WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-changelog

[Xen-changelog] Allow setting of ACM security policy at build time.

To: xen-changelog@xxxxxxxxxxxxxxxxxxx
Subject: [Xen-changelog] Allow setting of ACM security policy at build time.
From: BitKeeper Bot <riel@xxxxxxxxxxx>
Date: Sat, 25 Jun 2005 09:50:35 +0000
Cc: james@xxxxxxxxxxxxx
Delivery-date: Sat, 25 Jun 2005 10:01:55 +0000
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
List-help: <mailto:xen-changelog-request@lists.xensource.com?subject=help>
List-id: BK change log <xen-changelog.lists.xensource.com>
List-post: <mailto:xen-changelog@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-changelog>, <mailto:xen-changelog-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-changelog>, <mailto:xen-changelog-request@lists.xensource.com?subject=unsubscribe>
Reply-to: Xen Development List <xen-devel@xxxxxxxxxxxxxxxxxxx>
Sender: xen-changelog-bounces@xxxxxxxxxxxxxxxxxxx
ChangeSet 1.1756, 2005/06/25 10:50:35+01:00, kaf24@xxxxxxxxxxxxxxxxxxxx

        Allow setting of ACM security policy at build time.
        Signed-off-by: Nguyen Anh Quynh <aquynh@xxxxxxxxx>



 Makefile             |   20 ++++++++++++++++++--
 Rules.mk             |   15 +++++++++++++--
 include/public/acm.h |    8 ++------
 3 files changed, 33 insertions(+), 10 deletions(-)


diff -Nru a/xen/Makefile b/xen/Makefile
--- a/xen/Makefile      2005-06-25 06:03:06 -04:00
+++ b/xen/Makefile      2005-06-25 06:03:06 -04:00
@@ -51,23 +51,39 @@
        rm -f include/asm *.o $(TARGET)* *~ core
        rm -f include/asm-*/asm-offsets.h
        rm -f tools/figlet/*.o tools/figlet/figlet
+       rm -f include/xen/acm_policy.h
 
 $(TARGET): delete-unfresh-files
        $(MAKE) include/xen/compile.h
+       $(MAKE) include/xen/acm_policy.h
        [ -e include/asm ] || ln -sf asm-$(TARGET_ARCH) include/asm
        $(MAKE) -C arch/$(TARGET_ARCH) asm-offsets.s
        $(MAKE) include/asm-$(TARGET_ARCH)/asm-offsets.h
        $(MAKE) -C common
        $(MAKE) -C drivers
-ifdef ACM_USE_SECURITY_POLICY
+ifneq ($(ACM_USE_SECURITY_POLICY),ACM_NULL_POLICY)
        $(MAKE) -C acm
 endif
        $(MAKE) -C arch/$(TARGET_ARCH)
 
-# drivers/char/console.o may contain static banner/compile info. Blow it away.
+# drivers/char/console.o contains static banner/compile info. Blow it away.
 delete-unfresh-files:
        rm -f include/xen/banner.h include/xen/compile.h drivers/char/console.o
        $(MAKE) -C arch/$(TARGET_ARCH) delete-unfresh-files
+
+# acm_policy.h contains security policy for Xen
+include/xen/acm_policy.h:
+       @(set -e; \
+         echo "/*"; \
+         echo " * DO NOT MODIFY."; \
+         echo " *"; \
+         echo " * This file was auto-generated by xen/Makefile $<"; \
+         echo " *"; \
+         echo " */"; \
+         echo ""; \
+         echo "#ifndef ACM_USE_SECURITY_POLICY"; \
+         echo "#define ACM_USE_SECURITY_POLICY $(ACM_USE_SECURITY_POLICY)"; \
+         echo "#endif") >$@
 
 # compile.h contains dynamic build info. Rebuilt on every 'make' invocation.
 include/xen/compile.h: LANG=C
diff -Nru a/xen/Rules.mk b/xen/Rules.mk
--- a/xen/Rules.mk      2005-06-25 06:03:06 -04:00
+++ b/xen/Rules.mk      2005-06-25 06:03:06 -04:00
@@ -1,4 +1,7 @@
-
+#
+# If you change any of these configuration options then you must
+# 'make clean' before rebuilding.
+#
 verbose     ?= n
 debug       ?= n
 perfc       ?= n
@@ -8,6 +11,14 @@
 domu_debug  ?= n
 crash_debug ?= n
 
+# ACM_USE_SECURITY_POLICY is set to security policy of Xen
+# Supported models are:
+#      ACM_NULL_POLICY (ACM will not be built with this policy)
+#      ACM_CHINESE_WALL_POLICY
+#      ACM_SIMPLE_TYPE_ENFORCEMENT_POLICY
+#      ACM_CHINESE_WALL_AND_SIMPLE_TYPE_ENFORCEMENT_POLICY
+ACM_USE_SECURITY_POLICY ?= ACM_NULL_POLICY
+
 include $(BASEDIR)/../Config.mk
 
 # Set ARCH/SUBARCH appropriately.
@@ -35,7 +46,7 @@
 ALL_OBJS := $(BASEDIR)/common/common.o
 ALL_OBJS += $(BASEDIR)/drivers/char/driver.o
 ALL_OBJS += $(BASEDIR)/drivers/acpi/driver.o
-ifdef ACM_USE_SECURITY_POLICY
+ifneq ($(ACM_USE_SECURITY_POLICY),ACM_NULL_POLICY)
 ALL_OBJS += $(BASEDIR)/acm/acm.o
 endif
 ALL_OBJS += $(BASEDIR)/arch/$(TARGET_ARCH)/arch.o
diff -Nru a/xen/include/public/acm.h b/xen/include/public/acm.h
--- a/xen/include/public/acm.h  2005-06-25 06:03:06 -04:00
+++ b/xen/include/public/acm.h  2005-06-25 06:03:06 -04:00
@@ -22,8 +22,8 @@
  * todo: move from static policy choice to compile option.
  */
 
-#ifndef _XEN_PUBLIC_SHYPE_H
-#define _XEN_PUBLIC_SHYPE_H
+#ifndef _XEN_PUBLIC_ACM_H
+#define _XEN_PUBLIC_ACM_H
 
 #include "xen.h"
 #include "sched_ctl.h"
@@ -70,10 +70,6 @@
        (X == ACM_SIMPLE_TYPE_ENFORCEMENT_POLICY) ? "SIMPLE TYPE ENFORCEMENT 
policy" : \
        (X == ACM_CHINESE_WALL_AND_SIMPLE_TYPE_ENFORCEMENT_POLICY) ? "CHINESE 
WALL AND SIMPLE TYPE ENFORCEMENT policy" : \
        "UNDEFINED policy"
-
-#ifndef ACM_USE_SECURITY_POLICY
-#define ACM_USE_SECURITY_POLICY ACM_NULL_POLICY
-#endif
 
 /* defines a ssid reference used by xen */
 typedef u32 ssidref_t;

_______________________________________________
Xen-changelog mailing list
Xen-changelog@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-changelog

<Prev in Thread] Current Thread [Next in Thread>
  • [Xen-changelog] Allow setting of ACM security policy at build time., BitKeeper Bot <=