -    blkif_fe_driver_status_t *msg = (void*)cmsg.msg;
  32.234 -    
  32.235 -    msg->status = (ok ? BLKIF_DRIVER_STATUS_UP : BLKIF_DRIVER_STATUS_DOWN);
  32.236 -
  32.237 -    ctrl_if_send_message_block(&cmsg, NULL, 0, TASK_UNINTERRUPTIBLE);
  32.238 -}
  32.239 -
  32.240 -/* Tell the controller to bring up the interface. */
  32.241 -static void blkif_send_interface_connect(void)
  32.242 -{
  32.243 -    ctrl_msg_t cmsg = {
  32.244 -        .type    = CMSG_BLKIF_FE,
  32.245 -        .subtype = CMSG_BLKIF_FE_INTERFACE_CONNECT,
  32.246 -        .length  = sizeof(blkif_fe_interface_connect_t),
  32.247 -    };
  32.248 -    blkif_fe_interface_connect_t *msg = (void*)cmsg.msg;
  32.249 -    
  32.250 -    msg->handle      = 0;
  32.251 -    msg->shmem_frame = (virt_to_machine(blk_ring.sring) >> PAGE_SHIFT);
  32.252 -    
  32.253 -#ifdef CONFIG_XEN_BLKDEV_GRANT
  32.254 -    msg->shmem_ref   = gnttab_claim_grant_reference( &gref_head, gref_terminal );
  32.255 -    ASSERT( msg->shmem_ref != -ENOSPC );
  32.256 -    gnttab_grant_foreign_access_ref ( msg->shmem_ref , rdomid, msg->shmem_frame, 0 );
  32.257 -#endif
  32.258 -
  32.259 -    ctrl_if_send_message_block(&cmsg, NULL, 0, TASK_UNINTERRUPTIBLE);
  32.260 -}
  32.261 -
  32.262  static void blkif_free(void)
  32.263  {
  32.264      /* Prevent new requests being issued until we fix things up. */
  32.265      spin_lock_irq(&blkif_io_lock);
  32.266 -    recovery = 1;
  32.267      blkif_state = BLKIF_STATE_DISCONNECTED;
  32.268      spin_unlock_irq(&blkif_io_lock);
  32.269  
  32.270 @@ -1162,31 +1010,6 @@ static void blkif_free(void)
  32.271      blkif_evtchn = 0;
  32.272  }
  32.273  
  32.274 -static void blkif_close(void)
  32.275 -{
  32.276 -}
  32.277 -
  32.278 -/* Move from CLOSED to DISCONNECTED state. */
  32.279 -static void blkif_disconnect(void)
  32.280 -{
  32.281 -    blkif_sring_t *sring;
  32.282 -    
  32.283 -    if ( blk_ring.sring != NULL )
  32.284 -        free_page((unsigned long)blk_ring.sring);
  32.285 -    
  32.286 -    sring = (blkif_sring_t *)__get_free_page(GFP_KERNEL);
  32.287 -    SHARED_RING_INIT(sring);
  32.288 -    FRONT_RING_INIT(&blk_ring, sring, PAGE_SIZE);
  32.289 -    blkif_state  = BLKIF_STATE_DISCONNECTED;
  32.290 -    blkif_send_interface_connect();
  32.291 -}
  32.292 -
  32.293 -static void blkif_reset(void)
  32.294 -{
  32.295 -    blkif_free();
  32.296 -    blkif_disconnect();
  32.297 -}
  32.298 -
  32.299  static void blkif_recover(void)
  32.300  {
  32.301      int i;
  32.302 @@ -1257,11 +1080,14 @@ static void blkif_recover(void)
  32.303      blkif_state = BLKIF_STATE_CONNECTED;
  32.304  }
  32.305  
  32.306 -static void blkif_connect(blkif_fe_interface_status_t *status)
  32.307 +static void blkif_connect(u16 evtchn, domid_t domid)
  32.308  {
  32.309      int err = 0;
  32.310  
  32.311 -    blkif_evtchn = status->evtchn;
  32.312 +    blkif_evtchn = evtchn;
  32.313 +#ifdef CONFIG_XEN_BLKDEV_GRANT
  32.314 +    rdomid       = domid;
  32.315 +#endif
  32.316  
  32.317      err = bind_evtchn_to_irqhandler(
  32.318          blkif_evtchn, blkif_int, SA_SAMPLE_RANDOM, "blkif", NULL);
  32.319 @@ -1270,142 +1096,318 @@ static void blkif_connect(blkif_fe_inter
  32.320          WPRINTK("bind_evtchn_to_irqhandler failed (err=%d)\n", err);
  32.321          return;
  32.322      }
  32.323 -
  32.324 -    if ( recovery ) 
  32.325 -    {
  32.326 -        blkif_recover();
  32.327 -    } 
  32.328 -    else 
  32.329 -    {
  32.330 -        /* Transition to connected in case we need to do 
  32.331 -         *  a partition probe on a whole disk. */
  32.332 -        blkif_state = BLKIF_STATE_CONNECTED;
  32.333 -        
  32.334 -        /* Probe for discs attached to the interface. */
  32.335 -        xlvbd_init();
  32.336 -    }
  32.337 -    
  32.338 -    /* Kick pending requests. */
  32.339 -    spin_lock_irq(&blkif_io_lock);
  32.340 -    kick_pending_request_queues();
  32.341 -    spin_unlock_irq(&blkif_io_lock);
  32.342 -}
  32.343 -
  32.344 -static void unexpected(blkif_fe_interface_status_t *status)
  32.345 -{
  32.346 -    DPRINTK(" Unexpected blkif status %u in state %u\n", 
  32.347 -            status->status, blkif_state);
  32.348 -}
  32.349 -
  32.350 -static void blkif_status(blkif_fe_interface_status_t *status)
  32.351 -{
  32.352 -#ifdef CONFIG_XEN_BLKDEV_GRANT
  32.353 -    rdomid       = status->domid; /* need to set rdomid early */
  32.354 -#endif
  32.355 -
  32.356 -    if ( status->handle != blkif_handle )
  32.357 -    {
  32.358 -        WPRINTK(" Invalid blkif: handle=%u\n", status->handle);
  32.359 -        unexpected(status);
  32.360 -        return;
  32.361 -    }
  32.362 -
  32.363 -    switch ( status->status ) 
  32.364 -    {
  32.365 -    case BLKIF_INTERFACE_STATUS_CLOSED:
  32.366 -        switch ( blkif_state )
  32.367 -        {
  32.368 -        case BLKIF_STATE_CLOSED:
  32.369 -            unexpected(status);
  32.370 -            break;
  32.371 -        case BLKIF_STATE_DISCONNECTED:
  32.372 -        case BLKIF_STATE_CONNECTED:
  32.373 -            unexpected(status);
  32.374 -            blkif_close();
  32.375 -            break;
  32.376 -        }
  32.377 -        break;
  32.378 -
  32.379 -    case BLKIF_INTERFACE_STATUS_DISCONNECTED:
  32.380 -        switch ( blkif_state )
  32.381 -        {
  32.382 -        case BLKIF_STATE_CLOSED:
  32.383 -            blkif_disconnect();
  32.384 -            break;
  32.385 -        case BLKIF_STATE_DISCONNECTED:
  32.386 -        case BLKIF_STATE_CONNECTED:
  32.387 -            /* unexpected(status); */ /* occurs during suspend/resume */
  32.388 -            blkif_reset();
  32.389 -            break;
  32.390 -        }
  32.391 -        break;
  32.392 -
  32.393 -    case BLKIF_INTERFACE_STATUS_CONNECTED:
  32.394 -        switch ( blkif_state )
  32.395 -        {
  32.396 -        case BLKIF_STATE_CLOSED:
  32.397 -            unexpected(status);
  32.398 -            blkif_disconnect();
  32.399 -            blkif_connect(status);
  32.400 -            break;
  32.401 -        case BLKIF_STATE_DISCONNECTED:
  32.402 -            blkif_connect(status);
  32.403 -            break;
  32.404 -        case BLKIF_STATE_CONNECTED:
  32.405 -            unexpected(status);
  32.406 -            blkif_connect(status);
  32.407 -            break;
  32.408 -        }
  32.409 -        break;
  32.410 -
  32.411 -    case BLKIF_INTERFACE_STATUS_CHANGED:
  32.412 -        switch ( blkif_state )
  32.413 -        {
  32.414 -        case BLKIF_STATE_CLOSED:
  32.415 -        case BLKIF_STATE_DISCONNECTED:
  32.416 -            unexpected(status);
  32.417 -            break;
  32.418 -        case BLKIF_STATE_CONNECTED:
  32.419 -            vbd_update();
  32.420 -            break;
  32.421 -        }
  32.422 -        break;
  32.423 -
  32.424 -    default:
  32.425 -        WPRINTK(" Invalid blkif status: %d\n", status->status);
  32.426 -        break;
  32.427 -    }
  32.428  }
  32.429  
  32.430  
  32.431 -static void blkif_ctrlif_rx(ctrl_msg_t *msg, unsigned long id)
  32.432 +static struct xenbus_device_id blkfront_ids[] = {
  32.433 +	{ "vbd" },
  32.434 +	{ "" }
  32.435 +};
  32.436 +
  32.437 +struct blkfront_info
  32.438  {
  32.439 -    switch ( msg->subtype )
  32.440 -    {
  32.441 -    case CMSG_BLKIF_FE_INTERFACE_STATUS:
  32.442 -        blkif_status((blkif_fe_interface_status_t *)
  32.443 -                     &msg->msg[0]);
  32.444 -        break;
  32.445 -    default:
  32.446 -        msg->length = 0;
  32.447 -        break;
  32.448 -    }
  32.449 +	/* We watch the backend */
  32.450 +	struct xenbus_watch watch;
  32.451 +	int vdevice;
  32.452 +	u16 handle;
  32.453 +	int connected;
  32.454 +	struct xenbus_device *dev;
  32.455 +	char *backend;
  32.456 +};
  32.457  
  32.458 -    ctrl_if_send_response(msg);
  32.459 +static void watch_for_status(struct xenbus_watch *watch, const char *node)
  32.460 +{
  32.461 +	struct blkfront_info *info;
  32.462 +	unsigned int binfo;
  32.463 +	unsigned long sectors, sector_size;
  32.464 +	int err;
  32.465 +
  32.466 +	info = container_of(watch, struct blkfront_info, watch);
  32.467 +	node += strlen(watch->node);
  32.468 +
  32.469 +	/* FIXME: clean up when error on the other end. */
  32.470 +	if (info->connected)
  32.471 +		return;
  32.472 +
  32.473 +	err = xenbus_gather(watch->node, 
  32.474 +			    "sectors", "%lu", &sectors,
  32.475 +			    "info", "%u", &binfo,
  32.476 +			    "sector-size", "%lu", &sector_size,
  32.477 +			    NULL);
  32.478 +
  32.479 +	if (err)
  32.480 +		xenbus_dev_error(info->dev, err, "reading backend fields");
  32.481 +	else {
  32.482 +		xlvbd_add(sectors, info->vdevice, info->handle, binfo,
  32.483 +			  sector_size);
  32.484 +		info->connected = 1;
  32.485 +
  32.486 +		/* First to connect?  blkif is now connected. */
  32.487 +		if (blkif_vbds_connected++ == 0)
  32.488 +			blkif_state = BLKIF_STATE_CONNECTED;
  32.489 +
  32.490 +		xenbus_dev_ok(info->dev);
  32.491 +
  32.492 +		/* Kick pending requests. */
  32.493 +		spin_lock_irq(&blkif_io_lock);
  32.494 +		kick_pending_request_queues();
  32.495 +		spin_unlock_irq(&blkif_io_lock);
  32.496 +	}
  32.497  }
  32.498  
  32.499 -int wait_for_blkif(void)
  32.500 +static int setup_blkring(struct xenbus_device *dev, unsigned int backend_id)
  32.501 +{
  32.502 +	blkif_sring_t *sring;
  32.503 +	evtchn_op_t op = { .cmd = EVTCHNOP_alloc_unbound };
  32.504 +	int err;
  32.505 +
  32.506 +	sring = (void *)__get_free_page(GFP_KERNEL);
  32.507 +	if (!sring) {
  32.508 +		xenbus_dev_error(dev, -ENOMEM, "allocating shared ring");
  32.509 +		return -ENOMEM;
  32.510 +	}
  32.511 +	SHARED_RING_INIT(sring);
  32.512 +	FRONT_RING_INIT(&blk_ring, sring, PAGE_SIZE);
  32.513 +
  32.514 +#ifdef CONFIG_XEN_BLKDEV_GRANT
  32.515 +	shmem_ref = gnttab_claim_grant_reference(&gref_head,
  32.516 +						 gref_terminal);
  32.517 +	ASSERT(shmem_ref != -ENOSPC);
  32.518 +	gnttab_grant_foreign_access_ref(shmem_ref,
  32.519 +					backend_id,
  32.520 +					virt_to_mfn(blk_ring.sring),
  32.521 +					0);
  32.522 +#endif
  32.523 +
  32.524 +	op.u.alloc_unbound.dom = backend_id;
  32.525 +	err = HYPERVISOR_event_channel_op(&op);
  32.526 +	if (err) {
  32.527 +		free_page((unsigned long)blk_ring.sring);
  32.528 +		blk_ring.sring = 0;
  32.529 +		xenbus_dev_error(dev, err, "allocating event channel");
  32.530 +		return err;
  32.531 +	}
  32.532 +	blkif_connect(op.u.alloc_unbound.port, backend_id);
  32.533 +	return 0;
  32.534 +}
  32.535 +
  32.536 +/* Common code used when first setting up, and when resuming. */
  32.537 +static int talk_to_backend(struct xenbus_device *dev,
  32.538 +			   struct blkfront_info *info)
  32.539 +{
  32.540 +	char *backend;
  32.541 +	const char *message;
  32.542 +	int err, backend_id;
  32.543 +
  32.544 +	backend = xenbus_read(dev->nodename, "backend", NULL);
  32.545 +	if (IS_ERR(backend)) {
  32.546 +		err = PTR_ERR(backend);
  32.547 +		if (err == -ENOENT)
  32.548 +			goto out;
  32.549 +		xenbus_dev_error(dev, err, "reading %s/backend",
  32.550 +				 dev->nodename);
  32.551 +		goto out;
  32.552 +	}
  32.553 +	if (strlen(backend) == 0) {
  32.554 +		err = -ENOENT;
  32.555 +		goto free_backend;
  32.556 +	}
  32.557 +
  32.558 +	/* FIXME: This driver can't handle backends on different
  32.559 +	 * domains.  Check and fail gracefully. */
  32.560 +	err = xenbus_scanf(dev->nodename, "backend-id", "%i", &backend_id);
  32.561 +	if (err == -ENOENT)
  32.562 +		goto free_backend;
  32.563 + 	if (err < 0) {
  32.564 +		xenbus_dev_error(dev, err, "reading %s/backend-id",
  32.565 +				 dev->nodename);
  32.566 + 		goto free_backend;
  32.567 + 	}
  32.568 +
  32.569 +	/* First device?  We create shared ring, alloc event channel. */
  32.570 +	if (blkif_vbds == 0) {
  32.571 +		err = setup_blkring(dev, backend_id);
  32.572 +		if (err)
  32.573 +			goto free_backend;
  32.574 +	}
  32.575 +
  32.576 +	err = xenbus_transaction_start(dev->nodename);
  32.577 +	if (err) {
  32.578 +		xenbus_dev_error(dev, err, "starting transaction");
  32.579 +		goto destroy_blkring;
  32.580 +	}
  32.581 +
  32.582 +#ifdef CONFIG_XEN_BLKDEV_GRANT
  32.583 +	err = xenbus_printf(dev->nodename, "grant-id","%u", shmem_ref);
  32.584 +	if (err) {
  32.585 +		message = "writing grant-id";
  32.586 +		goto abort_transaction;
  32.587 +	}
  32.588 +#else
  32.589 +	err = xenbus_printf(dev->nodename, "shared-frame", "%lu",
  32.590 +			    virt_to_mfn(blk_ring.sring));
  32.591 +	if (err) {
  32.592 +		message = "writing shared-frame";
  32.593 +		goto abort_transaction;
  32.594 +	}
  32.595 +#endif
  32.596 +	err = xenbus_printf(dev->nodename,
  32.597 +			    "event-channel", "%u", blkif_evtchn);
  32.598 +	if (err) {
  32.599 +		message = "writing event-channel";
  32.600 +		goto abort_transaction;
  32.601 +	}
  32.602 +
  32.603 +	info->watch.node = info->backend = backend;
  32.604 +	info->watch.callback = watch_for_status;
  32.605 +
  32.606 +	err = register_xenbus_watch(&info->watch);
  32.607 +	if (err) {
  32.608 +		message = "registering watch on backend";
  32.609 +		goto abort_transaction;
  32.610 +	}
  32.611 +
  32.612 +	err = xenbus_transaction_end(0);
  32.613 +	if (err) {
  32.614 +		xenbus_dev_error(dev, err, "completing transaction");
  32.615 +		goto destroy_blkring;
  32.616 +	}
  32.617 +	return 0;
  32.618 +
  32.619 +abort_transaction:
  32.620 +	xenbus_transaction_end(1);
  32.621 +	/* Have to do this *outside* transaction.  */
  32.622 +	xenbus_dev_error(dev, err, "%s", message);
  32.623 +destroy_blkring:
  32.624 +	if (blkif_vbds == 0)
  32.625 +		blkif_free();
  32.626 +free_backend:
  32.627 +	kfree(backend);
  32.628 +out:
  32.629 +	printk("%s:%u = %i\n", __FILE__, __LINE__, err);
  32.630 +	return err;
  32.631 +}
  32.632 +
  32.633 +/* Setup supplies the backend dir, virtual device.
  32.634 +
  32.635 +   We place an event channel and shared frame entries.
  32.636 +   We watch backend to wait if it's ok. */
  32.637 +static int blkfront_probe(struct xenbus_device *dev,
  32.638 +			  const struct xenbus_device_id *id)
  32.639 +{
  32.640 +	int err;
  32.641 +	struct blkfront_info *info;
  32.642 +	int vdevice;
  32.643 +
  32.644 +	/* FIXME: Use dynamic device id if this is not set. */
  32.645 +	err = xenbus_scanf(dev->nodename, "virtual-device", "%i", &vdevice);
  32.646 +	if (err == -ENOENT)
  32.647 +		return err;
  32.648 +	if (err < 0) {
  32.649 +		xenbus_dev_error(dev, err, "reading virtual-device");
  32.650 +		return err;
  32.651 +	}
  32.652 +
  32.653 +	info = kmalloc(sizeof(*info), GFP_KERNEL);
  32.654 +	if (!info) {
  32.655 +		xenbus_dev_error(dev, err, "allocating info structure");
  32.656 +		return err;
  32.657 +	}
  32.658 +	info->dev = dev;
  32.659 +	info->vdevice = vdevice;
  32.660 +	info->connected = 0;
  32.661 +	/* Front end dir is a number, which is used as the id. */
  32.662 +	info->handle = simple_strtoul(strrchr(dev->nodename,'/')+1, NULL, 0);
  32.663 +	dev->data = info;
  32.664 +
  32.665 +	err = talk_to_backend(dev, info);
  32.666 +	if (err) {
  32.667 +		kfree(info);
  32.668 +		return err;
  32.669 +	}
  32.670 +
  32.671 +	/* Call once in case entries already there. */
  32.672 +	watch_for_status(&info->watch, info->watch.node);
  32.673 +	blkif_vbds++;
  32.674 +	return 0;
  32.675 +}
  32.676 +
  32.677 +static int blkfront_remove(struct xenbus_device *dev)
  32.678 +{
  32.679 +	struct blkfront_info *info = dev->data;
  32.680 +
  32.681 +	if (info->backend)
  32.682 +		unregister_xenbus_watch(&info->watch);
  32.683 +
  32.684 +	if (info->connected) {
  32.685 +		xlvbd_del(info->handle);
  32.686 +		blkif_vbds_connected--;
  32.687 +	}
  32.688 +	kfree(info->backend);
  32.689 +	kfree(info);
  32.690 +
  32.691 +	if (--blkif_vbds == 0)
  32.692 +		blkif_free();
  32.693 +
  32.694 +	return 0;
  32.695 +}
  32.696 +
  32.697 +static int blkfront_suspend(struct xenbus_device *dev)
  32.698 +{
  32.699 +	struct blkfront_info *info = dev->data;
  32.700 +
  32.701 +	unregister_xenbus_watch(&info->watch);
  32.702 +	kfree(info->backend);
  32.703 +	info->backend = NULL;
  32.704 +
  32.705 +	if (--blkif_vbds == 0) {
  32.706 +		recovery = 1;
  32.707 +		blkif_free();
  32.708 +	}
  32.709 +
  32.710 +	return 0;
  32.711 +}
  32.712 +
  32.713 +static int blkfront_resume(struct xenbus_device *dev)
  32.714 +{
  32.715 +	struct blkfront_info *info = dev->data;
  32.716 +	int err;
  32.717 +
  32.718 +	/* FIXME: Check geometry hasn't changed here... */
  32.719 +	err = talk_to_backend(dev, info);
  32.720 +	if (!err) {
  32.721 +		if (blkif_vbds++ == 0)
  32.722 +			blkif_recover();
  32.723 +	}
  32.724 +	return err;
  32.725 +}
  32.726 +
  32.727 +static struct xenbus_driver blkfront = {
  32.728 +	.name = "vbd",
  32.729 +	.owner = THIS_MODULE,
  32.730 +	.ids = blkfront_ids,
  32.731 +	.probe = blkfront_probe,
  32.732 +	.remove = blkfront_remove,
  32.733 +	.resume = blkfront_resume,
  32.734 +	.suspend = blkfront_suspend,
  32.735 +};
  32.736 +
  32.737 +static void __init init_blk_xenbus(void)
  32.738 +{
  32.739 +	xenbus_register_device(&blkfront);
  32.740 +}
  32.741 +
  32.742 +static int wait_for_blkif(void)
  32.743  {
  32.744      int err = 0;
  32.745      int i;
  32.746 -    send_driver_status(1);
  32.747  
  32.748      /*
  32.749       * We should read 'nr_interfaces' from response message and wait
  32.750       * for notifications before proceeding. For now we assume that we
  32.751       * will be notified of exactly one interface.
  32.752       */
  32.753 -    for ( i=0; (blkif_state != BLKIF_STATE_CONNECTED) && (i < 10*HZ); i++ )
  32.754 +    for ( i=0; blkif_state != BLKIF_STATE_CONNECTED && (i < 10*HZ); i++ )
  32.755      {
  32.756          set_current_state(TASK_INTERRUPTIBLE);
  32.757          schedule_timeout(1);
  32.758 @@ -1419,7 +1421,7 @@ int wait_for_blkif(void)
  32.759      return err;
  32.760  }
  32.761  
  32.762 -int __init xlblk_init(void)
  32.763 +static int __init xlblk_init(void)
  32.764  {
  32.765      int i;
  32.766  
  32.767 @@ -1443,29 +1445,13 @@ int __init xlblk_init(void)
  32.768          blk_shadow[i].req.id = i+1;
  32.769      blk_shadow[BLK_RING_SIZE-1].req.id = 0x0fffffff;
  32.770  
  32.771 -    (void)ctrl_if_register_receiver(CMSG_BLKIF_FE, blkif_ctrlif_rx,
  32.772 -                                    CALLBACK_IN_BLOCKING_CONTEXT);
  32.773 +    init_blk_xenbus();
  32.774  
  32.775      wait_for_blkif();
  32.776  
  32.777      return 0;
  32.778  }
  32.779  
  32.780 -void blkdev_suspend(void)
  32.781 -{
  32.782 -}
  32.783 -
  32.784 -void blkdev_resume(void)
  32.785 -{
  32.786 -#ifdef CONFIG_XEN_BLKDEV_GRANT
  32.787 -    int i, j;
  32.788 -    for ( i = 0; i < BLK_RING_SIZE; i++ )
  32.789 -        for ( j = 0; j < BLKIF_MAX_SEGMENTS_PER_REQUEST; j++ )
  32.790 -            blk_shadow[i].req.frame_and_sects[j] |= GRANTREF_INVALID;
  32.791 -#endif
  32.792 -    send_driver_status(1);
  32.793 -}
  32.794 -
  32.795  static void blkif_completion(struct blk_shadow *s)
  32.796  {
  32.797      int i;
    33.1 --- a/linux-2.6-xen-sparse/drivers/xen/blkfront/block.h	Thu Aug 18 10:40:02 2005 -0800
    33.2 +++ b/linux-2.6-xen-sparse/drivers/xen/blkfront/block.h	Fri Aug 19 10:19:28 2005 -0800
    33.3 @@ -100,6 +100,7 @@ struct xlbd_major_info {
    33.4  
    33.5  struct xlbd_disk_info {
    33.6      int xd_device;
    33.7 +    blkif_vdev_t handle;
    33.8      struct xlbd_major_info *mi;
    33.9  #if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,0)
   33.10      struct xlbd_disk_info  *next_waiting;
   33.11 @@ -119,17 +120,10 @@ extern int blkif_ioctl(struct inode *ino
   33.12                         unsigned command, unsigned long argument);
   33.13  extern int blkif_check(dev_t dev);
   33.14  extern int blkif_revalidate(dev_t dev);
   33.15 -extern void blkif_control_send(blkif_request_t *req, blkif_response_t *rsp);
   33.16 -#ifdef CONFIG_XEN_BLKDEV_GRANT
   33.17 -extern void blkif_control_probe_send(
   33.18 -    blkif_request_t *req, blkif_response_t *rsp, unsigned long address);
   33.19 -#endif
   33.20  extern void do_blkif_request (request_queue_t *rq); 
   33.21  
   33.22 -extern void xlvbd_update_vbds(void);
   33.23 -
   33.24  /* Virtual block-device subsystem. */
   33.25 -extern int  xlvbd_init(void);
   33.26 -extern void xlvbd_cleanup(void); 
   33.27 -
   33.28 +int xlvbd_add(blkif_sector_t capacity, int device, blkif_vdev_t handle,
   33.29 +	      u16 info, u16 sector_size);
   33.30 +void xlvbd_del(blkif_vdev_t handle);
   33.31  #endif /* __XEN_DRIVERS_BLOCK_H__ */
    34.1 --- a/linux-2.6-xen-sparse/drivers/xen/blkfront/vbd.c	Thu Aug 18 10:40:02 2005 -0800
    34.2 +++ b/linux-2.6-xen-sparse/drivers/xen/blkfront/vbd.c	Fri Aug 19 10:19:28 2005 -0800
    34.3 @@ -46,8 +46,9 @@
    34.4  struct lvdisk
    34.5  {
    34.6      blkif_sector_t capacity; /*  0: Size in terms of 512-byte sectors.   */
    34.7 -    blkif_vdev_t   device;   /*  8: Device number (opaque 16 bit value). */
    34.8 -    u16            info; 
    34.9 +    blkif_vdev_t   handle;   /*  8: Device number (opaque 16 bit value). */
   34.10 +    u16            info;
   34.11 +    dev_t          dev;
   34.12      struct list_head list;
   34.13  };
   34.14  
   34.15 @@ -85,7 +86,7 @@ static struct xlbd_major_info *major_inf
   34.16  
   34.17  /* Information about our VBDs. */
   34.18  #define MAX_VBDS 64
   34.19 -struct list_head vbds_list;
   34.20 +static LIST_HEAD(vbds_list);
   34.21  
   34.22  #define MAJOR_XEN(dev) ((dev)>>8)
   34.23  #define MINOR_XEN(dev) ((dev) & 0xff)
   34.24 @@ -118,49 +119,6 @@ static void xlvbd_device_free(struct lvd
   34.25      kfree(disk);
   34.26  }
   34.27  
   34.28 -static vdisk_t *xlvbd_probe(int *ret)
   34.29 -{
   34.30 -    blkif_response_t rsp;
   34.31 -    blkif_request_t req;
   34.32 -    vdisk_t *disk_info = NULL;
   34.33 -    unsigned long buf;
   34.34 -    int nr;
   34.35 -
   34.36 -    buf = __get_free_page(GFP_KERNEL);
   34.37 -    if ((void *)buf == NULL)
   34.38 -        goto out;
   34.39 -
   34.40 -    memset(&req, 0, sizeof(req));
   34.41 -    req.operation = BLKIF_OP_PROBE;
   34.42 -    req.nr_segments = 1;
   34.43 -#ifdef CONFIG_XEN_BLKDEV_GRANT
   34.44 -    blkif_control_probe_send(&req, &rsp,
   34.45 -                             (unsigned long)(virt_to_machine(buf)));
   34.46 -#else
   34.47 -    req.frame_and_sects[0] = blkif_fas(virt_to_machine(buf), 0, (PAGE_SIZE/512)-1);
   34.48 -
   34.49 -    blkif_control_send(&req, &rsp);
   34.50 -#endif
   34.51 -    if ( rsp.status <= 0 ) {
   34.52 -        WPRINTK("Could not probe disks (%d)\n", rsp.status);
   34.53 -        goto out;
   34.54 -    }
   34.55 -    nr = rsp.status;
   34.56 -    if ( nr > MAX_VBDS )
   34.57 -        nr = MAX_VBDS;
   34.58 -
   34.59 -    disk_info = kmalloc(nr * sizeof(vdisk_t), GFP_KERNEL);
   34.60 -    if (disk_info != NULL)
   34.61 -        memcpy(disk_info, (void *) buf, nr * sizeof(vdisk_t));
   34.62 -
   34.63 -    if (ret != NULL)
   34.64 -        *ret = nr;
   34.65 -
   34.66 -out:
   34.67 -    free_page(buf);
   34.68 -    return disk_info;
   34.69 -}
   34.70 -
   34.71  static struct xlbd_major_info *xlbd_alloc_major_info(
   34.72      int major, int minor, int index)
   34.73  {
   34.74 @@ -189,6 +147,7 @@ static struct xlbd_major_info *xlbd_allo
   34.75          break;
   34.76      }
   34.77      
   34.78 +    printk("Registering block device major %i\n", ptr->major);
   34.79      if (register_blkdev(ptr->major, ptr->type->devname)) {
   34.80          WPRINTK("can't get major %d with name %s\n",
   34.81                  ptr->major, ptr->type->devname);
   34.82 @@ -231,7 +190,7 @@ static struct xlbd_major_info *xlbd_get_
   34.83              xlbd_alloc_major_info(major, minor, index));
   34.84  }
   34.85  
   34.86 -static int xlvbd_init_blk_queue(struct gendisk *gd, vdisk_t *disk)
   34.87 +static int xlvbd_init_blk_queue(struct gendisk *gd, u16 sector_size)
   34.88  {
   34.89      request_queue_t *rq;
   34.90  
   34.91 @@ -242,7 +201,7 @@ static int xlvbd_init_blk_queue(struct g
   34.92      elevator_init(rq, "noop");
   34.93  
   34.94      /* Hard sector size and max sectors impersonate the equiv. hardware. */
   34.95 -    blk_queue_hardsect_size(rq, disk->sector_size);
   34.96 +    blk_queue_hardsect_size(rq, sector_size);
   34.97      blk_queue_max_sectors(rq, 512);
   34.98  
   34.99      /* Each segment in a request is up to an aligned page in size. */
  34.100 @@ -261,8 +220,9 @@ static int xlvbd_init_blk_queue(struct g
  34.101      return 0;
  34.102  }
  34.103  
  34.104 -struct gendisk *xlvbd_alloc_gendisk(
  34.105 -    struct xlbd_major_info *mi, int minor, vdisk_t *disk)
  34.106 +static struct gendisk *xlvbd_alloc_gendisk(
  34.107 +    struct xlbd_major_info *mi, int minor, blkif_sector_t capacity,
  34.108 +    int device, blkif_vdev_t handle, u16 info, u16 sector_size)
  34.109  {
  34.110      struct gendisk *gd;
  34.111      struct xlbd_disk_info *di;
  34.112 @@ -273,7 +233,8 @@ struct gendisk *xlvbd_alloc_gendisk(
  34.113          return NULL;
  34.114      memset(di, 0, sizeof(*di));
  34.115      di->mi = mi;
  34.116 -    di->xd_device = disk->device;
  34.117 +    di->xd_device = device;
  34.118 +    di->handle = handle;
  34.119  
  34.120      if ((minor & ((1 << mi->type->partn_shift) - 1)) == 0)
  34.121          nr_minors = 1 << mi->type->partn_shift;
  34.122 @@ -296,22 +257,22 @@ struct gendisk *xlvbd_alloc_gendisk(
  34.123      gd->first_minor = minor;
  34.124      gd->fops = &xlvbd_block_fops;
  34.125      gd->private_data = di;
  34.126 -    set_capacity(gd, disk->capacity);
  34.127 +    set_capacity(gd, capacity);
  34.128  
  34.129 -    if (xlvbd_init_blk_queue(gd, disk)) {
  34.130 +    if (xlvbd_init_blk_queue(gd, sector_size)) {
  34.131          del_gendisk(gd);
  34.132          goto out;
  34.133      }
  34.134  
  34.135      di->rq = gd->queue;
  34.136  
  34.137 -    if (disk->info & VDISK_READONLY)
  34.138 +    if (info & VDISK_READONLY)
  34.139          set_disk_ro(gd, 1);
  34.140  
  34.141 -    if (disk->info & VDISK_REMOVABLE)
  34.142 +    if (info & VDISK_REMOVABLE)
  34.143          gd->flags |= GENHD_FL_REMOVABLE;
  34.144  
  34.145 -    if (disk->info & VDISK_CDROM)
  34.146 +    if (info & VDISK_CDROM)
  34.147          gd->flags |= GENHD_FL_CD;
  34.148  
  34.149      add_disk(gd);
  34.150 @@ -323,38 +284,36 @@ out:
  34.151      return NULL;
  34.152  }
  34.153  
  34.154 -static int xlvbd_device_add(struct list_head *list, vdisk_t *disk)
  34.155 +int xlvbd_add(blkif_sector_t capacity, int device, blkif_vdev_t handle,
  34.156 +	      u16 info, u16 sector_size)
  34.157  {
  34.158      struct lvdisk *new;
  34.159 -    int minor;
  34.160 -    dev_t device;
  34.161      struct block_device *bd;
  34.162      struct gendisk *gd;
  34.163      struct xlbd_major_info *mi;
  34.164  
  34.165 -    mi = xlbd_get_major_info(disk->device);
  34.166 +    mi = xlbd_get_major_info(device);
  34.167      if (mi == NULL)
  34.168          return -EPERM;
  34.169  
  34.170      new = xlvbd_device_alloc();
  34.171      if (new == NULL)
  34.172 -        return -1;
  34.173 -    new->capacity = disk->capacity;
  34.174 -    new->device = disk->device;
  34.175 -    new->info = disk->info;
  34.176 -    
  34.177 -    minor = MINOR_XEN(disk->device);
  34.178 -    device = MKDEV(mi->major, minor);
  34.179 -    
  34.180 -    bd = bdget(device);
  34.181 +        return -ENOMEM;
  34.182 +    new->capacity = capacity;
  34.183 +    new->info = info;
  34.184 +    new->handle = handle;
  34.185 +    new->dev = MKDEV(MAJOR_XEN(device), MINOR_XEN(device));
  34.186 +
  34.187 +    bd = bdget(new->dev);
  34.188      if (bd == NULL)
  34.189          goto out;
  34.190      
  34.191 -    gd = xlvbd_alloc_gendisk(mi, minor, disk);
  34.192 +    gd = xlvbd_alloc_gendisk(mi, MINOR_XEN(device), capacity, device, handle,
  34.193 +			     info, sector_size);
  34.194      if (gd == NULL)
  34.195          goto out_bd;
  34.196  
  34.197 -    list_add(&new->list, list);
  34.198 +    list_add(&new->list, &vbds_list);
  34.199  out_bd:
  34.200      bdput(bd);
  34.201  out:
  34.202 @@ -363,27 +322,26 @@ out:
  34.203  
  34.204  static int xlvbd_device_del(struct lvdisk *disk)
  34.205  {
  34.206 -    dev_t device;
  34.207      struct block_device *bd;
  34.208      struct gendisk *gd;
  34.209      struct xlbd_disk_info *di;
  34.210      int ret = 0, unused;
  34.211      request_queue_t *rq;
  34.212  
  34.213 -    device = MKDEV(MAJOR_XEN(disk->device), MINOR_XEN(disk->device));
  34.214 -
  34.215 -    bd = bdget(device);
  34.216 +    bd = bdget(disk->dev);
  34.217      if (bd == NULL)
  34.218          return -1;
  34.219  
  34.220 -    gd = get_gendisk(device, &unused);
  34.221 +    gd = get_gendisk(disk->dev, &unused);
  34.222      di = gd->private_data;
  34.223  
  34.224 +#if 0 /* This is wrong: hda and hdb share same major, for example. */
  34.225      if (di->mi->usage != 0) {
  34.226 -        WPRINTK("disk removal failed: used [dev=%x]\n", device);
  34.227 +        WPRINTK("disk removal failed: used [dev=%x]\n", disk->dev);
  34.228          ret = -1;
  34.229          goto out;
  34.230      }
  34.231 +#endif
  34.232  
  34.233      rq = gd->queue;
  34.234      del_gendisk(gd);
  34.235 @@ -391,110 +349,19 @@ static int xlvbd_device_del(struct lvdis
  34.236      blk_cleanup_queue(rq);
  34.237  
  34.238      xlvbd_device_free(disk);
  34.239 -out:
  34.240      bdput(bd);
  34.241      return ret;
  34.242  }
  34.243  
  34.244 -static int xlvbd_device_update(struct lvdisk *ldisk, vdisk_t *disk)
  34.245 +void xlvbd_del(blkif_vdev_t handle)
  34.246  {
  34.247 -    dev_t device;
  34.248 -    struct block_device *bd;
  34.249 -    struct gendisk *gd;
  34.250 -    int unused;
  34.251 -
  34.252 -    if ((ldisk->capacity == disk->capacity) && (ldisk->info == disk->info))
  34.253 -        return 0;    
  34.254 -
  34.255 -    device = MKDEV(MAJOR_XEN(ldisk->device), MINOR_XEN(ldisk->device));
  34.256 -
  34.257 -    bd = bdget(device);
  34.258 -    if (bd == NULL)
  34.259 -        return -1;
  34.260 -
  34.261 -    gd = get_gendisk(device, &unused);
  34.262 -    set_capacity(gd, disk->capacity);    
  34.263 -    ldisk->capacity = disk->capacity;
  34.264 -
  34.265 -    bdput(bd);
  34.266 -
  34.267 -    return 0;
  34.268 -}
  34.269 -
  34.270 -void xlvbd_refresh(void)
  34.271 -{
  34.272 -    vdisk_t *newdisks;
  34.273 -    struct list_head *tmp, *tmp2;
  34.274 -    struct lvdisk *disk;
  34.275 -    int i, nr;
  34.276 +	struct lvdisk *i;
  34.277  
  34.278 -    newdisks = xlvbd_probe(&nr);
  34.279 -    if (newdisks == NULL) {
  34.280 -        WPRINTK("failed to probe\n");
  34.281 -        return;
  34.282 -    }
  34.283 -    
  34.284 -    i = 0;
  34.285 -    list_for_each_safe(tmp, tmp2, &vbds_list) {
  34.286 -        disk = list_entry(tmp, struct lvdisk, list);
  34.287 -        
  34.288 -        for (i = 0; i < nr; i++) {
  34.289 -            if ( !newdisks[i].device )
  34.290 -                continue;
  34.291 -            if ( disk->device == newdisks[i].device ) {
  34.292 -                xlvbd_device_update(disk, &newdisks[i]);
  34.293 -                newdisks[i].device = 0;
  34.294 -                break;
  34.295 -            }
  34.296 -        }
  34.297 -        if (i == nr) {
  34.298 -            xlvbd_device_del(disk);
  34.299 -            newdisks[i].device = 0;
  34.300 -        }
  34.301 -    }
  34.302 -    for (i = 0; i < nr; i++)
  34.303 -        if ( newdisks[i].device )
  34.304 -            xlvbd_device_add(&vbds_list, &newdisks[i]);
  34.305 -    kfree(newdisks);
  34.306 +	list_for_each_entry(i, &vbds_list, list) {
  34.307 +		if (i->handle == handle) {
  34.308 +			xlvbd_device_del(i);
  34.309 +			return;
  34.310 +		}
  34.311 +	}
  34.312 +	BUG();
  34.313  }
  34.314 -
  34.315 -/*
  34.316 - * xlvbd_update_vbds - reprobes the VBD status and performs updates driver
  34.317 - * state. The VBDs need to be updated in this way when the domain is
  34.318 - * initialised and also each time we receive an XLBLK_UPDATE event.
  34.319 - */
  34.320 -void xlvbd_update_vbds(void)
  34.321 -{
  34.322 -    xlvbd_refresh();
  34.323 -}
  34.324 -
  34.325 -/*
  34.326 - * Set up all the linux device goop for the virtual block devices
  34.327 - * (vbd's) that we know about. Note that although from the backend
  34.328 - * driver's p.o.v. VBDs are addressed simply an opaque 16-bit device
  34.329 - * number, the domain creation tools conventionally allocate these
  34.330 - * numbers to correspond to those used by 'real' linux -- this is just
  34.331 - * for convenience as it means e.g. that the same /etc/fstab can be
  34.332 - * used when booting with or without Xen.
  34.333 - */
  34.334 -int xlvbd_init(void)
  34.335 -{
  34.336 -    int i, nr;
  34.337 -    vdisk_t *disks;
  34.338 -
  34.339 -    INIT_LIST_HEAD(&vbds_list);
  34.340 -
  34.341 -    memset(major_info, 0, sizeof(major_info));
  34.342 -    
  34.343 -    disks = xlvbd_probe(&nr);
  34.344 -    if (disks == NULL) {
  34.345 -        WPRINTK("failed to probe\n");
  34.346 -        return -1;
  34.347 -    }
  34.348 -
  34.349 -    for (i = 0; i < nr; i++)
  34.350 -        xlvbd_device_add(&vbds_list, &disks[i]);
  34.351 -
  34.352 -    kfree(disks);
  34.353 -    return 0;
  34.354 -}
    35.1 --- a/linux-2.6-xen-sparse/drivers/xen/blktap/blktap.h	Thu Aug 18 10:40:02 2005 -0800
    35.2 +++ b/linux-2.6-xen-sparse/drivers/xen/blktap/blktap.h	Fri Aug 19 10:19:28 2005 -0800
    35.3 @@ -87,7 +87,7 @@ typedef struct blkif_st {
    35.4      struct work_struct work;
    35.5  #ifdef CONFIG_XEN_BLKDEV_GRANT
    35.6      u16 shmem_handle;
    35.7 -    memory_t shmem_vaddr;
    35.8 +    unsigned long shmem_vaddr;
    35.9      grant_ref_t shmem_ref;
   35.10  #endif
   35.11  } blkif_t;
    36.1 --- a/linux-2.6-xen-sparse/drivers/xen/blktap/blktap_controlmsg.c	Thu Aug 18 10:40:02 2005 -0800
    36.2 +++ b/linux-2.6-xen-sparse/drivers/xen/blktap/blktap_controlmsg.c	Fri Aug 19 10:19:28 2005 -0800
    36.3 @@ -320,7 +320,7 @@ static void blkif_ptbe_send_interface_co
    36.4      };
    36.5      blkif_fe_interface_connect_t *msg = (void*)cmsg.msg;
    36.6      msg->handle      = 0;
    36.7 -    msg->shmem_frame = virt_to_machine(blktap_be_ring.sring) >> PAGE_SHIFT;
    36.8 +    msg->shmem_frame = virt_to_mfn(blktap_be_ring.sring);
    36.9      
   36.10      ctrl_if_send_message_block(&cmsg, NULL, 0, TASK_UNINTERRUPTIBLE);
   36.11  }
    37.1 --- a/linux-2.6-xen-sparse/drivers/xen/netback/common.h	Thu Aug 18 10:40:02 2005 -0800
    37.2 +++ b/linux-2.6-xen-sparse/drivers/xen/netback/common.h	Fri Aug 19 10:19:28 2005 -0800
    37.3 @@ -49,13 +49,13 @@ typedef struct netif_st {
    37.4      unsigned long    tx_shmem_frame;
    37.5  #ifdef CONFIG_XEN_NETDEV_GRANT_TX
    37.6      u16              tx_shmem_handle;
    37.7 -    memory_t         tx_shmem_vaddr; 
    37.8 +    unsigned long    tx_shmem_vaddr; 
    37.9      grant_ref_t      tx_shmem_ref; 
   37.10  #endif
   37.11      unsigned long    rx_shmem_frame;
   37.12  #ifdef CONFIG_XEN_NETDEV_GRANT_RX
   37.13      u16              rx_shmem_handle;
   37.14 -    memory_t         rx_shmem_vaddr; 
   37.15 +    unsigned long    rx_shmem_vaddr; 
   37.16      grant_ref_t      rx_shmem_ref; 
   37.17  #endif
   37.18      unsigned int     evtchn;
    38.1 --- a/linux-2.6-xen-sparse/drivers/xen/netback/netback.c	Thu Aug 18 10:40:02 2005 -0800
    38.2 +++ b/linux-2.6-xen-sparse/drivers/xen/netback/netback.c	Fri Aug 19 10:19:28 2005 -0800
    38.3 @@ -43,7 +43,7 @@ static void make_tx_response(netif_t *ne
    38.4  static int  make_rx_response(netif_t *netif, 
    38.5                               u16      id, 
    38.6                               s8       st,
    38.7 -                             memory_t addr,
    38.8 +                             unsigned long addr,
    38.9                               u16      size,
   38.10                               u16      csum_valid);
   38.11  
   38.12 @@ -251,7 +251,7 @@ static void net_rx_action(unsigned long 
   38.13  #else
   38.14      struct mmuext_op *mmuext;
   38.15  #endif
   38.16 -    unsigned long vdata, mdata, new_mfn;
   38.17 +    unsigned long vdata, old_mfn, new_mfn;
   38.18      struct sk_buff_head rxq;
   38.19      struct sk_buff *skb;
   38.20      u16 notify_list[NETIF_RX_RING_SIZE];
   38.21 @@ -271,7 +271,7 @@ static void net_rx_action(unsigned long 
   38.22      {
   38.23          netif   = netdev_priv(skb->dev);
   38.24          vdata   = (unsigned long)skb->data;
   38.25 -        mdata   = virt_to_machine(vdata);
   38.26 +        old_mfn = virt_to_mfn(vdata);
   38.27  
   38.28          /* Memory squeeze? Back off for an arbitrary while. */
   38.29          if ( (new_mfn = alloc_mfn()) == 0 )
   38.30 @@ -293,7 +293,7 @@ static void net_rx_action(unsigned long 
   38.31          mcl++;
   38.32  
   38.33  #ifdef CONFIG_XEN_NETDEV_GRANT_RX
   38.34 -        gop->mfn = mdata >> PAGE_SHIFT;
   38.35 +        gop->mfn = old_mfn;
   38.36          gop->domid = netif->domid;
   38.37          gop->handle = netif->rx->ring[
   38.38          MASK_NETIF_RX_IDX(netif->rx_resp_prod_copy)].req.gref;
   38.39 @@ -308,7 +308,7 @@ static void net_rx_action(unsigned long 
   38.40          mcl++;
   38.41  
   38.42          mmuext->cmd = MMUEXT_REASSIGN_PAGE;
   38.43 -        mmuext->mfn = mdata >> PAGE_SHIFT;
   38.44 +        mmuext->mfn = old_mfn;
   38.45          mmuext++;
   38.46  #endif
   38.47          mmu->ptr = (new_mfn << PAGE_SHIFT) | MMU_MACHPHYS_UPDATE;
   38.48 @@ -318,7 +318,7 @@ static void net_rx_action(unsigned long 
   38.49          __skb_queue_tail(&rxq, skb);
   38.50  
   38.51  #ifdef DEBUG_GRANT
   38.52 -        dump_packet('a', mdata, vdata);
   38.53 +        dump_packet('a', old_mfn, vdata);
   38.54  #endif
   38.55          /* Filled the batch queue? */
   38.56          if ( (mcl - rx_mcl) == ARRAY_SIZE(rx_mcl) )
   38.57 @@ -345,10 +345,8 @@ static void net_rx_action(unsigned long 
   38.58  
   38.59      mcl = rx_mcl;
   38.60  #ifdef CONFIG_XEN_NETDEV_GRANT_RX
   38.61 -    if (unlikely(HYPERVISOR_grant_table_op(GNTTABOP_donate,
   38.62 -                                           grant_rx_op, gop - grant_rx_op))) {
   38.63 -        BUG();
   38.64 -    }
   38.65 +    BUG_ON(HYPERVISOR_grant_table_op(
   38.66 +        GNTTABOP_donate, grant_rx_op, gop - grant_rx_op));
   38.67      gop = grant_rx_op;
   38.68  #else
   38.69      mmuext = rx_mmuext;
   38.70 @@ -361,10 +359,9 @@ static void net_rx_action(unsigned long 
   38.71          /* Rederive the machine addresses. */
   38.72          new_mfn = mcl[0].args[1] >> PAGE_SHIFT;
   38.73  #ifdef CONFIG_XEN_NETDEV_GRANT_RX
   38.74 -        mdata = (unsigned long)skb->data & ~PAGE_MASK;
   38.75 +        old_mfn = 0; /* XXX Fix this so we can free_mfn() on error! */
   38.76  #else
   38.77 -        mdata   = ((mmuext[0].mfn << PAGE_SHIFT) |
   38.78 -                   ((unsigned long)skb->data & ~PAGE_MASK));
   38.79 +        old_mfn = mmuext[0].mfn;
   38.80  #endif
   38.81          atomic_set(&(skb_shinfo(skb)->dataref), 1);
   38.82          skb_shinfo(skb)->nr_frags = 0;
   38.83 @@ -379,18 +376,20 @@ static void net_rx_action(unsigned long 
   38.84          /* Check the reassignment error code. */
   38.85          status = NETIF_RSP_OKAY;
   38.86  #ifdef CONFIG_XEN_NETDEV_GRANT_RX
   38.87 -        BUG_ON(gop->status != 0);
   38.88 +        BUG_ON(gop->status != 0); /* XXX */
   38.89  #else
   38.90          if ( unlikely(mcl[1].result != 0) )
   38.91          {
   38.92              DPRINTK("Failed MMU update transferring to DOM%u\n", netif->domid);
   38.93 -            free_mfn(mdata >> PAGE_SHIFT);
   38.94 +            free_mfn(old_mfn);
   38.95              status = NETIF_RSP_ERROR;
   38.96          }
   38.97  #endif
   38.98          evtchn = netif->evtchn;
   38.99          id = netif->rx->ring[MASK_NETIF_RX_IDX(netif->rx_resp_prod)].req.id;
  38.100 -        if ( make_rx_response(netif, id, status, mdata,
  38.101 +        if ( make_rx_response(netif, id, status,
  38.102 +                              (old_mfn << PAGE_SHIFT) | /* XXX */
  38.103 +                              ((unsigned long)skb->data & ~PAGE_MASK),
  38.104                                size, skb->proto_csum_valid) &&
  38.105               (rx_notify[evtchn] == 0) )
  38.106          {
  38.107 @@ -888,7 +887,7 @@ static void make_tx_response(netif_t *ne
  38.108  static int make_rx_response(netif_t *netif, 
  38.109                              u16      id, 
  38.110                              s8       st,
  38.111 -                            memory_t addr,
  38.112 +                            unsigned long addr,
  38.113                              u16      size,
  38.114                              u16      csum_valid)
  38.115  {
    39.1 --- a/linux-2.6-xen-sparse/drivers/xen/netfront/netfront.c	Thu Aug 18 10:40:02 2005 -0800
    39.2 +++ b/linux-2.6-xen-sparse/drivers/xen/netfront/netfront.c	Fri Aug 19 10:19:28 2005 -0800
    39.3 @@ -448,11 +448,10 @@ static void network_alloc_rx_buffers(str
    39.4          }
    39.5          grant_rx_ref[id] = ref;
    39.6          gnttab_grant_foreign_transfer_ref(ref, rdomid,
    39.7 -                                          virt_to_machine(
    39.8 -                                              skb->head) >> PAGE_SHIFT);
    39.9 +                                          virt_to_mfn(skb->head));
   39.10          np->rx->ring[MASK_NETIF_RX_IDX(req_prod + i)].req.gref = ref;
   39.11  #endif
   39.12 -        rx_pfn_array[i] = virt_to_machine(skb->head) >> PAGE_SHIFT;
   39.13 +        rx_pfn_array[i] = virt_to_mfn(skb->head);
   39.14  
   39.15  	/* Remove this page from pseudo phys map before passing back to Xen. */
   39.16  	phys_to_machine_mapping[__pa(skb->head) >> PAGE_SHIFT] 
   39.17 @@ -543,13 +542,14 @@ static int network_start_xmit(struct sk_
   39.18          printk(KERN_ALERT "#### netfront can't claim tx grant reference\n");
   39.19          BUG();
   39.20      }
   39.21 -    mfn = virt_to_machine(skb->data) >> PAGE_SHIFT;
   39.22 +    mfn = virt_to_mfn(skb->data);
   39.23      gnttab_grant_foreign_access_ref(ref, rdomid, mfn, GNTMAP_readonly);
   39.24 -    tx->addr = (ref << PAGE_SHIFT) | ((unsigned long)skb->data & ~PAGE_MASK);
   39.25 +    tx->addr = ref << PAGE_SHIFT;
   39.26      grant_tx_ref[id] = ref;
   39.27  #else
   39.28 -    tx->addr = virt_to_machine(skb->data);
   39.29 +    tx->addr = virt_to_mfn(skb->data) << PAGE_SHIFT;
   39.30  #endif
   39.31 +    tx->addr |= (unsigned long)skb->data & ~PAGE_MASK;
   39.32      tx->size = skb->len;
   39.33      tx->csum_blank = (skb->ip_summed == CHECKSUM_HW);
   39.34  
   39.35 @@ -720,7 +720,7 @@ static int netif_poll(struct net_device 
   39.36      while ((skb = __skb_dequeue(&rxq)) != NULL) {
   39.37  #ifdef GRANT_DEBUG
   39.38          printk(KERN_ALERT "#### rx_poll     dequeue vdata=%p mfn=%lu\n",
   39.39 -               skb->data, virt_to_machine(skb->data)>>PAGE_SHIFT);
   39.40 +               skb->data, virt_to_mfn(skb->data));
   39.41          dump_packet('d', skb->data, (unsigned long)skb->data);
   39.42  #endif
   39.43          /*
   39.44 @@ -854,18 +854,23 @@ static void network_connect(struct net_d
   39.45       * interface has been down.
   39.46       */
   39.47      for (requeue_idx = 0, i = 1; i <= NETIF_TX_RING_SIZE; i++) {
   39.48 -            if ((unsigned long)np->tx_skbs[i] >= __PAGE_OFFSET) {
   39.49 -                struct sk_buff *skb = np->tx_skbs[i];
   39.50 -                
   39.51 -                tx = &np->tx->ring[requeue_idx++].req;
   39.52 -                
   39.53 -                tx->id   = i;
   39.54 -                tx->addr = virt_to_machine(skb->data);
   39.55 -                tx->size = skb->len;
   39.56 -                
   39.57 -                np->stats.tx_bytes += skb->len;
   39.58 -                np->stats.tx_packets++;
   39.59 -            }
   39.60 +        if ((unsigned long)np->tx_skbs[i] >= __PAGE_OFFSET) {
   39.61 +            struct sk_buff *skb = np->tx_skbs[i];
   39.62 +
   39.63 +            tx = &np->tx->ring[requeue_idx++].req;
   39.64 +
   39.65 +            tx->id   = i;
   39.66 +#ifdef CONFIG_XEN_NETDEV_GRANT_TX
   39.67 +            tx->addr = 0; /*(ref << PAGE_SHIFT) |*/
   39.68 +#else
   39.69 +            tx->addr = virt_to_mfn(skb->data) << PAGE_SHIFT;
   39.70 +#endif
   39.71 +            tx->addr |= (unsigned long)skb->data & ~PAGE_MASK;
   39.72 +            tx->size = skb->len;
   39.73 +
   39.74 +            np->stats.tx_bytes += skb->len;
   39.75 +            np->stats.tx_packets++;
   39.76 +        }
   39.77      }
   39.78      wmb();
   39.79      np->tx->req_prod = requeue_idx;
   39.80 @@ -922,7 +927,7 @@ static void send_interface_connect(struc
   39.81      netif_fe_interface_connect_t *msg = (void*)cmsg.msg;
   39.82  
   39.83      msg->handle = np->handle;
   39.84 -    msg->tx_shmem_frame = (virt_to_machine(np->tx) >> PAGE_SHIFT);
   39.85 +    msg->tx_shmem_frame = virt_to_mfn(np->tx);
   39.86  #ifdef CONFIG_XEN_NETDEV_GRANT_TX
   39.87      msg->tx_shmem_ref   = (u32)gnttab_claim_grant_reference(&gref_tx_head, 
   39.88                                                              gref_tx_terminal);
   39.89 @@ -934,7 +939,7 @@ static void send_interface_connect(struc
   39.90                                       msg->tx_shmem_frame, 0);
   39.91  #endif
   39.92  
   39.93 -    msg->rx_shmem_frame = (virt_to_machine(np->rx) >> PAGE_SHIFT);
   39.94 +    msg->rx_shmem_frame = virt_to_mfn(np->rx);
   39.95  #ifdef CONFIG_XEN_NETDEV_GRANT_RX
   39.96      msg->rx_shmem_ref   = (u32)gnttab_claim_grant_reference(&gref_rx_head, 
   39.97                                                              gref_rx_terminal);
    40.1 --- a/linux-2.6-xen-sparse/drivers/xen/usbback/usbback.c	Thu Aug 18 10:40:02 2005 -0800
    40.2 +++ b/linux-2.6-xen-sparse/drivers/xen/usbback/usbback.c	Fri Aug 19 10:19:28 2005 -0800
    40.3 @@ -657,8 +657,8 @@ static void dispatch_usb_io(usbif_priv_t
    40.4          phys_to_machine_mapping[__pa(MMAP_VADDR(pending_idx, i))>>PAGE_SHIFT] =
    40.5              FOREIGN_FRAME((buffer_mach + offset) >> PAGE_SHIFT);
    40.6  
    40.7 -        ASSERT(virt_to_machine(MMAP_VADDR(pending_idx, i))
    40.8 -               == buffer_mach + i << PAGE_SHIFT);
    40.9 +        ASSERT(virt_to_mfn(MMAP_VADDR(pending_idx, i))
   40.10 +               == ((buffer_mach >> PAGE_SHIFT) + i));
   40.11      }
   40.12  
   40.13      if ( req->pipe_type == 0 && req->num_iso > 0 ) /* Maybe schedule ISO... */
    41.1 --- a/linux-2.6-xen-sparse/drivers/xen/usbfront/usbfront.c	Thu Aug 18 10:40:02 2005 -0800
    41.2 +++ b/linux-2.6-xen-sparse/drivers/xen/usbfront/usbfront.c	Fri Aug 19 10:19:28 2005 -0800
    41.3 @@ -195,7 +195,7 @@ static int xhci_construct_isoc(usbif_req
    41.4          }
    41.5  
    41.6          urb_priv->schedule = schedule;
    41.7 -	req->iso_schedule = virt_to_machine(schedule);
    41.8 +	req->iso_schedule = virt_to_mfn(schedule) << PAGE_SHIFT;
    41.9  
   41.10          return 0;
   41.11  }
   41.12 @@ -212,7 +212,7 @@ static int xhci_queue_req(struct urb *ur
   41.13  #if DEBUG
   41.14          printk(KERN_DEBUG
   41.15                 "usbif = %p, req_prod = %d (@ 0x%lx), resp_prod = %d, resp_cons = %d\n",
   41.16 -               usbif, usbif->req_prod, virt_to_machine(&usbif->req_prod),
   41.17 +               usbif, usbif->req_prod, virt_to_mfn(&usbif->req_prod),
   41.18                 usbif->resp_prod, xhci->usb_resp_cons);
   41.19  #endif
   41.20          
   41.21 @@ -232,7 +232,7 @@ static int xhci_queue_req(struct urb *ur
   41.22          req->operation       = USBIF_OP_IO;
   41.23          req->port            = 0; /* We don't care what the port is. */
   41.24          req->id              = (unsigned long) urb->hcpriv;
   41.25 -        req->transfer_buffer = virt_to_machine(urb->transfer_buffer);
   41.26 +        req->transfer_buffer = virt_to_mfn(urb->transfer_buffer) << PAGE_SHIFT;
   41.27  	req->devnum          = usb_pipedevice(urb->pipe);
   41.28          req->direction       = usb_pipein(urb->pipe);
   41.29  	req->speed           = usb_pipeslow(urb->pipe);
   41.30 @@ -280,7 +280,7 @@ static inline usbif_request_t *xhci_queu
   41.31  	printk(KERN_DEBUG
   41.32                 "queuing probe: req_prod = %d (@ 0x%lx), resp_prod = %d, "
   41.33                 "resp_cons = %d\n", usbif->req_prod,
   41.34 -               virt_to_machine(&usbif->req_prod),
   41.35 +               virt_to_mfn(&usbif->req_prod),
   41.36  	       usbif->resp_prod, xhci->usb_resp_cons);
   41.37  #endif
   41.38   
   41.39 @@ -1555,7 +1555,7 @@ static void usbif_status_change(usbif_fe
   41.40          cmsg.type      = CMSG_USBIF_FE;
   41.41          cmsg.subtype   = CMSG_USBIF_FE_INTERFACE_CONNECT;
   41.42          cmsg.length    = sizeof(usbif_fe_interface_connect_t);
   41.43 -        up.shmem_frame = virt_to_machine(sring) >> PAGE_SHIFT;
   41.44 +        up.shmem_frame = virt_to_mfn(sring);
   41.45          memcpy(cmsg.msg, &up, sizeof(up));
   41.46          
   41.47          /* Tell the controller to bring up the interface. */
   41.48 @@ -1599,7 +1599,7 @@ static void usbif_status_change(usbif_fe
   41.49  
   41.50  	DPRINTK(KERN_INFO __FILE__
   41.51                  ": USB XHCI: SHM at %p (0x%lx), EVTCHN %d\n",
   41.52 -                xhci->usb_ring.sring, virt_to_machine(xhci->usbif),
   41.53 +                xhci->usb_ring.sring, virt_to_mfn(xhci->usbif),
   41.54                  xhci->evtchn);
   41.55  
   41.56          xhci->state = USBIF_STATE_CONNECTED;
    42.1 --- a/linux-2.6-xen-sparse/drivers/xen/xenbus/xenbus_comms.c	Thu Aug 18 10:40:02 2005 -0800
    42.2 +++ b/linux-2.6-xen-sparse/drivers/xen/xenbus/xenbus_comms.c	Fri Aug 19 10:19:28 2005 -0800
    42.3 @@ -48,13 +48,12 @@ DECLARE_WAIT_QUEUE_HEAD(xb_waitq);
    42.4  
    42.5  static inline struct ringbuf_head *outbuf(void)
    42.6  {
    42.7 -	return machine_to_virt(xen_start_info.store_mfn << PAGE_SHIFT);
    42.8 +	return mfn_to_virt(xen_start_info.store_mfn);
    42.9  }
   42.10  
   42.11  static inline struct ringbuf_head *inbuf(void)
   42.12  {
   42.13 -	return machine_to_virt(xen_start_info.store_mfn << PAGE_SHIFT)
   42.14 -		+ PAGE_SIZE/2;
   42.15 +	return mfn_to_virt(xen_start_info.store_mfn) + PAGE_SIZE/2;
   42.16  }
   42.17  
   42.18  static irqreturn_t wake_waiting(int irq, void *unused, struct pt_regs *regs)
   42.19 @@ -219,8 +218,7 @@ int xb_init_comms(void)
   42.20  	}
   42.21  
   42.22  	/* FIXME zero out page -- domain builder should probably do this*/
   42.23 -	memset(machine_to_virt(xen_start_info.store_mfn << PAGE_SHIFT),
   42.24 -	       0, PAGE_SIZE);
   42.25 +	memset(mfn_to_virt(xen_start_info.store_mfn), 0, PAGE_SIZE);
   42.26  
   42.27  	return 0;
   42.28  }
    43.1 --- a/linux-2.6-xen-sparse/drivers/xen/xenbus/xenbus_probe.c	Thu Aug 18 10:40:02 2005 -0800
    43.2 +++ b/linux-2.6-xen-sparse/drivers/xen/xenbus/xenbus_probe.c	Fri Aug 19 10:19:28 2005 -0800
    43.3 @@ -48,15 +48,7 @@ static const struct xenbus_device_id *
    43.4  match_device(const struct xenbus_device_id *arr, struct xenbus_device *dev)
    43.5  {
    43.6  	for (; !streq(arr->devicetype, ""); arr++) {
    43.7 -		if (!streq(arr->devicetype, dev->devicetype))
    43.8 -			continue;
    43.9 -
   43.10 -		/* If they don't care what subtype, it's a match. */
   43.11 -		if (streq(arr->subtype, ""))
   43.12 -			return arr;
   43.13 -
   43.14 -		/* If they care, device must have (same) subtype. */
   43.15 -		if (dev->subtype && streq(arr->subtype, dev->subtype))
   43.16 +		if (streq(arr->devicetype, dev->devicetype))
   43.17  			return arr;
   43.18  	}
   43.19  	return NULL;
   43.20 @@ -72,10 +64,102 @@ static int xenbus_match(struct device *_
   43.21  	return match_device(drv->ids, to_xenbus_device(_dev)) != NULL;
   43.22  }
   43.23  
   43.24 +struct xen_bus_type
   43.25 +{
   43.26 +	char *root;
   43.27 +	unsigned int levels;
   43.28 +	int (*get_bus_id)(char bus_id[BUS_ID_SIZE], const char *nodename);
   43.29 +	int (*probe)(const char *type, const char *dir);
   43.30 +	struct bus_type bus;
   43.31 +	struct device dev;
   43.32 +};
   43.33 +
   43.34 +/* device/<type>/<id> => <type>-<id> */
   43.35 +static int frontend_bus_id(char bus_id[BUS_ID_SIZE], const char *nodename)
   43.36 +{
   43.37 +	nodename = strchr(nodename, '/');
   43.38 +	if (!nodename || strlen(nodename + 1) >= BUS_ID_SIZE) {
   43.39 +		printk(KERN_WARNING "XENBUS: bad frontend %s\n", nodename);
   43.40 +		return -EINVAL;
   43.41 +	}
   43.42 +
   43.43 +	strlcpy(bus_id, nodename + 1, BUS_ID_SIZE);
   43.44 +	if (!strchr(bus_id, '/')) {
   43.45 +		printk(KERN_WARNING "XENBUS: bus_id %s no slash\n", bus_id);
   43.46 +		return -EINVAL;
   43.47 +	}
   43.48 +	*strchr(bus_id, '/') = '-';
   43.49 +	return 0;
   43.50 +}
   43.51 +
   43.52  /* Bus type for frontend drivers. */
   43.53 -static struct bus_type xenbus_type = {
   43.54 -	.name  = "xenbus",
   43.55 -	.match = xenbus_match,
   43.56 +static int xenbus_probe_frontend(const char *type, const char *name);
   43.57 +static struct xen_bus_type xenbus_frontend = {
   43.58 +	.root = "device",
   43.59 +	.levels = 2, 		/* device/type/<id> */
   43.60 +	.get_bus_id = frontend_bus_id,
   43.61 +	.probe = xenbus_probe_frontend,
   43.62 +	.bus = {
   43.63 +		.name  = "xen",
   43.64 +		.match = xenbus_match,
   43.65 +	},
   43.66 +	.dev = {
   43.67 +		.bus_id = "xen",
   43.68 +	},
   43.69 +};
   43.70 +
   43.71 +/* backend/<type>/<fe-uuid>/<id> => <type>-<fe-domid>-<id> */
   43.72 +static int backend_bus_id(char bus_id[BUS_ID_SIZE], const char *nodename)
   43.73 +{
   43.74 +	int domid, err;
   43.75 +	const char *devid, *type, *frontend;
   43.76 +	unsigned int typelen;
   43.77 +
   43.78 +	type = strchr(nodename, '/');
   43.79 +	if (!type)
   43.80 +		return -EINVAL;
   43.81 +	type++;
   43.82 +	typelen = strcspn(type, "/");
   43.83 +	if (!typelen || type[typelen] != '/')
   43.84 +		return -EINVAL;
   43.85 +
   43.86 +	devid = strrchr(nodename, '/') + 1;
   43.87 +
   43.88 +	err = xenbus_gather(nodename, "frontend-id", "%i", &domid,
   43.89 +			    "frontend", NULL, &frontend,
   43.90 +			    NULL);
   43.91 +	if (err)
   43.92 +		return err;
   43.93 +	if (strlen(frontend) == 0)
   43.94 +		err = -ERANGE;
   43.95 +
   43.96 +	if (!err && !xenbus_exists(frontend, ""))
   43.97 +		err = -ENOENT;
   43.98 +
   43.99 +	if (err) {
  43.100 +		kfree(frontend);
  43.101 +		return err;
  43.102 +	}
  43.103 +
  43.104 +	if (snprintf(bus_id, BUS_ID_SIZE,
  43.105 +		     "%.*s-%i-%s", typelen, type, domid, devid) >= BUS_ID_SIZE)
  43.106 +		return -ENOSPC;
  43.107 +	return 0;
  43.108 +}
  43.109 +
  43.110 +static int xenbus_probe_backend(const char *type, const char *uuid);
  43.111 +static struct xen_bus_type xenbus_backend = {
  43.112 +	.root = "backend",
  43.113 +	.levels = 3, 		/* backend/type/<frontend>/<id> */
  43.114 +	.get_bus_id = backend_bus_id,
  43.115 +	.probe = xenbus_probe_backend,
  43.116 +	.bus = {
  43.117 +		.name  = "xen-backend",
  43.118 +		.match = xenbus_match,
  43.119 +	},
  43.120 +	.dev = {
  43.121 +		.bus_id = "xen-backend",
  43.122 +	},
  43.123  };
  43.124  
  43.125  static int xenbus_dev_probe(struct device *_dev)
  43.126 @@ -104,12 +188,13 @@ static int xenbus_dev_remove(struct devi
  43.127  	return drv->remove(dev);
  43.128  }
  43.129  
  43.130 -int xenbus_register_driver(struct xenbus_driver *drv)
  43.131 +static int xenbus_register_driver(struct xenbus_driver *drv,
  43.132 +				  struct xen_bus_type *bus)
  43.133  {
  43.134  	int err;
  43.135  
  43.136  	drv->driver.name = drv->name;
  43.137 -	drv->driver.bus = &xenbus_type;
  43.138 +	drv->driver.bus = &bus->bus;
  43.139  	drv->driver.owner = drv->owner;
  43.140  	drv->driver.probe = xenbus_dev_probe;
  43.141  	drv->driver.remove = xenbus_dev_remove;
  43.142 @@ -120,6 +205,16 @@ int xenbus_register_driver(struct xenbus
  43.143  	return err;
  43.144  }
  43.145  
  43.146 +int xenbus_register_device(struct xenbus_driver *drv)
  43.147 +{
  43.148 +	return xenbus_register_driver(drv, &xenbus_frontend);
  43.149 +}
  43.150 +
  43.151 +int xenbus_register_backend(struct xenbus_driver *drv)
  43.152 +{
  43.153 +	return xenbus_register_driver(drv, &xenbus_backend);
  43.154 +}
  43.155 +
  43.156  void xenbus_unregister_driver(struct xenbus_driver *drv)
  43.157  {
  43.158  	down(&xenbus_lock);
  43.159 @@ -130,52 +225,98 @@ void xenbus_unregister_driver(struct xen
  43.160  struct xb_find_info
  43.161  {
  43.162  	struct xenbus_device *dev;
  43.163 -	const char *busid;
  43.164 +	const char *nodename;
  43.165  };
  43.166  
  43.167  static int cmp_dev(struct device *dev, void *data)
  43.168  {
  43.169 +	struct xenbus_device *xendev = to_xenbus_device(dev);
  43.170  	struct xb_find_info *info = data;
  43.171  
  43.172 -	if (streq(dev->bus_id, info->busid)) {
  43.173 -		info->dev = container_of(get_device(dev),
  43.174 -					 struct xenbus_device, dev);
  43.175 +	if (streq(xendev->nodename, info->nodename)) {
  43.176 +		info->dev = xendev;
  43.177 +		get_device(dev);
  43.178  		return 1;
  43.179  	}
  43.180  	return 0;
  43.181  }
  43.182  
  43.183 -/* FIXME: device_find is fixed in 2.6.13-rc2 according to Greg KH --RR */
  43.184 -struct xenbus_device *xenbus_device_find(const char *busid)
  43.185 +struct xenbus_device *xenbus_device_find(const char *nodename,
  43.186 +					 struct bus_type *bus)
  43.187  {
  43.188 -	struct xb_find_info info = { .dev = NULL, .busid = busid };
  43.189 +	struct xb_find_info info = { .dev = NULL, .nodename = nodename };
  43.190  
  43.191 -	bus_for_each_dev(&xenbus_type, NULL, &info, cmp_dev);
  43.192 +	bus_for_each_dev(bus, NULL, &info, cmp_dev);
  43.193  	return info.dev;
  43.194  }
  43.195  
  43.196 +static int cleanup_dev(struct device *dev, void *data)
  43.197 +{
  43.198 +	struct xenbus_device *xendev = to_xenbus_device(dev);
  43.199 +	struct xb_find_info *info = data;
  43.200 +	int len = strlen(info->nodename);
  43.201 +
  43.202 +	if (!strncmp(xendev->nodename, info->nodename, len)) {
  43.203 +		info->dev = xendev;
  43.204 +		get_device(dev);
  43.205 +		return 1;
  43.206 +	}
  43.207 +	return 0;
  43.208 +}
  43.209 +
  43.210 +static void xenbus_cleanup_devices(const char *path, struct bus_type *bus)
  43.211 +{
  43.212 +	struct xb_find_info info = { .nodename = path };
  43.213 +
  43.214 +	do {
  43.215 +		info.dev = NULL;
  43.216 +		bus_for_each_dev(bus, NULL, &info, cleanup_dev);
  43.217 +		if (info.dev) {
  43.218 +			device_unregister(&info.dev->dev);
  43.219 +			put_device(&info.dev->dev);
  43.220 +		}
  43.221 +	} while (info.dev);
  43.222 +}
  43.223  
  43.224  static void xenbus_release_device(struct device *dev)
  43.225  {
  43.226  	if (dev) {
  43.227  		struct xenbus_device *xendev = to_xenbus_device(dev);
  43.228  
  43.229 -		kfree(xendev->subtype);
  43.230  		kfree(xendev);
  43.231  	}
  43.232  }
  43.233 -/* devices/<typename>/<name> */
  43.234 -static int xenbus_probe_device(const char *dirpath, const char *devicetype,
  43.235 -			       const char *name)
  43.236 +
  43.237 +/* Simplified asprintf. */
  43.238 +static char *kasprintf(const char *fmt, ...)
  43.239 +{
  43.240 +	va_list ap;
  43.241 +	unsigned int len;
  43.242 +	char *p, dummy[1];
  43.243 +
  43.244 +	va_start(ap, fmt);
  43.245 +	/* FIXME: vsnprintf has a bug, NULL should work */
  43.246 +	len = vsnprintf(dummy, 0, fmt, ap);
  43.247 +	va_end(ap);
  43.248 +
  43.249 +	p = kmalloc(len + 1, GFP_KERNEL);
  43.250 +	if (!p)
  43.251 +		return NULL;
  43.252 +	va_start(ap, fmt);
  43.253 +	vsprintf(p, fmt, ap);
  43.254 +	va_end(ap);
  43.255 +	return p;
  43.256 +}
  43.257 +
  43.258 +static int xenbus_probe_node(struct xen_bus_type *bus,
  43.259 +			     const char *type,
  43.260 +			     const char *nodename)
  43.261  {
  43.262  	int err;
  43.263  	struct xenbus_device *xendev;
  43.264  	unsigned int stringlen;
  43.265  
  43.266 -	/* Nodename: /device/<typename>/<name>/ */
  43.267 -	stringlen = strlen(dirpath) + strlen(devicetype) + strlen(name) + 3;
  43.268 -	/* Typename */
  43.269 -	stringlen += strlen(devicetype) + 1;
  43.270 +	stringlen = strlen(nodename) + 1 + strlen(type) + 1;
  43.271  	xendev = kmalloc(sizeof(*xendev) + stringlen, GFP_KERNEL);
  43.272  	if (!xendev)
  43.273  		return -ENOMEM;
  43.274 @@ -183,38 +324,103 @@ static int xenbus_probe_device(const cha
  43.275  
  43.276  	/* Copy the strings into the extra space. */
  43.277  	xendev->nodename = (char *)(xendev + 1);
  43.278 -	sprintf(xendev->nodename, "%s/%s/%s", dirpath, devicetype, name);
  43.279 +	strcpy(xendev->nodename, nodename);
  43.280  	xendev->devicetype = xendev->nodename + strlen(xendev->nodename) + 1;
  43.281 -	strcpy(xendev->devicetype, devicetype);
  43.282 +	strcpy(xendev->devicetype, type);
  43.283  
  43.284 -	/* FIXME: look for "subtype" field. */
  43.285 -	snprintf(xendev->dev.bus_id, BUS_ID_SIZE, "%s-%s", devicetype, name);
  43.286 -	xendev->dev.bus = &xenbus_type;
  43.287 +	xendev->dev.parent = &bus->dev;
  43.288 +	xendev->dev.bus = &bus->bus;
  43.289  	xendev->dev.release = xenbus_release_device;
  43.290  
  43.291 +	err = bus->get_bus_id(xendev->dev.bus_id, xendev->nodename);
  43.292 +	if (err) {
  43.293 +		kfree(xendev);
  43.294 +		return err;
  43.295 +	}
  43.296 +
  43.297  	/* Register with generic device framework. */
  43.298  	err = device_register(&xendev->dev);
  43.299  	if (err) {
  43.300 -		printk("XENBUS: Registering device %s: error %i\n",
  43.301 -		       xendev->dev.bus_id, err);
  43.302 +		printk("XENBUS: Registering %s device %s: error %i\n",
  43.303 +		       bus->bus.name, xendev->dev.bus_id, err);
  43.304  		kfree(xendev);
  43.305  	}
  43.306  	return err;
  43.307  }
  43.308  
  43.309 -static int xenbus_probe_device_type(const char *dirpath, const char *typename)
  43.310 +/* device/<typename>/<name> */
  43.311 +static int xenbus_probe_frontend(const char *type, const char *name)
  43.312 +{
  43.313 +	char *nodename;
  43.314 +	int err;
  43.315 +
  43.316 +	nodename = kasprintf("%s/%s/%s", xenbus_frontend.root, type, name);
  43.317 +	if (!nodename)
  43.318 +		return -ENOMEM;
  43.319 +	
  43.320 +	err = xenbus_probe_node(&xenbus_frontend, type, nodename);
  43.321 +	kfree(nodename);
  43.322 +	return err;
  43.323 +}
  43.324 +
  43.325 +/* backend/<typename>/<frontend-uuid>/<name> */
  43.326 +static int xenbus_probe_backend_unit(const char *dir,
  43.327 +				     const char *type,
  43.328 +				     const char *name)
  43.329 +{
  43.330 +	char *nodename;
  43.331 +	int err;
  43.332 +
  43.333 +	nodename = kasprintf("%s/%s", dir, name);
  43.334 +	if (!nodename)
  43.335 +		return -ENOMEM;
  43.336 +
  43.337 +	err = xenbus_probe_node(&xenbus_backend, type, nodename);
  43.338 +	kfree(nodename);
  43.339 +	return err;
  43.340 +}
  43.341 +
  43.342 +/* backend/<typename>/<frontend-uuid> */
  43.343 +static int xenbus_probe_backend(const char *type, const char *uuid)
  43.344 +{
  43.345 +	char *nodename;
  43.346 +	int err = 0;
  43.347 +	char **dir;
  43.348 +	unsigned int i, dir_n = 0;
  43.349 +
  43.350 +	nodename = kasprintf("%s/%s/%s", xenbus_backend.root, type, uuid);
  43.351 +	if (!nodename)
  43.352 +		return -ENOMEM;
  43.353 +
  43.354 +	dir = xenbus_directory(nodename, "", &dir_n);
  43.355 +	if (IS_ERR(dir)) {
  43.356 +		kfree(nodename);
  43.357 +		return PTR_ERR(dir);
  43.358 +	}
  43.359 +
  43.360 +	for (i = 0; i < dir_n; i++) {
  43.361 +		err = xenbus_probe_backend_unit(nodename, type, dir[i]);
  43.362 +		if (err)
  43.363 +			break;
  43.364 +	}
  43.365 +	kfree(dir);
  43.366 +	kfree(nodename);
  43.367 +	return err;
  43.368 +}
  43.369 +
  43.370 +static int xenbus_probe_device_type(struct xen_bus_type *bus, const char *type)
  43.371  {
  43.372  	int err = 0;
  43.373  	char **dir;
  43.374  	unsigned int dir_n = 0;
  43.375  	int i;
  43.376  
  43.377 -	dir = xenbus_directory(dirpath, typename, &dir_n);
  43.378 +	dir = xenbus_directory(bus->root, type, &dir_n);
  43.379  	if (IS_ERR(dir))
  43.380  		return PTR_ERR(dir);
  43.381  
  43.382  	for (i = 0; i < dir_n; i++) {
  43.383 -		err = xenbus_probe_device(dirpath, typename, dir[i]);
  43.384 +		err = bus->probe(type, dir[i]);
  43.385  		if (err)
  43.386  			break;
  43.387  	}
  43.388 @@ -222,18 +428,18 @@ static int xenbus_probe_device_type(cons
  43.389  	return err;
  43.390  }
  43.391  
  43.392 -static int xenbus_probe_devices(const char *path)
  43.393 +static int xenbus_probe_devices(struct xen_bus_type *bus)
  43.394  {
  43.395  	int err = 0;
  43.396  	char **dir;
  43.397  	unsigned int i, dir_n;
  43.398  
  43.399 -	dir = xenbus_directory(path, "", &dir_n);
  43.400 +	dir = xenbus_directory(bus->root, "", &dir_n);
  43.401  	if (IS_ERR(dir))
  43.402  		return PTR_ERR(dir);
  43.403  
  43.404  	for (i = 0; i < dir_n; i++) {
  43.405 -		err = xenbus_probe_device_type(path, dir[i]);
  43.406 +		err = xenbus_probe_device_type(bus, dir[i]);
  43.407  		if (err)
  43.408  			break;
  43.409  	}
  43.410 @@ -251,58 +457,117 @@ static unsigned int char_count(const cha
  43.411  	return ret;
  43.412  }
  43.413  
  43.414 -static void dev_changed(struct xenbus_watch *watch, const char *node)
  43.415 +static int strsep_len(const char *str, char c, unsigned int len)
  43.416  {
  43.417 -	char busid[BUS_ID_SIZE];
  43.418 -	int exists;
  43.419 -	struct xenbus_device *dev;
  43.420 -	char *p;
  43.421 +	unsigned int i;
  43.422  
  43.423 -	/* Node is of form device/<type>/<identifier>[/...] */
  43.424 -	if (char_count(node, '/') != 2)
  43.425 -		return;
  43.426 +	for (i = 0; str[i]; i++)
  43.427 +		if (str[i] == c) {
  43.428 +			if (len == 0)
  43.429 +				return i;
  43.430 +			len--;
  43.431 +		}
  43.432 +	return (len == 0) ? i : -ERANGE;
  43.433 +}
  43.434  
  43.435 -	/* Created or deleted? */
  43.436 -	exists = xenbus_exists(node, "");
  43.437 +static void dev_changed(const char *node, struct xen_bus_type *bus)
  43.438 +{
  43.439 +	int exists, rootlen;
  43.440 +	struct xenbus_device *dev;
  43.441 +	char type[BUS_ID_SIZE];
  43.442 +	const char *p, *root;
  43.443  
  43.444 -	p = strchr(node, '/') + 1;
  43.445 -	if (strlen(p) + 1 > BUS_ID_SIZE) {
  43.446 -		printk("Device for node %s is too big!\n", node);
  43.447 +	if (char_count(node, '/') < 2)
  43.448 + 		return;
  43.449 +
  43.450 +	exists = xenbus_exists(node, "");
  43.451 +	if (!exists) {
  43.452 +		xenbus_cleanup_devices(node, &bus->bus);
  43.453  		return;
  43.454  	}
  43.455 -	/* Bus ID is name with / changed to - */
  43.456 -	strcpy(busid, p);
  43.457 -	*strchr(busid, '/') = '-';
  43.458  
  43.459 -	dev = xenbus_device_find(busid);
  43.460 -	printk("xenbus: device %s %s\n", busid, dev ? "exists" : "new");
  43.461 -	if (dev && !exists) {
  43.462 -		printk("xenbus: Unregistering device %s\n", busid);
  43.463 -		/* FIXME: free? */
  43.464 -		device_unregister(&dev->dev);
  43.465 -	} else if (!dev && exists) {
  43.466 -		printk("xenbus: Adding device %s\n", busid);
  43.467 -		/* Hack bus id back into two strings. */
  43.468 -		*strrchr(busid, '-') = '\0';
  43.469 -		xenbus_probe_device("device", busid, busid+strlen(busid)+1);
  43.470 -	} else
  43.471 -		printk("xenbus: strange, %s already %s\n", busid,
  43.472 -		       exists ? "exists" : "gone");
  43.473 -	if (dev)
  43.474 +	/* backend/<type>/... or device/<type>/... */
  43.475 +	p = strchr(node, '/') + 1;
  43.476 +	snprintf(type, BUS_ID_SIZE, "%.*s", strcspn(p, "/"), p);
  43.477 +	type[BUS_ID_SIZE-1] = '\0';
  43.478 +
  43.479 +	rootlen = strsep_len(node, '/', bus->levels);
  43.480 +	if (rootlen < 0)
  43.481 +		return;
  43.482 +	root = kasprintf("%.*s", rootlen, node);
  43.483 +	if (!root)
  43.484 +		return;
  43.485 +
  43.486 +	dev = xenbus_device_find(root, &bus->bus);
  43.487 +	if (!dev)
  43.488 +		xenbus_probe_node(bus, type, root);
  43.489 +	else
  43.490  		put_device(&dev->dev);
  43.491 +
  43.492 +	kfree(root);
  43.493 +}
  43.494 +
  43.495 +static void frontend_changed(struct xenbus_watch *watch, const char *node)
  43.496 +{
  43.497 +	dev_changed(node, &xenbus_frontend);
  43.498 +}
  43.499 +
  43.500 +static void backend_changed(struct xenbus_watch *watch, const char *node)
  43.501 +{
  43.502 +	dev_changed(node, &xenbus_backend);
  43.503  }
  43.504  
  43.505  /* We watch for devices appearing and vanishing. */
  43.506 -static struct xenbus_watch dev_watch = {
  43.507 -	/* FIXME: Ideally we'd only watch for changes 2 levels deep... */
  43.508 +static struct xenbus_watch fe_watch = {
  43.509  	.node = "device",
  43.510 -	.callback = dev_changed,
  43.511 +	.callback = frontend_changed,
  43.512  };
  43.513  
  43.514 +static struct xenbus_watch be_watch = {
  43.515 +	.node = "backend",
  43.516 +	.callback = backend_changed,
  43.517 +};
  43.518 +
  43.519 +static int suspend_dev(struct device *dev, void *data)
  43.520 +{
  43.521 +	int err = 0;
  43.522 +	struct xenbus_driver *drv;
  43.523 +	struct xenbus_device *xdev;
  43.524 +
  43.525 +	if (dev->driver == NULL)
  43.526 +		return 0;
  43.527 +	drv = to_xenbus_driver(dev->driver);
  43.528 +	xdev = container_of(dev, struct xenbus_device, dev);
  43.529 +	if (drv->suspend)
  43.530 +		err = drv->suspend(xdev);
  43.531 +	if (err)
  43.532 +		printk("xenbus: suspend %s failed: %i\n", dev->bus_id, err);
  43.533 +	return 0;
  43.534 +}
  43.535 +
  43.536 +static int resume_dev(struct device *dev, void *data)
  43.537 +{
  43.538 +	int err = 0;
  43.539 +	struct xenbus_driver *drv;
  43.540 +	struct xenbus_device *xdev;
  43.541 +
  43.542 +	if (dev->driver == NULL)
  43.543 +		return 0;
  43.544 +	drv = to_xenbus_driver(dev->driver);
  43.545 +	xdev = container_of(dev, struct xenbus_device, dev);
  43.546 +	if (drv->resume)
  43.547 +		err = drv->resume(xdev);
  43.548 +	if (err)
  43.549 +		printk("xenbus: resume %s failed: %i\n", dev->bus_id, err);
  43.550 +	return 0;
  43.551 +}
  43.552 +
  43.553  void xenbus_suspend(void)
  43.554  {
  43.555  	/* We keep lock, so no comms can happen as page moves. */
  43.556  	down(&xenbus_lock);
  43.557 +	bus_for_each_dev(&xenbus_frontend.bus, NULL, NULL, suspend_dev);
  43.558 +	bus_for_each_dev(&xenbus_backend.bus, NULL, NULL, suspend_dev);
  43.559  	xb_suspend_comms();
  43.560  }
  43.561  
  43.562 @@ -310,6 +575,8 @@ void xenbus_resume(void)
  43.563  {
  43.564  	xb_init_comms();
  43.565  	reregister_xenbus_watches();
  43.566 +	bus_for_each_dev(&xenbus_frontend.bus, NULL, NULL, resume_dev);
  43.567 +	bus_for_each_dev(&xenbus_backend.bus, NULL, NULL, resume_dev);
  43.568  	up(&xenbus_lock);
  43.569  }
  43.570  
  43.571 @@ -354,30 +621,23 @@ int do_xenbus_probe(void *unused)
  43.572  	}
  43.573  
  43.574  	down(&xenbus_lock);
  43.575 -	err = notifier_call_chain(&xenstore_chain, 0, 0);
  43.576 -	up(&xenbus_lock);
  43.577 -
  43.578 -	if (err == NOTIFY_BAD) {
  43.579 -		printk("%s: calling xenstore notify chain failed\n",
  43.580 -		       __FUNCTION__);
  43.581 -		return -EINVAL;
  43.582 -	}
  43.583 -
  43.584 -	err = 0;
  43.585 -
  43.586 -	down(&xenbus_lock);
  43.587  	/* Enumerate devices in xenstore. */
  43.588 -	xenbus_probe_devices("device");
  43.589 +	xenbus_probe_devices(&xenbus_frontend);
  43.590 +	xenbus_probe_devices(&xenbus_backend);
  43.591  	/* Watch for changes. */
  43.592 -	register_xenbus_watch(&dev_watch);
  43.593 +	register_xenbus_watch(&fe_watch);
  43.594 +	register_xenbus_watch(&be_watch);
  43.595  	up(&xenbus_lock);
  43.596  	return 0;
  43.597  }
  43.598  
  43.599  static int __init xenbus_probe_init(void)
  43.600  {
  43.601 -	bus_register(&xenbus_type);
  43.602 -
  43.603 +	bus_register(&xenbus_frontend.bus);
  43.604 +	bus_register(&xenbus_backend.bus);
  43.605 +	device_register(&xenbus_frontend.dev);
  43.606 +	device_register(&xenbus_backend.dev);
  43.607 +	
  43.608  	if (!xen_start_info.store_evtchn)
  43.609  		return 0;
  43.610  
    44.1 --- a/linux-2.6-xen-sparse/drivers/xen/xenbus/xenbus_xs.c	Thu Aug 18 10:40:02 2005 -0800
    44.2 +++ b/linux-2.6-xen-sparse/drivers/xen/xenbus/xenbus_xs.c	Fri Aug 19 10:19:28 2005 -0800
    44.3 @@ -187,6 +187,7 @@ static char *join(const char *dir, const
    44.4  	static char buffer[4096];
    44.5  
    44.6  	BUG_ON(down_trylock(&xenbus_lock) == 0);
    44.7 +	/* XXX FIXME: might not be correct if name == "" */
    44.8  	BUG_ON(strlen(dir) + strlen("/") + strlen(name) + 1 > sizeof(buffer));
    44.9  
   44.10  	strcpy(buffer, dir);
   44.11 @@ -399,9 +400,12 @@ int xenbus_gather(const char *dir, ...)
   44.12  			ret = PTR_ERR(p);
   44.13  			break;
   44.14  		}
   44.15 -		if (sscanf(p, fmt, result) == 0)
   44.16 -			ret = -EINVAL;
   44.17 -		kfree(p);
   44.18 +		if (fmt) {
   44.19 +			if (sscanf(p, fmt, result) == 0)
   44.20 +				ret = -EINVAL;
   44.21 +			kfree(p);
   44.22 +		} else
   44.23 +			*(char **)result = p;
   44.24  	}
   44.25  	va_end(ap);
   44.26  	return ret;
    45.1 --- a/linux-2.6-xen-sparse/include/asm-xen/asm-i386/desc.h	Thu Aug 18 10:40:02 2005 -0800
    45.2 +++ b/linux-2.6-xen-sparse/include/asm-xen/asm-i386/desc.h	Fri Aug 19 10:19:28 2005 -0800
    45.3 @@ -93,7 +93,7 @@ static inline void set_ldt_desc(unsigned
    45.4  
    45.5  static inline void load_TLS(struct thread_struct *t, unsigned int cpu)
    45.6  {
    45.7 -#define C(i) HYPERVISOR_update_descriptor(virt_to_machine(&get_cpu_gdt_table(cpu)[GDT_ENTRY_TLS_MIN + i]), ((u32 *)&t->tls_array[i])[0], ((u32 *)&t->tls_array[i])[1])
    45.8 +#define C(i) HYPERVISOR_update_descriptor(virt_to_machine(&get_cpu_gdt_table(cpu)[GDT_ENTRY_TLS_MIN + i]), *(u64 *)&t->tls_array[i])
    45.9  	C(0); C(1); C(2);
   45.10  #undef C
   45.11  }
    46.1 --- a/linux-2.6-xen-sparse/include/asm-xen/asm-i386/fixmap.h	Thu Aug 18 10:40:02 2005 -0800
    46.2 +++ b/linux-2.6-xen-sparse/include/asm-xen/asm-i386/fixmap.h	Fri Aug 19 10:19:28 2005 -0800
    46.3 @@ -102,8 +102,8 @@ enum fixed_addresses {
    46.4  	__end_of_fixed_addresses
    46.5  };
    46.6  
    46.7 -extern void __set_fixmap (enum fixed_addresses idx,
    46.8 -					unsigned long phys, pgprot_t flags);
    46.9 +extern void __set_fixmap(
   46.10 +	enum fixed_addresses idx, maddr_t phys, pgprot_t flags);
   46.11  
   46.12  #define set_fixmap(idx, phys) \
   46.13  		__set_fixmap(idx, phys, PAGE_KERNEL)
    47.1 --- a/linux-2.6-xen-sparse/include/asm-xen/asm-i386/hypercall.h	Thu Aug 18 10:40:02 2005 -0800
    47.2 +++ b/linux-2.6-xen-sparse/include/asm-xen/asm-i386/hypercall.h	Fri Aug 19 10:19:28 2005 -0800
    47.3 @@ -163,7 +163,7 @@ HYPERVISOR_yield(
    47.4          TRAP_INSTR
    47.5          : "=a" (ret), "=b" (ign)
    47.6  	: "0" (__HYPERVISOR_sched_op), "1" (SCHEDOP_yield)
    47.7 -	: "memory" );
    47.8 +	: "memory", "ecx" );
    47.9  
   47.10      return ret;
   47.11  }
   47.12 @@ -178,7 +178,7 @@ HYPERVISOR_block(
   47.13          TRAP_INSTR
   47.14          : "=a" (ret), "=b" (ign1)
   47.15  	: "0" (__HYPERVISOR_sched_op), "1" (SCHEDOP_block)
   47.16 -	: "memory" );
   47.17 +	: "memory", "ecx" );
   47.18  
   47.19      return ret;
   47.20  }
   47.21 @@ -194,7 +194,7 @@ HYPERVISOR_shutdown(
   47.22          : "=a" (ret), "=b" (ign1)
   47.23  	: "0" (__HYPERVISOR_sched_op),
   47.24  	  "1" (SCHEDOP_shutdown | (SHUTDOWN_poweroff << SCHEDOP_reasonshift))
   47.25 -        : "memory" );
   47.26 +        : "memory", "ecx" );
   47.27  
   47.28      return ret;
   47.29  }
   47.30 @@ -210,7 +210,7 @@ HYPERVISOR_reboot(
   47.31          : "=a" (ret), "=b" (ign1)
   47.32  	: "0" (__HYPERVISOR_sched_op),
   47.33  	  "1" (SCHEDOP_shutdown | (SHUTDOWN_reboot << SCHEDOP_reasonshift))
   47.34 -        : "memory" );
   47.35 +        : "memory", "ecx" );
   47.36  
   47.37      return ret;
   47.38  }
   47.39 @@ -228,7 +228,7 @@ HYPERVISOR_suspend(
   47.40          : "=a" (ret), "=b" (ign1), "=S" (ign2)
   47.41  	: "0" (__HYPERVISOR_sched_op),
   47.42          "b" (SCHEDOP_shutdown | (SHUTDOWN_suspend << SCHEDOP_reasonshift)), 
   47.43 -        "S" (srec) : "memory");
   47.44 +        "S" (srec) : "memory", "ecx");
   47.45  
   47.46      return ret;
   47.47  }
   47.48 @@ -244,7 +244,7 @@ HYPERVISOR_crash(
   47.49          : "=a" (ret), "=b" (ign1)
   47.50  	: "0" (__HYPERVISOR_sched_op),
   47.51  	  "1" (SCHEDOP_shutdown | (SHUTDOWN_crash << SCHEDOP_reasonshift))
   47.52 -        : "memory" );
   47.53 +        : "memory", "ecx" );
   47.54  
   47.55      return ret;
   47.56  }
   47.57 @@ -316,16 +316,17 @@ HYPERVISOR_get_debugreg(
   47.58  
   47.59  static inline int
   47.60  HYPERVISOR_update_descriptor(
   47.61 -    unsigned long ma, unsigned long word1, unsigned long word2)
   47.62 +    u64 ma, u64 desc)
   47.63  {
   47.64      int ret;
   47.65 -    unsigned long ign1, ign2, ign3;
   47.66 +    unsigned long ign1, ign2, ign3, ign4;
   47.67  
   47.68      __asm__ __volatile__ (
   47.69          TRAP_INSTR
   47.70 -        : "=a" (ret), "=b" (ign1), "=c" (ign2), "=d" (ign3)
   47.71 -	: "0" (__HYPERVISOR_update_descriptor), "1" (ma), "2" (word1),
   47.72 -	  "3" (word2)
   47.73 +        : "=a" (ret), "=b" (ign1), "=c" (ign2), "=d" (ign3), "=S" (ign4)
   47.74 +	: "0" (__HYPERVISOR_update_descriptor),
   47.75 +	  "1" ((unsigned long)ma), "2" ((unsigned long)(ma>>32)),
   47.76 +	  "3" ((unsigned long)desc), "4" ((unsigned long)(desc>>32))
   47.77  	: "memory" );
   47.78  
   47.79      return ret;
   47.80 @@ -529,12 +530,15 @@ HYPERVISOR_vcpu_down(
   47.81  {
   47.82      int ret;
   47.83      unsigned long ign1;
   47.84 +    /* Yes, I really do want to clobber edx here: when we resume a
   47.85 +       vcpu after unpickling a multi-processor domain, it returns
   47.86 +       here, but clobbers all of the call clobbered registers. */
   47.87      __asm__ __volatile__ (
   47.88          TRAP_INSTR
   47.89          : "=a" (ret), "=b" (ign1)
   47.90  	: "0" (__HYPERVISOR_sched_op),
   47.91  	  "1" (SCHEDOP_vcpu_down | (vcpu << SCHEDOP_vcpushift))
   47.92 -        : "memory" );
   47.93 +        : "memory", "ecx", "edx" );
   47.94  
   47.95      return ret;
   47.96  }
   47.97 @@ -550,8 +554,26 @@ HYPERVISOR_vcpu_up(
   47.98          : "=a" (ret), "=b" (ign1)
   47.99  	: "0" (__HYPERVISOR_sched_op),
  47.100  	  "1" (SCHEDOP_vcpu_up | (vcpu << SCHEDOP_vcpushift))
  47.101 +        : "memory", "ecx" );
  47.102 +
  47.103 +    return ret;
  47.104 +}
  47.105 +
  47.106 +static inline int
  47.107 +HYPERVISOR_vcpu_pickle(
  47.108 +    int vcpu, vcpu_guest_context_t *ctxt)
  47.109 +{
  47.110 +    int ret;
  47.111 +    unsigned long ign1, ign2;
  47.112 +    __asm__ __volatile__ (
  47.113 +        TRAP_INSTR
  47.114 +        : "=a" (ret), "=b" (ign1), "=c" (ign2)
  47.115 +	: "0" (__HYPERVISOR_sched_op),
  47.116 +	  "1" (SCHEDOP_vcpu_pickle | (vcpu << SCHEDOP_vcpushift)),
  47.117 +	  "2" (ctxt)
  47.118          : "memory" );
  47.119  
  47.120      return ret;
  47.121  }
  47.122 +
  47.123  #endif /* __HYPERCALL_H__ */
    48.1 --- a/linux-2.6-xen-sparse/include/asm-xen/asm-i386/page.h	Thu Aug 18 10:40:02 2005 -0800
    48.2 +++ b/linux-2.6-xen-sparse/include/asm-xen/asm-i386/page.h	Fri Aug 19 10:19:28 2005 -0800
    48.3 @@ -63,20 +63,25 @@
    48.4  extern unsigned int *phys_to_machine_mapping;
    48.5  #define pfn_to_mfn(_pfn) ((unsigned long)(phys_to_machine_mapping[(_pfn)]))
    48.6  #define mfn_to_pfn(_mfn) ((unsigned long)(machine_to_phys_mapping[(_mfn)]))
    48.7 +
    48.8 +/* Definitions for machine and pseudophysical addresses. */
    48.9  #ifdef CONFIG_X86_PAE
   48.10 -typedef unsigned long long physaddr_t;
   48.11 +typedef unsigned long long paddr_t;
   48.12 +typedef unsigned long long maddr_t;
   48.13  #else
   48.14 -typedef unsigned long physaddr_t;
   48.15 +typedef unsigned long paddr_t;
   48.16 +typedef unsigned long maddr_t;
   48.17  #endif
   48.18 -static inline physaddr_t phys_to_machine(physaddr_t phys)
   48.19 +
   48.20 +static inline maddr_t phys_to_machine(paddr_t phys)
   48.21  {
   48.22 -	physaddr_t machine = pfn_to_mfn(phys >> PAGE_SHIFT);
   48.23 +	maddr_t machine = pfn_to_mfn(phys >> PAGE_SHIFT);
   48.24  	machine = (machine << PAGE_SHIFT) | (phys & ~PAGE_MASK);
   48.25  	return machine;
   48.26  }
   48.27 -static inline physaddr_t machine_to_phys(physaddr_t machine)
   48.28 +static inline paddr_t machine_to_phys(maddr_t machine)
   48.29  {
   48.30 -	physaddr_t phys = mfn_to_pfn(machine >> PAGE_SHIFT);
   48.31 +	paddr_t phys = mfn_to_pfn(machine >> PAGE_SHIFT);
   48.32  	phys = (phys << PAGE_SHIFT) | (machine & ~PAGE_MASK);
   48.33  	return phys;
   48.34  }
   48.35 @@ -233,8 +238,10 @@ extern int sysctl_legacy_va_layout;
   48.36  		 VM_MAYREAD | VM_MAYWRITE | VM_MAYEXEC)
   48.37  
   48.38  /* VIRT <-> MACHINE conversion */
   48.39 -#define virt_to_machine(_a)	(phys_to_machine(__pa(_a)))
   48.40 -#define machine_to_virt(_m)	(__va(machine_to_phys(_m)))
   48.41 +#define virt_to_machine(v)	(phys_to_machine(__pa(v)))
   48.42 +#define machine_to_virt(m)	(__va(machine_to_phys(m)))
   48.43 +#define virt_to_mfn(v)		(pfn_to_mfn(__pa(v) >> PAGE_SHIFT))
   48.44 +#define mfn_to_virt(m)		(__va(mfn_to_pfn(m) << PAGE_SHIFT))
   48.45  
   48.46  #endif /* __KERNEL__ */
   48.47  
    49.1 --- a/linux-2.6-xen-sparse/include/asm-xen/asm-i386/pgtable.h	Thu Aug 18 10:40:02 2005 -0800
    49.2 +++ b/linux-2.6-xen-sparse/include/asm-xen/asm-i386/pgtable.h	Fri Aug 19 10:19:28 2005 -0800
    49.3 @@ -32,7 +32,7 @@
    49.4   */
    49.5  #define ZERO_PAGE(vaddr) (virt_to_page(empty_zero_page))
    49.6  extern unsigned long empty_zero_page[1024];
    49.7 -extern pgd_t swapper_pg_dir[1024];
    49.8 +extern pgd_t *swapper_pg_dir;
    49.9  extern kmem_cache_t *pgd_cache;
   49.10  extern kmem_cache_t *pmd_cache;
   49.11  extern spinlock_t pgd_lock;
   49.12 @@ -450,7 +450,7 @@ void make_pages_writable(void *va, unsig
   49.13  #define arbitrary_virt_to_machine(__va)					\
   49.14  ({									\
   49.15  	pte_t *__pte = virt_to_ptep(__va);				\
   49.16 -	unsigned long __pa = (*(unsigned long *)__pte) & PAGE_MASK;	\
   49.17 +	maddr_t __pa = (maddr_t)pte_mfn(*__pte) << PAGE_SHIFT;		\
   49.18  	__pa | ((unsigned long)(__va) & (PAGE_SIZE-1));			\
   49.19  })
   49.20  
    50.1 --- a/linux-2.6-xen-sparse/include/asm-xen/asm-x86_64/hypercall.h	Thu Aug 18 10:40:02 2005 -0800
    50.2 +++ b/linux-2.6-xen-sparse/include/asm-xen/asm-x86_64/hypercall.h	Fri Aug 19 10:19:28 2005 -0800
    50.3 @@ -502,4 +502,21 @@ HYPERVISOR_set_segment_base(
    50.4      return ret;
    50.5  }
    50.6  
    50.7 +static inline int
    50.8 +HYPERVISOR_vcpu_pickle(
    50.9 +    int vcpu, vcpu_guest_context_t *ctxt)
   50.10 +{
   50.11 +    int ret;
   50.12 +    unsigned long ign1, ign2;
   50.13 +    __asm__ __volatile__ (
   50.14 +        TRAP_INSTR
   50.15 +        : "=a" (ret), "=b" (ign1), "=c" (ign2)
   50.16 +	: "0" (__HYPERVISOR_sched_op),
   50.17 +	  "1" (SCHEDOP_vcpu_pickle | (vcpu << SCHEDOP_vcpushift)),
   50.18 +	  "2" (ctxt)
   50.19 +        : __syscall_clobber );
   50.20 +
   50.21 +    return ret;
   50.22 +}
   50.23 +
   50.24  #endif /* __HYPERCALL_H__ */
    51.1 --- a/linux-2.6-xen-sparse/include/asm-xen/asm-x86_64/page.h	Thu Aug 18 10:40:02 2005 -0800
    51.2 +++ b/linux-2.6-xen-sparse/include/asm-xen/asm-x86_64/page.h	Fri Aug 19 10:19:28 2005 -0800
    51.3 @@ -65,16 +65,21 @@ void copy_page(void *, void *);
    51.4  extern u32 *phys_to_machine_mapping;
    51.5  #define pfn_to_mfn(_pfn) ((unsigned long) phys_to_machine_mapping[(unsigned int)(_pfn)])
    51.6  #define mfn_to_pfn(_mfn) ((unsigned long) machine_to_phys_mapping[(unsigned int)(_mfn)])
    51.7 -static inline unsigned long phys_to_machine(unsigned long phys)
    51.8 +
    51.9 +/* Definitions for machine and pseudophysical addresses. */
   51.10 +typedef unsigned long paddr_t;
   51.11 +typedef unsigned long maddr_t;
   51.12 +
   51.13 +static inline maddr_t phys_to_machine(paddr_t phys)
   51.14  {
   51.15 -	unsigned long machine = pfn_to_mfn(phys >> PAGE_SHIFT);
   51.16 +	maddr_t machine = pfn_to_mfn(phys >> PAGE_SHIFT);
   51.17  	machine = (machine << PAGE_SHIFT) | (phys & ~PAGE_MASK);
   51.18  	return machine;
   51.19  }
   51.20  
   51.21 -static inline unsigned long machine_to_phys(unsigned long machine)
   51.22 +static inline paddr_t machine_to_phys(maddr_t machine)
   51.23  {
   51.24 -	unsigned long phys = mfn_to_pfn(machine >> PAGE_SHIFT);
   51.25 +	paddr_t phys = mfn_to_pfn(machine >> PAGE_SHIFT);
   51.26  	phys = (phys << PAGE_SHIFT) | (machine & ~PAGE_MASK);
   51.27  	return phys;
   51.28  }
   51.29 @@ -211,8 +216,10 @@ extern __inline__ int get_order(unsigned
   51.30  #define pfn_to_kaddr(pfn)      __va((pfn) << PAGE_SHIFT)
   51.31  
   51.32  /* VIRT <-> MACHINE conversion */
   51.33 -#define virt_to_machine(_a)	(phys_to_machine(__pa(_a)))
   51.34 -#define machine_to_virt(_m)	(__va(machine_to_phys(_m)))
   51.35 +#define virt_to_machine(v)	(phys_to_machine(__pa(v)))
   51.36 +#define machine_to_virt(m)	(__va(machine_to_phys(m)))
   51.37 +#define virt_to_mfn(v)		(pfn_to_mfn(__pa(v) >> PAGE_SHIFT))
   51.38 +#define mfn_to_virt(m)		(__va(mfn_to_pfn(m) << PAGE_SHIFT))
   51.39  
   51.40  #define VM_DATA_DEFAULT_FLAGS \
   51.41  	(((current->personality & READ_IMPLIES_EXEC) ? VM_EXEC : 0 ) | \
    52.1 --- a/linux-2.6-xen-sparse/include/asm-xen/xenbus.h	Thu Aug 18 10:40:02 2005 -0800
    52.2 +++ b/linux-2.6-xen-sparse/include/asm-xen/xenbus.h	Fri Aug 19 10:19:28 2005 -0800
    52.3 @@ -37,7 +37,6 @@
    52.4  /* A xenbus device. */
    52.5  struct xenbus_device {
    52.6  	char *devicetype;
    52.7 -	char *subtype;
    52.8  	char *nodename;
    52.9  	struct device dev;
   52.10  	int has_error;
   52.11 @@ -53,7 +52,6 @@ struct xenbus_device_id
   52.12  {
   52.13  	/* .../device/<device_type>/<identifier> */
   52.14  	char devicetype[32]; 	/* General class of device. */
   52.15 -	char subtype[32];	/* Contents of "subtype" for this device */
   52.16  };
   52.17  
   52.18  /* A xenbus driver. */
   52.19 @@ -61,9 +59,11 @@ struct xenbus_driver {
   52.20  	char *name;
   52.21  	struct module *owner;
   52.22  	const struct xenbus_device_id *ids;
   52.23 -	int  (*probe)    (struct xenbus_device * dev,
   52.24 -			  const struct xenbus_device_id * id);
   52.25 -	int  (*remove)   (struct xenbus_device * dev);
   52.26 +	int (*probe)(struct xenbus_device *dev,
   52.27 +		     const struct xenbus_device_id *id);
   52.28 +	int (*remove)(struct xenbus_device *dev);
   52.29 +	int (*suspend)(struct xenbus_device *dev);
   52.30 +	int (*resume)(struct xenbus_device *dev);
   52.31  	struct device_driver driver;
   52.32  };
   52.33  
   52.34 @@ -72,7 +72,8 @@ static inline struct xenbus_driver *to_x
   52.35  	return container_of(drv, struct xenbus_driver, driver);
   52.36  }
   52.37  
   52.38 -int xenbus_register_driver(struct xenbus_driver *drv);
   52.39 +int xenbus_register_device(struct xenbus_driver *drv);
   52.40 +int xenbus_register_backend(struct xenbus_driver *drv);
   52.41  void xenbus_unregister_driver(struct xenbus_driver *drv);
   52.42  
   52.43  /* Caller must hold this lock to call these functions: it's also held
    53.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    53.2 +++ b/patches/linux-2.6.12/workaround_double_br_del_if.patch	Fri Aug 19 10:19:28 2005 -0800
    53.3 @@ -0,0 +1,11 @@
    53.4 +--- linux-2.6.12/net/bridge/br_if.c	2005-06-17 14:48:29.000000000 -0500
    53.5 ++++ linux-2.6.12-xen0-smp/net/bridge/br_if.c	2005-08-18 15:17:27.302615846 -0500
    53.6 +@@ -382,7 +382,7 @@
    53.7 + {
    53.8 + 	struct net_bridge_port *p = dev->br_port;
    53.9 + 	
   53.10 +-	if (!p || p->br != br) 
   53.11 ++	if (!p || p->br != br || p->state == BR_STATE_DISABLED)
   53.12 + 		return -EINVAL;
   53.13 + 
   53.14 + 	br_sysfs_removeif(p);
    54.1 --- a/tools/debugger/libxendebug/xendebug.c	Thu Aug 18 10:40:02 2005 -0800
    54.2 +++ b/tools/debugger/libxendebug/xendebug.c	Fri Aug 19 10:19:28 2005 -0800
    54.3 @@ -40,7 +40,7 @@ typedef int boolean;
    54.4  typedef struct bwcpoint                           /* break/watch/catch point */
    54.5  {
    54.6      struct list_head list;
    54.7 -    memory_t address;
    54.8 +    unsigned long address;
    54.9      u32 domain;
   54.10      u8 old_value;                             /* old value for software bkpt */
   54.11  } bwcpoint_t, *bwcpoint_p;
   54.12 @@ -311,7 +311,7 @@ xendebug_continue(int xc_handle,
   54.13  /* access to one page */
   54.14  static int
   54.15  xendebug_memory_page (domain_context_p ctxt, int xc_handle, u32 vcpu,
   54.16 -                      int protection, memory_t address, int length, u8 *buffer)
   54.17 +                      int protection, unsigned long address, int length, u8 *buffer)
   54.18  {
   54.19      vcpu_guest_context_t *vcpu_ctxt = &ctxt->context[vcpu];
   54.20      unsigned long pde, page;
   54.21 @@ -407,7 +407,7 @@ xendebug_memory_page (domain_context_p c
   54.22  /* divide a memory operation into accesses to individual pages */
   54.23  static int
   54.24  xendebug_memory_op (domain_context_p ctxt, int xc_handle, u32 vcpu,
   54.25 -                    int protection, memory_t address, int length, u8 *buffer)
   54.26 +                    int protection, unsigned long address, int length, u8 *buffer)
   54.27  {
   54.28      int      remain;              /* number of bytes to touch past this page */
   54.29      int      bytes   = 0;
   54.30 @@ -431,7 +431,7 @@ int
   54.31  xendebug_read_memory(int xc_handle,
   54.32                       u32 domid,
   54.33                       u32 vcpu,
   54.34 -                     memory_t address,
   54.35 +                     unsigned long address,
   54.36                       u32 length,
   54.37                       u8 *data)
   54.38  {
   54.39 @@ -451,7 +451,7 @@ int
   54.40  xendebug_write_memory(int xc_handle,
   54.41                        u32 domid,
   54.42                        u32 vcpu,
   54.43 -                      memory_t address,
   54.44 +                      unsigned long address,
   54.45                        u32 length,
   54.46                        u8 *data)
   54.47  {
   54.48 @@ -471,7 +471,7 @@ int
   54.49  xendebug_insert_memory_breakpoint(int xc_handle,
   54.50                                    u32 domid,
   54.51                                    u32 vcpu,
   54.52 -                                  memory_t address,
   54.53 +                                  unsigned long address,
   54.54                                    u32 length)
   54.55  {
   54.56      bwcpoint_p bkpt;
   54.57 @@ -517,7 +517,7 @@ int
   54.58  xendebug_remove_memory_breakpoint(int xc_handle,
   54.59                                    u32 domid,
   54.60                                    u32 vcpu,
   54.61 -                                  memory_t address,
   54.62 +                                  unsigned long address,
   54.63                                    u32 length)
   54.64  {
   54.65      bwcpoint_p bkpt = NULL;
    55.1 --- a/tools/debugger/libxendebug/xendebug.h	Thu Aug 18 10:40:02 2005 -0800
    55.2 +++ b/tools/debugger/libxendebug/xendebug.h	Fri Aug 19 10:19:28 2005 -0800
    55.3 @@ -45,7 +45,7 @@ int xendebug_continue(int xc_handle,
    55.4  int xendebug_read_memory(int xc_handle,
    55.5  			 u32 domid,
    55.6  			 u32 vcpu,
    55.7 -			 memory_t address,
    55.8 +			 unsigned long address,
    55.9  			 u32 length,
   55.10  			 u8 *data);
   55.11  
   55.12 @@ -53,7 +53,7 @@ int xendebug_read_memory(int xc_handle,
   55.13  int xendebug_write_memory(int xc_handle,
   55.14  			  u32 domid,
   55.15  			  u32 vcpu,
   55.16 -			  memory_t address,
   55.17 +			  unsigned long address,
   55.18  			  u32 length,
   55.19  			  u8 *data);
   55.20  
   55.21 @@ -61,13 +61,13 @@ int xendebug_write_memory(int xc_handle,
   55.22  int xendebug_insert_memory_breakpoint(int xc_handle,
   55.23  				      u32 domid,
   55.24  				      u32 vcpu,
   55.25 -				      memory_t address,
   55.26 +				      unsigned long address,
   55.27  				      u32 length);
   55.28  
   55.29  int xendebug_remove_memory_breakpoint(int xc_handle,
   55.30  				      u32 domid,
   55.31  				      u32 vcpu,
   55.32 -				      memory_t address,
   55.33 +				      unsigned long address,
   55.34  				      u32 length);
   55.35  
   55.36  int xendebug_query_domain_stop(int xc_handle,
    56.1 --- a/tools/debugger/pdb/linux-2.6-module/debug.c	Thu Aug 18 10:40:02 2005 -0800
    56.2 +++ b/tools/debugger/pdb/linux-2.6-module/debug.c	Fri Aug 19 10:19:28 2005 -0800
    56.3 @@ -26,7 +26,7 @@ static int pdb_page_fault_fn (struct pt_
    56.4  typedef struct bwcpoint                           /* break/watch/catch point */
    56.5  {
    56.6      struct list_head list;
    56.7 -    memory_t address;
    56.8 +    unsigned long address;
    56.9      int length;
   56.10  
   56.11      u8  type;                                                     /* BWC_??? */
   56.12 @@ -109,7 +109,7 @@ pdb_bwc_print_list (void)
   56.13  }
   56.14  
   56.15  bwcpoint_p
   56.16 -pdb_search_watchpoint (u32 process, memory_t address)
   56.17 +pdb_search_watchpoint (u32 process, unsigned long address)
   56.18  {
   56.19      bwcpoint_p bwc_watch = (bwcpoint_p) 0;
   56.20      bwcpoint_p bwc_entry = (bwcpoint_p) 0;
   56.21 @@ -364,7 +364,7 @@ pdb_step (struct task_struct *target)
   56.22  
   56.23  int
   56.24  pdb_insert_memory_breakpoint (struct task_struct *target, 
   56.25 -                              memory_t address, u32 length)
   56.26 +                              unsigned long address, u32 length)
   56.27  {
   56.28      int rc = 0;
   56.29      bwcpoint_p bkpt;
   56.30 @@ -399,7 +399,7 @@ pdb_insert_memory_breakpoint (struct tas
   56.31  
   56.32  int
   56.33  pdb_remove_memory_breakpoint (struct task_struct *target,
   56.34 -                              memory_t address, u32 length)
   56.35 +                              unsigned long address, u32 length)
   56.36  {
   56.37      int rc = 0;
   56.38      bwcpoint_p bkpt = NULL;
   56.39 @@ -760,7 +760,7 @@ pdb_int3_fn (struct pt_regs *regs, long 
   56.40  {
   56.41      pdb_response_t resp;
   56.42      bwcpoint_p bkpt = NULL;
   56.43 -    memory_t address = regs->eip - 1;
   56.44 +    unsigned long address = regs->eip - 1;
   56.45  
   56.46      struct list_head *entry;
   56.47      list_for_each(entry, &bwcpoint_list)
    57.1 --- a/tools/debugger/pdb/linux-2.6-module/module.c	Thu Aug 18 10:40:02 2005 -0800
    57.2 +++ b/tools/debugger/pdb/linux-2.6-module/module.c	Fri Aug 19 10:19:28 2005 -0800
    57.3 @@ -199,7 +199,7 @@ pdb_interrupt (int irq, void *dev_id, st
    57.4  }
    57.5  
    57.6  static void
    57.7 -pdb_send_connection_status(int status, memory_t ring)
    57.8 +pdb_send_connection_status(int status, unsigned long ring)
    57.9  {
   57.10      ctrl_msg_t cmsg = 
   57.11      {
    58.1 --- a/tools/debugger/pdb/linux-2.6-module/pdb_debug.h	Thu Aug 18 10:40:02 2005 -0800
    58.2 +++ b/tools/debugger/pdb/linux-2.6-module/pdb_debug.h	Fri Aug 19 10:19:28 2005 -0800
    58.3 @@ -18,9 +18,9 @@ int pdb_continue (struct task_struct *ta
    58.4  int pdb_step (struct task_struct *target);
    58.5  
    58.6  int pdb_insert_memory_breakpoint (struct task_struct *target, 
    58.7 -                                  memory_t address, u32 length);
    58.8 +                                  unsigned long address, u32 length);
    58.9  int pdb_remove_memory_breakpoint (struct task_struct *target,
   58.10 -                                  memory_t address, u32 length);
   58.11 +                                  unsigned long address, u32 length);
   58.12  int pdb_insert_watchpoint (struct task_struct *target,
   58.13                             pdb_op_watchpt_p watchpt);
   58.14  int pdb_remove_watchpoint (struct task_struct *target,
    59.1 --- a/tools/debugger/pdb/pdb_caml_domain.c	Thu Aug 18 10:40:02 2005 -0800
    59.2 +++ b/tools/debugger/pdb/pdb_caml_domain.c	Fri Aug 19 10:19:28 2005 -0800
    59.3 @@ -203,7 +203,7 @@ dom_read_memory (value context, value ad
    59.4      context_t ctx;
    59.5      int loop;
    59.6      char *buffer;
    59.7 -    memory_t my_address = Int32_val(address);
    59.8 +    unsigned long my_address = Int32_val(address);
    59.9      u32 my_length = Int_val(length);
   59.10  
   59.11      printf ("(pdb) read memory\n");
   59.12 @@ -259,7 +259,7 @@ dom_write_memory (value context, value a
   59.13      context_t ctx;
   59.14  
   59.15      char buffer[4096];  /* a big buffer */
   59.16 -    memory_t  my_address;
   59.17 +    unsigned long  my_address;
   59.18      u32 length = 0;
   59.19  
   59.20      printf ("(pdb) write memory\n");
   59.21 @@ -279,7 +279,7 @@ dom_write_memory (value context, value a
   59.22      }
   59.23      buffer[length++] = Int_val(Field(node, 0));
   59.24  
   59.25 -    my_address = (memory_t) Int32_val(address);
   59.26 +    my_address = (unsigned long) Int32_val(address);
   59.27  
   59.28      if ( xendebug_write_memory(xc_handle, ctx.domain, ctx.vcpu,
   59.29                                 my_address, length, buffer) )
   59.30 @@ -344,7 +344,7 @@ dom_insert_memory_breakpoint (value cont
   59.31      CAMLparam3(context, address, length);
   59.32  
   59.33      context_t ctx;
   59.34 -    memory_t my_address = (memory_t) Int32_val(address);
   59.35 +    unsigned long my_address = (unsigned long) Int32_val(address);
   59.36      int my_length = Int_val(length);
   59.37  
   59.38      decode_context(&ctx, context);
   59.39 @@ -373,7 +373,7 @@ dom_remove_memory_breakpoint (value cont
   59.40  
   59.41      context_t ctx;
   59.42  
   59.43 -    memory_t my_address = (memory_t) Int32_val(address);
   59.44 +    unsigned long my_address = (unsigned long) Int32_val(address);
   59.45      int my_length = Int_val(length);
   59.46  
   59.47      printf ("(pdb) remove memory breakpoint 0x%lx %d\n",
    60.1 --- a/tools/debugger/pdb/pdb_caml_process.c	Thu Aug 18 10:40:02 2005 -0800
    60.2 +++ b/tools/debugger/pdb/pdb_caml_process.c	Fri Aug 19 10:19:28 2005 -0800
    60.3 @@ -495,7 +495,7 @@ proc_insert_memory_breakpoint (value con
    60.4  
    60.5      req.operation = PDB_OPCODE_SET_BKPT;
    60.6      req.process = ctx.process;
    60.7 -    req.u.bkpt.address = (memory_t) Int32_val(address);
    60.8 +    req.u.bkpt.address = (unsigned long) Int32_val(address);
    60.9      req.u.bkpt.length  =  Int_val(length);
   60.10  
   60.11      send_request(ctx.ring, ctx.evtchn, &req);
   60.12 @@ -518,7 +518,7 @@ proc_remove_memory_breakpoint (value con
   60.13  
   60.14      req.operation = PDB_OPCODE_CLR_BKPT;
   60.15      req.process = ctx.process;
   60.16 -    req.u.bkpt.address = (memory_t) Int32_val(address);
   60.17 +    req.u.bkpt.address = (unsigned long) Int32_val(address);
   60.18      req.u.bkpt.length  =  Int_val(length);
   60.19  
   60.20      send_request(ctx.ring, ctx.evtchn, &req);
   60.21 @@ -542,7 +542,7 @@ proc_insert_watchpoint (value context, v
   60.22      req.operation = PDB_OPCODE_SET_WATCHPT;
   60.23      req.process = ctx.process;
   60.24      req.u.watchpt.type    =  Int_val(kind);
   60.25 -    req.u.watchpt.address = (memory_t) Int32_val(address);
   60.26 +    req.u.watchpt.address = (unsigned long) Int32_val(address);
   60.27      req.u.watchpt.length  =  Int_val(length);
   60.28  
   60.29      send_request(ctx.ring, ctx.evtchn, &req);
   60.30 @@ -566,7 +566,7 @@ proc_remove_watchpoint (value context, v
   60.31      req.operation = PDB_OPCODE_CLR_WATCHPT;
   60.32      req.process = ctx.process;
   60.33      req.u.watchpt.type    =  Int_val(kind);
   60.34 -    req.u.watchpt.address = (memory_t) Int32_val(address);
   60.35 +    req.u.watchpt.address = (unsigned long) Int32_val(address);
   60.36      req.u.watchpt.length  =  Int_val(length);
   60.37  
   60.38      send_request(ctx.ring, ctx.evtchn, &req);
    61.1 --- a/tools/debugger/pdb/pdb_caml_xcs.c	Thu Aug 18 10:40:02 2005 -0800
    61.2 +++ b/tools/debugger/pdb/pdb_caml_xcs.c	Fri Aug 19 10:19:28 2005 -0800
    61.3 @@ -50,7 +50,7 @@ xcs_initialize_ring (value domain, value
    61.4  {
    61.5      CAMLparam2(domain, ring);
    61.6      int my_domain = Int_val(domain);
    61.7 -    memory_t my_ring = Int32_val(ring);
    61.8 +    unsigned long my_ring = Int32_val(ring);
    61.9  
   61.10      pdb_front_ring_t *front_ring;
   61.11      pdb_sring_t *sring;
    62.1 --- a/tools/libxc/xc.h	Thu Aug 18 10:40:02 2005 -0800
    62.2 +++ b/tools/libxc/xc.h	Fri Aug 19 10:19:28 2005 -0800
    62.3 @@ -515,25 +515,25 @@ int xc_grant_interface_open(void);
    62.4   */
    62.5  int xc_grant_interface_close(int xc_handle);
    62.6  
    62.7 -int xc_gnttab_map_grant_ref(int         xc_handle,
    62.8 -                            memory_t    host_virt_addr,
    62.9 -                            u32         dom,
   62.10 -                            u16         ref,
   62.11 -                            u16         flags,
   62.12 -                            s16        *handle,
   62.13 -                            memory_t   *dev_bus_addr);
   62.14 +int xc_gnttab_map_grant_ref(int  xc_handle,
   62.15 +                            u64  host_virt_addr,
   62.16 +                            u32  dom,
   62.17 +                            u16  ref,
   62.18 +                            u16  flags,
   62.19 +                            s16 *handle,
   62.20 +                            u64 *dev_bus_addr);
   62.21  
   62.22 -int xc_gnttab_unmap_grant_ref(int       xc_handle,
   62.23 -                              memory_t  host_virt_addr,
   62.24 -                              memory_t  dev_bus_addr,
   62.25 -                              u16       handle,
   62.26 -                              s16      *status);
   62.27 +int xc_gnttab_unmap_grant_ref(int  xc_handle,
   62.28 +                              u64  host_virt_addr,
   62.29 +                              u64  dev_bus_addr,
   62.30 +                              u16  handle,
   62.31 +                              s16 *status);
   62.32  
   62.33  int xc_gnttab_setup_table(int        xc_handle,
   62.34                            u32        dom,
   62.35                            u16        nr_frames,
   62.36                            s16       *status,
   62.37 -                          memory_t **frame_list);
   62.38 +                          unsigned long **frame_list);
   62.39  
   62.40  /* Grant debug builds only: */
   62.41  int xc_gnttab_dump_table(int        xc_handle,
    63.1 --- a/tools/libxc/xc_gnttab.c	Thu Aug 18 10:40:02 2005 -0800
    63.2 +++ b/tools/libxc/xc_gnttab.c	Fri Aug 19 10:19:28 2005 -0800
    63.3 @@ -40,12 +40,12 @@ do_gnttab_op(int xc_handle,
    63.4  
    63.5  
    63.6  int xc_gnttab_map_grant_ref(int         xc_handle,
    63.7 -                            memory_t    host_virt_addr,
    63.8 +                            u64    host_virt_addr,
    63.9                              u32         dom,
   63.10                              u16         ref,
   63.11                              u16         flags,
   63.12                              s16        *handle,
   63.13 -                            memory_t   *dev_bus_addr)
   63.14 +                            u64   *dev_bus_addr)
   63.15  {
   63.16      struct gnttab_map_grant_ref op;
   63.17      int rc;
   63.18 @@ -67,8 +67,8 @@ int xc_gnttab_map_grant_ref(int         
   63.19  
   63.20  
   63.21  int xc_gnttab_unmap_grant_ref(int       xc_handle,
   63.22 -                              memory_t  host_virt_addr,
   63.23 -                              memory_t  dev_bus_addr,
   63.24 +                              u64  host_virt_addr,
   63.25 +                              u64  dev_bus_addr,
   63.26                                u16       handle,
   63.27                                s16      *status)
   63.28  {
   63.29 @@ -92,7 +92,7 @@ int xc_gnttab_setup_table(int        xc_
   63.30                            u32        dom,
   63.31                            u16        nr_frames,
   63.32                            s16       *status,
   63.33 -                          memory_t **frame_list)
   63.34 +                          unsigned long **frame_list)
   63.35  {
   63.36      struct gnttab_setup_table op;
   63.37      int rc, i;
    64.1 --- a/tools/misc/policyprocessor/Makefile	Thu Aug 18 10:40:02 2005 -0800
    64.2 +++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
    64.3 @@ -1,42 +0,0 @@
    64.4 -XEN_ROOT = ../../..
    64.5 -include $(XEN_ROOT)/tools/Rules.mk
    64.6 -
    64.7 -CFLAGS   += -static
    64.8 -CFLAGS   += -Wall
    64.9 -CFLAGS   += -Werror
   64.10 -CFLAGS   += -O3
   64.11 -CFLAGS   += -fno-strict-aliasing
   64.12 -CFLAGS   += -I.
   64.13 -
   64.14 -all: build
   64.15 -
   64.16 -build: mk-symlinks
   64.17 -	$(MAKE) xml_to_bin
   64.18 -
   64.19 -default: all
   64.20 -
   64.21 -install: all
   64.22 -
   64.23 -xml_to_bin : make_include XmlToBin.java XmlToBinInterface.java SsidsEntry.java SecurityLabel.java myHandler.java
   64.24 -	javac XmlToBin.java
   64.25 -
   64.26 -make_include : c2j_include
   64.27 -	./c2j_include
   64.28 -
   64.29 -c2j_include: c2j_include.c
   64.30 -	$(CC) $(CPPFLAGS) $(CFLAGS) -o $@ $<
   64.31 -
   64.32 -clean:
   64.33 -	rm -rf *.class xen c2j_include policy_version.java *.bin
   64.34 -
   64.35 -
   64.36 -LINUX_ROOT := $(XEN_ROOT)/linux-2.6-xen-sparse
   64.37 -mk-symlinks:
   64.38 -	[ -e xen/linux ] || mkdir -p xen/linux
   64.39 -	[ -e xen/io ]    || mkdir -p xen/io
   64.40 -	( cd xen >/dev/null ; \
   64.41 -	  ln -sf ../$(XEN_ROOT)/xen/include/public/*.h . )
   64.42 -	( cd xen/io >/dev/null ; \
   64.43 -	  ln -sf ../../$(XEN_ROOT)/xen/include/public/io/*.h . )
   64.44 -	( cd xen/linux >/dev/null ; \
   64.45 -	  ln -sf ../../$(LINUX_ROOT)/include/asm-xen/linux-public/*.h . )
    65.1 --- a/tools/misc/policyprocessor/SecurityLabel.java	Thu Aug 18 10:40:02 2005 -0800
    65.2 +++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
    65.3 @@ -1,34 +0,0 @@
    65.4 -/**
    65.5 - * (C) Copyright IBM Corp. 2005
    65.6 - *
    65.7 - * $Id: SecurityLabel.java,v 1.2 2005/06/17 20:00:04 rvaldez Exp $
    65.8 - *
    65.9 - * Author: Ray Valdez
   65.10 - *
   65.11 - * This program is free software; you can redistribute it and/or
   65.12 - * modify it under the terms of the GNU General Public License as
   65.13 - * published by the Free Software Foundation, version 2 of the
   65.14 - * License.
   65.15 - *
   65.16 - * SecurityLabel Class.  
   65.17 - *
   65.18 - * <p>
   65.19 - *
   65.20 - * Keeps track of types.
   65.21 - *
   65.22 - * <p>
   65.23 - *
   65.24 - *
   65.25 - */
   65.26 -import java.util.*;
   65.27 -public class SecurityLabel
   65.28 -{
   65.29 - Vector ids;
   65.30 - Vector vlans;
   65.31 - Vector slots;
   65.32 - Vector steTypes;
   65.33 - int steSsidPosition;
   65.34 - Vector chwIDs;
   65.35 - Vector chwTypes;
   65.36 - int chwSsidPosition;
   65.37 -}
    66.1 --- a/tools/misc/policyprocessor/SecurityPolicySpec.xsd	Thu Aug 18 10:40:02 2005 -0800
    66.2 +++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
    66.3 @@ -1,115 +0,0 @@
    66.4 -<?xml version="1.0" encoding="UTF-8"?>
    66.5 -<!-- Author: Ray Valdez, rvaldez@us.ibm.com -->
    66.6 -<!-- xml schema definition for xen xml policies -->
    66.7 -<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema"
    66.8 -targetNamespace="http://www.ibm.com"
    66.9 -xmlns="http://www.ibm.com" 
   66.10 -elementFormDefault="qualified">
   66.11 -
   66.12 -<xsd:element name="TE" type="xsd:string" />
   66.13 -<xsd:element name="ChWall" type="xsd:string" />
   66.14 -
   66.15 -<xsd:element name="Definition">
   66.16 -  <xsd:complexType>
   66.17 - 	<xsd:sequence>
   66.18 -
   66.19 -	  <!-- simple type enforcement -->
   66.20 -	  <xsd:element name="Types" minOccurs ="0" maxOccurs="1">
   66.21 -		<xsd:complexType>
   66.22 -		  <xsd:sequence>
   66.23 -			<xsd:element ref="TE" minOccurs ="1" maxOccurs ="unbounded"/>
   66.24 -		  </xsd:sequence>
   66.25 -		</xsd:complexType>
   66.26 -	  </xsd:element>
   66.27 -
   66.28 -	  <!-- chinese wall -->
   66.29 -	  <!--   type definition -->
   66.30 -	  <xsd:element name="ChWallTypes" minOccurs ="0" maxOccurs="1">
   66.31 -		<xsd:complexType>
   66.32 -		  <xsd:sequence>
   66.33 -			<xsd:element ref="ChWall"  minOccurs ="1" maxOccurs ="unbounded"/>
   66.34 -
   66.35 -      	   	</xsd:sequence>
   66.36 -          </xsd:complexType>
   66.37 -	</xsd:element>
   66.38 -
   66.39 -  	<!--   conflict set -->
   66.40 -	  <xsd:element name="ConflictSet" minOccurs ="0" maxOccurs="unbounded">
   66.41 -		<xsd:complexType>
   66.42 -		  <xsd:sequence>
   66.43 -			<xsd:element ref="ChWall"  minOccurs ="2" maxOccurs ="unbounded"/>
   66.44 -		  </xsd:sequence>
   66.45 -		</xsd:complexType>
   66.46 -	</xsd:element>
   66.47 -
   66.48 -	</xsd:sequence>
   66.49 -  </xsd:complexType>
   66.50 -</xsd:element>
   66.51 -
   66.52 -<xsd:element name="Policy">
   66.53 -    <xsd:complexType>
   66.54 -      <xsd:sequence>
   66.55 -
   66.56 -	<xsd:element name="PolicyHeader">
   66.57 -    	<xsd:complexType>
   66.58 -      	   <xsd:all>
   66.59 -		<xsd:element name = "Name" type="xsd:string"/>
   66.60 -		<xsd:element name = "DateTime" type="xsd:dateTime"/>
   66.61 -		<xsd:element name = "Tag" minOccurs ="1" maxOccurs ="1" type="xsd:string"/>
   66.62 -		<xsd:element name = "TypeDefinition">
   66.63 -    		<xsd:complexType>
   66.64 -      	   	  <xsd:all>
   66.65 -			<xsd:element name = "url" type="xsd:string"/>
   66.66 -			<xsd:element name = "hash" minOccurs ="0" maxOccurs ="1" type="xsd:string"/>
   66.67 -      	   	  </xsd:all>
   66.68 -    		</xsd:complexType>
   66.69 -		</xsd:element>
   66.70 -
   66.71 -      	   </xsd:all>
   66.72 -    	</xsd:complexType>
   66.73 -	</xsd:element>
   66.74 -
   66.75 -	<xsd:element name="VM" minOccurs ="1" maxOccurs="unbounded">
   66.76 -    	  <xsd:complexType>
   66.77 -      	   <xsd:sequence>
   66.78 -		<xsd:element name="id" type="xsd:integer"/>
   66.79 -		<xsd:element ref="TE" minOccurs="0" maxOccurs="unbounded" />
   66.80 -		<xsd:element ref="ChWall" minOccurs ="0" maxOccurs="unbounded"/>
   66.81 -      	   </xsd:sequence>
   66.82 -    	  </xsd:complexType>
   66.83 -	</xsd:element>
   66.84 -
   66.85 -	<xsd:element name="Vlan" minOccurs ="0" maxOccurs="unbounded">
   66.86 -    	  <xsd:complexType>
   66.87 -      	   <xsd:sequence>
   66.88 -		<xsd:element name="vid" type="xsd:integer"/>
   66.89 -		<xsd:element ref="TE" minOccurs="1" maxOccurs="unbounded" />
   66.90 -      	   </xsd:sequence>
   66.91 -    	  </xsd:complexType>
   66.92 -	</xsd:element>
   66.93 -
   66.94 -	<xsd:element name="Slot" minOccurs ="0" maxOccurs="unbounded">
   66.95 -    	  <xsd:complexType>
   66.96 -      	   <xsd:sequence>
   66.97 -		<xsd:element name="bus" type="xsd:integer"/>
   66.98 -		<xsd:element name="slot" type="xsd:integer"/>
   66.99 -		<xsd:element ref="TE" minOccurs="1" maxOccurs="unbounded" />
  66.100 -      	   </xsd:sequence>
  66.101 -    	  </xsd:complexType>
  66.102 -	</xsd:element>
  66.103 -
  66.104 -
  66.105 -      </xsd:sequence>
  66.106 -    </xsd:complexType>
  66.107 -</xsd:element>
  66.108 -
  66.109 -<!-- root element -->
  66.110 -<xsd:element name="SecurityPolicySpec">
  66.111 -    <xsd:complexType>
  66.112 -      <xsd:choice>
  66.113 -		<xsd:element ref="Definition" minOccurs ="1" maxOccurs="unbounded"/>
  66.114 -		<xsd:element ref="Policy" minOccurs ="1" maxOccurs="unbounded"/>
  66.115 -      </xsd:choice>
  66.116 -    </xsd:complexType>
  66.117 -</xsd:element>
  66.118 -</xsd:schema>
    67.1 --- a/tools/misc/policyprocessor/SsidsEntry.java	Thu Aug 18 10:40:02 2005 -0800
    67.2 +++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
    67.3 @@ -1,29 +0,0 @@
    67.4 -/**
    67.5 - * (C) Copyright IBM Corp. 2005
    67.6 - *
    67.7 - * $Id: SsidsEntry.java,v 1.2 2005/06/17 20:02:40 rvaldez Exp $
    67.8 - *
    67.9 - * Author: Ray Valdez
   67.10 - * 
   67.11 - * This program is free software; you can redistribute it and/or
   67.12 - * modify it under the terms of the GNU General Public License as
   67.13 - * published by the Free Software Foundation, version 2 of the
   67.14 - * License.
   67.15 - *
   67.16 - * SsidsEntry Class.  
   67.17 - * <p>
   67.18 - *
   67.19 - * Holds ssid information.
   67.20 - *
   67.21 - * <p>
   67.22 - *
   67.23 - *
   67.24 - */
   67.25 -public class SsidsEntry 
   67.26 - {
   67.27 -  int id;	/* used for partition and vlan */
   67.28 -  int bus;	/* used for slots */
   67.29 -  int slot;
   67.30 -  int ste = 0xffffffff;
   67.31 -  int chw = 0xffffffff;
   67.32 - }
    68.1 --- a/tools/misc/policyprocessor/XmlToBin.java	Thu Aug 18 10:40:02 2005 -0800
    68.2 +++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
    68.3 @@ -1,1570 +0,0 @@
    68.4 -/**
    68.5 - * (C) Copyright IBM Corp. 2005
    68.6 - *
    68.7 - * $Id: XmlToBin.java,v 1.3 2005/06/20 21:07:37 rvaldez Exp $
    68.8 - *
    68.9 - * Author: Ray Valdez
   68.10 - *
   68.11 - * Contributors:
   68.12 - *         Reiner Sailer - adjust type-lengths
   68.13 - *
   68.14 - * This program is free software; you can redistribute it and/or
   68.15 - * modify it under the terms of the GNU General Public License as
   68.16 - * published by the Free Software Foundation, version 2 of the
   68.17 - * License.
   68.18 - *
   68.19 - * XmlToBin  Class.  
   68.20 - * <p>
   68.21 - *
   68.22 - * Translates a xml representation of a SHYPE policy into a binary  
   68.23 - * format.  The class processes an xml policy file based on elment tags 
   68.24 - * defined in a schema definition files: SecurityPolicySpec.xsd.
   68.25 - *
   68.26 - * XmlToBin Command line Options: 
   68.27 - *
   68.28 - *      -i              inputFile:      name of policyfile (.xml)
   68.29 - *      -o              outputFile:     name of binary policy file (Big Endian)
   68.30 - *      -xssid          SsidFile:       xen ssids to types text file
   68.31 - *      -xssidconf      SsidConf:   	xen conflict ssids to types text file
   68.32 - *      -debug                          turn on debug messages
   68.33 - *      -help                           help. This printout
   68.34 - *
   68.35 - * <p>
   68.36 - *
   68.37 - *
   68.38 - */
   68.39 -import java.util.*;
   68.40 -import java.io.*;
   68.41 -import java.io.IOException;
   68.42 -import java.io.FileNotFoundException;
   68.43 -import org.w3c.dom.Document;
   68.44 -import org.w3c.dom.Element;
   68.45 -import org.w3c.dom.Node;
   68.46 -import org.w3c.dom.Attr;
   68.47 -import org.w3c.dom.NodeList;
   68.48 -import org.w3c.dom.NamedNodeMap;
   68.49 -import org.xml.sax.*;
   68.50 -import javax.xml.parsers.*;
   68.51 -import org.xml.sax.helpers.*;
   68.52 -
   68.53 -public class XmlToBin 
   68.54 - implements XmlToBinInterface
   68.55 -{
   68.56 -  class SlotInfo {
   68.57 -	String bus;
   68.58 -	String slot;
   68.59 -  }
   68.60 -
   68.61 - boolean LittleEndian = false;
   68.62 - boolean debug = false;
   68.63 -
   68.64 - static final String JAXP_SCHEMA_LANGUAGE = "http://java.sun.com/xml/jaxp/properties/schemaLanguage";
   68.65 -
   68.66 - static final String W3C_XML_SCHEMA = "http://www.w3.org/2001/XMLSchema";
   68.67 -
   68.68 - public static void printUsage()
   68.69 - {
   68.70 -  System.out.println("XmlToBin Command line Options: ");
   68.71 -  System.out.println("\t-i\t\tinputFile:\tname of policyfile (.xml)");
   68.72 -  System.out.println("\t-o\t\toutputFile:\tname of binary policy file (Big Endian)");
   68.73 -  System.out.println("\t-xssid\t\tSsidFile:\tXen ssids to named types text file");
   68.74 -  System.out.println("\t-xssidconf\tSsidConfFile:\tXen conflict ssids to named types text file");
   68.75 -  System.out.println("\t-debug\t\t\t\tturn on debug messages");
   68.76 -  System.out.println("\t-help\t\t\t\thelp. This printout");
   68.77 -  return;
   68.78 - }
   68.79 -
   68.80 - public void printDebug(String message) 
   68.81 - {
   68.82 -  if (debug)
   68.83 -    System.out.println(message);
   68.84 - }
   68.85 -
   68.86 - public void writeBinPolicy(byte[] binPolicy, String outputFileName)
   68.87 -  throws Exception
   68.88 - {
   68.89 -    if (debug) 
   68.90 -    	printHex(binPolicy,binPolicy.length);
   68.91 -
   68.92 -    DataOutputStream writeObj = new DataOutputStream(
   68.93 -                                new FileOutputStream(outputFileName));
   68.94 -
   68.95 -    writeObj.write(binPolicy);
   68.96 -    writeObj.flush();
   68.97 -    writeObj.close();
   68.98 -    System.out.println(" wBP:: wrote outputfile: " + outputFileName);
   68.99 -
  68.100 -    return; 
  68.101 - }  
  68.102 -
  68.103 - public void writeXenTypeVectorFile(Vector list, String outputFileName)
  68.104 -  throws Exception
  68.105 - {
  68.106 -  PrintWriter out;
  68.107 -
  68.108 -  if (0 == list.size())
  68.109 -  {
  68.110 -   	printDebug(" wSTF : size of input is zero when writing :" + outputFileName); 
  68.111 -	return;
  68.112 -  }
  68.113 - out = new PrintWriter(
  68.114 -	 	new BufferedWriter(
  68.115 -                      new FileWriter(outputFileName)));
  68.116 -
  68.117 -
  68.118 -  for (int i = 0; i < list.size(); i++)
  68.119 -  {
  68.120 -	Vector	ee = (Vector) list.elementAt(i);
  68.121 -   	out.println(i + " " +ee.toString());
  68.122 -  } 
  68.123 -    out.close();
  68.124 -   
  68.125 -    return; 
  68.126 - }
  68.127 -
  68.128 - public void writeXenTypeFile(Vector list, String outputFileName, boolean slabel)
  68.129 -  throws Exception
  68.130 - {
  68.131 -  Vector entry; 
  68.132 -  String strTypes = "";
  68.133 -  SecurityLabel ee;
  68.134 -  PrintWriter out;
  68.135 -
  68.136 -  if (0 == list.size())
  68.137 -  {
  68.138 -   	printDebug(" wSTF : size of input is zero when writing :" + outputFileName); 
  68.139 -	return;
  68.140 -  }
  68.141 -  out = new PrintWriter(
  68.142 -	 	new BufferedWriter(
  68.143 -                      new FileWriter(outputFileName)));
  68.144 -
  68.145 -  for (int i = 0; i < list.size(); i++)
  68.146 -  {
  68.147 -	ee = (SecurityLabel) list.elementAt(i);
  68.148 -
  68.149 -	if (slabel)
  68.150 -	{
  68.151 -		entry = ee.steTypes; 
  68.152 -	} else {
  68.153 -
  68.154 -		entry = ee.chwTypes; 
  68.155 -	}
  68.156 -	if (null == entry) continue;
  68.157 -
  68.158 -	Enumeration e = entry.elements(); 
  68.159 -	while (e.hasMoreElements())
  68.160 -	{
  68.161 -  	  String typeName = (String) e.nextElement(); 
  68.162 -	  strTypes = strTypes + " " + typeName;
  68.163 -        }
  68.164 -    	  printDebug(" WXTF:: ssid : "+i +" :"+strTypes); 
  68.165 -   	  out.println(i +" "+strTypes);
  68.166 -	  strTypes = "";
  68.167 -  } 
  68.168 -  out.close();
  68.169 -   
  68.170 -  return; 
  68.171 - }
  68.172 -
  68.173 - public void setDebug(boolean value)
  68.174 - {
  68.175 -  debug=value;
  68.176 - }
  68.177 -
  68.178 - public void setEndian(boolean value)
  68.179 - {
  68.180 -  LittleEndian = value;
  68.181 - }
  68.182 -
  68.183 - public byte[] generateVlanSsids(Vector bagOfSsids)
  68.184 -  throws Exception
  68.185 - {
  68.186 -  /**
  68.187 -        typedef struct {
  68.188 -        u16 vlan;
  68.189 -        u16 ssid_ste;
  68.190 -        } acm_vlan_entry_t;
  68.191 -  **/
  68.192 -
  68.193 -  Hashtable  vlanSsid = new Hashtable();
  68.194 -  printDebug(" gVS::Size of bagOfSsids: "+ bagOfSsids.size());
  68.195 -
  68.196 -  /* Get the number of partitions */
  68.197 -  for (int i = 0; i < bagOfSsids.size(); i++)
  68.198 -  {
  68.199 -	SecurityLabel entry = (SecurityLabel) bagOfSsids.elementAt(i);
  68.200 -
  68.201 -	if (null == entry.vlans)
  68.202 -	  continue;
  68.203 -
  68.204 -	Enumeration e = entry.vlans.elements(); 
  68.205 -	while (e.hasMoreElements())
  68.206 -	{
  68.207 -  	  String id = (String) e.nextElement(); 
  68.208 -      	  printDebug(" gVS:: vlan: " + id + "has ste ssid: " + entry.steSsidPosition);
  68.209 -	  if (-1 == entry.steSsidPosition)
  68.210 -		continue;  
  68.211 -
  68.212 -	  /* Only use ste for vlan */
  68.213 -	  SsidsEntry  ssidsObj = new SsidsEntry();
  68.214 -
  68.215 -	  ssidsObj.id = Integer.parseInt(id); 
  68.216 -	  ssidsObj.ste = entry.steSsidPosition;
  68.217 -
  68.218 -	  if (vlanSsid.contains(id))
  68.219 -      	  	printDebug(" gVS:: Error already in the Hash part:" + ssidsObj.id);
  68.220 -	  else 
  68.221 - 		vlanSsid.put(id, ssidsObj);
  68.222 -      	  	printDebug(" gVS:: added part: " + id + "has ste ssid: " + entry.steSsidPosition);
  68.223 -	}
  68.224 -  }
  68.225 -
  68.226 -  /* allocate array */ 
  68.227 -  int numOfVlan = vlanSsid.size();
  68.228 -  int totalSize = (numOfVlan * vlanEntrySz);  
  68.229 -
  68.230 -  if (0 == numOfVlan) 
  68.231 -  {
  68.232 -  	printDebug(" gVS:: vlan: binary ==> zero");
  68.233 -        return new byte[0];
  68.234 -  }
  68.235 -
  68.236 -  byte[] vlanArray = new byte[totalSize];
  68.237 -
  68.238 -  int index = 0;
  68.239 -
  68.240 -  Enumeration e = vlanSsid.elements(); 
  68.241 -  while (e.hasMoreElements())
  68.242 -  {
  68.243 -  	SsidsEntry entry = (SsidsEntry) e.nextElement(); 
  68.244 -      	printDebug(" gVS:: part: " + entry.id + " ste ssid: " + entry.ste);
  68.245 -
  68.246 -	/* Write id */
  68.247 -   	writeShortToStream(vlanArray,(short)entry.id,index);
  68.248 -	index = index + u16Size;
  68.249 -
  68.250 -	/* write ste ssid */
  68.251 -   	writeShortToStream(vlanArray,(short) entry.ste,index);
  68.252 -	index = index + u16Size;
  68.253 -  }
  68.254 -
  68.255 -  printDebug(" gVS:: vlan: num of vlans  " + numOfVlan);
  68.256 -  printDebug(" gVS:: vlan: binary ==> Length "+ vlanArray.length);
  68.257 -
  68.258 -  if (debug) 
  68.259 -	printHex(vlanArray,vlanArray.length);
  68.260 -  printDebug("\n");
  68.261 -
  68.262 -  return vlanArray; 
  68.263 - }  
  68.264 -
  68.265 - public byte[] generateSlotSsids(Vector bagOfSsids)
  68.266 -  throws Exception
  68.267 - {
  68.268 -  /**
  68.269 -        typedef struct {
  68.270 -        u16 slot_max;
  68.271 -        u16 slot_offset;
  68.272 -        } acm_slot_buffer_t;
  68.273 -
  68.274 -        typedef struct {
  68.275 -        u16 bus;
  68.276 -        u16 slot;
  68.277 -        u16 ssid_ste;
  68.278 -        } acm_slot_entry_t;
  68.279 -  **/
  68.280 -  Hashtable  slotSsid = new Hashtable();
  68.281 -  printDebug(" gSS::Size of bagOfSsids: "+ bagOfSsids.size());
  68.282 -
  68.283 -  /* Find the number of VMs */ 
  68.284 -  for (int i = 0; i < bagOfSsids.size(); i++)
  68.285 -  {
  68.286 -	SecurityLabel entry = (SecurityLabel) bagOfSsids.elementAt(i);
  68.287 -
  68.288 -	if (null == entry.slots)
  68.289 -	  continue;
  68.290 -
  68.291 -	Enumeration e = entry.slots.elements(); 
  68.292 -	while (e.hasMoreElements())
  68.293 -	{
  68.294 -  	  SlotInfo item = (SlotInfo) e.nextElement(); 
  68.295 -      	  printDebug(" gSS:: bus slot: " + item.bus + " "+ item.slot + " " +  entry.steSsidPosition);
  68.296 -	  if (-1 == entry.steSsidPosition)
  68.297 -		continue;  
  68.298 -
  68.299 -	  SsidsEntry  ssidsObj = new SsidsEntry();
  68.300 -
  68.301 -	  String id = item.bus +" "+item.slot;
  68.302 -	  ssidsObj.bus = Integer.parseInt(item.bus); 
  68.303 -	  ssidsObj.slot = Integer.parseInt(item.slot); 
  68.304 -	  /* set ste ssid */
  68.305 -	  ssidsObj.ste = entry.steSsidPosition;
  68.306 -
  68.307 -	  if (slotSsid.contains(id))
  68.308 -      	  	printDebug(" gSS:: Error already in the Hash part:" + id);
  68.309 -	  else 
  68.310 -	  	slotSsid.put(id, ssidsObj);
  68.311 -
  68.312 -      	  	printDebug(" gSS:: added slot: " + id + "has ste ssid: " + entry.steSsidPosition);
  68.313 -	}
  68.314 -  }
  68.315 -
  68.316 -  /* allocate array */
  68.317 -  int numOfSlot = slotSsid.size();
  68.318 -
  68.319 -  if (0 == numOfSlot) 
  68.320 -  {
  68.321 -  	printDebug(" gVS:: slot: binary ==> zero");
  68.322 -        return new byte[0];
  68.323 -  }
  68.324 -
  68.325 -  int totalSize = (numOfSlot * slotEntrySz);  
  68.326 -
  68.327 -  byte[] slotArray = new byte[totalSize];
  68.328 -
  68.329 -  int index = 0;
  68.330 -
  68.331 -  Enumeration e = slotSsid.elements(); 
  68.332 -  while (e.hasMoreElements())
  68.333 -  {
  68.334 -  	SsidsEntry entry = (SsidsEntry) e.nextElement(); 
  68.335 -      	System.out.println(" gSS:: bus slot: " + entry.bus + " " + entry.slot + " ste ssid: " + entry.ste);
  68.336 -
  68.337 -	/* Write bus */
  68.338 -   	writeShortToStream(slotArray,(short)entry.bus,index);
  68.339 -	index = index + u16Size;
  68.340 -
  68.341 -	/* Write slot */ 
  68.342 -   	writeShortToStream(slotArray,(short)entry.slot,index);
  68.343 -	index = index + u16Size;
  68.344 -
  68.345 -	/* Write ste ssid */
  68.346 -   	writeShortToStream(slotArray,(short) entry.ste,index);
  68.347 -	index = index + u16Size;
  68.348 -
  68.349 -  }
  68.350 -   
  68.351 -  printDebug(" gSS:: slot: num of vlans  " + numOfSlot);
  68.352 -  printDebug(" gSS:: slot: binary ==> Length "+ slotArray.length);
  68.353 -
  68.354 -  if (debug) 
  68.355 - 	 printHex(slotArray,slotArray.length);
  68.356 -  printDebug("\n");
  68.357 -
  68.358 -  return slotArray; 
  68.359 -
  68.360 - }  
  68.361 -
  68.362 - public byte[] generatePartSsids(Vector bagOfSsids, Vector bagOfChwSsids)
  68.363 -  throws Exception
  68.364 - {
  68.365 -  /**
  68.366 -        typedef struct {
  68.367 -        u16 id;
  68.368 -        u16 ssid_ste;
  68.369 -        u16 ssid_chwall;
  68.370 -        } acm_partition_entry_t;
  68.371 -
  68.372 -  **/
  68.373 -  Hashtable  partSsid = new Hashtable();
  68.374 -  printDebug(" gPS::Size of bagOfSsids: "+ bagOfSsids.size());
  68.375 -
  68.376 -  /* Find the number of VMs */ 
  68.377 -  for (int i = 0; i < bagOfSsids.size(); i++)
  68.378 -  {
  68.379 -	SecurityLabel entry = (SecurityLabel) bagOfSsids.elementAt(i);
  68.380 -
  68.381 -	if (null == entry.ids)
  68.382 -	  continue;
  68.383 -
  68.384 -	Enumeration e = entry.ids.elements(); 
  68.385 -	while (e.hasMoreElements())
  68.386 -	{
  68.387 -  	  String id = (String) e.nextElement(); 
  68.388 -      	  printDebug(" gPS:: part: " + id + "has ste ssid: " + entry.steSsidPosition);
  68.389 -	  if (-1 == entry.steSsidPosition)
  68.390 -		continue;  
  68.391 -
  68.392 -	  SsidsEntry  ssidsObj = new SsidsEntry();
  68.393 -
  68.394 -	  ssidsObj.id = Integer.parseInt(id); 
  68.395 -	  ssidsObj.ste = entry.steSsidPosition;
  68.396 -
  68.397 -	  if (partSsid.contains(id))
  68.398 -      	  	printDebug(" gPS:: Error already in the Hash part:" + ssidsObj.id);
  68.399 -	  else 
  68.400 - 		partSsid.put(id, ssidsObj);
  68.401 -      	  	printDebug(" gPS:: added part: " + id + "has ste ssid: " + entry.steSsidPosition);
  68.402 -	}
  68.403 -
  68.404 -  }
  68.405 -
  68.406 -  for (int i = 0; i < bagOfChwSsids.size(); i++)
  68.407 -  {
  68.408 -	SecurityLabel entry = (SecurityLabel) bagOfChwSsids.elementAt(i);
  68.409 -
  68.410 -	Enumeration e = entry.chwIDs.elements(); 
  68.411 -	while (e.hasMoreElements())
  68.412 -	{
  68.413 -  	  String id = (String) e.nextElement(); 
  68.414 -      	  printDebug(" gPS:: part: " + id + "has chw ssid: " + entry.chwSsidPosition);
  68.415 -	  if (partSsid.containsKey(id))
  68.416 -	  {
  68.417 -		SsidsEntry item = (SsidsEntry) partSsid.get(id);
  68.418 -		item.chw = entry.chwSsidPosition;
  68.419 -      	  	printDebug(" gPS:: added :" + item.id +" chw: " + item.chw);
  68.420 -	  }
  68.421 -	  else 
  68.422 -	  {
  68.423 -      	  	printDebug(" gPS:: creating :" + id +" chw: " + entry.chwSsidPosition);
  68.424 -	  	SsidsEntry  ssidsObj = new SsidsEntry();
  68.425 -	  	ssidsObj.id = Integer.parseInt(id); 
  68.426 -	  	ssidsObj.chw = entry.chwSsidPosition;
  68.427 - 		partSsid.put(id, ssidsObj);
  68.428 -
  68.429 -	  }
  68.430 -	}
  68.431 -  }	  
  68.432 -
  68.433 -  /* Allocate array */
  68.434 -  int numOfPar = partSsid.size();
  68.435 -  int totalSize =  (numOfPar * partitionEntrySz);  
  68.436 -
  68.437 -  if (0 == numOfPar) 
  68.438 -  {
  68.439 -  	printDebug(" gPS:: part: binary ==> zero");
  68.440 -        return new byte[0];
  68.441 -  }
  68.442 -
  68.443 -  byte[] partArray = new byte[totalSize];
  68.444 -
  68.445 -  int index = 0;
  68.446 -
  68.447 -  Enumeration e = partSsid.elements(); 
  68.448 -  while (e.hasMoreElements())
  68.449 -  {
  68.450 -  	SsidsEntry entry = (SsidsEntry) e.nextElement(); 
  68.451 -      	printDebug(" gPS:: part: " + entry.id + " ste ssid: " + entry.ste + " chw ssid: "+ entry.chw);
  68.452 -
  68.453 -	/* Write id */
  68.454 -   	writeShortToStream(partArray,(short)entry.id,index);
  68.455 -	index = index + u16Size;
  68.456 -
  68.457 -	/* Write ste ssid */
  68.458 -   	writeShortToStream(partArray,(short) entry.ste,index);
  68.459 -	index = index + u16Size;
  68.460 -
  68.461 -	/* Write chw ssid */
  68.462 -   	writeShortToStream(partArray,(short) entry.chw,index);
  68.463 -	index = index + u16Size;
  68.464 -  }
  68.465 -
  68.466 -  printDebug(" gPS:: part: num of partitions  " + numOfPar);
  68.467 -  printDebug(" gPS:: part: binary ==> Length " + partArray.length);
  68.468 -
  68.469 -  if (debug) 
  68.470 -	printHex(partArray,partArray.length);
  68.471 -  printDebug("\n");
  68.472 -   
  68.473 -   return partArray; 
  68.474 - }
  68.475 -
  68.476 - public  byte[] GenBinaryPolicyBuffer(byte[] chwPolicy, byte[] stePolicy, byte [] partMap, byte[] vlanMap, byte[] slotMap)
  68.477 - {
  68.478 -  byte[] binBuffer;
  68.479 -  short chwSize =0;
  68.480 -  short steSize =0;
  68.481 -  int	index = 0;
  68.482 -
  68.483 -  /* Builds data structure acm_policy_buffer_t */
  68.484 -  /* Get number of colorTypes */
  68.485 -  if (null != chwPolicy)
  68.486 -	chwSize = (short) chwPolicy.length;
  68.487 -
  68.488 -  if (null != stePolicy)
  68.489 -    	steSize = (short) stePolicy.length;
  68.490 -
  68.491 -  int totalDataSize = chwSize + steSize + resourceOffsetSz +  3 *(2 * u16Size);
  68.492 -
  68.493 -  /*  Add vlan and slot */ 
  68.494 -  totalDataSize = totalDataSize +partMap.length + vlanMap.length + slotMap.length; 
  68.495 -  binBuffer = new byte[binaryBufferHeaderSz +totalDataSize];
  68.496 -	
  68.497 -
  68.498 -  try {
  68.499 -	  index = 0;
  68.500 -	  /* fill in General Policy Version */
  68.501 -	  writeIntToStream(binBuffer, ACM_POLICY_VERSION, index);
  68.502 -	  index += u32Size;
  68.503 -
  68.504 -	  /* Write magic */
  68.505 -	  writeIntToStream(binBuffer, ACM_MAGIC, index);
  68.506 -	  index += u32Size;
  68.507 -
  68.508 -	  /* write len */
  68.509 -	  writeIntToStream(binBuffer, binBuffer.length, index);
  68.510 -	  index += u32Size;
  68.511 -
  68.512 -  } catch (IOException ee) {
  68.513 -	  System.out.println(" GBPB:: got exception : " + ee);
  68.514 -	  return null;
  68.515 -  }
  68.516 -
  68.517 -  int offset, address;
  68.518 -  address = index;
  68.519 -
  68.520 -  if (null != partMap) 
  68.521 -	  offset = binaryBufferHeaderSz + resourceOffsetSz;
  68.522 -  else
  68.523 -	  offset = binaryBufferHeaderSz;
  68.524 -
  68.525 -  try {
  68.526 -	  int skip = 0;
  68.527 -
  68.528 -	  /* init with NULL policy setting */
  68.529 -	  writeIntToStream(binBuffer, ACM_NULL_POLICY, index);
  68.530 -	  writeIntToStream(binBuffer, 0, index + u32Size);
  68.531 -	  writeIntToStream(binBuffer, ACM_NULL_POLICY, index + 2*u32Size);
  68.532 -	  writeIntToStream(binBuffer, 0, index + 3*u32Size);
  68.533 -	  
  68.534 -	  index = address;
  68.535 -	  if (null != chwPolicy) {
  68.536 -	  
  68.537 -		  /* Write policy name */
  68.538 -		  writeIntToStream(binBuffer, ACM_CHINESE_WALL_POLICY, index);
  68.539 -		  index += u32Size;
  68.540 -
  68.541 -		  /* Write offset */
  68.542 -		  writeIntToStream(binBuffer, offset, index);
  68.543 -		  index += u32Size;
  68.544 -
  68.545 -		  /* Write payload. No need increment index */
  68.546 -		  address = offset;
  68.547 -		  System.arraycopy(chwPolicy, 0, binBuffer,address, chwPolicy.length);
  68.548 -		  address = address + chwPolicy.length;
  68.549 -	  } else
  68.550 -		  skip += 2*u32Size;
  68.551 -
  68.552 -	  if (null != stePolicy) 
  68.553 -	  {	
  68.554 -	  	/* Write policy name */
  68.555 -	  	writeIntToStream(binBuffer, ACM_SIMPLE_TYPE_ENFORCEMENT_POLICY, index);
  68.556 -  	  	index += u32Size;
  68.557 -
  68.558 -	  	/* Write offset */
  68.559 -	  	writeIntToStream(binBuffer, address, index);
  68.560 -  	  	index += u32Size;
  68.561 -
  68.562 -		/* Copy array */
  68.563 -	  	System.arraycopy(stePolicy, 0, binBuffer,address, stePolicy.length);
  68.564 -		/* Update address */
  68.565 -		address = address + stePolicy.length;
  68.566 -	  } else
  68.567 -		 skip += 2*u32Size;
  68.568 -
  68.569 -	  /* Skip writing policy name and offset for each null policy*/
  68.570 -	  index +=  skip;
  68.571 -
  68.572 -	  int size;
  68.573 -	  /* Assumes that you will always have a partition defined in policy */
  68.574 -	  if ( 0 < partMap.length) {
  68.575 -		  writeIntToStream(binBuffer, address, index);
  68.576 -		  index = address;
  68.577 -
  68.578 -		  /* Compute num of VMs */
  68.579 -		  size = partMap.length / (3 * u16Size);
  68.580 -
  68.581 -		  writeShortToStream(binBuffer, (short)size,index);
  68.582 -		  index = index + u16Size;
  68.583 -
  68.584 -		  /* part, vlan and slot: each one consists of two entries */
  68.585 -		  offset = 3 * (2 * u16Size);
  68.586 -		  writeShortToStream(binBuffer, (short) offset,index);
  68.587 -
  68.588 -		  /* Write partition array at offset */
  68.589 -		  System.arraycopy(partMap, 0, binBuffer,(offset + address), partMap.length);
  68.590 -		  index = index + u16Size;
  68.591 -		  offset = offset + partMap.length;
  68.592 -	  }
  68.593 -
  68.594 -	  if ( 0 < vlanMap.length) {
  68.595 -		  size = vlanMap.length / (2 * u16Size);
  68.596 -		  writeShortToStream(binBuffer, (short) size,index);
  68.597 -		  index = index + u16Size;
  68.598 -
  68.599 -		  writeShortToStream(binBuffer, (short) offset,index);
  68.600 -		  index = index + u16Size;
  68.601 -		  System.arraycopy(vlanMap, 0, binBuffer,(offset + address), vlanMap.length);
  68.602 -	  } else {
  68.603 -		  /* Write vlan max */
  68.604 -		  writeShortToStream(binBuffer, (short) 0,index);
  68.605 -		  index = index + u16Size;
  68.606 - 
  68.607 -		  /* Write vlan offset */
  68.608 -		  writeShortToStream(binBuffer, (short) 0,index);
  68.609 -		  index = index + u16Size;
  68.610 -	  }
  68.611 -
  68.612 -	  offset = offset + vlanMap.length;
  68.613 -	  if ( 0 < slotMap.length) {
  68.614 -		  size = slotMap.length / (3 * u16Size);
  68.615 -		  writeShortToStream(binBuffer, (short) size,index);
  68.616 -		  index = index + u16Size;
  68.617 -
  68.618 -		  writeShortToStream(binBuffer, (short) offset,index);
  68.619 -		  index = index + u16Size;
  68.620 -		  System.arraycopy(slotMap, 0, binBuffer,(offset + address), slotMap.length);
  68.621 -	  }
  68.622 -  } catch (IOException ee) {
  68.623 -	  System.out.println(" GBPB:: got exception : " + ee);
  68.624 -	  return null;
  68.625 -  }
  68.626 -
  68.627 -  printDebug(" GBP:: Binary Policy ==> length " + binBuffer.length);
  68.628 -  if (debug)
  68.629 -	  printHex(binBuffer,binBuffer.length);
  68.630 -
  68.631 -  return  binBuffer;
  68.632 - } 
  68.633 -
  68.634 - public  byte[] generateChwBuffer(Vector Ssids, Vector ConflictSsids, Vector ColorTypes)
  68.635 - {
  68.636 -  byte[] chwBuffer;
  68.637 -  int index = 0;
  68.638 -  int position = 0;
  68.639 -
  68.640 -  /* Get number of rTypes */
  68.641 -  int maxTypes = ColorTypes.size();
  68.642 -
  68.643 -  /* Get number of SSids entry */
  68.644 -  int maxSsids = Ssids.size();
  68.645 -
  68.646 -  /* Get number of conflict sets */
  68.647 -  int maxConflict = ConflictSsids.size();
  68.648 -
  68.649 -   
  68.650 -  if (maxTypes * maxSsids == 0)
  68.651 -	return null; 
  68.652 -  /*
  68.653 -     data structure acm_chwall_policy_buffer
  68.654 -     se XmlToBinInterface.java
  68.655 -  */
  68.656 -  int totalBytes = chwHeaderSize  + u16Size *(maxTypes * (maxSsids + maxConflict)); 
  68.657 -
  68.658 -  chwBuffer = new byte[ totalBytes ];
  68.659 -  int address = chwHeaderSize + (u16Size * maxTypes * maxSsids );
  68.660 -
  68.661 -  printDebug(" gCB:: chwall totalbytes : "+totalBytes); 
  68.662 -
  68.663 -  try {
  68.664 -	  index = 0;
  68.665 -	  /* fill in General Policy Version */
  68.666 -	  writeIntToStream(chwBuffer, ACM_CHWALL_VERSION, index);
  68.667 -	  index += u32Size;
  68.668 -
  68.669 -	  writeIntToStream(chwBuffer, ACM_CHINESE_WALL_POLICY, index);
  68.670 -	  index += u32Size;
  68.671 -
  68.672 -	  writeIntToStream(chwBuffer, maxTypes, index);
  68.673 -	  index += u32Size;
  68.674 -
  68.675 -	  writeIntToStream(chwBuffer, maxSsids, index);
  68.676 -	  index += u32Size;
  68.677 -
  68.678 -	  writeIntToStream(chwBuffer, maxConflict, index);
  68.679 -	  index += u32Size;
  68.680 -
  68.681 -	  /*  Write chwall_ssid_offset */
  68.682 -	  writeIntToStream(chwBuffer, chwHeaderSize, index);
  68.683 -	  index += u32Size;
  68.684 -
  68.685 -	  /* Write chwall_conflict_sets_offset */
  68.686 -	  writeIntToStream(chwBuffer, address, index);
  68.687 -	  index += u32Size;
  68.688 -
  68.689 -	  /*  Write chwall_running_types_offset */
  68.690 -	  writeIntToStream(chwBuffer, 0, index);
  68.691 -	  index += u32Size;
  68.692 -
  68.693 -	  /*  Write chwall_conflict_aggregate_offset */
  68.694 -	  writeIntToStream(chwBuffer, 0, index);
  68.695 -	  index += u32Size;
  68.696 -
  68.697 -  } catch (IOException ee) {
  68.698 -    	System.out.println(" gCB:: got exception : " + ee); 
  68.699 -	return null;
  68.700 -  }
  68.701 -  int markPos = 0;
  68.702 -
  68.703 -  /* Create the SSids entry */
  68.704 -  for (int i = 0; i < maxSsids; i++)
  68.705 -  {
  68.706 -	SecurityLabel ssidEntry = (SecurityLabel) Ssids.elementAt(i);
  68.707 -   	/* Get chwall types */
  68.708 -	ssidEntry.chwSsidPosition = i;
  68.709 -	Enumeration e = ssidEntry.chwTypes.elements(); 
  68.710 -	while (e.hasMoreElements())
  68.711 -	{
  68.712 -  	  String typeName = (String) e.nextElement(); 
  68.713 -      	  printDebug(" gCB:: Ssid "+ i+ ": has type : " + typeName);
  68.714 -	  position = ColorTypes.indexOf(typeName);
  68.715 -
  68.716 -	  if (position < 0) 
  68.717 -	  {
  68.718 -      	  	System.out.println (" gCB:: Error type : " + typeName + " not found in ColorTypes"); 
  68.719 -		return null; 
  68.720 -	  }
  68.721 -   	  printDebug(" GCB:: type : " + typeName + "  found in ColorTypes at position: " + position); 
  68.722 -	  markPos = ((i * maxTypes + position) * u16Size) + index;	
  68.723 -
  68.724 -	  try {
  68.725 -	  	writeShortToStream(chwBuffer,markSymbol,markPos);
  68.726 -  	  } catch (IOException ee) {
  68.727 -   	  	System.out.println(" gCB:: got exception : "); 
  68.728 -		return null; 
  68.729 -  	  }
  68.730 -	}
  68.731 -  }
  68.732 -
  68.733 -  if (debug) 
  68.734 -      printHex(chwBuffer,chwBuffer.length);
  68.735 -
  68.736 -  /* Add conflict set */
  68.737 -  index = address;
  68.738 -  for (int i = 0; i < maxConflict; i++)
  68.739 -  {
  68.740 -   	/* Get ste types */
  68.741 -	Vector entry = (Vector) ConflictSsids.elementAt(i);
  68.742 -	Enumeration e = entry.elements(); 
  68.743 -	while (e.hasMoreElements())
  68.744 -	{
  68.745 -  	  String typeName = (String) e.nextElement(); 
  68.746 -      	  printDebug (" GCB:: conflict Ssid "+ i+ ": has type : " + typeName);
  68.747 -	  position = ColorTypes.indexOf(typeName);
  68.748 -
  68.749 -	  if (position < 0) 
  68.750 -	  {
  68.751 -      	  	System.out.println (" GCB:: Error type : " + typeName + " not found in ColorTypes"); 
  68.752 -		return null; 
  68.753 -	  }
  68.754 -   	  printDebug(" GCB:: type : " + typeName + "  found in ColorTypes at position: " + position); 
  68.755 -	  markPos = ((i * maxTypes + position) * u16Size) + index;	
  68.756 -
  68.757 -	  try {
  68.758 -	  	writeShortToStream(chwBuffer,markSymbol,markPos);
  68.759 -  	  } catch (IOException ee) {
  68.760 -   	  	System.out.println(" GCB:: got exception : "); 
  68.761 -		return null; 
  68.762 -  	  }
  68.763 -	}
  68.764 -		
  68.765 -  } 
  68.766 -  printDebug(" gSB:: chw binary  ==> Length " + chwBuffer.length); 
  68.767 -  if (debug) 
  68.768 -   	printHex(chwBuffer,chwBuffer.length);
  68.769 -  printDebug("\n");
  68.770 -
  68.771 -  return chwBuffer;
  68.772 - }
  68.773 -
  68.774 -/**********************************************************************
  68.775 - Generate byte representation of policy using type information
  68.776 - <p>
  68.777 - @param Ssids    	      	Vector
  68.778 - @param ColorTypes         	Vector
  68.779 - <p>
  68.780 - @return bytes represenation of simple type enforcement policy 
  68.781 -**********************************************************************/
  68.782 - public  byte[] generateSteBuffer(Vector Ssids, Vector ColorTypes)
  68.783 - {
  68.784 -  byte[] steBuffer;
  68.785 -  int index = 0;
  68.786 -  int position = 0;
  68.787 -
  68.788 -  /* Get number of colorTypes */
  68.789 -  int numColorTypes = ColorTypes.size();
  68.790 -
  68.791 -  /* Get number of SSids entry */
  68.792 -  int numSsids = Ssids.size();
  68.793 -   
  68.794 -  if (numColorTypes * numSsids == 0)
  68.795 -	return null; 
  68.796 -
  68.797 -  /* data structure: acm_ste_policy_buffer
  68.798 -   * see XmlToBinInterface.java
  68.799 -   * total bytes: steHeaderSize * 2B + colorTypes(size) * Ssids(size)
  68.800 -   * 
  68.801 -  */
  68.802 -  steBuffer = new byte[ steHeaderSize + (numColorTypes * numSsids) * 2];
  68.803 -
  68.804 -  try {
  68.805 -	
  68.806 -	  index = 0;
  68.807 -	  writeIntToStream(steBuffer, ACM_STE_VERSION, index);
  68.808 -	  index += u32Size;
  68.809 -
  68.810 -	  writeIntToStream(steBuffer, ACM_SIMPLE_TYPE_ENFORCEMENT_POLICY, index);
  68.811 -	  index += u32Size;
  68.812 -
  68.813 -	  writeIntToStream(steBuffer, numColorTypes, index);
  68.814 -	  index += u32Size;
  68.815 -
  68.816 -	  writeIntToStream(steBuffer, numSsids, index);
  68.817 -	  index += u32Size;
  68.818 -
  68.819 -	  writeIntToStream(steBuffer, steHeaderSize, index);
  68.820 -	  index += u32Size;
  68.821 -
  68.822 -
  68.823 -  } catch (IOException ee) {
  68.824 -	System.out.println(" gSB:: got exception : " + ee); 
  68.825 -	return null; 
  68.826 -  }
  68.827 -  int markPos = 0;
  68.828 -  for (int i = 0; i < numSsids; i++)
  68.829 -  {
  68.830 -	
  68.831 -	SecurityLabel ssidEntry = (SecurityLabel) Ssids.elementAt(i);
  68.832 -	ssidEntry.steSsidPosition = i;
  68.833 -   	/* Get ste types */
  68.834 -	Enumeration e = ssidEntry.steTypes.elements(); 
  68.835 -	while (e.hasMoreElements())
  68.836 -	{
  68.837 -  	  String typeName = (String) e.nextElement(); 
  68.838 -      	  printDebug (" gSB:: Ssid "+ i+ ": has type : " + typeName);
  68.839 -	  position = ColorTypes.indexOf(typeName);
  68.840 -
  68.841 -	  if (position < 0) 
  68.842 -	  {
  68.843 -      	  	printDebug(" gSB:: Error type : " + typeName + " not found in ColorTypes"); 
  68.844 -		return null; 
  68.845 -	  }
  68.846 -   	  printDebug(" gSB:: type : " + typeName + "  found in ColorTypes at position: " + position); 
  68.847 -	  markPos = ((i * numColorTypes + position) * u16Size) + index;	
  68.848 -
  68.849 -	  try {
  68.850 -	  	writeShortToStream(steBuffer,markSymbol,markPos);
  68.851 -  	  } catch (IOException ee)
  68.852 -  	  {
  68.853 -   	  	System.out.println(" gSB:: got exception : "); 
  68.854 -		return null; 
  68.855 -  	  }
  68.856 -	}
  68.857 -		
  68.858 -  } 
  68.859 -
  68.860 -  printDebug(" gSB:: ste binary  ==> Length " + steBuffer.length); 
  68.861 -  if (debug) 
  68.862 - 	printHex(steBuffer,steBuffer.length);
  68.863 -  printDebug("\n");
  68.864 -
  68.865 -  return steBuffer;
  68.866 - }
  68.867 -
  68.868 - public static  void printHex(byte [] dataArray, int length)
  68.869 - {
  68.870 -  char[] hexChars = {'0', '1', '2', '3', '4', '5', '6', '7',
  68.871 -                '8', '9', 'a', 'b', 'c', 'd', 'e', 'f'};
  68.872 -  int hexIndex;
  68.873 -  int value;
  68.874 -  int arraylength;
  68.875 -
  68.876 -  arraylength = length;
  68.877 -
  68.878 -  if (dataArray == null)
  68.879 -  {
  68.880 -        System.err.print("printHex: input byte array is null");
  68.881 -  }
  68.882 -
  68.883 -  if (length > dataArray.length || length < 0)
  68.884 -        arraylength = dataArray.length;
  68.885 -
  68.886 -  System.out.print("\n\t");
  68.887 -
  68.888 -  int i;
  68.889 -  for(i = 0; i < arraylength; )
  68.890 -  {
  68.891 -        value = dataArray[i] & 0xFF;
  68.892 -        hexIndex = (value >>> 4);
  68.893 -        System.out.print(hexChars[hexIndex]);
  68.894 -        hexIndex = (value & 0x0F);
  68.895 -        System.out.print(hexChars[hexIndex]);
  68.896 -
  68.897 -        i++;
  68.898 -        /* if done, print a final newline */
  68.899 -        if (i == arraylength) {
  68.900 -            if (arraylength < dataArray.length) {
  68.901 -                System.out.print("...");
  68.902 -            }
  68.903 -            System.out.println();
  68.904 -        }
  68.905 -        else if ((i % 24) == 0) {
  68.906 -            System.out.print("\n\t");
  68.907 -        }
  68.908 -        else if ((i % 4) == 0) {
  68.909 -                System.out.print(" ");
  68.910 -        }
  68.911 -  }
  68.912 -
  68.913 -  return;
  68.914 - }
  68.915 -
  68.916 -  
  68.917 - private void writeShortToStream(byte[] stream, short value, int index)
  68.918 -  throws IOException
  68.919 - {
  68.920 -  int littleEndian = 0;
  68.921 -  int byteVal;
  68.922 -
  68.923 -  if (index + 2 > stream.length)
  68.924 -  {
  68.925 -      throw new IOException("Writing beyond stream length: " +
  68.926 -                            stream.length + " writing at locations from: " + index + " to " + (index + 4));
  68.927 -  }
  68.928 -
  68.929 -  if (!LittleEndian)
  68.930 -  {
  68.931 -
  68.932 -	byteVal = value >> 8;
  68.933 -	stream[index ] = (byte) byteVal;
  68.934 -
  68.935 -	byteVal = value;
  68.936 -	stream[index + 1] = (byte) byteVal;
  68.937 -  } else {
  68.938 -	stream[index]  = (byte) ((value & 0x00ff) );
  68.939 -	stream[index + 1]  = (byte) ((value & 0xff00) >> 8);
  68.940 - }
  68.941 -  return;
  68.942 - }
  68.943 -
  68.944 - private void writeIntToStream(byte[] stream, int value, int index)
  68.945 -  throws IOException
  68.946 - {
  68.947 -  int littleEndian = 0;
  68.948 -  int byteVal;
  68.949 -
  68.950 -  if (4 > stream.length)
  68.951 -  {
  68.952 -      throw new IOException("writeIntToStream: stream length less than 4 bytes " +
  68.953 -                            stream.length);
  68.954 -  }
  68.955 -
  68.956 -  /* Do not Write beyond range */
  68.957 -  if (index + 4 > stream.length)
  68.958 -  {
  68.959 -      throw new IOException("writeIntToStream: writing beyond stream length: " +
  68.960 -                            stream.length + " writing at locations from: " + index + " to " + (index + 4));
  68.961 -  }
  68.962 -  if (!LittleEndian)
  68.963 -  {
  68.964 -	byteVal = value >>> 24;
  68.965 -	stream[index] = (byte) byteVal;
  68.966 -
  68.967 -	byteVal = value >> 16;
  68.968 -	stream[index + 1] = (byte) byteVal;
  68.969 -
  68.970 -	byteVal = value >> 8;
  68.971 -	stream[index + 2] = (byte) byteVal;
  68.972 -
  68.973 -	byteVal = value;
  68.974 -	stream[index + 3] = (byte) byteVal;
  68.975 -  } else {
  68.976 -	stream[index] = (byte) value;
  68.977 -	stream[index + 1]  = (byte) ((value & 0x0000ff00) >> 8);
  68.978 -	stream[index + 2]  = (byte) ((value & 0x00ff0000) >> 16);
  68.979 -	stream[index + 3] = (byte) ( value >>> 24);
  68.980 -  }
  68.981 -  return;
  68.982 - }
  68.983 -
  68.984 - public Document getDomTree(String xmlFileName)
  68.985 -  throws Exception, SAXException, ParserConfigurationException
  68.986 - {
  68.987 -  javax.xml.parsers.DocumentBuilderFactory dbf = 
  68.988 -	javax.xml.parsers.DocumentBuilderFactory.newInstance();
  68.989 -
  68.990 -  /* Turn on namespace aware and validation */
  68.991 -  dbf.setNamespaceAware(true);	
  68.992 -  dbf.setValidating(true);	
  68.993 -  dbf.setAttribute(JAXP_SCHEMA_LANGUAGE,W3C_XML_SCHEMA);
  68.994 -
  68.995 -  /* Checks that the document is well-formed */
  68.996 -  javax.xml.parsers.DocumentBuilder db = dbf.newDocumentBuilder();
  68.997 -
  68.998 -  myHandler errHandler= new myHandler();
  68.999 -  db.setErrorHandler(errHandler);
 68.1000 -  Document doc = db.parse(xmlFileName);
 68.1001 -
 68.1002 -  /* Checks for validation errors */
 68.1003 -  if (errHandler.isValid)
 68.1004 -       printDebug(" gDT:: Xml file: " + xmlFileName + " is valid");
 68.1005 -   else
 68.1006 -      throw new Exception("Xml file: " + xmlFileName + " is NOT valid");
 68.1007 -
 68.1008 -  return doc;
 68.1009 - }  
 68.1010 -
 68.1011 - public void processDomTree(
 68.1012 -	Document doc,
 68.1013 -	Vector bagOfSsids, 	
 68.1014 -	Vector bagOfTypes, 
 68.1015 -	Vector bagOfChwSsids, 
 68.1016 -	Vector bagOfChwTypes, 
 68.1017 -	Vector bagOfConflictSsids)
 68.1018 -  throws Exception, SAXException, ParserConfigurationException
 68.1019 - {
 68.1020 -  boolean found;
 68.1021 -
 68.1022 -  /* print the root Element */
 68.1023 -  Element root = doc.getDocumentElement();
 68.1024 -  printDebug ("\n pDT:: Document Element: Name = " + root.getNodeName() + ",Value = " + root.getNodeValue());
 68.1025 -
 68.1026 -  /* Go through the list of the root Element's Attributes */
 68.1027 -  NamedNodeMap nnm = root.getAttributes();
 68.1028 -  printDebug (" pDT:: # of Attributes: " + nnm.getLength());
 68.1029 -  for (int i = 0; i < nnm.getLength(); i++)
 68.1030 -  {
 68.1031 -         Node n = nnm.item (i);
 68.1032 -        printDebug (" pDT:: Attribute: Name = " + n.getNodeName() + ", Value = " 
 68.1033 -             + n.getNodeValue());
 68.1034 -  }
 68.1035 -
 68.1036 -  /* Retrieve the policy definition */ 
 68.1037 -  NodeList elementList = root.getElementsByTagName ("url");
 68.1038 -  String definitionFileName = elementList.item(0).getFirstChild().getNodeValue();  
 68.1039 -
 68.1040 -  String definitionHash = null;
 68.1041 -
 68.1042 -  /* Note that SecurityPolicySpec.xsd allows for 0 hash value! */
 68.1043 -  elementList = root.getElementsByTagName ("hash");
 68.1044 -  if (0 != elementList.getLength())
 68.1045 -      	definitionHash = elementList.item(0).getFirstChild().getNodeValue();  
 68.1046 -
 68.1047 -  Document definitionDoc = pGetDomDefinition(definitionFileName,definitionHash);
 68.1048 -  pGetTypes(definitionDoc,bagOfTypes, bagOfChwTypes, bagOfConflictSsids);
 68.1049 -
 68.1050 -
 68.1051 -  /* Get VM security information */
 68.1052 -  elementList = root.getElementsByTagName ("VM");
 68.1053 -  printDebug ("\n pDT:: partition length of NodeList:" + elementList.getLength());
 68.1054 -  /* Add default Ssid to Ste and Chw bags */			
 68.1055 -  SecurityLabel defEntry = new SecurityLabel();
 68.1056 -
 68.1057 -  defEntry.chwTypes = new Vector();
 68.1058 -  defEntry.steTypes = new Vector();
 68.1059 -  defEntry.chwIDs = new Vector();
 68.1060 -  defEntry.ids = new Vector();
 68.1061 -
 68.1062 -  defEntry.steSsidPosition =0;
 68.1063 -  defEntry.chwSsidPosition =0;
 68.1064 -  bagOfChwSsids.add(defEntry);
 68.1065 -  bagOfSsids.add(defEntry);
 68.1066 -
 68.1067 -  for (int x = 0; x < elementList.getLength(); x++)
 68.1068 -  {
 68.1069 -	found = false;
 68.1070 -
 68.1071 -        Node node = elementList.item (x);          
 68.1072 -
 68.1073 -	if (node.getNodeType() == Node.ELEMENT_NODE)
 68.1074 -	{
 68.1075 -	  printDebug (" pDT:: child: " + x + " is an element node" );
 68.1076 -	  Element e1 = (Element) node;
 68.1077 -
 68.1078 -  	  /* Get id */
 68.1079 -      	  NodeList elist = e1.getElementsByTagName ("id");
 68.1080 -      	  String idStr = elist.item(0).getFirstChild().getNodeValue();  
 68.1081 -      	  printDebug (" pDT:: id:" + idStr);
 68.1082 -
 68.1083 -	  /* Get TE */
 68.1084 -	  Vector colorTypes = new Vector();
 68.1085 -	  pConflictEntries(e1, "TE", bagOfTypes, colorTypes);
 68.1086 -
 68.1087 -	  Enumeration e = bagOfSsids.elements();
 68.1088 -	  while (e.hasMoreElements())
 68.1089 -	  {
 68.1090 -		SecurityLabel elem = (SecurityLabel) e.nextElement(); 
 68.1091 -		if ( elem.steTypes.size() == colorTypes.size() && elem.steTypes.containsAll(colorTypes))
 68.1092 -		{
 68.1093 -		  found = true;
 68.1094 -		  elem.ids.add(idStr);
 68.1095 -		}
 68.1096 -		
 68.1097 -	  }
 68.1098 -		if (!found && (0 < colorTypes.size()))
 68.1099 -		{
 68.1100 -		 SecurityLabel entry = new SecurityLabel();
 68.1101 -		 entry.steTypes = colorTypes;
 68.1102 -		 entry.ids = new Vector();
 68.1103 -		 entry.ids.add(idStr);
 68.1104 -		 bagOfSsids.add(entry);
 68.1105 -		}
 68.1106 -
 68.1107 -		/* Get Chinese wall type */
 68.1108 -	 	Vector chwTypes = new Vector();
 68.1109 -		pConflictEntries(e1, "ChWall", bagOfChwTypes, chwTypes);
 68.1110 -
 68.1111 -	        found = false;
 68.1112 -		e = bagOfChwSsids.elements();
 68.1113 -
 68.1114 -		while (e.hasMoreElements())
 68.1115 -		{
 68.1116 -  		  SecurityLabel elem = (SecurityLabel) e.nextElement(); 
 68.1117 -		  if ( elem.chwTypes.size() == chwTypes.size() && elem.chwTypes.containsAll(chwTypes))
 68.1118 -		  {
 68.1119 -		    found = true;
 68.1120 -		    elem.chwIDs.add(idStr);
 68.1121 -		  }
 68.1122 -		
 68.1123 -		}
 68.1124 -
 68.1125 -		if (!found && (0 < chwTypes.size()))
 68.1126 -		{
 68.1127 -		 SecurityLabel entry = new SecurityLabel();
 68.1128 -		 entry.chwTypes = chwTypes;
 68.1129 -		 entry.chwIDs = new Vector();
 68.1130 -		 entry.chwIDs.add(idStr);
 68.1131 -		 bagOfChwSsids.add(entry);
 68.1132 -		}
 68.1133 -      }
 68.1134 -  } 
 68.1135 -  return;
 68.1136 - }
 68.1137 -
 68.1138 - public Document pGetDomDefinition(
 68.1139 -	String definitionFileName, 
 68.1140 -	String definitionHash) 
 68.1141 -  throws Exception, SAXException, ParserConfigurationException
 68.1142 - {
 68.1143 -  printDebug("\n pGDD:: definition file name: " + definitionFileName);
 68.1144 -  printDebug("\n pGDD:: definition file hash: " + definitionHash);
 68.1145 -  
 68.1146 -  Document doc =  getDomTree(definitionFileName);
 68.1147 -  return doc; 
 68.1148 - }
 68.1149 -
 68.1150 - public void pGetTypes(
 68.1151 -	Document defDoc,
 68.1152 -	Vector bagOfTypes, 
 68.1153 -	Vector bagOfChwTypes, 
 68.1154 -	Vector bagOfConflictSsids)
 68.1155 -  throws Exception
 68.1156 - {
 68.1157 -
 68.1158 -
 68.1159 -  if (null == defDoc)
 68.1160 -      throw new Exception(" pGT:: definition file DOM is null ");
 68.1161 -
 68.1162 -  Element root = defDoc.getDocumentElement();
 68.1163 -
 68.1164 -  /* Get list of TE types */
 68.1165 -  NodeList elementList = root.getElementsByTagName ("Types");
 68.1166 -  printDebug ("\n pGT:: Types length of NodeList:" + elementList.getLength());
 68.1167 -  Element e1 = (Element) elementList.item (0);          
 68.1168 -  pGetEntries(e1,"TE",bagOfTypes);
 68.1169 -
 68.1170 -  /* Get list of Chinese types */
 68.1171 -  elementList = root.getElementsByTagName ("ChWallTypes");
 68.1172 -  printDebug ("\n pGT:: ChwTypes length of NodeList:" + elementList.getLength());
 68.1173 -  if (0 ==  elementList.getLength())
 68.1174 -  {
 68.1175 -  	printDebug ("\n pGT:: ChWallTypes has zero length: :" + elementList.getLength());
 68.1176 -  } else {
 68.1177 -	e1 = (Element) elementList.item (0);          
 68.1178 -	pGetEntries(e1,"ChWall",bagOfChwTypes);
 68.1179 -  }
 68.1180 -  printDebug (" pGT:: Total number of unique chw types: " + bagOfChwTypes.size());
 68.1181 -
 68.1182 -  /* Get Chinese type conflict sets */
 68.1183 -  elementList = root.getElementsByTagName ("ConflictSet");
 68.1184 -  printDebug ("\n pGT:: Conflict sets length of NodeList:" + elementList.getLength());
 68.1185 -  for (int x = 0; x < elementList.getLength(); x++)
 68.1186 -  {
 68.1187 - 	Vector conflictEntry  = new Vector();
 68.1188 -  	e1 = (Element) elementList.item (x);          
 68.1189 -  	printDebug ("\n pGT:: Conflict sets : " + x);
 68.1190 -
 68.1191 -	pConflictEntries(e1, "ChWall", bagOfChwTypes, conflictEntry);
 68.1192 -
 68.1193 -	if (conflictEntry.size() > 0)
 68.1194 -	{
 68.1195 -	  boolean found = false;
 68.1196 -	  Enumeration e = bagOfConflictSsids.elements();
 68.1197 -	
 68.1198 -	  while (e.hasMoreElements())
 68.1199 -	  {
 68.1200 -		Vector elem = (Vector) e.nextElement(); 
 68.1201 -		if (elem.size() == conflictEntry.size() && elem.containsAll(conflictEntry))
 68.1202 -	  	{
 68.1203 -	    	  found = true;
 68.1204 -	  	}
 68.1205 -		
 68.1206 -	  }
 68.1207 -	  if (!found)
 68.1208 -	  {
 68.1209 -		bagOfConflictSsids.add(conflictEntry);
 68.1210 -	  }
 68.1211 -  	}
 68.1212 -  }
 68.1213 -
 68.1214 - }
 68.1215 -
 68.1216 - public void  pGetEntries(Element doc, String tag, Vector typeBag)
 68.1217 -  throws Exception
 68.1218 - {
 68.1219 -
 68.1220 -  if (null == doc)
 68.1221 -      throw new Exception(" pGE:: Element doc is null");
 68.1222 -
 68.1223 -  if (null == typeBag)
 68.1224 -      throw new Exception(" pGE:: typeBag  is null");
 68.1225 -
 68.1226 -  NodeList elist = doc.getElementsByTagName (tag);
 68.1227 -  for (int j = 0; j < elist.getLength(); j++)
 68.1228 -  {
 68.1229 -  	Node knode = elist.item (j);          
 68.1230 -       	Node childNode = knode.getFirstChild();     
 68.1231 -       	String value = childNode.getNodeValue();
 68.1232 -
 68.1233 -	printDebug (" pGT:: "+ tag +" type: " + value);
 68.1234 -
 68.1235 -        /* Check if value is known */
 68.1236 -	if (!typeBag.contains(value))
 68.1237 -		typeBag.addElement(value);
 68.1238 -  }
 68.1239 - }
 68.1240 -
 68.1241 - public void  pConflictEntries(Element doc, String tag, Vector typeBag, Vector conflictEntry)
 68.1242 -  throws Exception
 68.1243 - {
 68.1244 -
 68.1245 -  if (null == doc)
 68.1246 -      throw new Exception(" pGE:: Element doc is null");
 68.1247 -
 68.1248 -  if (null == typeBag)
 68.1249 -      throw new Exception(" pGE:: typeBag  is null");
 68.1250 -
 68.1251 -  if (null == conflictEntry)
 68.1252 -      throw new Exception(" pGE:: typeBag  is null");
 68.1253 -
 68.1254 -
 68.1255 -  NodeList elist = doc.getElementsByTagName (tag);
 68.1256 -
 68.1257 -  for (int j = 0; j < elist.getLength(); j++)
 68.1258 -  {
 68.1259 -  	Node knode = elist.item (j);          
 68.1260 -       	Node childNode = knode.getFirstChild();     
 68.1261 -       	String value = childNode.getNodeValue();
 68.1262 -
 68.1263 -	printDebug (" pGE:: "+ tag +" type: " + value);
 68.1264 -
 68.1265 -        /* Check if value is known */
 68.1266 -	if (!typeBag.contains(value))
 68.1267 -      		throw new Exception(" pCE:: found undefined type set " + value);
 68.1268 -
 68.1269 -	if (!conflictEntry.contains(value))
 68.1270 -		conflictEntry.addElement(value);
 68.1271 -
 68.1272 -  }
 68.1273 - }
 68.1274 -
 68.1275 -  public void processDomTreeVlanSlot(
 68.1276 -	Document doc,
 68.1277 -	Vector bagOfSsids, 	
 68.1278 -	Vector bagOfTypes) 	
 68.1279 -  throws Exception
 68.1280 - {
 68.1281 -      boolean found;
 68.1282 -
 68.1283 -  printDebug(" pDTVS::Size of bagOfSsids: "+ bagOfSsids.size());
 68.1284 -  Element root = doc.getDocumentElement();
 68.1285 -
 68.1286 -  NodeList elementList = root.getElementsByTagName ("Vlan");
 68.1287 -  printDebug("\n pDTVS:: Vlan length of NodeList:" + elementList.getLength());
 68.1288 -
 68.1289 -  for (int x = 0; x < elementList.getLength(); x++)
 68.1290 -  {
 68.1291 -	found = false;
 68.1292 -
 68.1293 -        Node node = elementList.item (x);          
 68.1294 -
 68.1295 -	if (node.getNodeType() == Node.ELEMENT_NODE)
 68.1296 -	{
 68.1297 -	  printDebug(" pDTVS:: child: " + x + " is an element node" );
 68.1298 -	  Element e1 = (Element) node;
 68.1299 -
 68.1300 -	  /* Get vid */
 68.1301 -      	  NodeList elist = e1.getElementsByTagName ("vid");
 68.1302 -      	  String idStr = elist.item(0).getFirstChild().getNodeValue();  
 68.1303 -      	  printDebug (" pDTVS:: vid:" + idStr);
 68.1304 -
 68.1305 -	  /* Get TE */
 68.1306 -      	  elist = e1.getElementsByTagName ("TE");
 68.1307 -          printDebug (" pDTVS:: Total ste types: " + elist.getLength());
 68.1308 -
 68.1309 -	  Vector colorTypes = new Vector();
 68.1310 -	  for (int j = 0; j < elist.getLength(); j++)
 68.1311 -	  {
 68.1312 -		Node knode = elist.item (j);          
 68.1313 -        	Node childNode = knode.getFirstChild();     
 68.1314 -        	String value = childNode.getNodeValue();
 68.1315 -
 68.1316 -		printDebug (" pDT:: My color is: " + value);
 68.1317 -		if (!bagOfTypes.contains(value))
 68.1318 -		{
 68.1319 -      		  throw new IOException("pDT:: Vlan: " + idStr+ " has unknown type : "+ value);
 68.1320 -		}
 68.1321 -
 68.1322 -		if (!colorTypes.contains(value))
 68.1323 -		  colorTypes.addElement(value);
 68.1324 -	  }
 68.1325 -	  Enumeration e = bagOfSsids.elements();
 68.1326 -	  while (e.hasMoreElements())
 68.1327 -	  {
 68.1328 -		SecurityLabel elem = (SecurityLabel) e.nextElement(); 
 68.1329 -		if ( elem.steTypes.size() == colorTypes.size() && elem.steTypes.containsAll(colorTypes))
 68.1330 -		{
 68.1331 -		  found = true;
 68.1332 -		  if (null == elem.vlans)
 68.1333 -			elem.vlans = new Vector();
 68.1334 -		   elem.vlans.add(idStr);
 68.1335 -		}
 68.1336 -		
 68.1337 -	  }
 68.1338 -	  if (!found && (0 < colorTypes.size()))
 68.1339 -	  {
 68.1340 -		 SecurityLabel entry = new SecurityLabel();
 68.1341 -		 entry.steTypes = colorTypes;
 68.1342 -		 entry.vlans = new Vector();
 68.1343 -		 entry.vlans.add(idStr);
 68.1344 -		 bagOfSsids.add(entry);
 68.1345 -	  }
 68.1346 -
 68.1347 -	}
 68.1348 -  } 
 68.1349 -  printDebug(" pDTVS::After slot Size of bagOfSsids: "+ bagOfSsids.size());
 68.1350 -
 68.1351 -  elementList = root.getElementsByTagName ("Slot");
 68.1352 -  printDebug ("\n pDTVS:: Slot length of NodeList:" + elementList.getLength());
 68.1353 -
 68.1354 -  for (int x = 0; x < elementList.getLength(); x++)
 68.1355 -  {
 68.1356 -	found = false;
 68.1357 -
 68.1358 -        Node node = elementList.item (x);          
 68.1359 -
 68.1360 -	if (node.getNodeType() == Node.ELEMENT_NODE)
 68.1361 -	{
 68.1362 -	  printDebug(" pDT:: child: " + x + " is an element node" );
 68.1363 -	  Element e1 = (Element) node;
 68.1364 -
 68.1365 -
 68.1366 -	  /* Get slot and bus */
 68.1367 -	  SlotInfo item = new SlotInfo();
 68.1368 -
 68.1369 -	  NodeList elist = e1.getElementsByTagName ("bus");
 68.1370 -	  item.bus = elist.item(0).getFirstChild().getNodeValue();  
 68.1371 -      	  elist = e1.getElementsByTagName ("slot");
 68.1372 -      	  item.slot = elist.item(0).getFirstChild().getNodeValue();  
 68.1373 -      	  printDebug (" pDT:: bus and slot:" + item.bus + " "+ item.slot);
 68.1374 -
 68.1375 -	  /* Get TE */
 68.1376 -      	  elist = e1.getElementsByTagName ("TE");
 68.1377 -          printDebug (" pDT:: Total ste types: " + elist.getLength());
 68.1378 -
 68.1379 -	  Vector colorTypes = new Vector();
 68.1380 -	  for (int j = 0; j < elist.getLength(); j++)
 68.1381 -	  {
 68.1382 -        	Node knode = elist.item (j);          
 68.1383 -        	Node childNode = knode.getFirstChild();     
 68.1384 -        	String value = childNode.getNodeValue();
 68.1385 -
 68.1386 -		printDebug (" pDT:: My color is: " + value);
 68.1387 -		if (!bagOfTypes.contains(value))
 68.1388 -		{
 68.1389 -		  throw new IOException("pDT:: bus: " + item.bus + " slot: "+ item.slot + " has unknown type : "+ value);
 68.1390 -		}
 68.1391 -
 68.1392 -		if (!colorTypes.contains(value))
 68.1393 -		  colorTypes.addElement(value);
 68.1394 -		}
 68.1395 -
 68.1396 -		Enumeration e = bagOfSsids.elements();
 68.1397 -		while (e.hasMoreElements())
 68.1398 -		{
 68.1399 -  		  SecurityLabel elem = (SecurityLabel) e.nextElement(); 
 68.1400 -		  if ( elem.steTypes.size() == colorTypes.size() && elem.steTypes.containsAll(colorTypes))
 68.1401 -		  {
 68.1402 -			found = true;
 68.1403 -			if (null == elem.slots)
 68.1404 -			  elem.slots = new Vector();
 68.1405 -			elem.slots.add(item);
 68.1406 -
 68.1407 -		  }
 68.1408 -		
 68.1409 -		}
 68.1410 -
 68.1411 -		if (!found && (0 < colorTypes.size()))
 68.1412 -		{
 68.1413 -		  SecurityLabel entry = new SecurityLabel();
 68.1414 -		  entry.steTypes = colorTypes;
 68.1415 -		  entry.slots = new Vector();
 68.1416 -		  entry.slots.add(item);
 68.1417 -		  bagOfSsids.add(entry);
 68.1418 -		}
 68.1419 -
 68.1420 -	}
 68.1421 -  }
 68.1422 -  return;
 68.1423 - }
 68.1424 -
 68.1425 - public static void main (String[] args) 
 68.1426 - {
 68.1427 -  String xmlFileName = null;        	/* policy file */ 
 68.1428 -  String outputFileName = null;     	/* binary policy file */
 68.1429 -  String xenSsidOutputFileName = null; 	/* outputfile ssid to named types */	
 68.1430 -					/* outputfile conflicts ssid to named types */	
 68.1431 -  String xenSsidConfOutputFileName = null; 	
 68.1432 -
 68.1433 -  XmlToBin genObj = new XmlToBin(); 
 68.1434 -
 68.1435 -  policy_version active_policy = new policy_version();
 68.1436 -
 68.1437 -  if ((active_policy.ACM_POLICY_VERSION != ACM_POLICY_VERSION) ||
 68.1438 -      (active_policy.ACM_CHWALL_VERSION != ACM_CHWALL_VERSION) ||
 68.1439 -      (active_policy.ACM_STE_VERSION != ACM_STE_VERSION)) {
 68.1440 -	  System.out.println("ACM policy versions differ.");
 68.1441 -	  System.out.println("Please verify that data structures are correct");
 68.1442 -	  System.out.println("and then adjust the version numbers in XmlToBinInterface.java.");
 68.1443 -	  return;
 68.1444 -  }
 68.1445 -
 68.1446 -
 68.1447 -  for (int i = 0 ; i < args.length ; i++) {
 68.1448 -
 68.1449 -	if ( args[i].equals("-help"))  {
 68.1450 -          printUsage();
 68.1451 -          System.exit(1);
 68.1452 -
 68.1453 -        } else if ( args[i].equals("-i"))  {
 68.1454 -          i++;
 68.1455 -          if (i < args.length) {
 68.1456 -               xmlFileName = args[i];   
 68.1457 -          } else  {
 68.1458 -                System.out.println("-i argument needs parameter");
 68.1459 -                System.exit(1);
 68.1460 -          }
 68.1461 -
 68.1462 -	} else if ( args[i].equals("-o"))  {
 68.1463 -          i++;
 68.1464 -          if (i < args.length) {
 68.1465 -                outputFileName = args[i];   
 68.1466 -          } else {
 68.1467 -                System.out.println("-o argument needs parameter");
 68.1468 -                System.exit(1);
 68.1469 -          }
 68.1470 -
 68.1471 -	} else if ( args[i].equals("-xssid"))  {
 68.1472 -          i++;
 68.1473 -          if (i < args.length) {
 68.1474 -                 xenSsidOutputFileName = args[i];   
 68.1475 -          } else {
 68.1476 -                System.out.println("-xssid argument needs parameter");
 68.1477 -                System.exit(1);
 68.1478 -          }
 68.1479 -
 68.1480 -	} else if ( args[i].equals("-xssidconf"))  {
 68.1481 -          i++;
 68.1482 -          if (i < args.length) {
 68.1483 -                xenSsidConfOutputFileName = args[i]; 
 68.1484 -          } else {
 68.1485 -                System.out.println("-xssidconf argument needs parameter");
 68.1486 -                System.exit(1);
 68.1487 -          }
 68.1488 -	} else if ( args[i].equals("-debug"))  { /* turn on debug msg */
 68.1489 -	 	genObj.setDebug(true);
 68.1490 -        } else {
 68.1491 -          System.out.println("bad command line argument: " + args[i]);
 68.1492 -          printUsage();
 68.1493 -          System.exit(1);
 68.1494 -        }
 68.1495 -
 68.1496 -  }
 68.1497 -
 68.1498 -  if (xmlFileName == null)
 68.1499 -  { 
 68.1500 -	System.out.println("Need to specify input file -i option");
 68.1501 -        printUsage();
 68.1502 -        System.exit(1);
 68.1503 -  }
 68.1504 -
 68.1505 -
 68.1506 -  try 
 68.1507 -  {
 68.1508 -	/* Parse and validate */
 68.1509 - 	Document doc =  genObj.getDomTree(xmlFileName);
 68.1510 -
 68.1511 -	/* Vectors to hold sets of types */
 68.1512 -	Vector bagOfSsids = new Vector();
 68.1513 -	Vector bagOfTypes = new Vector();
 68.1514 -	Vector bagOfChwSsids = new Vector();
 68.1515 -	Vector bagOfChwTypes = new Vector();
 68.1516 -	Vector bagOfConflictSsids = new Vector();
 68.1517 -
 68.1518 -	Vector vlanMapSsids = new Vector();
 68.1519 -	Vector slotMapSsids = new Vector();
 68.1520 -
 68.1521 -	genObj.processDomTree(doc, bagOfSsids, bagOfTypes, bagOfChwSsids, bagOfChwTypes, bagOfConflictSsids);
 68.1522 -
 68.1523 -	genObj.processDomTreeVlanSlot(doc, bagOfSsids, bagOfTypes);
 68.1524 -
 68.1525 -	/* Get binary representation of policies */
 68.1526 -  	byte[] stePolicy = genObj.generateSteBuffer(bagOfSsids, bagOfTypes);
 68.1527 -  	byte[] chwPolicy = genObj.generateChwBuffer(bagOfChwSsids, bagOfConflictSsids,bagOfChwTypes);
 68.1528 -
 68.1529 -  	byte[] binPolicy = null;
 68.1530 - 	byte[] binaryPartionSsid = null;
 68.1531 -  	byte[] binaryVlanSsid = null;
 68.1532 -  	byte[] binarySlotSsid = null;
 68.1533 -
 68.1534 -	/* Get binary representation of partition to ssid mapping */
 68.1535 -  	binaryPartionSsid = genObj.generatePartSsids(bagOfSsids,bagOfChwSsids);
 68.1536 -
 68.1537 -	/* Get binary representation of vlan to ssid mapping */
 68.1538 -  	binaryVlanSsid = genObj.generateVlanSsids(bagOfSsids);
 68.1539 -
 68.1540 -	/* Get binary representation of slot to ssid mapping */
 68.1541 -  	binarySlotSsid = genObj.generateSlotSsids(bagOfSsids);
 68.1542 -
 68.1543 -	/* Generate binary representation: policy, partition, slot and vlan */
 68.1544 -  	binPolicy = genObj.GenBinaryPolicyBuffer(chwPolicy,stePolicy, binaryPartionSsid, binaryVlanSsid, binarySlotSsid);
 68.1545 -
 68.1546 -
 68.1547 -	/* Write binary policy into file */
 68.1548 -	if (null != outputFileName)
 68.1549 -	{
 68.1550 -  		genObj.writeBinPolicy(binPolicy, outputFileName);
 68.1551 -	} else {
 68.1552 -		System.out.println (" No binary policy generated, outputFileName:  " + outputFileName);
 68.1553 -	}
 68.1554 -
 68.1555 -	/* Print total number of types */
 68.1556 -	System.out.println (" Total number of unique ste types: " + bagOfTypes.size());
 68.1557 -	System.out.println (" Total number of Ssids : " + bagOfSsids.size());
 68.1558 -	System.out.println (" Total number of unique chw types: " + bagOfChwTypes.size());
 68.1559 -	System.out.println (" Total number of conflict ssids : " + bagOfConflictSsids.size());
 68.1560 -	System.out.println (" Total number of chw Ssids : " + bagOfChwSsids.size());
 68.1561 -
 68.1562 -   	if (null != xenSsidOutputFileName)
 68.1563 -  		genObj.writeXenTypeFile(bagOfSsids, xenSsidOutputFileName, true);
 68.1564 -
 68.1565 -   	if (null != xenSsidConfOutputFileName)
 68.1566 -  		genObj.writeXenTypeFile(bagOfChwSsids, xenSsidConfOutputFileName, false);
 68.1567 -    } 
 68.1568 -    catch (Exception e) 
 68.1569 -    {
 68.1570 -      e.printStackTrace();
 68.1571 -    }
 68.1572 -  }
 68.1573 -}
    69.1 --- a/tools/misc/policyprocessor/XmlToBinInterface.java	Thu Aug 18 10:40:02 2005 -0800
    69.2 +++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
    69.3 @@ -1,138 +0,0 @@
    69.4 -/**
    69.5 - * (C) Copyright IBM Corp. 2005
    69.6 - *
    69.7 - * $Id: XmlToBinInterface.java,v 1.3 2005/06/20 21:07:37 rvaldez Exp $
    69.8 - *
    69.9 - * Author: Ray Valdez
   69.10 - *
   69.11 - * This program is free software; you can redistribute it and/or
   69.12 - * modify it under the terms of the GNU General Public License as
   69.13 - * published by the Free Software Foundation, version 2 of the
   69.14 - * License.
   69.15 - *
   69.16 - * XmlToBinInterface Class.  
   69.17 - * <p>
   69.18 - *
   69.19 - * Defines constants used by XmToBin.
   69.20 - *
   69.21 - * <p>
   69.22 - *
   69.23 - *	policy binary structures
   69.24 - *
   69.25 - * struct acm_policy_buffer {
   69.26 - *	u32 policy_version; * ACM_POLICY_VERSION *
   69.27 - *      u32 magic;
   69.28 - *	u32 len;
   69.29 - *	u32 primary_policy_code;
   69.30 - *	u32 primary_buffer_offset;
   69.31 - *	u32 secondary_policy_code;
   69.32 - *	u32 secondary_buffer_offset;
   69.33 - *      +u32 resource offset (not used yet in Xen)
   69.34 - * };
   69.35 - *
   69.36 - *
   69.37 - * struct acm_ste_policy_buffer {
   69.38 - *	u32 policy_version; * ACM_STE_VERSION *
   69.39 - *	u32 policy_code;
   69.40 - *	u32 ste_max_types;
   69.41 - *	u32 ste_max_ssidrefs;
   69.42 - *	u32 ste_ssid_offset;
   69.43 - * };
   69.44 - *
   69.45 - * struct acm_chwall_policy_buffer {
   69.46 - *	u32 policy_version; * ACM_CHWALL_VERSION *
   69.47 - *	u32 policy_code;
   69.48 - *	u32 chwall_max_types;
   69.49 - *	u32 chwall_max_ssidrefs;
   69.50 - *	u32 chwall_max_conflictsets;
   69.51 - *	u32 chwall_ssid_offset;
   69.52 - *	u32 chwall_conflict_sets_offset;
   69.53 - *	u32 chwall_running_types_offset;
   69.54 - *	u32 chwall_conflict_aggregate_offset;
   69.55 - * };
   69.56 - *
   69.57 - *	typedef struct {
   69.58 - *	u16 partition_max;
   69.59 - *	u16 partition_offset;
   69.60 - *	u16 vlan_max;
   69.61 - *	u16 vlan_offset;
   69.62 - *	u16 slot_max;
   69.63 - *	u16 slot_offset;
   69.64 - *	} acm_resource_buffer_t;
   69.65 - *
   69.66 - *	typedef struct {
   69.67 - *	u16 id;
   69.68 - *	u16 ssid_ste;
   69.69 - *	u16 ssid_chwall;
   69.70 - *	} acm_partition_entry_t;
   69.71 - *
   69.72 - *	typedef struct {
   69.73 - *	u16 vlan;
   69.74 - *	u16 ssid_ste;
   69.75 - *	} acm_vlan_entry_t;
   69.76 - *
   69.77 - *	typedef struct {
   69.78 - *	u16 bus;
   69.79 - *	u16 slot;
   69.80 - *	u16 ssid_ste;
   69.81 - *	} acm_slot_entry_t;
   69.82 - *
   69.83 - *       
   69.84 - *
   69.85 - */
   69.86 -public interface XmlToBinInterface
   69.87 -{
   69.88 -  /* policy code  (uint16) */
   69.89 -  final int policyCodeSize = 2;
   69.90 -
   69.91 -  /* max_types    (uint16) */
   69.92 -  final int maxTypesSize = 2;
   69.93 -
   69.94 -  /* max_ssidrefs (uint16) */
   69.95 -  final int maxSsidrefSize = 2;
   69.96 -
   69.97 -  /* ssid_offset  (uint32) */
   69.98 -  final int ssidOffsetSize = 2;
   69.99 -
  69.100 -  final short markSymbol = 0x0001;
  69.101 -
  69.102 -  final int u32Size = 4;
  69.103 -  final int u16Size = 2;
  69.104 -
  69.105 -  /* num of bytes for acm_ste_policy_buffer_t */
  69.106 -  final int steHeaderSize = (5 * u32Size);
  69.107 -
  69.108 -  /* byte for acm_chinese_wall_policy_buffer_t */
  69.109 -  final int chwHeaderSize = (9 * u32Size);
  69.110 -
  69.111 -  final int primaryPolicyCodeSize = u32Size;
  69.112 -  final int primaryBufferOffsetSize = u32Size ;
  69.113 -
  69.114 -  final int secondaryPolicyCodeSz = u32Size;
  69.115 -  final int secondaryBufferOffsetSz = u32Size;
  69.116 -  final int resourceOffsetSz = u32Size;
  69.117 -
  69.118 -  final short partitionBufferSz = (2 * u16Size);
  69.119 -  final short partitionEntrySz = (3 * u16Size);
  69.120 -
  69.121 -  final short slotBufferSz = (2 * u16Size);
  69.122 -  final short slotEntrySz = (3 * u16Size);
  69.123 -
  69.124 -  final short vlanBufferSz = (2 * u16Size);
  69.125 -  final short vlanEntrySz = (2 * u16Size);
  69.126 -
  69.127 -  final int binaryBufferHeaderSz = (8 * u32Size); /* 8th not used in Xen */
  69.128 -
  69.129 -  /* copied directly from acm.h */
  69.130 -  final int ACM_MAGIC  =  0x0001debc;
  69.131 -  final int ACM_NULL_POLICY = 0;
  69.132 -  final int ACM_CHINESE_WALL_POLICY = 1;
  69.133 -  final int ACM_SIMPLE_TYPE_ENFORCEMENT_POLICY = 2;
  69.134 -  final int ACM_CHINESE_WALL_AND_SIMPLE_TYPE_ENFORCEMENT_POLICY = 3;
  69.135 -  final int ACM_EMPTY_POLICY = 4;
  69.136 -
  69.137 -  /* version for compatibility check */
  69.138 -  final int ACM_POLICY_VERSION = 1;
  69.139 -  final int ACM_STE_VERSION    = 1;
  69.140 -  final int ACM_CHWALL_VERSION = 1;
  69.141 -}
    70.1 --- a/tools/misc/policyprocessor/c2j_include.c	Thu Aug 18 10:40:02 2005 -0800
    70.2 +++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
    70.3 @@ -1,57 +0,0 @@
    70.4 -/****************************************************************
    70.5 - * c2j_include.c
    70.6 - *
    70.7 - * Copyright (C) 2005 IBM Corporation
    70.8 - *
    70.9 - * Authors:
   70.10 - * Reiner Sailer <sailer@watson.ibm.com>
   70.11 - *
   70.12 - * This program is free software; you can redistribute it and/or
   70.13 - * modify it under the terms of the GNU General Public License as
   70.14 - * published by the Free Software Foundation, version 2 of the
   70.15 - * License.
   70.16 - *
   70.17 - * This tool makes some constants from acm.h available to the
   70.18 - * java policyprocessor for version checking.
   70.19 - */
   70.20 -#include <stdio.h>
   70.21 -#include <errno.h>
   70.22 -#include <stdlib.h>
   70.23 -#include <stdint.h>
   70.24 -
   70.25 -typedef uint8_t  u8;
   70.26 -typedef uint16_t u16;
   70.27 -typedef uint32_t u32;
   70.28 -typedef uint64_t u64;
   70.29 -typedef int8_t   s8;
   70.30 -typedef int16_t  s16;
   70.31 -typedef int32_t  s32;
   70.32 -typedef int64_t  s64;
   70.33 -
   70.34 -#include <xen/acm.h>
   70.35 -
   70.36 -char *filename = "policy_version.java";
   70.37 -
   70.38 -int main(int argc, char **argv)
   70.39 -{
   70.40 -
   70.41 -    FILE *fd;
   70.42 -    if ((fd = fopen(filename, "w")) <= 0)
   70.43 -    {
   70.44 -        printf("File %s not found.\n", filename);
   70.45 -        exit(-ENOENT);
   70.46 -    }
   70.47 -
   70.48 -    fprintf(fd, "/*\n * This file was automatically generated\n");
   70.49 -    fprintf(fd, " * Do not change it manually!\n */\n");
   70.50 -    fprintf(fd, "public class policy_version {\n");
   70.51 -    fprintf(fd, "	final int ACM_POLICY_VERSION = %x;\n",
   70.52 -            ACM_POLICY_VERSION);
   70.53 -    fprintf(fd, "	final int ACM_CHWALL_VERSION = %x;\n",
   70.54 -            ACM_CHWALL_VERSION);
   70.55 -    fprintf(fd, "	final int ACM_STE_VERSION = %x;\n",
   70.56 -            ACM_STE_VERSION);
   70.57 -    fprintf(fd, "}\n");
   70.58 -    fclose(fd);
   70.59 -    return 0;
   70.60 -}
    71.1 --- a/tools/misc/policyprocessor/myHandler.java	Thu Aug 18 10:40:02 2005 -0800
    71.2 +++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
    71.3 @@ -1,47 +0,0 @@
    71.4 -/**
    71.5 - * (C) Copyright IBM Corp. 2005
    71.6 - *
    71.7 - * $Id: myHandler.java,v 1.2 2005/06/17 20:00:04 rvaldez Exp $
    71.8 - *
    71.9 - * Author: Ray Valdez
   71.10 - *
   71.11 - * This program is free software; you can redistribute it and/or
   71.12 - * modify it under the terms of the GNU General Public License as
   71.13 - * published by the Free Software Foundation, version 2 of the
   71.14 - * License.
   71.15 - *
   71.16 - * myHandler Class.  
   71.17 - *
   71.18 - * <p>
   71.19 - *
   71.20 - * A dummy class used for detecting XML validating/parsing errors.
   71.21 - *
   71.22 - * <p>
   71.23 - *
   71.24 - *
   71.25 - */
   71.26 -import org.xml.sax.helpers.*;
   71.27 -import org.xml.sax.SAXParseException;
   71.28 -
   71.29 -class myHandler extends DefaultHandler 
   71.30 -{ 
   71.31 - public boolean isValid = true;
   71.32 -
   71.33 - /* Notification of a recoverable error. */
   71.34 - public void error(SAXParseException se) 
   71.35 - { 
   71.36 -  isValid = false;
   71.37 - } 
   71.38 -
   71.39 - /* Notification of a non-recoverable error. */
   71.40 - public void fatalError(SAXParseException se) 
   71.41 - { 
   71.42 -  isValid = false;
   71.43 - } 
   71.44 -
   71.45 - /* Notification of a warning. */
   71.46 - public void warning(SAXParseException se) 
   71.47 - {
   71.48 -  isValid = false;
   71.49 - }
   71.50 -}
    72.1 --- a/tools/misc/policyprocessor/readme.install	Thu Aug 18 10:40:02 2005 -0800
    72.2 +++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
    72.3 @@ -1,33 +0,0 @@
    72.4 -# Author: Ray Valdez, rvaldez@us.ibm.com 
    72.5 -# Version: 1.0
    72.6 -#
    72.7 -# install readme
    72.8 -#
    72.9 -PREREQUISITES:
   72.10 -
   72.11 -Prior to installation of the policy processor tool (XmlToBin) you must have...
   72.12 -
   72.13 - 1. Java version 1.4.2
   72.14 - 2. xmlParserAPIs.jar and xercesImpl.jar
   72.15 -
   72.16 -The above can be obtained from the Sun Developer Network web site at
   72.17 -http://java.sun.com/j2se/1.4.2/download.html.
   72.18 -
   72.19 -XmlParserAPIs and xercesImpl jars can be obtained from
   72.20 -http://www.apache.org/dist/xml/xerces-j (Xerces-J-bin.2.6.2.tar.gz,
   72.21 -for example).
   72.22 -
   72.23 -The tool has been tested with J2SE v1.4.2_08 JRE on Linux (32-bit
   72.24 -INTEL).
   72.25 -
   72.26 -INSTALLATION
   72.27 -
   72.28 -1. Set PATH to include $HOME_JAVA/bin and $HOME_JAVA/jre/bin
   72.29 -   where $HOME_JAVA is your java installation directory
   72.30 -
   72.31 -2. Compile XmlToBin:
   72.32 -   javac XmlToBin.java
   72.33 -	
   72.34 -USAGE
   72.35 -
   72.36 - See readme.xen
    73.1 --- a/tools/misc/policyprocessor/readme.xen	Thu Aug 18 10:40:02 2005 -0800
    73.2 +++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
    73.3 @@ -1,65 +0,0 @@
    73.4 -# Author: Ray Valdez, rvaldez@us.ibm.com 
    73.5 -# Version: 1.0
    73.6 -#
    73.7 -# This readme describes the policy processor tool for sHype.
    73.8 -#
    73.9 -
   73.10 -Java program:
   73.11 -
   73.12 - java XmlToBin -i [file.xml] -o <file.bin> -xssid <SsidFile> -xssidconf <SsidConf>
   73.13 -
   73.14 - Command line options:
   73.15 -
   73.16 -        -i              inputFile:      name of policyfile (.xml)
   73.17 -        -o              outputFile:     name of binary policy file (Big Endian)
   73.18 -        -xssid          SsidFile:       xen ssids to named types text file
   73.19 -        -xssidconf      SsidConf:   	xen conflict ssids to types text file
   73.20 -        -debug                          turn on debug messages
   73.21 -        -help                           help. This printout
   73.22 -
   73.23 -Where:
   73.24 -
   73.25 -file.xml is the (input) xml policy file to be parsed and validated.
   73.26 -The syntax for file.xml is defined in the SecurityPolicySpec.xsd file.
   73.27 -file.bin is the (output) binary policy file generated by XmlToBin.
   73.28 -This binary policy can be activated in sHype. The binary policy file
   73.29 -is laid out in network byte order (i.e., big endian).  The SsidFile
   73.30 -file contains the mapping of type enforcement (TE) ssids to the "named
   73.31 -types".  Similarly, the SsidConf file contains the mapping of Chinese
   73.32 -Wall (ChWall) ssids to conflict named types. The ssidFile and SsidConf
   73.33 -files are used by Xen.
   73.34 -
   73.35 -Xml Schema and policy:
   73.36 -
   73.37 -The SecurityPolicySpec.xsd defines the syntax of a policy file. It
   73.38 -declares the tags that are used by XmlToBin to generate the binary
   73.39 -policy file. The tags that XmlToBin keys on are TE, ChWall, id, vid,
   73.40 -etc.  The xml files that describe a policy are simple.  Semantic
   73.41 -checking of a policy is performed mostly by XmlToBin.  A type, for
   73.42 -example, is a string. No fixed values are defined for types in Xml.
   73.43 -  
   73.44 -A policy consists of two Xml files: definition and policy. The
   73.45 -definition Xml declares the types that are permitted in the policy
   73.46 -Xml.  The policy Xml contains the assignment of labels to
   73.47 -subject/object (e.g., vm). This Xml file contains an explicit
   73.48 -reference to the definition Xml (e.g., <url>xen_sample_def.xml</url>).
   73.49 -The policy Xml is the one provided as a command line argument.
   73.50 -
   73.51 -
   73.52 -Files:
   73.53 -
   73.54 -*.java		      	- policy processor source 
   73.55 -xen_sample_policy.xml	- sample xml policy file
   73.56 -xen_sample_def.xml	- sample user defined types
   73.57 -SecurityPolicySpec.xsd 	- schema definition file
   73.58 -
   73.59 -
   73.60 -To generate the sample binary policy: 
   73.61 -
   73.62 -export CLASSPATH=$XERCES_HOME/xercesImpl.jar:$XERCES_HOME/xmlParserAPIs.jar:.
   73.63 -
   73.64 -java XmlToBin -i xen_sample_policy.xml -o xen_sample_policy.bin
   73.65 -
   73.66 -where $XERCES_HOME is the installation directory of the Apache Xerces-J
   73.67 -
   73.68 -
    74.1 --- a/tools/misc/policyprocessor/xen_sample_def.xml	Thu Aug 18 10:40:02 2005 -0800
    74.2 +++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
    74.3 @@ -1,46 +0,0 @@
    74.4 -<?xml version="1.0"?>
    74.5 -<!-- Author: Ray Valdez, rvaldez@us.ibm.com -->
    74.6 -<!-- example policy type definition -->
    74.7 -<SecurityPolicySpec
    74.8 -xmlns="http://www.ibm.com"
    74.9 -xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
   74.10 -xsi:schemaLocation="http://www.ibm.com SecurityPolicySpec.xsd">
   74.11 -
   74.12 -<Definition>
   74.13 -<!-- an example of a simple type enforcement type definition -->
   74.14 -  <Types>
   74.15 -        <TE>LOCAL-management</TE>
   74.16 -        <TE>R-Company-development</TE>
   74.17 -        <TE>S-Company-order</TE>
   74.18 -        <TE>T-Company-advertising</TE>
   74.19 -        <TE>U-Company-computing</TE>
   74.20 -		 <!-- TE nondevelopment  -->
   74.21 -  </Types>
   74.22 -
   74.23 -<!-- an example of a chinese wall type definition along with conflict sets-->
   74.24 -  <ChWallTypes>
   74.25 -		 <ChWall>Q-Company</ChWall>
   74.26 -		 <ChWall>R-Company</ChWall>
   74.27 -		 <ChWall>S-Company</ChWall>
   74.28 -		 <ChWall>T-Company</ChWall>
   74.29 -		 <ChWall>U-Company</ChWall>
   74.30 -		 <ChWall>V-Company</ChWall>
   74.31 -		 <ChWall>W-Company</ChWall>
   74.32 -		 <ChWall>X-Company</ChWall>
   74.33 -		 <ChWall>Y-Company</ChWall>
   74.34 -		 <ChWall>Z-Company</ChWall>
   74.35 -  </ChWallTypes>
   74.36 -
   74.37 -  <ConflictSet>
   74.38 -		 <ChWall>T-Company</ChWall>
   74.39 -		 <ChWall>S-Company</ChWall>
   74.40 -   </ConflictSet>
   74.41 -
   74.42 -   <ConflictSet>
   74.43 -		 <ChWall>R-Company</ChWall>
   74.44 -		 <ChWall>V-Company</ChWall>
   74.45 -		 <ChWall>W-Company</ChWall>
   74.46 -   </ConflictSet>
   74.47 -
   74.48 -</Definition>
   74.49 -</SecurityPolicySpec>
    75.1 --- a/tools/misc/policyprocessor/xen_sample_policy.xml	Thu Aug 18 10:40:02 2005 -0800
    75.2 +++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
    75.3 @@ -1,58 +0,0 @@
    75.4 -<?xml version="1.0"?>
    75.5 -<!-- Author: Ray Valdez, rvaldez@us.ibm.com -->
    75.6 -<!-- example xen policy file -->
    75.7 -
    75.8 -<SecurityPolicySpec
    75.9 -xmlns="http://www.ibm.com"
   75.10 -xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
   75.11 -xsi:schemaLocation="http://www.ibm.com SecurityPolicySpec.xsd">
   75.12 -<Policy>
   75.13 - <PolicyHeader>
   75.14 -        <Name>xen sample policy</Name>
   75.15 -        <DateTime>2005-05-20T16:56:00</DateTime>
   75.16 -        <Tag>foobar</Tag>
   75.17 -        <TypeDefinition>
   75.18 -          <url>xen_sample_def.xml</url>
   75.19 -          <hash>abcdef123456abcdef</hash>
   75.20 -        </TypeDefinition>
   75.21 - </PolicyHeader>
   75.22 -
   75.23 - <VM>
   75.24 -        <id> 0 </id>
   75.25 -        <TE>LOCAL-management</TE>
   75.26 -        <TE>R-Company-development</TE>
   75.27 -        <TE>S-Company-order</TE>
   75.28 -        <TE>T-Company-advertising</TE>
   75.29 -        <TE>U-Company-computing</TE>
   75.30 -		 <ChWall>Q-Company</ChWall>
   75.31 - </VM>
   75.32 -
   75.33 - <VM>
   75.34 -        <id> 1 </id>
   75.35 -        <TE>R-Company-development</TE>
   75.36 -		 <ChWall>R-Company</ChWall>
   75.37 - </VM>
   75.38 -
   75.39 - <VM>
   75.40 -        <id> 2 </id>
   75.41 -        <TE>S-Company-order</TE>
   75.42 -		 <ChWall>S-Company</ChWall>
   75.43 -
   75.44 - </VM>
   75.45 -
   75.46 - <VM>
   75.47 -        <id> 3 </id>
   75.48 -        <TE>T-Company-advertising</TE>
   75.49 -		 <ChWall>T-Company</ChWall>
   75.50 - </VM>
   75.51 -
   75.52 -
   75.53 - <VM>
   75.54 -        <id> 4 </id>
   75.55 -        <TE>U-Company-computing</TE>
   75.56 -		 <ChWall>U-Company</ChWall>
   75.57 - </VM>
   75.58 -
   75.59 -
   75.60 -</Policy>
   75.61 -</SecurityPolicySpec>
    76.1 --- a/tools/python/xen/lowlevel/xu/xu.c	Thu Aug 18 10:40:02 2005 -0800
    76.2 +++ b/tools/python/xen/lowlevel/xu/xu.c	Fri Aug 19 10:19:28 2005 -0800
    76.3 @@ -844,7 +844,7 @@ static PyObject *xu_message_new(PyObject
    76.4      case TYPE(CMSG_BLKIF_BE, CMSG_BLKIF_BE_CONNECT):
    76.5          P2C(blkif_be_connect_t, domid,        u32);
    76.6          P2C(blkif_be_connect_t, blkif_handle, u32);
    76.7 -        P2C(blkif_be_connect_t, shmem_frame,  memory_t);
    76.8 +        P2C(blkif_be_connect_t, shmem_frame,  unsigned long);
    76.9          P2C(blkif_be_connect_t, shmem_ref,    u32);
   76.10          P2C(blkif_be_connect_t, evtchn,       u16);
   76.11          break;
   76.12 @@ -906,9 +906,9 @@ static PyObject *xu_message_new(PyObject
   76.13      case TYPE(CMSG_NETIF_BE, CMSG_NETIF_BE_CONNECT):
   76.14          P2C(netif_be_connect_t, domid,          u32);
   76.15          P2C(netif_be_connect_t, netif_handle,   u32);
   76.16 -        P2C(netif_be_connect_t, tx_shmem_frame, memory_t);
   76.17 +        P2C(netif_be_connect_t, tx_shmem_frame, unsigned long);
   76.18          P2C(netif_be_connect_t, tx_shmem_ref,   u32); 
   76.19 -        P2C(netif_be_connect_t, rx_shmem_frame, memory_t);
   76.20 +        P2C(netif_be_connect_t, rx_shmem_frame, unsigned long);
   76.21          P2C(netif_be_connect_t, rx_shmem_ref,   u32); 
   76.22          P2C(netif_be_connect_t, evtchn,         u16); 
   76.23          break;
   76.24 @@ -942,7 +942,7 @@ static PyObject *xu_message_new(PyObject
   76.25          P2C(usbif_fe_driver_status_changed_t, status, u32);
   76.26          break;
   76.27      case TYPE(CMSG_USBIF_FE, CMSG_USBIF_FE_INTERFACE_CONNECT):
   76.28 -        P2C(usbif_fe_interface_connect_t, shmem_frame, memory_t);
   76.29 +        P2C(usbif_fe_interface_connect_t, shmem_frame, unsigned long);
   76.30          break;
   76.31      case TYPE(CMSG_USBIF_FE, CMSG_USBIF_FE_INTERFACE_DISCONNECT):
   76.32          break;
   76.33 @@ -956,7 +956,7 @@ static PyObject *xu_message_new(PyObject
   76.34          break;
   76.35      case TYPE(CMSG_USBIF_BE, CMSG_USBIF_BE_CONNECT):
   76.36          P2C(usbif_be_connect_t, domid, domid_t);
   76.37 -        P2C(usbif_be_connect_t, shmem_frame, memory_t);
   76.38 +        P2C(usbif_be_connect_t, shmem_frame, unsigned long);
   76.39          P2C(usbif_be_connect_t, evtchn, u32);
   76.40          P2C(usbif_be_connect_t, bandwidth, u32);
   76.41          P2C(usbif_be_connect_t, status, u32);
    77.1 --- a/tools/python/xen/xend/XendDomainInfo.py	Thu Aug 18 10:40:02 2005 -0800
    77.2 +++ b/tools/python/xen/xend/XendDomainInfo.py	Fri Aug 19 10:19:28 2005 -0800
    77.3 @@ -36,8 +36,10 @@ from xen.xend.server import controller
    77.4  from xen.xend.server import SrvDaemon; xend = SrvDaemon.instance()
    77.5  from xen.xend.server import messages
    77.6  from xen.xend.server.channel import EventChannel, channelFactory
    77.7 +from xen.util.blkif import blkdev_name_to_number, expand_dev_name
    77.8  
    77.9  from xen.xend import sxp
   77.10 +from xen.xend import Blkctl
   77.11  from xen.xend.PrettyPrint import prettyprintstring
   77.12  from xen.xend.XendBootloader import bootloader
   77.13  from xen.xend.XendLogging import log
   77.14 @@ -380,6 +382,39 @@ class XendDomainInfo:
   77.15          return ctrl
   77.16  
   77.17      def createDevice(self, type, devconfig, change=False):
   77.18 +        if type == 'vbd':
   77.19 +
   77.20 +            backdom = domain_exists(sxp.child_value(devconfig, 'backend', '0'))
   77.21 +
   77.22 +            devnum = blkdev_name_to_number(sxp.child_value(devconfig, 'dev'))
   77.23 +
   77.24 +            # create backend db
   77.25 +            backdb = backdom.db.addChild("/backend/%s/%s/%d" %
   77.26 +                                         (type, self.uuid, devnum))
   77.27 +
   77.28 +            # create frontend db
   77.29 +            db = self.db.addChild("/device/%s/%d" % (type, devnum))
   77.30 +            
   77.31 +            db['virtual-device'] = "%i" % devnum
   77.32 +            #db['backend'] = sxp.child_value(devconfig, 'backend', '0')
   77.33 +            db['backend'] = backdb.getPath()
   77.34 +            db['backend-id'] = "%i" % int(sxp.child_value(devconfig,
   77.35 +                                                          'backend', '0'))
   77.36 +
   77.37 +            backdb['frontend'] = db.getPath()
   77.38 +            (type, params) = string.split(sxp.child_value(devconfig, 'uname'), ':', 1)
   77.39 +            node = Blkctl.block('bind', type, params)
   77.40 +            backdb['frontend-id'] = "%i" % self.id
   77.41 +            backdb['physical-device'] = "%li" % blkdev_name_to_number(node)
   77.42 +            backdb.saveDB(save=True)
   77.43 +
   77.44 +            # Ok, super gross, this really doesn't belong in the frontend db...
   77.45 +            db['type'] = type
   77.46 +            db['node'] = node
   77.47 +            db['params'] = params
   77.48 +            db.saveDB(save=True)
   77.49 +            
   77.50 +            return
   77.51          ctrl = self.findDeviceController(type)
   77.52          return ctrl.createDevice(devconfig, recreate=self.recreate,
   77.53                                   change=change)
   77.54 @@ -671,6 +706,16 @@ class XendDomainInfo:
   77.55          for ctrl in self.getDeviceControllers():
   77.56              if ctrl.isDestroyed(): continue
   77.57              ctrl.destroyController(reboot=reboot)
   77.58 +        ddb = self.db.addChild("/device")
   77.59 +        for type in ddb.keys():
   77.60 +            if type == 'vbd':
   77.61 +                typedb = ddb.addChild(type)
   77.62 +                for dev in typedb.keys():
   77.63 +                    devdb = typedb.addChild(str(dev))
   77.64 +                    Blkctl.block('unbind', devdb['type'].getData(),
   77.65 +                                 devdb['node'].getData())
   77.66 +                    typedb[dev].delete()
   77.67 +                typedb.saveDB(save=True)
   77.68  
   77.69      def show(self):
   77.70          """Print virtual machine info.
   77.71 @@ -926,6 +971,7 @@ class XendDomainInfo:
   77.72          at creation time, for example when it uses NFS root.
   77.73  
   77.74          """
   77.75 +        return
   77.76          blkif = self.getDeviceController("vbd", error=False)
   77.77          if not blkif:
   77.78              blkif = self.createDeviceController("vbd")
    78.1 --- a/tools/python/xen/xend/server/event.py	Thu Aug 18 10:40:02 2005 -0800
    78.2 +++ b/tools/python/xen/xend/server/event.py	Fri Aug 19 10:19:28 2005 -0800
    78.3 @@ -50,7 +50,7 @@ class EventProtocol(protocol.Protocol):
    78.4      def dataReceived(self, data):
    78.5          try:
    78.6              self.parser.input(data)
    78.7 -            if self.parser.ready():
    78.8 +            while(self.parser.ready()):
    78.9                  val = self.parser.get_val()
   78.10                  res = self.dispatch(val)
   78.11                  self.send_result(res)
    79.1 --- a/tools/python/xen/xend/server/relocate.py	Thu Aug 18 10:40:02 2005 -0800
    79.2 +++ b/tools/python/xen/xend/server/relocate.py	Fri Aug 19 10:19:28 2005 -0800
    79.3 @@ -42,7 +42,7 @@ class RelocationProtocol(protocol.Protoc
    79.4      def dataReceived(self, data):
    79.5          try:
    79.6              self.parser.input(data)
    79.7 -            if self.parser.ready():
    79.8 +            while(self.parser.ready()):
    79.9                  val = self.parser.get_val()
   79.10                  res = self.dispatch(val)
   79.11                  self.send_result(res)
    80.1 --- a/tools/security/Makefile	Thu Aug 18 10:40:02 2005 -0800
    80.2 +++ b/tools/security/Makefile	Fri Aug 19 10:19:28 2005 -0800
    80.3 @@ -2,27 +2,71 @@ XEN_ROOT = ../..
    80.4  include $(XEN_ROOT)/tools/Rules.mk
    80.5  
    80.6  SRCS     = secpol_tool.c
    80.7 -CFLAGS   += -static
    80.8  CFLAGS   += -Wall
    80.9  CFLAGS   += -Werror
   80.10  CFLAGS   += -O3
   80.11  CFLAGS   += -fno-strict-aliasing
   80.12 -CFLAGS   += -I.
   80.13 +CFLAGS   += -I. -I/usr/include/libxml2
   80.14 +CFLAGS_XML2BIN += $(shell xml2-config --cflags --libs )
   80.15 +#if above does not work, try  -L/usr/lib -lxml2 -lz -lpthread -lm
   80.16 +XML2VERSION = $(shell xml2-config --version )
   80.17 +VALIDATE_SCHEMA=$(shell if [[ $(XML2VERSION) < 2.6.20 ]]; then echo ""; else echo "-DVALIDATE_SCHEMA"; fi; )
   80.18  
   80.19 +ifeq ($(ACM_USE_SECURITY_POLICY),ACM_NULL_POLICY)
   80.20 +POLICY=null
   80.21 +endif
   80.22 +ifeq ($(ACM_USE_SECURITY_POLICY),ACM_CHINESE_WALL_POLICY)
   80.23 +POLICY=chwall
   80.24 +endif
   80.25 +ifeq ($(ACM_USE_SECURITY_POLICY),ACM_SIMPLE_TYPE_ENFORCEMENT_POLICY)
   80.26 +POLICY=ste
   80.27 +endif
   80.28 +ifeq ($(ACM_USE_SECURITY_POLICY),ACM_CHINESE_WALL_AND_SIMPLE_TYPE_ENFORCEMENT_POLICY)
   80.29 +POLICY=chwall_ste
   80.30 +endif
   80.31 +POLICYFILE=./policies/$(POLICY)/$(POLICY).bin
   80.32 +
   80.33 +ifneq ($(ACM_USE_SECURITY_POLICY), ACM_NULL_POLICY)
   80.34  all: build
   80.35 +
   80.36 +install:all
   80.37 +
   80.38 +default:all
   80.39 +else
   80.40 +all:
   80.41 +
   80.42 +install:
   80.43 +
   80.44 +default:
   80.45 +endif
   80.46 +
   80.47  build: mk-symlinks
   80.48  	$(MAKE) secpol_tool
   80.49 -
   80.50 -default: all
   80.51 +	$(MAKE) secpol_xml2bin
   80.52 +	chmod 700 ./setlabel.sh
   80.53 +	chmod 700 ./updategrub.sh
   80.54  
   80.55 -install: all
   80.56 -
   80.57 -secpol_tool : secpol_tool.c
   80.58 +secpol_tool : secpol_tool.c secpol_compat.h
   80.59  	$(CC) $(CPPFLAGS) $(CFLAGS) -o $@ $<
   80.60  
   80.61 +secpol_xml2bin : secpol_xml2bin.c secpol_xml2bin.h secpol_compat.h
   80.62 +	$(CC) $(CPPFLAGS) $(CFLAGS) $(CFLAGS_XML2BIN) $(VALIDATE_SCHEMA) -o $@ $<
   80.63 +
   80.64  clean:
   80.65 -	rm -rf secpol_tool xen
   80.66 +	rm -rf secpol_tool secpol_xml2bin xen
   80.67  
   80.68 +policy_clean:
   80.69 +	rm -rf policies/*/*.bin policies/*/*.map
   80.70 +
   80.71 +mrproper: clean policy_clean
   80.72 +
   80.73 +
   80.74 +$(POLICYFILE) : build
   80.75 +	@./secpol_xml2bin $(POLICY) > /dev/null
   80.76 +
   80.77 +boot_install: $(POLICYFILE)
   80.78 +	@cp $(POLICYFILE) /boot
   80.79 +	@./updategrub.sh $(POLICY) $(PWD)/$(XEN_ROOT)
   80.80  
   80.81  LINUX_ROOT := $(XEN_ROOT)/linux-2.6-xen-sparse
   80.82  mk-symlinks:
    81.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    81.2 +++ b/tools/security/example.txt	Fri Aug 19 10:19:28 2005 -0800
    81.3 @@ -0,0 +1,269 @@
    81.4 +##
    81.5 +# example.txt <description to the xen access control architecture>
    81.6 +#
    81.7 +# Author:
    81.8 +# Reiner Sailer 08/15/2005 <sailer@watson.ibm.com>
    81.9 +#
   81.10 +#
   81.11 +# This file introduces into the tools to manage policies
   81.12 +# and to label domains and resources.
   81.13 +##
   81.14 +
   81.15 +We will show how to install and use the chwall_ste policy.
   81.16 +Other policies work similarly. Feedback welcome!
   81.17 +
   81.18 +
   81.19 +
   81.20 +1. Using secpol_xml2bin to translate the chwall_ste policy:
   81.21 +===========================================================
   81.22 +
   81.23 +#tools/security/secpol_xml2bin chwall_ste
   81.24 +
   81.25 +Successful execution should print:
   81.26 +
   81.27 +    [root@laptopxn security]# ./secpol_xml2bin chwall_ste
   81.28 +    Validating label file policies/chwall_ste/chwall_ste-security_label_template.xml...
   81.29 +    XML Schema policies/security_policy.xsd valid.
   81.30 +    Validating policy file policies/chwall_ste/chwall_ste-security_policy.xml...
   81.31 +    XML Schema policies/security_policy.xsd valid.
   81.32 +    Creating ssid mappings ...
   81.33 +    Creating label mappings ...
   81.34 +    Max chwall labels:  7
   81.35 +    Max chwall-types:   4
   81.36 +    Max chwall-ssids:   5
   81.37 +    Max ste labels:     14
   81.38 +    Max ste-types:      6
   81.39 +    Max ste-ssids:      10
   81.40 +
   81.41 +The tool looks in directory policies/chwall_ste for
   81.42 +the label and policy files.
   81.43 +
   81.44 +The default policy directory structure under tools/security looks like:
   81.45 +
   81.46 +policies
   81.47 +|-- security_policy.xsd
   81.48 +|-- chwall
   81.49 +|   |-- chwall-security_label_template.xml
   81.50 +|   `-- chwall-security_policy.xml
   81.51 +|-- chwall_ste
   81.52 +|   |-- chwall_ste-security_label_template.xml
   81.53 +|   `-- chwall_ste-security_policy.xml
   81.54 +|-- null
   81.55 +|   |-- null-security_label_template.xml
   81.56 +|   `-- null-security_policy.xml
   81.57 +`-- ste
   81.58 +    |-- ste-security_label_template.xml
   81.59 +    `-- ste-security_policy.xml
   81.60 +
   81.61 +policies/security_policy.xsd contains the schema against which both the
   81.62 +label-template and the policy files must validate during translation.
   81.63 +
   81.64 +policies/chwall_ste/chwall_ste-security_policy.xml defines the
   81.65 +policies and the types known to the policies.
   81.66 +
   81.67 +policies/chwall_ste/chwall_ste-security_label_template.xml contains
   81.68 +label definitions that group chwall and ste types together and make
   81.69 +them easier to use for users
   81.70 +
   81.71 +After executing the above secpol_xml2bin command, you will find 2 new
   81.72 +files in the policies/chwall_ste sub-directory:
   81.73 +
   81.74 +policies/chwall_ste/chwall_ste.map ... this file includes the mapping
   81.75 +of names from the xml files into their binary code representation.
   81.76 +
   81.77 +policies/chwall_ste/chwall_ste.bin ... this is the binary policy file,
   81.78 +the result of parsing the xml files and using the mapping to extract a
   81.79 +binary version that can be loaded into the hypervisor.
   81.80 +
   81.81 +
   81.82 +
   81.83 +2. Loading and activating the policy:
   81.84 +=====================================
   81.85 +
   81.86 +We assume that xen is already configured to use the chwall_ste policy;
   81.87 +please refer to install.txt for instructions.
   81.88 +
   81.89 +To activate the policy from the command line (assuming that the
   81.90 +currently established policy is the minimal boot-policy that is
   81.91 +hard-coded into the hypervisor:
   81.92 +
   81.93 +# ./secpol_tool loadpolicy policies/chwall_ste/chwall_ste.bin
   81.94 +
   81.95 +To activate the policy at next reboot:
   81.96 +
   81.97 +# cp policies/chwall_ste/chwall_ste.bin /boot
   81.98 +
   81.99 +Add a module line to your /boot/grub/grub.conf Xen entry.
  81.100 +My boot entry with chwall_ste enabled looks like this:
  81.101 +
  81.102 +    title Xen (2.6.12)
  81.103 +        root (hd0,5)
  81.104 +        kernel /boot/xen.gz dom0_mem=1200000 console=vga
  81.105 +        module /boot/vmlinuz-2.6.12-xen0 ro root=/dev/hda6 rhgb
  81.106 +        module /boot/initrd-2.6.12-xen0.img
  81.107 +        module /boot/chwall_ste.bin
  81.108 +
  81.109 +This tells the grub boot-loader to load the binary policy, which
  81.110 +the hypervisor will recognize. The hypervisor will then establish
  81.111 +this binary policy during boot instead of the minimal policy that
  81.112 +is hardcoded as default.
  81.113 +
  81.114 +If you have any trouble here, maks sure you have the access control
  81.115 +framework enabled (see: install.txt).
  81.116 +
  81.117 +
  81.118 +
  81.119 +3. Labeling domains:
  81.120 +====================
  81.121 +
  81.122 +a) Labeling Domain0:
  81.123 +
  81.124 +The chwall_ste-security_label_template.xml file includes an attribute
  81.125 +"bootstrap", which is set to the label name that will be assigned to
  81.126 +Dom0 (this label will be mapped to ssidref 1/1, the default for Dom0).
  81.127 +
  81.128 +b) Labeling User Domains:
  81.129 +
  81.130 +Use the script tools/security/setlabel.sh to choose a label and to
  81.131 +assign labels to user domains.
  81.132 +
  81.133 +To show available labels for the chwall_ste policy:
  81.134 +
  81.135 +#tools/security/setlabel.sh -l
  81.136 +
  81.137 +lists all available labels. For the default chwall_ste it should print
  81.138 +the following:
  81.139 +
  81.140 +    [root@laptopxn security]# ./setlabel.sh -l chwall_ste
  81.141 +    The following labels are available:
  81.142 +    dom_SystemManagement
  81.143 +    dom_HomeBanking
  81.144 +    dom_Fun
  81.145 +    dom_BoincClient
  81.146 +    dom_StorageDomain
  81.147 +    dom_NetworkDomain
  81.148 +
  81.149 +You need to have compiled the policy beforehand so that a .map file
  81.150 +exists. Setlabel.sh uses the mapping file created throughout the
  81.151 +policy translation to translate a user-friendly label string into a
  81.152 +ssidref-number that is eventually used by the Xen hypervisor.
  81.153 +
  81.154 +We distinguish two kinds of labels: a) VM labels (for domains) and RES
  81.155 +Labels (for resources). We are currently working on support for
  81.156 +resource labeling but will focus here on VM labels.
  81.157 +
  81.158 +Setlabel.sh only prints VM labels (which we have prefixed with "dom_")
  81.159 +since only those are used at this time.
  81.160 +
  81.161 +If you would like to assign the dom_HomeBanking label to one of your
  81.162 +user domains (which you hopefully keep clean), look at an example
  81.163 +domain configuration homebanking.xm:
  81.164 +
  81.165 +    #------HOMEBANKING---------
  81.166 +    kernel = "/boot/vmlinuz-2.6.12-xenU"
  81.167 +    ramdisk="/boot/U1_ramdisk.img"
  81.168 +    memory = 65
  81.169 +    name = "test34"
  81.170 +    cpu = -1   # leave to Xen to pick
  81.171 +    # Number of network interfaces. Default is 1.
  81.172 +    nics=1
  81.173 +    dhcp="dhcp"
  81.174 +    #-------------------------
  81.175 +
  81.176 +Now we label this domain
  81.177 +
  81.178 +[root@laptopxn security]# ./setlabel.sh homebanking.xm dom_HomeBanking chwall_ste
  81.179 +Mapped label 'dom_HomeBanking' to ssidref '0x00020002'.
  81.180 +
  81.181 +The domain configuration my look now like:
  81.182 +
  81.183 +    [root@laptopxn security]# cat homebanking.xm
  81.184 +    #------HOMEBANKING---------
  81.185 +    kernel = "/boot/vmlinuz-2.6.12-xenU"
  81.186 +    ramdisk="/boot/U1_ramdisk.img"
  81.187 +    memory = 65
  81.188 +    name = "test34"
  81.189 +    cpu = -1   # leave to Xen to pick
  81.190 +    # Number of network interfaces. Default is 1.
  81.191 +    nics=1
  81.192 +    dhcp="dhcp"
  81.193 +    #-------------------------
  81.194 +    #ACM_POLICY=chwall_ste-security_policy.xml
  81.195 +    #ACM_LABEL=dom_HomeBanking
  81.196 +    ssidref = 0x00020002
  81.197 +
  81.198 +You can see 3 new entries, two of which are comments.  The only value
  81.199 +that the hypervisor cares about is the ssidref that will reference
  81.200 +those types assigned to this label. You can look them up in the
  81.201 +xml label-template file for the chwall_ste policy.
  81.202 +
  81.203 +This script will eventually move into the domain management and will
  81.204 +be called when the domain is instantiated. For now, the setlabel
  81.205 +script must be run on domains whenever the policy files change since
  81.206 +the mapping between label names and ssidrefs can change in this case.
  81.207 +
  81.208 +
  81.209 +4. Starting a labeled domain
  81.210 +============================
  81.211 +
  81.212 +Now, start the domain:
  81.213 +    #xm create -c homebanking.xm
  81.214 +
  81.215 +
  81.216 +If you label another domain configuration as dom_Fun and try to start
  81.217 +it afterwards, its start will fail. Why?
  81.218 +
  81.219 +Because the running homebanking domain has the chinese wall type
  81.220 +"cw_Sensitive". The new domain dom_Fun has the chinese wall label
  81.221 +"cw_Distrusted". This domain is not allowed to run simultaneously
  81.222 +because of the defined conflict set
  81.223 +
  81.224 +			<conflictset name="Protection1">
  81.225 +				<type>cw_Sensitive</type>
  81.226 +				<type>cw_Distrusted</type>
  81.227 +			</conflictset>
  81.228 +
  81.229 +(in policies/chwall_ste/chwall_ste-security_policy.xml), which says
  81.230 +that only one of the types cw_sensitive and cw_Distrusted can run at a
  81.231 +time.
  81.232 +
  81.233 +If you save or shutdown the HomeBanking domain, you will be able to
  81.234 +start the "Fun" domain. You can look into the Xen log to see if a
  81.235 +domain was denied to start because of the access control framework
  81.236 +with the command 'xm dmesg'.
  81.237 +
  81.238 +It is important (and usually non-trivial) to define the labels in a
  81.239 +way that the semantics of the labels are enforced and supported by the
  81.240 +types and the conflict sets.
  81.241 +
  81.242 +Note: While the chinese wall policy enforcement is complete, the type
  81.243 +enforcement is currently enforced in the Xen hypervisor
  81.244 +only. Therefore, only point-to-point sharing with regard to the type
  81.245 +enforcement is currently controlled. We are working on enhancements to
  81.246 +Dom0 that enforce types also for network traffic that is routed
  81.247 +through Dom0 and on the enforcement of resource labeling when binding
  81.248 +resources to domains (e.g., enforcing types between domains and
  81.249 +hardware resources, such as disk partitions).
  81.250 +
  81.251 +
  81.252 +4. Adding your own policies
  81.253 +===========================
  81.254 +
  81.255 +Writing your own policy (e.g. "mypolicy") requires the following:
  81.256 +
  81.257 +a) the policy definition (types etc.) file
  81.258 +b) the label template definition (labels etc.) file
  81.259 +
  81.260 +If your policy name is "mypolicy", you need to create a
  81.261 +subdirectory mypolicy in tools/security/policies.
  81.262 +
  81.263 +Then you create
  81.264 +tools/security/policies/mypolicy/mypolicy-security_policy.xml and
  81.265 +tools/security/policies/mypolicy/mypolicy-security_label_template.xml.
  81.266 +
  81.267 +You need to keep to the schema as defined in
  81.268 +tools/security/security_policy.xsd since the translation tool
  81.269 +secpol_xml2bin is written against this schema.
  81.270 +
  81.271 +If you keep to the security policy schema, then you can use all the
  81.272 +tools described above. Refer to install.txt to install it.
    82.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    82.2 +++ b/tools/security/install.txt	Fri Aug 19 10:19:28 2005 -0800
    82.3 @@ -0,0 +1,67 @@
    82.4 +##
    82.5 +# install.txt <description to the xen access control architecture>
    82.6 +#
    82.7 +# Author:
    82.8 +# Reiner Sailer 08/15/2005 <sailer@watson.ibm.com>
    82.9 +#
   82.10 +#
   82.11 +# This file shows how to activate and install the access control
   82.12 +# framework.
   82.13 +##
   82.14 +
   82.15 +
   82.16 +INSTALLING A SECURITY POLICY IN XEN
   82.17 +===================================
   82.18 +
   82.19 +By default, the access control architecture is disabled in Xen. To
   82.20 +enable the access control architecture in Xen follow the steps below.
   82.21 +This description assumes that you want to install the Chinese Wall and
   82.22 +Simple Type Enforcement policy. Some file names need to be replaced
   82.23 +below to activate the Chinese Wall OR the Type Enforcement policy
   82.24 +exclusively (chwall_ste --> {chwall, ste}).
   82.25 +
   82.26 +1. enable access control in Xen
   82.27 +       # cd "xen_root"
   82.28 +       # edit/xemacs/vi Config.mk
   82.29 +
   82.30 +       change the line:
   82.31 +       ACM_USE_SECURITY_POLICY ?= ACM_NULL_POLICY
   82.32 +
   82.33 +       to:
   82.34 +       ACM_USE_SECURITY_POLICY ?= ACM_CHINESE_WALL_AND_SIMPLE_TYPE_ENFORCEMENT_POLICY
   82.35 +
   82.36 +       # make all
   82.37 +       # ./install.sh
   82.38 +
   82.39 +2. compile the policy from xml to a binary format that can be loaded
   82.40 +   into the hypervisor for enforcement
   82.41 +       # cd tools/security
   82.42 +       # make
   82.43 +
   82.44 +       manual steps (alternative to make boot_install):
   82.45 +       #./secpol_xml2bin chwall_ste
   82.46 +       #cp policies/chwall_ste/chwall_ste.bin /boot
   82.47 +       #edit /boot/grub/grub.conf
   82.48 +        add the follwoing line to your xen boot entry:
   82.49 +       "module chwall_ste.bin"
   82.50 +
   82.51 +       alternatively, you can try our automatic translation and
   82.52 +       installation of the policy:
   82.53 +       # make boot_install
   82.54 +
   82.55 +       [we try hard to do the right thing to the right boot entry but
   82.56 +        please verify boot entry in /boot/grub/grub.conf afterwards;
   82.57 +        your xen boot entry should have an additional module line
   82.58 +        specifying a chwall_ste.bin file with the correct directory
   82.59 +        (e.g. "/" or "/boot").]
   82.60 +
   82.61 +
   82.62 +3. reboot into the newly compiled hypervisor
   82.63 +
   82.64 +        after boot
   82.65 +	#xm dmesg should show an entry about the policy being loaded
   82.66 +            during the boot process
   82.67 +
   82.68 +        #tools/security/secpol_tool getpolicy
   82.69 +            should print the new chwall_ste binary policy representation
   82.70 +
    83.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    83.2 +++ b/tools/security/policies/chwall/chwall-security_label_template.xml	Fri Aug 19 10:19:28 2005 -0800
    83.3 @@ -0,0 +1,76 @@
    83.4 +<?xml version="1.0"?>
    83.5 +<!-- Author: Reiner Sailer, Ray Valdez {sailer,rvaldez}@us.ibm.com  -->
    83.6 +<!--              This file defines the security labels, which can  -->
    83.7 +<!--              be attached to Domains and resources. Based on    -->
    83.8 +<!--              these labels, the access control module decides   -->
    83.9 +<!--              about sharing between Domains and about access    -->
   83.10 +<!--              of Domains to real resources.                     -->
   83.11 +
   83.12 +<SecurityLabelTemplate
   83.13 + xmlns="http://www.ibm.com"
   83.14 + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
   83.15 + xsi:schemaLocation="http://www.ibm.com security_policy.xsd">
   83.16 +   <LabelHeader>
   83.17 +      <Name>chwall-security_label_template</Name>
   83.18 +      <Date>2005-08-10</Date>
   83.19 +      <PolicyName>
   83.20 +         <Url>chwall-security_policy.xml</Url>
   83.21 +         <Reference>abcdef123456abcdef</Reference>
   83.22 +      </PolicyName>
   83.23 +   </LabelHeader>
   83.24 +
   83.25 +   <SubjectLabels bootstrap="dom_SystemManagement">
   83.26 +      <!-- single ste typed domains            -->
   83.27 +      <!-- ACM enforces that only domains with -->
   83.28 +      <!-- the same type can share information -->
   83.29 +      <!--                                     -->
   83.30 +      <!-- Bootstrap label is assigned to Dom0 -->
   83.31 +      <VirtualMachineLabel>
   83.32 +      	<Name>dom_HomeBanking</Name>
   83.33 +         <ChineseWallTypes>
   83.34 +            <Type>cw_Sensitive</Type>
   83.35 +         </ChineseWallTypes>
   83.36 +      </VirtualMachineLabel>
   83.37 +
   83.38 +      <VirtualMachineLabel>
   83.39 +      	<Name>dom_Fun</Name>
   83.40 +         <ChineseWallTypes>
   83.41 +            <Type>cw_Distrusted</Type>
   83.42 +         </ChineseWallTypes>
   83.43 +      </VirtualMachineLabel>
   83.44 +
   83.45 +      <VirtualMachineLabel>
   83.46 +        <!-- donating some cycles to seti@home -->
   83.47 +      	<Name>dom_BoincClient</Name>
   83.48 +         <ChineseWallTypes>
   83.49 +            <Type>cw_Isolated</Type>
   83.50 +         </ChineseWallTypes>
   83.51 +      </VirtualMachineLabel>
   83.52 +
   83.53 +      <!-- Domains with multiple ste types services; such domains   -->
   83.54 +      <!-- must keep the types inside their domain safely confined. -->
   83.55 +      <VirtualMachineLabel>
   83.56 +      	<Name>dom_SystemManagement</Name>
   83.57 +         <ChineseWallTypes>
   83.58 +            <Type>cw_SystemManagement</Type>
   83.59 +         </ChineseWallTypes>
   83.60 +      </VirtualMachineLabel>
   83.61 +
   83.62 +      <VirtualMachineLabel>
   83.63 +        <!-- serves persistent storage to other domains -->
   83.64 +      	<Name>dom_StorageDomain</Name>
   83.65 +         <ChineseWallTypes>
   83.66 +            <Type>cw_SystemManagement</Type>
   83.67 +         </ChineseWallTypes>
   83.68 +      </VirtualMachineLabel>
   83.69 +
   83.70 +      <VirtualMachineLabel>
   83.71 +        <!-- serves network access to other domains -->
   83.72 +      	<Name>dom_NetworkDomain</Name>
   83.73 +         <ChineseWallTypes>
   83.74 +            <Type>cw_SystemManagement</Type>
   83.75 +         </ChineseWallTypes>
   83.76 +      </VirtualMachineLabel>
   83.77 +   </SubjectLabels>
   83.78 +</SecurityLabelTemplate>
   83.79 +
    84.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    84.2 +++ b/tools/security/policies/chwall/chwall-security_policy.xml	Fri Aug 19 10:19:28 2005 -0800
    84.3 @@ -0,0 +1,36 @@
    84.4 +<?xml version="1.0" encoding="UTF-8"?>
    84.5 +<!-- Author: Reiner Sailer, Ray Valdez {sailer,rvaldez}@us.ibm.com  -->
    84.6 +<!--             This file defines the security policies, which     -->
    84.7 +<!--             can be enforced by the Xen Access Control Module.  -->
    84.8 +<!--             Currently: Chinese Wall and Simple Type Enforcement-->
    84.9 +<SecurityPolicyDefinition xmlns="http://www.ibm.com"
   84.10 + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
   84.11 + xsi:schemaLocation="http://www.ibm.com security_policy.xsd">
   84.12 +<PolicyHeader>
   84.13 +		<Name>chwall-security_policy</Name>
   84.14 +		<Date>2005-08-10</Date>
   84.15 +</PolicyHeader>
   84.16 +<!--                                             -->
   84.17 +<!-- example of a chinese wall type definition   -->
   84.18 +<!-- along with its conflict sets                -->
   84.19 +<!-- (typse in a confict set are exclusive, i.e. -->
   84.20 +<!--  once a Domain with one type of a set is    -->
   84.21 +<!--  running, no other Domain with another type -->
   84.22 +<!--  of the same conflict set can start.)       -->
   84.23 +	<ChineseWall priority="PrimaryPolicyComponent">
   84.24 +        <ChineseWallTypes>
   84.25 +            <Type>cw_SystemManagement</Type>
   84.26 +            <Type>cw_Sensitive</Type>
   84.27 +            <Type>cw_Isolated</Type>
   84.28 +            <Type>cw_Distrusted</Type>
   84.29 +        </ChineseWallTypes>
   84.30 +
   84.31 +        <ConflictSets>
   84.32 +        <Conflict name="Protection1">
   84.33 +            <Type>cw_Sensitive</Type>
   84.34 +            <Type>cw_Distrusted</Type>
   84.35 +        </Conflict>
   84.36 +        </ConflictSets>
   84.37 +	</ChineseWall>
   84.38 +</SecurityPolicyDefinition>
   84.39 +
    85.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    85.2 +++ b/tools/security/policies/chwall_ste/chwall_ste-security_label_template.xml	Fri Aug 19 10:19:28 2005 -0800
    85.3 @@ -0,0 +1,167 @@
    85.4 +<?xml version="1.0"?>
    85.5 +<!-- Author: Reiner Sailer, Ray Valdez {sailer,rvaldez}@us.ibm.com  -->
    85.6 +<!--              This file defines the security labels, which can  -->
    85.7 +<!--              be attached to Domains and resources. Based on    -->
    85.8 +<!--              these labels, the access control module decides   -->
    85.9 +<!--              about sharing between Domains and about access    -->
   85.10 +<!--              of Domains to real resources.                     -->
   85.11 +
   85.12 +<SecurityLabelTemplate
   85.13 + xmlns="http://www.ibm.com"
   85.14 + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
   85.15 + xsi:schemaLocation="http://www.ibm.com security_policy.xsd">
   85.16 +   <LabelHeader>
   85.17 +      <Name>chwall_ste-security_label_template</Name>
   85.18 +      <Date>2005-08-10</Date>
   85.19 +      <PolicyName>
   85.20 +         <Url>chwall_ste-security_policy.xml</Url>
   85.21 +         <Reference>abcdef123456abcdef</Reference>
   85.22 +      </PolicyName>
   85.23 +   </LabelHeader>
   85.24 +
   85.25 +   <SubjectLabels bootstrap="dom_SystemManagement">
   85.26 +      <!-- single ste typed domains            -->
   85.27 +      <!-- ACM enforces that only domains with -->
   85.28 +      <!-- the same type can share information -->
   85.29 +      <!--                                     -->
   85.30 +      <!-- Bootstrap label is assigned to Dom0 -->
   85.31 +      <VirtualMachineLabel>
   85.32 +      	<Name>dom_HomeBanking</Name>
   85.33 +         <SimpleTypeEnforcementTypes>
   85.34 +            <Type>ste_PersonalFinances</Type>
   85.35 +         </SimpleTypeEnforcementTypes>
   85.36 +
   85.37 +         <ChineseWallTypes>
   85.38 +            <Type>cw_Sensitive</Type>
   85.39 +         </ChineseWallTypes>
   85.40 +      </VirtualMachineLabel>
   85.41 +
   85.42 +      <VirtualMachineLabel>
   85.43 +      	<Name>dom_Fun</Name>
   85.44 +         <SimpleTypeEnforcementTypes>
   85.45 +            <Type>ste_InternetInsecure</Type>
   85.46 +         </SimpleTypeEnforcementTypes>
   85.47 +
   85.48 +         <ChineseWallTypes>
   85.49 +            <Type>cw_Distrusted</Type>
   85.50 +         </ChineseWallTypes>
   85.51 +      </VirtualMachineLabel>
   85.52 +
   85.53 +      <VirtualMachineLabel>
   85.54 +        <!-- donating some cycles to seti@home -->
   85.55 +      	<Name>dom_BoincClient</Name>
   85.56 +         <SimpleTypeEnforcementTypes>
   85.57 +            <Type>ste_DonatedCycles</Type>
   85.58 +         </SimpleTypeEnforcementTypes>
   85.59 +
   85.60 +         <ChineseWallTypes>
   85.61 +            <Type>cw_Isolated</Type>
   85.62 +         </ChineseWallTypes>
   85.63 +      </VirtualMachineLabel>
   85.64 +
   85.65 +      <!-- Domains with multiple ste types services; such domains   -->
   85.66 +      <!-- must keep the types inside their domain safely confined. -->
   85.67 +      <VirtualMachineLabel>
   85.68 +      	<Name>dom_SystemManagement</Name>
   85.69 +         <SimpleTypeEnforcementTypes>
   85.70 +            <!-- since dom0 needs access to every domain and -->
   85.71 +            <!-- resource right now ... -->
   85.72 +            <Type>ste_SystemManagement</Type>
   85.73 +            <Type>ste_PersonalFinances</Type>
   85.74 +            <Type>ste_InternetInsecure</Type>
   85.75 +            <Type>ste_DonatedCycles</Type>
   85.76 +            <Type>ste_PersistentStorageA</Type>
   85.77 +            <Type>ste_NetworkAdapter0</Type>
   85.78 +         </SimpleTypeEnforcementTypes>
   85.79 +
   85.80 +         <ChineseWallTypes>
   85.81 +            <Type>cw_SystemManagement</Type>
   85.82 +         </ChineseWallTypes>
   85.83 +      </VirtualMachineLabel>
   85.84 +
   85.85 +      <VirtualMachineLabel>
   85.86 +        <!-- serves persistent storage to other domains -->
   85.87 +      	<Name>dom_StorageDomain</Name>
   85.88 +         <SimpleTypeEnforcementTypes>
   85.89 +            <!-- access right to the resource (hard drive a) -->
   85.90 +            <Type>ste_PersistentStorageA</Type>
   85.91 +            <!-- can serve following types -->
   85.92 +            <Type>ste_PersonalFinances</Type>
   85.93 +            <Type>ste_InternetInsecure</Type>
   85.94 +         </SimpleTypeEnforcementTypes>
   85.95 +
   85.96 +         <ChineseWallTypes>
   85.97 +            <Type>cw_SystemManagement</Type>
   85.98 +         </ChineseWallTypes>
   85.99 +      </VirtualMachineLabel>
  85.100 +
  85.101 +      <VirtualMachineLabel>
  85.102 +        <!-- serves network access to other domains -->
  85.103 +      	<Name>dom_NetworkDomain</Name>
  85.104 +         <SimpleTypeEnforcementTypes>
  85.105 +            <!-- access right to the resource (ethernet card) -->
  85.106 +            <Type>ste_NetworkAdapter0</Type>
  85.107 +            <!-- can serve following types -->
  85.108 +            <Type>ste_PersonalFinances</Type>
  85.109 +            <Type>ste_InternetInsecure</Type>
  85.110 +            <Type>ste_DonatedCycles</Type>
  85.111 +         </SimpleTypeEnforcementTypes>
  85.112 +
  85.113 +         <ChineseWallTypes>
  85.114 +            <Type>cw_SystemManagement</Type>
  85.115 +         </ChineseWallTypes>
  85.116 +      </VirtualMachineLabel>
  85.117 +   </SubjectLabels>
  85.118 +
  85.119 +   <ObjectLabels>
  85.120 +      <ResourceLabel>
  85.121 +      	<Name>res_ManagementResource</Name>
  85.122 +         <SimpleTypeEnforcementTypes>
  85.123 +            <Type>ste_SystemManagement</Type>
  85.124 +         </SimpleTypeEnforcementTypes>
  85.125 +      </ResourceLabel>
  85.126 +
  85.127 +      <ResourceLabel>
  85.128 +      	<Name>res_HardDrive (hda)</Name>
  85.129 +         <SimpleTypeEnforcementTypes>
  85.130 +            <Type>ste_PersistentStorageA</Type>
  85.131 +         </SimpleTypeEnforcementTypes>
  85.132 +      </ResourceLabel>
  85.133 +
  85.134 +      <ResourceLabel>
  85.135 +      	<Name>res_LogicalDiskPartition1 (hda1)</Name>
  85.136 +         <SimpleTypeEnforcementTypes>
  85.137 +            <Type>ste_PersonalFinances</Type>
  85.138 +         </SimpleTypeEnforcementTypes>
  85.139 +      </ResourceLabel>
  85.140 +
  85.141 +      <ResourceLabel>
  85.142 +      	<Name>res_LogicalDiskPartition2 (hda2)</Name>
  85.143 +         <SimpleTypeEnforcementTypes>
  85.144 +            <Type>ste_InternetInsecure</Type>
  85.145 +         </SimpleTypeEnforcementTypes>
  85.146 +      </ResourceLabel>
  85.147 +
  85.148 +      <ResourceLabel>
  85.149 +      	<Name>res_EthernetCard</Name>
  85.150 +         <SimpleTypeEnforcementTypes>
  85.151 +            <Type>ste_NetworkAdapter0</Type>
  85.152 +         </SimpleTypeEnforcementTypes>
  85.153 +      </ResourceLabel>
  85.154 +
  85.155 +      <ResourceLabel>
  85.156 +      	<Name>res_SecurityToken</Name>
  85.157 +         <SimpleTypeEnforcementTypes>
  85.158 +            <Type>ste_PersonalFinances</Type>
  85.159 +         </SimpleTypeEnforcementTypes>
  85.160 +      </ResourceLabel>
  85.161 +
  85.162 +      <ResourceLabel>
  85.163 +      	<Name>res_GraphicsAdapter</Name>
  85.164 +         <SimpleTypeEnforcementTypes>
  85.165 +            <Type>ste_SystemManagement</Type>
  85.166 +         </SimpleTypeEnforcementTypes>
  85.167 +      </ResourceLabel>
  85.168 +   </ObjectLabels>
  85.169 +</SecurityLabelTemplate>
  85.170 +
    86.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    86.2 +++ b/tools/security/policies/chwall_ste/chwall_ste-security_policy.xml	Fri Aug 19 10:19:28 2005 -0800
    86.3 @@ -0,0 +1,49 @@
    86.4 +<?xml version="1.0" encoding="UTF-8"?>
    86.5 +<!-- Author: Reiner Sailer, Ray Valdez {sailer,rvaldez}@us.ibm.com  -->
    86.6 +<!--             This file defines the security policies, which     -->
    86.7 +<!--             can be enforced by the Xen Access Control Module.  -->
    86.8 +<!--             Currently: Chinese Wall and Simple Type Enforcement-->
    86.9 +<SecurityPolicyDefinition xmlns="http://www.ibm.com"
   86.10 + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
   86.11 + xsi:schemaLocation="http://www.ibm.com security_policy.xsd">
   86.12 +<PolicyHeader>
   86.13 +		<Name>chwall_ste-security_policy</Name>
   86.14 +		<Date>2005-08-10</Date>
   86.15 +</PolicyHeader>
   86.16 +<!--                                                        -->
   86.17 +<!-- example of a simple type enforcement policy definition -->
   86.18 +<!--                                                        -->
   86.19 +	<SimpleTypeEnforcement>
   86.20 +        <SimpleTypeEnforcementTypes>
   86.21 +            <Type>ste_SystemManagement</Type>   <!-- machine/security management -->
   86.22 +            <Type>ste_PersonalFinances</Type>   <!-- personal finances -->
   86.23 +            <Type>ste_InternetInsecure</Type>   <!-- games, active X, etc. -->
   86.24 +            <Type>ste_DonatedCycles</Type>      <!-- donation to BOINC/seti@home -->
   86.25 +            <Type>ste_PersistentStorageA</Type> <!-- domain managing the harddrive A-->
   86.26 +            <Type>ste_NetworkAdapter0</Type>    <!-- type of the domain managing ethernet adapter 0-->
   86.27 +        </SimpleTypeEnforcementTypes>
   86.28 +	</SimpleTypeEnforcement>
   86.29 +<!--                                             -->
   86.30 +<!-- example of a chinese wall type definition   -->
   86.31 +<!-- along with its conflict sets                -->
   86.32 +<!-- (typse in a confict set are exclusive, i.e. -->
   86.33 +<!--  once a Domain with one type of a set is    -->
   86.34 +<!--  running, no other Domain with another type -->
   86.35 +<!--  of the same conflict set can start.)       -->
   86.36 +	<ChineseWall priority="PrimaryPolicyComponent">
   86.37 +        <ChineseWallTypes>
   86.38 +            <Type>cw_SystemManagement</Type>
   86.39 +            <Type>cw_Sensitive</Type>
   86.40 +            <Type>cw_Isolated</Type>
   86.41 +            <Type>cw_Distrusted</Type>
   86.42 +        </ChineseWallTypes>
   86.43 +
   86.44 +        <ConflictSets>
   86.45 +        <Conflict name="Protection1">
   86.46 +            <Type>cw_Sensitive</Type>
   86.47 +            <Type>cw_Distrusted</Type>
   86.48 +        </Conflict>
   86.49 +        </ConflictSets>
   86.50 +	</ChineseWall>
   86.51 +</SecurityPolicyDefinition>
   86.52 +
    87.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    87.2 +++ b/tools/security/policies/null/null-security_label_template.xml	Fri Aug 19 10:19:28 2005 -0800
    87.3 @@ -0,0 +1,24 @@
    87.4 +<?xml version="1.0"?>
    87.5 +<!-- Author: Reiner Sailer, Ray Valdez {sailer,rvaldez}@us.ibm.com  -->
    87.6 +<!--              This file defines the security labels, which can  -->
    87.7 +<!--              be attached to Domains and resources. Based on    -->
    87.8 +<!--              these labels, the access control module decides   -->
    87.9 +<!--              about sharing between Domains and about access    -->
   87.10 +<!--              of Domains to real resources.                     -->
   87.11 +
   87.12 +<SecurityLabelTemplate
   87.13 + xmlns="http://www.ibm.com"
   87.14 + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
   87.15 + xsi:schemaLocation="http://www.ibm.com security_policy.xsd">
   87.16 +   <LabelHeader>
   87.17 +      <Name>null-security_label_template</Name>
   87.18 +
   87.19 +      <Date>2005-08-10</Date>
   87.20 +      <PolicyName>
   87.21 +         <Url>null-security_policy.xml</Url>
   87.22 +
   87.23 +         <Reference>abcdef123456abcdef</Reference>
   87.24 +      </PolicyName>
   87.25 +   </LabelHeader>
   87.26 +</SecurityLabelTemplate>
   87.27 +
    88.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    88.2 +++ b/tools/security/policies/null/null-security_policy.xml	Fri Aug 19 10:19:28 2005 -0800
    88.3 @@ -0,0 +1,14 @@
    88.4 +<?xml version="1.0" encoding="UTF-8"?>
    88.5 +<!-- Author: Reiner Sailer, Ray Valdez {sailer,rvaldez}@us.ibm.com  -->
    88.6 +<!--             This file defines the security policies, which     -->
    88.7 +<!--             can be enforced by the Xen Access Control Module.  -->
    88.8 +<!--             Currently: Chinese Wall and Simple Type Enforcement-->
    88.9 +<SecurityPolicyDefinition xmlns="http://www.ibm.com"
   88.10 + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
   88.11 + xsi:schemaLocation="http://www.ibm.com security_policy.xsd">
   88.12 +<PolicyHeader>
   88.13 +		<Name>null-security_policy</Name>
   88.14 +		<Date>2005-08-10</Date>
   88.15 +</PolicyHeader>
   88.16 +</SecurityPolicyDefinition>
   88.17 +
    89.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    89.2 +++ b/tools/security/policies/security_policy.xsd	Fri Aug 19 10:19:28 2005 -0800
    89.3 @@ -0,0 +1,138 @@
    89.4 +<?xml version="1.0" encoding="UTF-8"?>
    89.5 +<!-- Author: Ray Valdez, Reiner Sailer {rvaldez,sailer}@us.ibm.com -->
    89.6 +<!--         This file defines the schema, which is used to define -->
    89.7 +<!--         the security policy and the security labels in Xe.    -->
    89.8 +
    89.9 +<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" targetNamespace="http://www.ibm.com" xmlns="http://www.ibm.com" elementFormDefault="qualified">
   89.10 +	<xsd:element name="SecurityPolicyDefinition">
   89.11 +		<xsd:complexType>
   89.12 +			<xsd:sequence>
   89.13 +				<xsd:element ref="PolicyHeader" minOccurs="0" maxOccurs="1"></xsd:element>
   89.14 +				<xsd:element ref="SimpleTypeEnforcement" minOccurs="0" maxOccurs="1"></xsd:element>
   89.15 +				<xsd:element ref="ChineseWall" minOccurs="0" maxOccurs="1"></xsd:element>
   89.16 +			</xsd:sequence>
   89.17 +		</xsd:complexType>
   89.18 +	</xsd:element>
   89.19 +	<xsd:element name="SecurityLabelTemplate">
   89.20 +		<xsd:complexType>
   89.21 +			<xsd:sequence>
   89.22 +				<xsd:element ref="LabelHeader" minOccurs="1" maxOccurs="1"></xsd:element>
   89.23 +				<xsd:element name="SubjectLabels" minOccurs="0" maxOccurs="1">
   89.24 +					<xsd:complexType>
   89.25 +						<xsd:sequence>
   89.26 +							<xsd:element ref="VirtualMachineLabel" minOccurs="1" maxOccurs="unbounded"></xsd:element>
   89.27 +						</xsd:sequence>
   89.28 +						<xsd:attribute name="bootstrap" type="xsd:string" use="required"></xsd:attribute>
   89.29 +					</xsd:complexType>
   89.30 +				</xsd:element>
   89.31 +				<xsd:element name="ObjectLabels" minOccurs="0" maxOccurs="1">
   89.32 +					<xsd:complexType>
   89.33 +						<xsd:sequence>
   89.34 +							<xsd:element ref="ResourceLabel" minOccurs="1" maxOccurs="unbounded"></xsd:element>
   89.35 +						</xsd:sequence>
   89.36 +					</xsd:complexType>
   89.37 +				</xsd:element>
   89.38 +			</xsd:sequence>
   89.39 +		</xsd:complexType>
   89.40 +	</xsd:element>
   89.41 +	<xsd:element name="PolicyHeader">
   89.42 +		<xsd:complexType>
   89.43 +			<xsd:sequence>
   89.44 +				<xsd:element ref="Name" minOccurs="1" maxOccurs="1" />
   89.45 +				<xsd:element ref="Date" minOccurs="1" maxOccurs="1" />
   89.46 +			</xsd:sequence>
   89.47 +		</xsd:complexType>
   89.48 +	</xsd:element>
   89.49 +	<xsd:element name="LabelHeader">
   89.50 +		<xsd:complexType>
   89.51 +			<xsd:sequence>
   89.52 +				<xsd:element ref="Name"></xsd:element>
   89.53 +				<xsd:element ref="Date" minOccurs="1" maxOccurs="1"></xsd:element>
   89.54 +				<xsd:element ref="PolicyName" minOccurs="1" maxOccurs="1"></xsd:element>
   89.55 +			</xsd:sequence>
   89.56 +		</xsd:complexType>
   89.57 +	</xsd:element>
   89.58 +	<xsd:element name="SimpleTypeEnforcement">
   89.59 +		<xsd:complexType>
   89.60 +			<xsd:sequence>
   89.61 +				<xsd:element ref="SimpleTypeEnforcementTypes" />
   89.62 +			</xsd:sequence>
   89.63 +			<xsd:attribute name="priority" type="PolicyOrder" use="optional"></xsd:attribute>
   89.64 +		</xsd:complexType>
   89.65 +	</xsd:element>
   89.66 +	<xsd:element name="ChineseWall">
   89.67 +		<xsd:complexType>
   89.68 +			<xsd:sequence>
   89.69 +				<xsd:element ref="ChineseWallTypes" />
   89.70 +				<xsd:element ref="ConflictSets" />
   89.71 +			</xsd:sequence>
   89.72 +			<xsd:attribute name="priority" type="PolicyOrder" use="optional"></xsd:attribute>
   89.73 +		</xsd:complexType>
   89.74 +	</xsd:element>
   89.75 +	<xsd:element name="ChineseWallTypes">
   89.76 +		<xsd:complexType>
   89.77 +			<xsd:sequence>
   89.78 +				<xsd:element maxOccurs="unbounded" minOccurs="1" ref="Type" />
   89.79 +			</xsd:sequence>
   89.80 +		</xsd:complexType>
   89.81 +	</xsd:element>
   89.82 +	<xsd:element name="ConflictSets">
   89.83 +		<xsd:complexType>
   89.84 +			<xsd:sequence>
   89.85 +				<xsd:element maxOccurs="unbounded" minOccurs="1" ref="Conflict" />
   89.86 +			</xsd:sequence>
   89.87 +		</xsd:complexType>
   89.88 +	</xsd:element>
   89.89 +	<xsd:element name="SimpleTypeEnforcementTypes">
   89.90 +		<xsd:complexType>
   89.91 +			<xsd:sequence>
   89.92 +				<xsd:element maxOccurs="unbounded" minOccurs="1" ref="Type" />
   89.93 +			</xsd:sequence>
   89.94 +		</xsd:complexType>
   89.95 +	</xsd:element>
   89.96 +	<xsd:element name="Conflict">
   89.97 +		<xsd:complexType>
   89.98 +			<xsd:sequence>
   89.99 +				<xsd:element maxOccurs="unbounded" minOccurs="1" ref="Type" />
  89.100 +			</xsd:sequence>
  89.101 +			<xsd:attribute name="name" type="xsd:string" use="optional"></xsd:attribute>
  89.102 +		</xsd:complexType>
  89.103 +	</xsd:element>
  89.104 +	<xsd:element name="VirtualMachineLabel">
  89.105 +		<xsd:complexType>
  89.106 +			<xsd:sequence>
  89.107 +				<xsd:element ref="Name"></xsd:element>
  89.108 +				<xsd:element ref="SimpleTypeEnforcementTypes" minOccurs="0" maxOccurs="unbounded" />
  89.109 +				<xsd:element ref="ChineseWallTypes" minOccurs="0" maxOccurs="unbounded" />
  89.110 +			</xsd:sequence>
  89.111 +		</xsd:complexType>
  89.112 +	</xsd:element>
  89.113 +	<xsd:element name="ResourceLabel">
  89.114 +		<xsd:complexType>
  89.115 +			<xsd:sequence>
  89.116 +				<xsd:element ref="Name"></xsd:element>
  89.117 +				<xsd:element ref="SimpleTypeEnforcementTypes" minOccurs="0" maxOccurs="unbounded" />
  89.118 +			</xsd:sequence>
  89.119 +		</xsd:complexType>
  89.120 +	</xsd:element>
  89.121 +	<xsd:element name="PolicyName">
  89.122 +		<xsd:complexType>
  89.123 +			<xsd:sequence>
  89.124 +				<xsd:element ref="Url" />
  89.125 +				<xsd:element ref="Reference" />
  89.126 +			</xsd:sequence>
  89.127 +		</xsd:complexType>
  89.128 +	</xsd:element>
  89.129 +	<xsd:element name="Date" type="xsd:string" />
  89.130 +	<xsd:element name="Name" type="xsd:string" />
  89.131 +	<xsd:element name="Type" type="xsd:string" />
  89.132 +	<xsd:element name="Reference" type="xsd:string" />
  89.133 +	<xsd:element name="Url"></xsd:element>
  89.134 +
  89.135 +	<xsd:simpleType name="PolicyOrder">
  89.136 +		<xsd:restriction base="xsd:string">
  89.137 +			<xsd:enumeration value="PrimaryPolicyComponent"></xsd:enumeration>
  89.138 +		</xsd:restriction>
  89.139 +	</xsd:simpleType>
  89.140 +
  89.141 +</xsd:schema>
    90.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    90.2 +++ b/tools/security/policies/ste/ste-security_label_template.xml	Fri Aug 19 10:19:28 2005 -0800
    90.3 @@ -0,0 +1,143 @@
    90.4 +<?xml version="1.0"?>
    90.5 +<!-- Author: Reiner Sailer, Ray Valdez {sailer,rvaldez}@us.ibm.com  -->
    90.6 +<!--              This file defines the security labels, which can  -->
    90.7 +<!--              be attached to Domains and resources. Based on    -->
    90.8 +<!--              these labels, the access control module decides   -->
    90.9 +<!--              about sharing between Domains and about access    -->
   90.10 +<!--              of Domains to real resources.                     -->
   90.11 +
   90.12 +<SecurityLabelTemplate
   90.13 + xmlns="http://www.ibm.com"
   90.14 + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
   90.15 + xsi:schemaLocation="http://www.ibm.com security_policy.xsd">
   90.16 +   <LabelHeader>
   90.17 +      <Name>ste-security_label_template</Name>
   90.18 +      <Date>2005-08-10</Date>
   90.19 +      <PolicyName>
   90.20 +         <Url>ste-security_policy.xml</Url>
   90.21 +         <Reference>abcdef123456abcdef</Reference>
   90.22 +      </PolicyName>
   90.23 +   </LabelHeader>
   90.24 +
   90.25 +   <SubjectLabels bootstrap="dom_SystemManagement">
   90.26 +      <!-- single ste typed domains            -->
   90.27 +      <!-- ACM enforces that only domains with -->
   90.28 +      <!-- the same type can share information -->
   90.29 +      <!--                                     -->
   90.30 +      <!-- Bootstrap label is assigned to Dom0 -->
   90.31 +      <VirtualMachineLabel>
   90.32 +      	<Name>dom_HomeBanking</Name>
   90.33 +         <SimpleTypeEnforcementTypes>
   90.34 +            <Type>ste_PersonalFinances</Type>
   90.35 +         </SimpleTypeEnforcementTypes>
   90.36 +      </VirtualMachineLabel>
   90.37 +
   90.38 +      <VirtualMachineLabel>
   90.39 +      	<Name>dom_Fun</Name>
   90.40 +         <SimpleTypeEnforcementTypes>
   90.41 +            <Type>ste_InternetInsecure</Type>
   90.42 +         </SimpleTypeEnforcementTypes>
   90.43 +      </VirtualMachineLabel>
   90.44 +
   90.45 +      <VirtualMachineLabel>
   90.46 +        <!-- donating some cycles to seti@home -->
   90.47 +      	<Name>dom_BoincClient</Name>
   90.48 +         <SimpleTypeEnforcementTypes>
   90.49 +            <Type>ste_DonatedCycles</Type>
   90.50 +         </SimpleTypeEnforcementTypes>
   90.51 +      </VirtualMachineLabel>
   90.52 +
   90.53 +      <!-- Domains with multiple ste types services; such domains   -->
   90.54 +      <!-- must keep the types inside their domain safely confined. -->
   90.55 +      <VirtualMachineLabel>
   90.56 +      	<Name>dom_SystemManagement</Name>
   90.57 +         <SimpleTypeEnforcementTypes>
   90.58 +            <!-- since dom0 needs access to every domain and -->
   90.59 +            <!-- resource right now ... -->
   90.60 +            <Type>ste_SystemManagement</Type>
   90.61 +            <Type>ste_PersonalFinances</Type>
   90.62 +            <Type>ste_InternetInsecure</Type>
   90.63 +            <Type>ste_DonatedCycles</Type>
   90.64 +            <Type>ste_PersistentStorageA</Type>
   90.65 +            <Type>ste_NetworkAdapter0</Type>
   90.66 +         </SimpleTypeEnforcementTypes>
   90.67 +      </VirtualMachineLabel>
   90.68 +
   90.69 +      <VirtualMachineLabel>
   90.70 +        <!-- serves persistent storage to other domains -->
   90.71 +      	<Name>dom_StorageDomain</Name>
   90.72 +         <SimpleTypeEnforcementTypes>
   90.73 +            <!-- access right to the resource (hard drive a) -->
   90.74 +            <Type>ste_PersistentStorageA</Type>
   90.75 +            <!-- can serve following types -->
   90.76 +            <Type>ste_PersonalFinances</Type>
   90.77 +            <Type>ste_InternetInsecure</Type>
   90.78 +         </SimpleTypeEnforcementTypes>
   90.79 +      </VirtualMachineLabel>
   90.80 +
   90.81 +      <VirtualMachineLabel>
   90.82 +        <!-- serves network access to other domains -->
   90.83 +      	<Name>dom_NetworkDomain</Name>
   90.84 +         <SimpleTypeEnforcementTypes>
   90.85 +            <!-- access right to the resource (ethernet card) -->
   90.86 +            <Type>ste_NetworkAdapter0</Type>
   90.87 +            <!-- can serve following types -->
   90.88 +            <Type>ste_PersonalFinances</Type>
   90.89 +            <Type>ste_InternetInsecure</Type>
   90.90 +            <Type>ste_DonatedCycles</Type>
   90.91 +         </SimpleTypeEnforcementTypes>
   90.92 +      </VirtualMachineLabel>
   90.93 +   </SubjectLabels>
   90.94 +
   90.95 +   <ObjectLabels>
   90.96 +      <ResourceLabel>
   90.97 +      	<Name>res_ManagementResource</Name>
   90.98 +         <SimpleTypeEnforcementTypes>
   90.99 +            <Type>ste_SystemManagement</Type>
  90.100 +         </SimpleTypeEnforcementTypes>
  90.101 +      </ResourceLabel>
  90.102 +
  90.103 +      <ResourceLabel>
  90.104 +      	<Name>res_HardDrive (hda)</Name>
  90.105 +         <SimpleTypeEnforcementTypes>
  90.106 +            <Type>ste_PersistentStorageA</Type>
  90.107 +         </SimpleTypeEnforcementTypes>
  90.108 +      </ResourceLabel>
  90.109 +
  90.110 +      <ResourceLabel>
  90.111 +      	<Name>res_LogicalDiskPartition1 (hda1)</Name>
  90.112 +         <SimpleTypeEnforcementTypes>
  90.113 +            <Type>ste_PersonalFinances</Type>
  90.114 +         </SimpleTypeEnforcementTypes>
  90.115 +      </ResourceLabel>
  90.116 +
  90.117 +      <ResourceLabel>
  90.118 +      	<Name>res_LogicalDiskPartition2 (hda2)</Name>
  90.119 +         <SimpleTypeEnforcementTypes>
  90.120 +            <Type>ste_InternetInsecure</Type>
  90.121 +         </SimpleTypeEnforcementTypes>
  90.122 +      </ResourceLabel>
  90.123 +
  90.124 +      <ResourceLabel>
  90.125 +      	<Name>res_EthernetCard</Name>
  90.126 +         <SimpleTypeEnforcementTypes>
  90.127 +            <Type>ste_NetworkAdapter0</Type>
  90.128 +         </SimpleTypeEnforcementTypes>
  90.129 +      </ResourceLabel>
  90.130 +
  90.131 +      <ResourceLabel>
  90.132 +      	<Name>res_SecurityToken</Name>
  90.133 +         <SimpleTypeEnforcementTypes>
  90.134 +            <Type>ste_PersonalFinances</Type>
  90.135 +         </SimpleTypeEnforcementTypes>
  90.136 +      </ResourceLabel>
  90.137 +
  90.138 +      <ResourceLabel>
  90.139 +      	<Name>res_GraphicsAdapter</Name>
  90.140 +         <SimpleTypeEnforcementTypes>
  90.141 +            <Type>ste_SystemManagement</Type>
  90.142 +         </SimpleTypeEnforcementTypes>
  90.143 +      </ResourceLabel>
  90.144 +   </ObjectLabels>
  90.145 +</SecurityLabelTemplate>
  90.146 +
    91.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    91.2 +++ b/tools/security/policies/ste/ste-security_policy.xml	Fri Aug 19 10:19:28 2005 -0800
    91.3 @@ -0,0 +1,27 @@
    91.4 +<?xml version="1.0" encoding="UTF-8"?>
    91.5 +<!-- Author: Reiner Sailer, Ray Valdez {sailer,rvaldez}@us.ibm.com  -->
    91.6 +<!--             This file defines the security policies, which     -->
    91.7 +<!--             can be enforced by the Xen Access Control Module.  -->
    91.8 +<!--             Currently: Chinese Wall and Simple Type Enforcement-->
    91.9 +<SecurityPolicyDefinition xmlns="http://www.ibm.com"
   91.10 + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
   91.11 + xsi:schemaLocation="http://www.ibm.com security_policy.xsd">
   91.12 +<PolicyHeader>
   91.13 +		<Name>ste-security_policy</Name>
   91.14 +		<Date>2005-08-10</Date>
   91.15 +</PolicyHeader>
   91.16 +<!--                                                        -->
   91.17 +<!-- example of a simple type enforcement policy definition -->
   91.18 +<!--                                                        -->
   91.19 +	<SimpleTypeEnforcement>
   91.20 +        <SimpleTypeEnforcementTypes>
   91.21 +            <Type>ste_SystemManagement</Type>   <!-- machine/security management -->
   91.22 +            <Type>ste_PersonalFinances</Type>   <!-- personal finances -->
   91.23 +            <Type>ste_InternetInsecure</Type>   <!-- games, active X, etc. -->
   91.24 +            <Type>ste_DonatedCycles</Type>      <!-- donation to BOINC/seti@home -->
   91.25 +            <Type>ste_PersistentStorageA</Type> <!-- domain managing the harddrive A-->
   91.26 +            <Type>ste_NetworkAdapter0</Type>    <!-- type of the domain managing ethernet adapter 0-->
   91.27 +        </SimpleTypeEnforcementTypes>
   91.28 +	</SimpleTypeEnforcement>
   91.29 +</SecurityPolicyDefinition>
   91.30 +
    92.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    92.2 +++ b/tools/security/policy.txt	Fri Aug 19 10:19:28 2005 -0800
    92.3 @@ -0,0 +1,405 @@
    92.4 +##
    92.5 +# policy.txt <description to the Xen access control architecture>
    92.6 +#
    92.7 +# Author:
    92.8 +# Reiner Sailer 08/15/2005 <sailer@watson.ibm.com>
    92.9 +#
   92.10 +#
   92.11 +# This file gives an overview of the security policies currently
   92.12 +# provided and also gives some reasoning about how to assign
   92.13 +# labels to domains.
   92.14 +##
   92.15 +
   92.16 +Xen access control policies
   92.17 +
   92.18 +
   92.19 +General explanation of supported security policies:
   92.20 +=====================================================
   92.21 +
   92.22 +We have implemented the mandatory access control architecture of our
   92.23 +hypervisor security architecture (sHype) for the Xen hypervisor. It
   92.24 +controls communication (in Xen: event channels, grant tables) between
   92.25 +Virtual Machines (from here on called domains) and through this the
   92.26 +virtual block devices, networking, and shared memory are implemented
   92.27 +on top of these communication means. While we have implemented the
   92.28 +described policies and access control architecture for other
   92.29 +hypervisor systems, we will describe below specifically its
   92.30 +implementation and use in the Xen hypervisor. The policy enforcement
   92.31 +is called mandatory regarding user domains since the policy it is
   92.32 +given by the security administration and enforced independently of the
   92.33 +user domains by the Xen hypervisor in cooperation with the domain
   92.34 +management.
   92.35 +
   92.36 +The access control architecture consists of three parts:
   92.37 +
   92.38 +i) The access control policy determines the "command set" of the ACM
   92.39 +and the hooks with which they can be configured to constrain the
   92.40 +sharing of virtual resources. The current access control architecture
   92.41 +implemented for Xen supports two policies: Chinese Wall and Simple
   92.42 +Type Enforcement, which we describe in turn below.
   92.43 +
   92.44 +
   92.45 +ii) The actually enforced policy instantiation uses the policy
   92.46 +language (i) to configure the Xen access control in a way that suits
   92.47 +the specific application (home desktop environment, company desktop,
   92.48 +Web server system, etc.). We have defined an exemplary policy
   92.49 +instantiation for Chinese Wall (chwall policy) and Simple Type
   92.50 +Enforcement (ste policy) for a desktop system. We offer these policies
   92.51 +in combination since they are controlling orthogonal events.
   92.52 +
   92.53 +
   92.54 +iii) The access control module (ACM) and related hooks are part of the
   92.55 +core hypervisor and their controls cannot be bypassed by domains. The
   92.56 +ACM and hooks are the active security components. We refer to
   92.57 +publications that describe how access control is enforced in the Xen
   92.58 +hypervisor using the ACM (access decision) and the hooks (decision
   92.59 +enforcement) inserted into the setup of event channels and grant
   92.60 +tables, and into domain operations (create, destroy, save, restore,
   92.61 +migrate). These controls decide based on the active policy
   92.62 +configuration (see i. and ii.) if the operation proceeds of if the
   92.63 +operation is aborted (denied).
   92.64 +
   92.65 +
   92.66 +In general, security policy instantiations in the Xen access control
   92.67 +framework are defined by two files:
   92.68 +
   92.69 +a) a single "policy-name"-security_policy.xml file that defines the
   92.70 +types known to the ACM and policy rules based on these types
   92.71 +
   92.72 +b) a single "policy-name"-security_label_template.xml file that
   92.73 +defines labels based on known types
   92.74 +
   92.75 +Every security policy has its own sub-directory under
   92.76 +"Xen-root"/tools/security/policies in order to simplify their
   92.77 +management and the security policy tools. We will describe those files
   92.78 +for our example policy (Chinese Wall and Simple Type Enforcement) in
   92.79 +more detail as we go along. Eventually, we will move towards a system
   92.80 +installation where the policies will reside under /etc.
   92.81 +
   92.82 +
   92.83 +CHINESE WALL
   92.84 +============
   92.85 +
   92.86 +The Chinese Wall policy enables the user to define "which workloads
   92.87 +(domain payloads) cannot run on a single physical system at the same
   92.88 +time". Why would we want to prevent workloads from running at the same
   92.89 +time on the same system? This supports requirements that can (but
   92.90 +don't have to) be rooted in the measure of trust into the isolation of
   92.91 +different domains that share the same hardware. Since the access
   92.92 +control architecture aims at high performance and non-intrusive
   92.93 +implementation, it currently does not address covert (timing) channels
   92.94 +and aims at medium assurance. Users can apply the Chinese Wall policy
   92.95 +to guarantee an air-gap between very sensitive payloads both regarding
   92.96 +covert information channels and regarding resource starvation.
   92.97 +
   92.98 +To enable the CW control, each domain is labeled with a set of Chinese
   92.99 +Wall types and CW Conflict Sets are defined which include those CW
  92.100 +types that cannot run simultaneously on the same hardware. This
  92.101 +interpretation of conflict sets is the only policy rule for the Chines
  92.102 +Wall policy.
  92.103 +
  92.104 +This is enforced by controlling the start of domains according to
  92.105 +their assigned CW worload types. Domains with Chinese Wall types that
  92.106 +appear in a common conflict set are running mutually exclusive on a
  92.107 +platform, i.e., once a domain with one of the cw-types of a conflict
  92.108 +set is running, no domain with another cw-type of the same conflict
  92.109 +set can start until the first domain is destroyed, paused, or migrated
  92.110 +away from the physical system (this assumes that such a partition can
  92.111 +no longer be observed). The idea is to assign cw-types according to
  92.112 +the type of payload that a domain runs and to use the Chinese Wall
  92.113 +policy to ensure that payload types can be differentiated by the
  92.114 +hypervisor and can be prevented from being executed on the same system
  92.115 +at the same time. Using the flexible CW policy maintains system
  92.116 +consolidation and workload-balancing while introducing guaranteed
  92.117 +constraints where necessary.
  92.118 +
  92.119 +
  92.120 +Example of a Chinese Wall Policy Instantiation
  92.121 +----------------------------------------------
  92.122 +
  92.123 +The file chwall-security_policy.xml defines the Chinese Wall types as
  92.124 +well as the conflict sets for our example policy (you find it in the
  92.125 +directory "xen_root"/tools/security/policies/chwall).
  92.126 +
  92.127 +It defines four Chinese Wall types (prefixed with cw_) with the
  92.128 +following meaning:
  92.129 +
  92.130 +* cw_SystemsManagement is a type identifying workloads for systems
  92.131 +management, e.g., domain management, device management, or hypervisor
  92.132 +management.
  92.133 +
  92.134 +* cw_Sensitive is identifying workloads that are critical to the user
  92.135 +for one reason or another.
  92.136 +
  92.137 +* cw_Distrusted is identifying workloads a user does not have much
  92.138 +confidence in. E.g. a domain used for surfing in the internet without
  92.139 +protection( i.e., active-X, java, java-script, executing web content)
  92.140 +or for (Internet) Games should be typed this way.
  92.141 +
  92.142 +* cw_Isolated is identifying workloads that are supposedly isolated by
  92.143 +use of the type enforcement policy (described below). For example, if
  92.144 +a user wants to donate cycles to seti@home, she can setup a separate
  92.145 +domain for a Boinc (http://boinc.ssl.berkeley.edu/) client, disable
  92.146 +this domain from accessing the hard drive and from communicating to
  92.147 +other local domains, and type it as cw_Isolated. We will look at a
  92.148 +specific example later.
  92.149 +
  92.150 +The example policy uses the defined types to define one conflict set:
  92.151 +Protection1 = {cw_Sensitive, cw_Distrusted}. This conflict set tells
  92.152 +the hypervisor that once a domain typed as cw_Sensitive is running, a
  92.153 +domain typed as cw_Distrusted cannot run concurrently (and the other
  92.154 +way round). With this policy, a domain typed as cw_Isolated is allowed
  92.155 +to run simultaneously with domains tagged as cw_Sensitive.
  92.156 +
  92.157 +Consequently, the access control module in the Xen hypervisor
  92.158 +distinguishes in this example policy 4 different workload types in
  92.159 +this example policy. It is the user's responsibility to type the
  92.160 +domains in a way that reflects the workloads of these domains and, in
  92.161 +the case of cw_Isolated, its properties, e.g. by configuring the
  92.162 +sharing capabilities of the domain accordingly by using the simple
  92.163 +type enforcement policy.
  92.164 +
  92.165 +Users can define their own or change the existing example policy
  92.166 +according to their working environment and security requirements. To
  92.167 +do so, replace the file chwall-security_policy.xml with the new
  92.168 +policy.
  92.169 +
  92.170 +
  92.171 +SIMPLE TYPE ENFORCEMENT
  92.172 +=======================
  92.173 +
  92.174 +The file ste-security_policy.xml defines the simple type enforcement
  92.175 +types for our example policy (you find it in the directory
  92.176 +"xen_root"/tools/security/policies/ste). The Simple Type Enforcement
  92.177 +policy defines which domains can share information with which other
  92.178 +domains. To this end, it controls
  92.179 +
  92.180 +i) inter-domain communication channels (e.g., network traffic, events,
  92.181 +and shared memory).
  92.182 +
  92.183 +ii) access of domains to physical resources (e.g., hard drive, network
  92.184 +cards, graphics adapter, keyboard).
  92.185 +
  92.186 +In order to enable the hypervisor to distinguish different domains and
  92.187 +the user to express access rules, the simple type enforcement defines
  92.188 +a set of types (ste_types).
  92.189 +
  92.190 +The policy defines that communication between domains is allowed if
  92.191 +the domains share a common STE type. As with the chwall types, STE
  92.192 +types should enable the differentiation of workloads. The simple type
  92.193 +enforcement access control implementation in the hypervisor enforces
  92.194 +that domains can only communicate (setup event channels, grant tables)
  92.195 +if they share a common type, i.e., both domains have assigned at least
  92.196 +on type in common. A domain can access a resource, if the domain and
  92.197 +the resource share a common type. Hence, assigning STE types to
  92.198 +domains and resources allows users to define constraints on sharing
  92.199 +between domains and to keep sensitive data confined from distrusted
  92.200 +domains.
  92.201 +
  92.202 +Domain <--> Domain Sharing
  92.203 +''''''''''''''''''''''''''
  92.204 +(implemented but its effective use requires factorization of Dom0)
  92.205 +
  92.206 +a) Domains with a single STE type (general user domains): Sharing
  92.207 +between such domains is enforced entirely by the hypervisor access
  92.208 +control. It is independent of the domains and does not require their
  92.209 +co-operation.
  92.210 +
  92.211 +b) Domains with multiple STE types: One example is a domain that
  92.212 +virtualizes a physical resource (e.g., hard drive) and serves it as
  92.213 +multiple virtual resources (virtual block drives) to other domains of
  92.214 +different types. The idea is that only a specific device domain has
  92.215 +assigned the type required to access the physical hard-drive. Logical
  92.216 +drives are then assigned the types of domains that have access to this
  92.217 +logical drive. Since the Xen hypervisor cannot distinguish between the
  92.218 +logical drives, the access control (type enforcement) is delegated to
  92.219 +the device domain, which has access to the types of domains requesting
  92.220 +to mount a logical drive as well as the types assigned to the
  92.221 +different available logical drives.
  92.222 +
  92.223 +Currently in Xen, Dom0 controls all hardware, needs to communicate
  92.224 +with all domains during their setup, and intercepts all communication
  92.225 +between domains. Consequently, Dom0 needs to be assigned all types
  92.226 +used and must be completely trusted to maintain the separation of
  92.227 +informatio ncoming from domains with different STE types. Thus a
  92.228 +refactoring of Dom0 is recommended for stronger confinement
  92.229 +guarantees.
  92.230 +
  92.231 +Domain --> RESOURCES Access
  92.232 +'''''''''''''''''''''''''''
  92.233 +(current work)
  92.234 +
  92.235 +We define for each resource that we want to distinguish a separate STE
  92.236 +type. Each STE type is assigned to the respective resource and to
  92.237 +those domains that are allowed to access this resource. Type
  92.238 +enforcement will guarantee that other domains cannot access this
  92.239 +resource since they don't share the resource's STE type.
  92.240 +
  92.241 +Since in the current implementation of Xen, Dom0 controls access to
  92.242 +all hardware (e.g., disk drives, network), Domain-->Resource access
  92.243 +control enforcement must be implemented in Dom0. This is possible
  92.244 +since Dom0 has access to both the domain configuration (including the
  92.245 +domain STE types) and the resource configuration (including the
  92.246 +resource STE types).
  92.247 +
  92.248 +For purposes of gaining higher assurance in the resulting system, it
  92.249 +may be desirable to reduce the size of dom0 by adding one or more
  92.250 +"device domains" (DDs). These DDs, e.g. providing storage or network
  92.251 +access, can support one or more physical devices, and manage
  92.252 +enforcement of MAC policy relevant for said devices. Security benefits
  92.253 +come from the smaller size of these DDs, as they can be more easily
  92.254 +audited than monolithic device driver domains. DDs can help to obtain
  92.255 +maximum security benefit from sHype.
  92.256 +
  92.257 +
  92.258 +Example of a Simple Type Enforcement Policy Instantiation
  92.259 +---------------------------------------------------------
  92.260 +