Xen project Mailing List

Re: [Xen-devel] [PATCH v2 1/2] xen/xsm: Reduce compiler command line clutter

To: "Daniel De Graaf" <dgdegra@xxxxxxxxxxxxx>

From: "Jan Beulich" <JBeulich@xxxxxxxx>

Date: Thu, 20 Mar 2014 15:54:00 +0000

Cc: Keir Fraser <keir@xxxxxxx>, xen-devel@xxxxxxxxxxxxx

Delivery-date: Thu, 20 Mar 2014 15:54:18 +0000

List-id: Xen developer discussion <xen-devel.lists.xen.org>

>>> On 20.03.14 at 16:29, Daniel De Graaf <dgdegra@xxxxxxxxxxxxx> wrote: > Move the preprocessor definitions for all FLASK parameters other than > the enable flag off the compiler command line and into config.h, which > is the preferred location for such definitions. > > Signed-off-by: Daniel De Graaf <dgdegra@xxxxxxxxxxxxx> Reviewed-by: Jan Beulich <jbeulich@xxxxxxxx> > Cc: Keir Fraser <keir@xxxxxxx> > > --- > Changes from v1: Leave FLASK_ENABLE on the command line to retain the > ability to turn off FLASK while leaving XSM enabled. > > xen/Rules.mk | 3 +-- > xen/include/xen/config.h | 10 ++++++++++ > 2 files changed, 11 insertions(+), 2 deletions(-) > > diff --git a/xen/Rules.mk b/xen/Rules.mk > index 3a6cec5..42c713f 100644 > --- a/xen/Rules.mk > +++ b/xen/Rules.mk > @@ -47,8 +47,7 @@ CFLAGS += -pipe -g -D__XEN__ -include > $(BASEDIR)/include/xen/config.h > CFLAGS += -nostdinc > > CFLAGS-$(XSM_ENABLE) += -DXSM_ENABLE > -CFLAGS-$(FLASK_ENABLE) += -DFLASK_ENABLE -DXSM_MAGIC=0xf97cff8c > -CFLAGS-$(FLASK_ENABLE) += -DFLASK_DEVELOP -DFLASK_BOOTPARAM > -DFLASK_AVC_STATS > +CFLAGS-$(FLASK_ENABLE) += -DFLASK_ENABLE > CFLAGS-$(verbose) += -DVERBOSE > CFLAGS-$(crash_debug) += -DCRASH_DEBUG > CFLAGS-$(perfc) += -DPERF_COUNTERS > diff --git a/xen/include/xen/config.h b/xen/include/xen/config.h > index 8bae6e6..7bef8a6 100644 > --- a/xen/include/xen/config.h > +++ b/xen/include/xen/config.h > @@ -98,4 +98,14 @@ > #define __cpuinitdata > #define __cpuinit > > +#ifdef FLASK_ENABLE > +#define XSM_MAGIC 0xf97cff8c > +/* Enable permissive mode (xl setenforce or flask_enforcing parameter) */ > +#define FLASK_DEVELOP 1 > +/* Allow runtime disabling of FLASK via the flask_enable parameter */ > +#define FLASK_BOOTPARAM 1 > +/* Maintain statistics on the access vector cache */ > +#define FLASK_AVC_STATS 1 > +#endif > + > #endif /* __XEN_CONFIG_H__ */ > -- > 1.8.5.3 _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx http://lists.xen.org/xen-devel

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.