WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-changelog

[Xen-changelog] Compile-time ACM null-ops disables build of acm files.

To: xen-changelog@xxxxxxxxxxxxxxxxxxx
Subject: [Xen-changelog] Compile-time ACM null-ops disables build of acm files.
From: BitKeeper Bot <riel@xxxxxxxxxxx>
Date: Wed, 22 Jun 2005 14:18:12 +0000
Cc: james@xxxxxxxxxxxxx
Delivery-date: Wed, 22 Jun 2005 15:02:04 +0000
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
List-help: <mailto:xen-changelog-request@lists.xensource.com?subject=help>
List-id: BK change log <xen-changelog.lists.xensource.com>
List-post: <mailto:xen-changelog@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-changelog>, <mailto:xen-changelog-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-changelog>, <mailto:xen-changelog-request@lists.xensource.com?subject=unsubscribe>
Reply-to: Xen Development List <xen-devel@xxxxxxxxxxxxxxxxxxx>
Sender: xen-changelog-bounces@xxxxxxxxxxxxxxxxxxx
ChangeSet 1.1727, 2005/06/22 15:18:12+01:00, kaf24@xxxxxxxxxxxxxxxxxxxx

        Compile-time ACM null-ops disables build of acm files.
        Signed-off-by: Keir Fraser <keir@xxxxxxxxxxxxx>



 b/xen/Makefile                      |    2 
 b/xen/Rules.mk                      |    2 
 b/xen/arch/x86/setup.c              |    8 
 b/xen/common/policy_ops.c           |   64 +++--
 b/xen/include/acm/acm_hooks.h       |  436 ++++++++++++++++++------------------
 xen/include/public/acm_dom0_setup.h |   34 --
 6 files changed, 274 insertions(+), 272 deletions(-)


diff -Nru a/xen/Makefile b/xen/Makefile
--- a/xen/Makefile      2005-06-22 11:03:11 -04:00
+++ b/xen/Makefile      2005-06-22 11:03:11 -04:00
@@ -59,7 +59,9 @@
        $(MAKE) include/asm-$(TARGET_ARCH)/asm-offsets.h
        $(MAKE) -C common
        $(MAKE) -C drivers
+ifdef ACM_USE_SECURITY_POLICY
        $(MAKE) -C acm
+endif
        $(MAKE) -C arch/$(TARGET_ARCH)
 
 # drivers/char/console.o may contain static banner/compile info. Blow it away.
diff -Nru a/xen/Rules.mk b/xen/Rules.mk
--- a/xen/Rules.mk      2005-06-22 11:03:11 -04:00
+++ b/xen/Rules.mk      2005-06-22 11:03:11 -04:00
@@ -35,7 +35,9 @@
 ALL_OBJS := $(BASEDIR)/common/common.o
 ALL_OBJS += $(BASEDIR)/drivers/char/driver.o
 ALL_OBJS += $(BASEDIR)/drivers/acpi/driver.o
+ifdef ACM_USE_SECURITY_POLICY
 ALL_OBJS += $(BASEDIR)/acm/acm.o
+endif
 ALL_OBJS += $(BASEDIR)/arch/$(TARGET_ARCH)/arch.o
 
 
diff -Nru a/xen/arch/x86/setup.c b/xen/arch/x86/setup.c
--- a/xen/arch/x86/setup.c      2005-06-22 11:03:11 -04:00
+++ b/xen/arch/x86/setup.c      2005-06-22 11:03:11 -04:00
@@ -20,7 +20,7 @@
 #include <asm/desc.h>
 #include <asm/shadow.h>
 #include <asm/e820.h>
-#include <public/acm_dom0_setup.h>
+#include <acm/acm_hooks.h>
 
 extern void dmi_scan_machine(void);
 extern void generic_apic_probe(void);
@@ -188,7 +188,7 @@
 
     arch_init_memory();
 
-    scheduler_init();  
+    scheduler_init();
 
     identify_cpu(&boot_cpu_data);
     if ( cpu_has_fxsr )
@@ -383,8 +383,8 @@
 
     init_xenheap_pages(xenheap_phys_start, xenheap_phys_end);
     printk("Xen heap: %luMB (%lukB)\n",
-          (xenheap_phys_end-xenheap_phys_start) >> 20,
-          (xenheap_phys_end-xenheap_phys_start) >> 10);
+           (xenheap_phys_end-xenheap_phys_start) >> 20,
+           (xenheap_phys_end-xenheap_phys_start) >> 10);
 
     early_boot = 0;
 
diff -Nru a/xen/common/policy_ops.c b/xen/common/policy_ops.c
--- a/xen/common/policy_ops.c   2005-06-22 11:03:11 -04:00
+++ b/xen/common/policy_ops.c   2005-06-22 11:03:11 -04:00
@@ -1,5 +1,5 @@
 /******************************************************************************
- *policy_ops.c
+ * policy_ops.c
  * 
  * Copyright (C) 2005 IBM Corporation
  *
@@ -14,6 +14,7 @@
  * Process policy command requests from guest OS.
  *
  */
+
 #include <xen/config.h>
 #include <xen/types.h>
 #include <xen/lib.h>
@@ -27,29 +28,39 @@
 #include <public/sched_ctl.h>
 #include <acm/acm_hooks.h>
 
+#if (ACM_USE_SECURITY_POLICY == ACM_NULL_POLICY)
+
+long do_policy_op(policy_op_t *u_policy_op)
+{
+    return -ENOSYS;
+}
+
+#else
+
 /* function prototypes defined in acm/acm_policy.c */
 int acm_set_policy(void *buf, u16 buf_size, u16 policy);
 int acm_get_policy(void *buf, u16 buf_size);
 int acm_dump_statistics(void *buf, u16 buf_size);
 
 typedef enum policyoperation {
-       POLICY,     /* access to policy interface (early drop) */
-       GETPOLICY,  /* dump policy cache */
-       SETPOLICY,  /* set policy cache (controls security) */
-       DUMPSTATS   /* dump policy statistics */
+    POLICY,     /* access to policy interface (early drop) */
+    GETPOLICY,  /* dump policy cache */
+    SETPOLICY,  /* set policy cache (controls security) */
+    DUMPSTATS   /* dump policy statistics */
 } policyoperation_t;
 
 int
 acm_authorize_policyops(struct domain *d, policyoperation_t pops)
 {
-       /* currently, all policy management functions are restricted to 
privileged domains,
-        * soon we will introduce finer-grained privileges for policy 
operations 
-        */
-       if (!IS_PRIV(d)) {
-               printk("%s: Policy management authorization denied ERROR!\n", 
__func__);
-               return ACM_ACCESS_DENIED;
-       }
-       return ACM_ACCESS_PERMITTED;
+    /* all policy management functions are restricted to privileged domains,
+     * soon we will introduce finer-grained privileges for policy operations 
+     */
+    if (!IS_PRIV(d)) {
+        printk("%s: Policy management authorization denied ERROR!\n",
+               __func__);
+        return ACM_ACCESS_DENIED;
+    }
+    return ACM_ACCESS_PERMITTED;
 }
 
 long do_policy_op(policy_op_t *u_policy_op)
@@ -60,7 +71,7 @@
     /* check here policy decision for policy commands */
     /* for now allow DOM0 only, later indepedently    */
     if (acm_authorize_policyops(current->domain, POLICY))
-           return -EACCES;
+        return -EACCES;
 
     if ( copy_from_user(op, u_policy_op, sizeof(*op)) )
         return -EFAULT;
@@ -73,9 +84,12 @@
     case POLICY_SETPOLICY:
     {
         if (acm_authorize_policyops(current->domain, SETPOLICY))
-               return -EACCES;
-       printkd("%s: setting policy.\n", __func__);
-       ret = acm_set_policy(op->u.setpolicy.pushcache, 
op->u.setpolicy.pushcache_size, op->u.setpolicy.policy_type);
+            return -EACCES;
+        printkd("%s: setting policy.\n", __func__);
+        ret = acm_set_policy(
+            op->u.setpolicy.pushcache, 
+            op->u.setpolicy.pushcache_size, 
+            op->u.setpolicy.policy_type);
         if (ret == ACM_OK)
             ret = 0;
         else
@@ -86,9 +100,11 @@
     case POLICY_GETPOLICY:
     {
         if (acm_authorize_policyops(current->domain, GETPOLICY))
-               return -EACCES;
+            return -EACCES;
         printkd("%s: getting policy.\n", __func__);
-       ret = acm_get_policy(op->u.getpolicy.pullcache, 
op->u.getpolicy.pullcache_size);
+        ret = acm_get_policy(
+            op->u.getpolicy.pullcache, 
+            op->u.getpolicy.pullcache_size);
         if (ret == ACM_OK)
             ret = 0;
         else
@@ -99,9 +115,11 @@
     case POLICY_DUMPSTATS:
     {
         if (acm_authorize_policyops(current->domain, DUMPSTATS))
-               return -EACCES;
-       printkd("%s: dumping statistics.\n", __func__);
-       ret = acm_dump_statistics(op->u.dumpstats.pullcache, 
op->u.dumpstats.pullcache_size);
+            return -EACCES;
+        printkd("%s: dumping statistics.\n", __func__);
+        ret = acm_dump_statistics(
+            op->u.dumpstats.pullcache, 
+            op->u.dumpstats.pullcache_size);
         if (ret == ACM_OK)
             ret = 0;
         else
@@ -115,3 +133,5 @@
     }
     return ret;
 }
+
+#endif
diff -Nru a/xen/include/acm/acm_hooks.h b/xen/include/acm/acm_hooks.h
--- a/xen/include/acm/acm_hooks.h       2005-06-22 11:03:11 -04:00
+++ b/xen/include/acm/acm_hooks.h       2005-06-22 11:03:11 -04:00
@@ -30,21 +30,42 @@
 #include <public/event_channel.h>
 #include <asm/current.h>
 
+#if (ACM_USE_SECURITY_POLICY == ACM_NULL_POLICY)
+
+static inline int acm_pre_dom0_op(dom0_op_t *op, void **ssid) 
+{ return 0; }
+static inline void acm_post_dom0_op(dom0_op_t *op, void *ssid) 
+{ return; }
+static inline void acm_fail_dom0_op(dom0_op_t *op, void *ssid) 
+{ return; }
+static inline int acm_pre_event_channel(evtchn_op_t *op) 
+{ return 0; }
+static inline int acm_pre_grant_map_ref(domid_t id) 
+{ return 0; }
+static inline int acm_pre_grant_setup(domid_t id) 
+{ return 0; }
+static inline int acm_init(void)
+{ return 0; }
+static inline void acm_post_domain0_create(domid_t domid) 
+{ return; }
+
+#else
+
 /* if ACM_TRACE_MODE defined, all hooks should
  * print a short trace message */
 /* #define ACM_TRACE_MODE */
 
 #ifdef ACM_TRACE_MODE
-#  define traceprintk(fmt, args...) printk(fmt,## args)
+# define traceprintk(fmt, args...) printk(fmt,## args)
 #else
-#  define traceprintk(fmt, args...)
+# define traceprintk(fmt, args...)
 #endif
 
 /* global variables */
 extern struct acm_operations *acm_primary_ops;
 extern struct acm_operations *acm_secondary_ops;
 
-/**********************************************************************************************
+/*********************************************************************
  * HOOK structure and meaning (justifies a few words about our model):
  * 
  * General idea: every policy-controlled system operation is reflected in a 
@@ -60,7 +81,8 @@
  *      ======================
  *      PRE-Hooks
  *             a) general authorization to guard a controlled system operation
- *             b) prepare security state change (means: fail hook must be able 
to "undo" this)
+ *             b) prepare security state change
+ *                 (means: fail hook must be able to "undo" this)
  *
  *     POST-Hooks
  *             a) commit prepared state change
@@ -100,238 +122,228 @@
  *                                             \
  *                                            sys-ops error
  *
- 
*************************************************************************************************/
+ ********************************************************************/
 
 struct acm_operations {
-       /* policy management functions (must always be defined!) */
-       int  (*init_domain_ssid)                (void **ssid, ssidref_t 
ssidref);
-       void (*free_domain_ssid)                (void *ssid);
-       int  (*dump_binary_policy)              (u8 *buffer, u16 buf_size);
-       int  (*set_binary_policy)               (u8 *buffer, u16 buf_size);     
-       int  (*dump_statistics)                 (u8 *buffer, u16 buf_size);
-       /* domain management control hooks (can be NULL) */
-       int  (*pre_domain_create)               (void *subject_ssid, ssidref_t 
ssidref);
-       void (*post_domain_create)              (domid_t domid, ssidref_t 
ssidref);
-       void (*fail_domain_create)              (void *subject_ssid, ssidref_t 
ssidref);
-       void (*post_domain_destroy)             (void *object_ssid, domid_t id);
-       /* event channel control hooks  (can be NULL) */
-       int  (*pre_eventchannel_unbound)        (domid_t id);
-       void (*fail_eventchannel_unbound)       (domid_t id);
-       int  (*pre_eventchannel_interdomain)    (domid_t id1, domid_t id2);
-       int  (*fail_eventchannel_interdomain)   (domid_t id1, domid_t id2);
-       /* grant table control hooks (can be NULL)  */
-       int  (*pre_grant_map_ref)               (domid_t id);
-       void (*fail_grant_map_ref)              (domid_t id);
-       int  (*pre_grant_setup)                 (domid_t id);
-       void (*fail_grant_setup)                (domid_t id);
+    /* policy management functions (must always be defined!) */
+    int  (*init_domain_ssid)           (void **ssid, ssidref_t ssidref);
+    void (*free_domain_ssid)           (void *ssid);
+    int  (*dump_binary_policy)         (u8 *buffer, u16 buf_size);
+    int  (*set_binary_policy)          (u8 *buffer, u16 buf_size);
+    int  (*dump_statistics)            (u8 *buffer, u16 buf_size);
+    /* domain management control hooks (can be NULL) */
+    int  (*pre_domain_create)          (void *subject_ssid, ssidref_t ssidref);
+    void (*post_domain_create)         (domid_t domid, ssidref_t ssidref);
+    void (*fail_domain_create)         (void *subject_ssid, ssidref_t ssidref);
+    void (*post_domain_destroy)        (void *object_ssid, domid_t id);
+    /* event channel control hooks  (can be NULL) */
+    int  (*pre_eventchannel_unbound)      (domid_t id);
+    void (*fail_eventchannel_unbound)     (domid_t id);
+    int  (*pre_eventchannel_interdomain)  (domid_t id1, domid_t id2);
+    int  (*fail_eventchannel_interdomain) (domid_t id1, domid_t id2);
+    /* grant table control hooks (can be NULL)  */
+    int  (*pre_grant_map_ref)          (domid_t id);
+    void (*fail_grant_map_ref)         (domid_t id);
+    int  (*pre_grant_setup)            (domid_t id);
+    void (*fail_grant_setup)           (domid_t id);
 };
 
-static inline int acm_pre_domain_create (void *subject_ssid, ssidref_t ssidref)
+static inline int acm_pre_domain_create(void *subject_ssid, ssidref_t ssidref)
 {
-       if ((acm_primary_ops->pre_domain_create != NULL) && 
-                acm_primary_ops->pre_domain_create (subject_ssid, ssidref))
-               return ACM_ACCESS_DENIED;
-       else if ((acm_secondary_ops->pre_domain_create != NULL) && 
-                acm_secondary_ops->pre_domain_create (subject_ssid, ssidref)) {
-               /* roll-back primary */
-               if (acm_primary_ops->fail_domain_create != NULL)
-                       acm_primary_ops->fail_domain_create (subject_ssid, 
ssidref);
-               return ACM_ACCESS_DENIED;
-       } else
-               return ACM_ACCESS_PERMITTED;
-}
-
-static inline void acm_post_domain_create (domid_t domid, ssidref_t ssidref)
-{
-       if (acm_primary_ops->post_domain_create != NULL)
-               acm_primary_ops->post_domain_create (domid, ssidref);
-       if (acm_secondary_ops->post_domain_create != NULL)
-               acm_secondary_ops->post_domain_create (domid, ssidref);
-}
-
-static inline void acm_fail_domain_create (void *subject_ssid, ssidref_t 
ssidref)
-{
-       if (acm_primary_ops->fail_domain_create != NULL)
-               acm_primary_ops->fail_domain_create (subject_ssid, ssidref);
-       if (acm_secondary_ops->fail_domain_create != NULL)
-               acm_secondary_ops->fail_domain_create (subject_ssid, ssidref);
-}
-
-static inline void acm_post_domain_destroy (void *object_ssid, domid_t id)
-{
-       if (acm_primary_ops->post_domain_destroy != NULL)
-               acm_primary_ops->post_domain_destroy (object_ssid, id);
-       if (acm_secondary_ops->post_domain_destroy != NULL)
-               acm_secondary_ops->post_domain_destroy (object_ssid, id);
-       return;
-}
-
-/*   event channel ops */
-
-static inline int acm_pre_eventchannel_unbound (domid_t id)
-{
-       if ((acm_primary_ops->pre_eventchannel_unbound != NULL) && 
-           acm_primary_ops->pre_eventchannel_unbound (id))
-               return ACM_ACCESS_DENIED;
-       else if ((acm_secondary_ops->pre_eventchannel_unbound != NULL) && 
-                acm_secondary_ops->pre_eventchannel_unbound (id)) {
-               /* roll-back primary */
-               if (acm_primary_ops->fail_eventchannel_unbound != NULL)
-                       acm_primary_ops->fail_eventchannel_unbound (id);
-               return ACM_ACCESS_DENIED;
-       } else
-               return ACM_ACCESS_PERMITTED;
-}
-
-static inline int acm_pre_eventchannel_interdomain (domid_t id1, domid_t id2)
-{      
-       if ((acm_primary_ops->pre_eventchannel_interdomain != NULL) &&
-           acm_primary_ops->pre_eventchannel_interdomain (id1, id2))
-               return ACM_ACCESS_DENIED;
-       else if ((acm_secondary_ops->pre_eventchannel_interdomain != NULL) &&
-                acm_secondary_ops->pre_eventchannel_interdomain (id1, id2)) {
-               /* roll-back primary */
-               if (acm_primary_ops->fail_eventchannel_interdomain != NULL)
-                       acm_primary_ops->fail_eventchannel_interdomain (id1, 
id2);
-               return ACM_ACCESS_DENIED;
-       } else
-               return ACM_ACCESS_PERMITTED;
-}
-
-/************ Xen inline hooks ***************/
-
-/* small macro to make the hooks more readable 
- * (eliminates hooks if NULL policy is active)
- */
-#if (ACM_USE_SECURITY_POLICY == ACM_NULL_POLICY)
-static inline int acm_pre_dom0_op(dom0_op_t *op, void **ssid) 
-{ return 0; }
-#else
+    if ((acm_primary_ops->pre_domain_create != NULL) && 
+        acm_primary_ops->pre_domain_create(subject_ssid, ssidref))
+        return ACM_ACCESS_DENIED;
+    else if ((acm_secondary_ops->pre_domain_create != NULL) && 
+             acm_secondary_ops->pre_domain_create(subject_ssid, ssidref)) {
+        /* roll-back primary */
+        if (acm_primary_ops->fail_domain_create != NULL)
+            acm_primary_ops->fail_domain_create(subject_ssid, ssidref);
+        return ACM_ACCESS_DENIED;
+    } else
+        return ACM_ACCESS_PERMITTED;
+}
+
+static inline void acm_post_domain_create(domid_t domid, ssidref_t ssidref)
+{
+    if (acm_primary_ops->post_domain_create != NULL)
+        acm_primary_ops->post_domain_create(domid, ssidref);
+    if (acm_secondary_ops->post_domain_create != NULL)
+        acm_secondary_ops->post_domain_create(domid, ssidref);
+}
+
+static inline void acm_fail_domain_create(
+    void *subject_ssid, ssidref_t ssidref)
+{
+    if (acm_primary_ops->fail_domain_create != NULL)
+        acm_primary_ops->fail_domain_create(subject_ssid, ssidref);
+    if (acm_secondary_ops->fail_domain_create != NULL)
+        acm_secondary_ops->fail_domain_create(subject_ssid, ssidref);
+}
+
+static inline void acm_post_domain_destroy(void *object_ssid, domid_t id)
+{
+    if (acm_primary_ops->post_domain_destroy != NULL)
+        acm_primary_ops->post_domain_destroy(object_ssid, id);
+    if (acm_secondary_ops->post_domain_destroy != NULL)
+        acm_secondary_ops->post_domain_destroy(object_ssid, id);
+    return;
+}
+
+static inline int acm_pre_eventchannel_unbound(domid_t id)
+{
+    if ((acm_primary_ops->pre_eventchannel_unbound != NULL) && 
+        acm_primary_ops->pre_eventchannel_unbound(id))
+        return ACM_ACCESS_DENIED;
+    else if ((acm_secondary_ops->pre_eventchannel_unbound != NULL) && 
+             acm_secondary_ops->pre_eventchannel_unbound(id)) {
+        /* roll-back primary */
+        if (acm_primary_ops->fail_eventchannel_unbound != NULL)
+            acm_primary_ops->fail_eventchannel_unbound(id);
+        return ACM_ACCESS_DENIED;
+    } else
+        return ACM_ACCESS_PERMITTED;
+}
+
+static inline int acm_pre_eventchannel_interdomain(domid_t id1, domid_t id2)
+{
+    if ((acm_primary_ops->pre_eventchannel_interdomain != NULL) &&
+        acm_primary_ops->pre_eventchannel_interdomain(id1, id2))
+        return ACM_ACCESS_DENIED;
+    else if ((acm_secondary_ops->pre_eventchannel_interdomain != NULL) &&
+             acm_secondary_ops->pre_eventchannel_interdomain(id1, id2)) {
+        /* roll-back primary */
+        if (acm_primary_ops->fail_eventchannel_interdomain != NULL)
+            acm_primary_ops->fail_eventchannel_interdomain(id1, id2);
+        return ACM_ACCESS_DENIED;
+    } else
+        return ACM_ACCESS_PERMITTED;
+}
+
 static inline int acm_pre_dom0_op(dom0_op_t *op, void **ssid) 
 {
-       int ret = -EACCES;
-       struct domain *d;
+    int ret = -EACCES;
+    struct domain *d;
 
-       switch(op->cmd) {
-       case DOM0_CREATEDOMAIN:
-               ret = acm_pre_domain_create(current->domain->ssid, 
op->u.createdomain.ssidref);
-               break;
-       case DOM0_DESTROYDOMAIN:
-               d = find_domain_by_id(op->u.destroydomain.domain);
-               if (d != NULL) {
-                       *ssid = d->ssid; /* save for post destroy when d is 
gone */
-                       /* no policy-specific hook */
-                       put_domain(d);
-                       ret = 0;
-               }
-               break;
-       default:
-               ret = 0; /* ok */
-       }
-       return ret;
+    switch(op->cmd) {
+    case DOM0_CREATEDOMAIN:
+        ret = acm_pre_domain_create(
+            current->domain->ssid, op->u.createdomain.ssidref);
+        break;
+    case DOM0_DESTROYDOMAIN:
+        d = find_domain_by_id(op->u.destroydomain.domain);
+        if (d != NULL) {
+            *ssid = d->ssid; /* save for post destroy when d is gone */
+            /* no policy-specific hook */
+            put_domain(d);
+            ret = 0;
+        }
+        break;
+    default:
+        ret = 0; /* ok */
+    }
+    return ret;
 }
-#endif
 
-
-#if (ACM_USE_SECURITY_POLICY == ACM_NULL_POLICY)
-static inline void acm_post_dom0_op(dom0_op_t *op, void *ssid) 
-{ return; }
-#else
 static inline void acm_post_dom0_op(dom0_op_t *op, void *ssid) 
 {
-       switch(op->cmd) {
-       case DOM0_CREATEDOMAIN:
-               /* initialialize shared sHype security labels for new domain */
-               acm_init_domain_ssid(op->u.createdomain.domain, 
op->u.createdomain.ssidref);
-               acm_post_domain_create(op->u.createdomain.domain, 
op->u.createdomain.ssidref);
-               break;
-       case DOM0_DESTROYDOMAIN:
-               acm_post_domain_destroy(ssid, op->u.destroydomain.domain);
-               /* free security ssid for the destroyed domain (also if running 
null policy */
-               acm_free_domain_ssid((struct acm_ssid_domain *)ssid);
-               break;
-       }
+    switch(op->cmd) {
+    case DOM0_CREATEDOMAIN:
+        /* initialialize shared sHype security labels for new domain */
+        acm_init_domain_ssid(
+            op->u.createdomain.domain, op->u.createdomain.ssidref);
+        acm_post_domain_create(
+            op->u.createdomain.domain, op->u.createdomain.ssidref);
+        break;
+    case DOM0_DESTROYDOMAIN:
+        acm_post_domain_destroy(ssid, op->u.destroydomain.domain);
+        /* free security ssid for the destroyed domain (also if null policy */
+        acm_free_domain_ssid((struct acm_ssid_domain *)ssid);
+        break;
+    }
 }
-#endif
-
 
-#if (ACM_USE_SECURITY_POLICy == ACM_NULL_POLICY)
-static inline void acm_fail_dom0_op(dom0_op_t *op, void *ssid) 
-{ return; }
-#else
 static inline void acm_fail_dom0_op(dom0_op_t *op, void *ssid) 
 {
-       switch(op->cmd) {
-       case DOM0_CREATEDOMAIN:
-               acm_fail_domain_create(current->domain->ssid, 
op->u.createdomain.ssidref);
-               break;
-       }
+    switch(op->cmd) {
+    case DOM0_CREATEDOMAIN:
+        acm_fail_domain_create(
+            current->domain->ssid, op->u.createdomain.ssidref);
+        break;
+    }
 }
-#endif
 
-
-#if (ACM_USE_SECURITY_POLICY == ACM_NULL_POLICY)
-static inline int acm_pre_event_channel(evtchn_op_t *op) 
-{ return 0; }
-#else
 static inline int acm_pre_event_channel(evtchn_op_t *op) 
 {
-       int ret = -EACCES;
+    int ret = -EACCES;
 
-       switch(op->cmd) {
-       case EVTCHNOP_alloc_unbound:
-               ret = acm_pre_eventchannel_unbound(op->u.alloc_unbound.dom);
-               break;
-       case EVTCHNOP_bind_interdomain:
-               ret = 
acm_pre_eventchannel_interdomain(op->u.bind_interdomain.dom1, 
op->u.bind_interdomain.dom2);
-               break;
-       default:
-               ret = 0; /* ok */
-       }
-       return ret;
+    switch(op->cmd) {
+    case EVTCHNOP_alloc_unbound:
+        ret = acm_pre_eventchannel_unbound(op->u.alloc_unbound.dom);
+        break;
+    case EVTCHNOP_bind_interdomain:
+        ret = acm_pre_eventchannel_interdomain(
+            op->u.bind_interdomain.dom1, op->u.bind_interdomain.dom2);
+        break;
+    default:
+        ret = 0; /* ok */
+    }
+    return ret;
+}
+
+static inline int acm_pre_grant_map_ref(domid_t id)
+{
+    if ( (acm_primary_ops->pre_grant_map_ref != NULL) &&
+         acm_primary_ops->pre_grant_map_ref(id) )
+    {
+        return ACM_ACCESS_DENIED;
+    }
+    else if ( (acm_secondary_ops->pre_grant_map_ref != NULL) &&
+              acm_secondary_ops->pre_grant_map_ref(id) )
+    {
+        /* roll-back primary */
+        if ( acm_primary_ops->fail_grant_map_ref != NULL )
+            acm_primary_ops->fail_grant_map_ref(id);
+        return ACM_ACCESS_DENIED;
+    }
+    else
+    {
+        return ACM_ACCESS_PERMITTED;
+    }
+}
+
+static inline int acm_pre_grant_setup(domid_t id)
+{
+    if ( (acm_primary_ops->pre_grant_setup != NULL) &&
+         acm_primary_ops->pre_grant_setup(id) )
+    {
+        return ACM_ACCESS_DENIED;
+    }
+    else if ( (acm_secondary_ops->pre_grant_setup != NULL) &&
+              acm_secondary_ops->pre_grant_setup(id) )
+    {
+        /* roll-back primary */
+        if (acm_primary_ops->fail_grant_setup != NULL)
+            acm_primary_ops->fail_grant_setup(id);
+        return ACM_ACCESS_DENIED;
+    }
+    else
+    {
+        return ACM_ACCESS_PERMITTED;
+    }
+}
+
+/* predefined ssidref for DOM0 used by xen when creating DOM0 */
+#define ACM_DOM0_SSIDREF        0
+
+static inline void acm_post_domain0_create(domid_t domid)
+{
+    /* initialialize shared sHype security labels for new domain */
+    acm_init_domain_ssid(domid, ACM_DOM0_SSIDREF);
+    acm_post_domain_create(domid, ACM_DOM0_SSIDREF);
 }
-#endif
-
-#if (ACM_USE_SECURITY_POLICY == ACM_NULL_POLICY)
-static inline int acm_pre_grant_map_ref(domid_t id) 
-{ return 0; }
-#else
-static inline int acm_pre_grant_map_ref (domid_t id)
-{
-       if ((acm_primary_ops->pre_grant_map_ref != NULL) &&
-           acm_primary_ops->pre_grant_map_ref (id))
-               return ACM_ACCESS_DENIED;
-       else if ((acm_secondary_ops->pre_grant_map_ref != NULL) &&
-                acm_secondary_ops->pre_grant_map_ref (id)) {
-               /* roll-back primary */
-               if (acm_primary_ops->fail_grant_map_ref != NULL)
-                       acm_primary_ops->fail_grant_map_ref (id);
-               return ACM_ACCESS_DENIED;
-       } else
-               return ACM_ACCESS_PERMITTED;
-}
-#endif
 
+extern int acm_init(void);
 
-#if (ACM_USE_SECURITY_POLICY == ACM_NULL_POLICY)
-static inline int acm_pre_grant_setup(domid_t id) 
-{ return 0; }
-#else
-static inline int acm_pre_grant_setup (domid_t id)
-{
-       if ((acm_primary_ops->pre_grant_setup != NULL) &&
-           acm_primary_ops->pre_grant_setup (id))
-               return ACM_ACCESS_DENIED;
-       else if ((acm_secondary_ops->pre_grant_setup != NULL) &&
-                acm_secondary_ops->pre_grant_setup (id)) {
-               /* roll-back primary */
-               if (acm_primary_ops->fail_grant_setup != NULL)
-                       acm_primary_ops->fail_grant_setup (id);
-               return ACM_ACCESS_DENIED;
-       } else
-               return ACM_ACCESS_PERMITTED;
-}
 #endif
-
 
 #endif
diff -Nru a/xen/include/public/acm_dom0_setup.h 
b/xen/include/public/acm_dom0_setup.h
--- a/xen/include/public/acm_dom0_setup.h       2005-06-22 11:03:11 -04:00
+++ /dev/null   Wed Dec 31 16:00:00 196900
@@ -1,34 +0,0 @@
-/****************************************************************
- * acm_dom0_setup.h
- * 
- * Copyright (C) 2005 IBM Corporation
- *
- * Author:
- * Reiner Sailer <sailer@xxxxxxxxxxxxxx>
- *
- * Includes necessary definitions to bring-up dom0
- */
-#include <acm/acm_hooks.h>
-
-extern int acm_init(void);
-
-#if (ACM_USE_SECURITY_POLICY == ACM_NULL_POLICY)
-
-static inline void acm_post_domain0_create(domid_t domid) 
-{ 
-       return; 
-}
-
-#else
-
-/* predefined ssidref for DOM0 used by xen when creating DOM0 */
-#define ACM_DOM0_SSIDREF       0
-
-static inline void acm_post_domain0_create(domid_t domid)
-{
-       /* initialialize shared sHype security labels for new domain */
-       acm_init_domain_ssid(domid, ACM_DOM0_SSIDREF);
-       acm_post_domain_create(domid, ACM_DOM0_SSIDREF);
-}
-
-#endif

_______________________________________________
Xen-changelog mailing list
Xen-changelog@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-changelog

<Prev in Thread] Current Thread [Next in Thread>
  • [Xen-changelog] Compile-time ACM null-ops disables build of acm files., BitKeeper Bot <=