bitkeeper revision 1.1726.1.1 (42b973245ua3LQyqFtGRwXDwnRLDPw)

Compile-time ACM null-ops disables build of acm files.
Signed-off-by: Keir Fraser <keir@xensource.com>

7 files changed, 253 insertions, 252 deletions

diff --git a/.rootkeys b/.rootkeys
index f88922acce..514a54af3d 100644
--- a/.rootkeys
+++ b/.rootkeys
@@ -1513,7 +1513,6 @@
 422f27c8RHFkePhD34VIEpMMqofZcA xen/include/asm-x86/x86_emulate.h
 400304fcmRQmDdFYEzDh0wcBba9alg xen/include/public/COPYING
 42b742f6duiOTlZvysQkRYZHYBXqvg xen/include/public/acm.h
-42b742f7TIMsQgUaNDJXp3QlBve2SQ xen/include/public/acm_dom0_setup.h
 421098b7OKb9YH_EUA_UpCxBjaqtgA xen/include/public/arch-ia64.h
 404f1bc68SXxmv0zQpXBWGrCzSyp8w xen/include/public/arch-x86_32.h
 404f1bc7IwU-qnH8mJeVu0YsNGMrcw xen/include/public/arch-x86_64.h
diff --git a/xen/Makefile b/xen/Makefile
index 15b55fb24d..16ba9c2046 100644
--- a/xen/Makefile
+++ b/xen/Makefile
@@ -59,7 +59,9 @@ $(TARGET): delete-unfresh-files
 	$(MAKE) include/asm-$(TARGET_ARCH)/asm-offsets.h
 	$(MAKE) -C common
 	$(MAKE) -C drivers
+ifdef ACM_USE_SECURITY_POLICY
 	$(MAKE) -C acm
+endif
 	$(MAKE) -C arch/$(TARGET_ARCH)
 
 # drivers/char/console.o may contain static banner/compile info. Blow it away.
diff --git a/xen/Rules.mk b/xen/Rules.mk
index c0b13ae368..76489cfa4b 100644
--- a/xen/Rules.mk
+++ b/xen/Rules.mk
@@ -35,7 +35,9 @@ OBJS    += $(patsubst %.c,%.o,$(C_SRCS))
 ALL_OBJS := $(BASEDIR)/common/common.o
 ALL_OBJS += $(BASEDIR)/drivers/char/driver.o
 ALL_OBJS += $(BASEDIR)/drivers/acpi/driver.o
+ifdef ACM_USE_SECURITY_POLICY
 ALL_OBJS += $(BASEDIR)/acm/acm.o
+endif
 ALL_OBJS += $(BASEDIR)/arch/$(TARGET_ARCH)/arch.o
 
 
diff --git a/xen/arch/x86/setup.c b/xen/arch/x86/setup.c
index ca7cf17aca..bb0da8c42f 100644
--- a/xen/arch/x86/setup.c
+++ b/xen/arch/x86/setup.c
@@ -20,7 +20,7 @@
 #include <asm/desc.h>
 #include <asm/shadow.h>
 #include <asm/e820.h>
-#include <public/acm_dom0_setup.h>
+#include <acm/acm_hooks.h>
 
 extern void dmi_scan_machine(void);
 extern void generic_apic_probe(void);
@@ -188,7 +188,7 @@ static void __init start_of_day(void)
 
     arch_init_memory();
 
-    scheduler_init();	
+    scheduler_init();
 
     identify_cpu(&boot_cpu_data);
     if ( cpu_has_fxsr )
@@ -383,8 +383,8 @@ void __init __start_xen(multiboot_info_t *mbi)
 
     init_xenheap_pages(xenheap_phys_start, xenheap_phys_end);
     printk("Xen heap: %luMB (%lukB)\n",
-	   (xenheap_phys_end-xenheap_phys_start) >> 20,
-	   (xenheap_phys_end-xenheap_phys_start) >> 10);
+           (xenheap_phys_end-xenheap_phys_start) >> 20,
+           (xenheap_phys_end-xenheap_phys_start) >> 10);
 
     early_boot = 0;
 
diff --git a/xen/common/policy_ops.c b/xen/common/policy_ops.c
index ff2b2f9ba4..11e28d25bc 100644
--- a/xen/common/policy_ops.c
+++ b/xen/common/policy_ops.c
@@ -1,5 +1,5 @@
 /******************************************************************************
- *policy_ops.c
+ * policy_ops.c
  * 
  * Copyright (C) 2005 IBM Corporation
  *
@@ -14,6 +14,7 @@
  * Process policy command requests from guest OS.
  *
  */
+
 #include <xen/config.h>
 #include <xen/types.h>
 #include <xen/lib.h>
@@ -27,29 +28,39 @@
 #include <public/sched_ctl.h>
 #include <acm/acm_hooks.h>
 
+#if (ACM_USE_SECURITY_POLICY == ACM_NULL_POLICY)
+
+long do_policy_op(policy_op_t *u_policy_op)
+{
+    return -ENOSYS;
+}
+
+#else
+
 /* function prototypes defined in acm/acm_policy.c */
 int acm_set_policy(void *buf, u16 buf_size, u16 policy);
 int acm_get_policy(void *buf, u16 buf_size);
 int acm_dump_statistics(void *buf, u16 buf_size);
 
 typedef enum policyoperation {
-	POLICY,     /* access to policy interface (early drop) */
-	GETPOLICY,  /* dump policy cache */
-	SETPOLICY,  /* set policy cache (controls security) */
-	DUMPSTATS   /* dump policy statistics */
+    POLICY,     /* access to policy interface (early drop) */
+    GETPOLICY,  /* dump policy cache */
+    SETPOLICY,  /* set policy cache (controls security) */
+    DUMPSTATS   /* dump policy statistics */
 } policyoperation_t;
 
 int
 acm_authorize_policyops(struct domain *d, policyoperation_t pops)
 {
-	/* currently, all policy management functions are restricted to privileged domains,
-	 * soon we will introduce finer-grained privileges for policy operations 
-	 */
-	if (!IS_PRIV(d)) {
-		printk("%s: Policy management authorization denied ERROR!\n", __func__);
-		return ACM_ACCESS_DENIED;
-	}
-	return ACM_ACCESS_PERMITTED;
+    /* all policy management functions are restricted to privileged domains,
+     * soon we will introduce finer-grained privileges for policy operations 
+     */
+    if (!IS_PRIV(d)) {
+        printk("%s: Policy management authorization denied ERROR!\n",
+               __func__);
+        return ACM_ACCESS_DENIED;
+    }
+    return ACM_ACCESS_PERMITTED;
 }
 
 long do_policy_op(policy_op_t *u_policy_op)
@@ -60,7 +71,7 @@ long do_policy_op(policy_op_t *u_policy_op)
     /* check here policy decision for policy commands */
     /* for now allow DOM0 only, later indepedently    */
     if (acm_authorize_policyops(current->domain, POLICY))
-	    return -EACCES;
+        return -EACCES;
 
     if ( copy_from_user(op, u_policy_op, sizeof(*op)) )
         return -EFAULT;
@@ -73,9 +84,12 @@ long do_policy_op(policy_op_t *u_policy_op)
     case POLICY_SETPOLICY:
     {
         if (acm_authorize_policyops(current->domain, SETPOLICY))
-		return -EACCES;
-	printkd("%s: setting policy.\n", __func__);
-	ret = acm_set_policy(op->u.setpolicy.pushcache, op->u.setpolicy.pushcache_size, op->u.setpolicy.policy_type);
+            return -EACCES;
+        printkd("%s: setting policy.\n", __func__);
+        ret = acm_set_policy(
+            op->u.setpolicy.pushcache, 
+            op->u.setpolicy.pushcache_size, 
+            op->u.setpolicy.policy_type);
         if (ret == ACM_OK)
             ret = 0;
         else
@@ -86,9 +100,11 @@ long do_policy_op(policy_op_t *u_policy_op)
     case POLICY_GETPOLICY:
     {
         if (acm_authorize_policyops(current->domain, GETPOLICY))
-		return -EACCES;
+            return -EACCES;
         printkd("%s: getting policy.\n", __func__);
-	ret = acm_get_policy(op->u.getpolicy.pullcache, op->u.getpolicy.pullcache_size);
+        ret = acm_get_policy(
+            op->u.getpolicy.pullcache, 
+            op->u.getpolicy.pullcache_size);
         if (ret == ACM_OK)
             ret = 0;
         else
@@ -99,9 +115,11 @@ long do_policy_op(policy_op_t *u_policy_op)
     case POLICY_DUMPSTATS:
     {
         if (acm_authorize_policyops(current->domain, DUMPSTATS))
-		return -EACCES;
-	printkd("%s: dumping statistics.\n", __func__);
-	ret = acm_dump_statistics(op->u.dumpstats.pullcache, op->u.dumpstats.pullcache_size);
+            return -EACCES;
+        printkd("%s: dumping statistics.\n", __func__);
+        ret = acm_dump_statistics(
+            op->u.dumpstats.pullcache, 
+            op->u.dumpstats.pullcache_size);
         if (ret == ACM_OK)
             ret = 0;
         else
@@ -115,3 +133,5 @@ long do_policy_op(policy_op_t *u_policy_op)
     }
     return ret;
 }
+
+#endif
diff --git a/xen/include/acm/acm_hooks.h b/xen/include/acm/acm_hooks.h
index 534d919ff4..7c5e3faa9d 100644
--- a/xen/include/acm/acm_hooks.h
+++ b/xen/include/acm/acm_hooks.h
@@ -30,21 +30,42 @@
 #include <public/event_channel.h>
 #include <asm/current.h>
 
+#if (ACM_USE_SECURITY_POLICY == ACM_NULL_POLICY)
+
+static inline int acm_pre_dom0_op(dom0_op_t *op, void **ssid) 
+{ return 0; }
+static inline void acm_post_dom0_op(dom0_op_t *op, void *ssid) 
+{ return; }
+static inline void acm_fail_dom0_op(dom0_op_t *op, void *ssid) 
+{ return; }
+static inline int acm_pre_event_channel(evtchn_op_t *op) 
+{ return 0; }
+static inline int acm_pre_grant_map_ref(domid_t id) 
+{ return 0; }
+static inline int acm_pre_grant_setup(domid_t id) 
+{ return 0; }
+static inline int acm_init(void)
+{ return 0; }
+static inline void acm_post_domain0_create(domid_t domid) 
+{ return; }
+
+#else
+
 /* if ACM_TRACE_MODE defined, all hooks should
  * print a short trace message */
 /* #define ACM_TRACE_MODE */
 
 #ifdef ACM_TRACE_MODE
-#  define traceprintk(fmt, args...) printk(fmt,## args)
+# define traceprintk(fmt, args...) printk(fmt,## args)
 #else
-#  define traceprintk(fmt, args...)
+# define traceprintk(fmt, args...)
 #endif
 
 /* global variables */
 extern struct acm_operations *acm_primary_ops;
 extern struct acm_operations *acm_secondary_ops;
 
-/**********************************************************************************************
+/*********************************************************************
  * HOOK structure and meaning (justifies a few words about our model):
  * 
  * General idea: every policy-controlled system operation is reflected in a 
@@ -60,7 +81,8 @@ extern struct acm_operations *acm_secondary_ops;
  *      ======================
  *      PRE-Hooks
  *		a) general authorization to guard a controlled system operation
- *		b) prepare security state change (means: fail hook must be able to "undo" this)
+ *		b) prepare security state change
+ *                 (means: fail hook must be able to "undo" this)
  *
  *	POST-Hooks
  *		a) commit prepared state change
@@ -100,238 +122,228 @@ extern struct acm_operations *acm_secondary_ops;
  *                                             \
  *                                            sys-ops error
  *
- *************************************************************************************************/
+ ********************************************************************/
 
 struct acm_operations {
-	/* policy management functions (must always be defined!) */
-	int  (*init_domain_ssid)	       	(void **ssid, ssidref_t ssidref);
-	void (*free_domain_ssid)	       	(void *ssid);
-	int  (*dump_binary_policy)		(u8 *buffer, u16 buf_size);
-	int  (*set_binary_policy)		(u8 *buffer, u16 buf_size);	
-	int  (*dump_statistics)			(u8 *buffer, u16 buf_size);
-	/* domain management control hooks (can be NULL) */
-	int  (*pre_domain_create)              	(void *subject_ssid, ssidref_t ssidref);
-	void (*post_domain_create) 		(domid_t domid, ssidref_t ssidref);
-	void (*fail_domain_create)             	(void *subject_ssid, ssidref_t ssidref);
-	void (*post_domain_destroy)		(void *object_ssid, domid_t id);
-	/* event channel control hooks  (can be NULL) */
-	int  (*pre_eventchannel_unbound)       	(domid_t id);
-	void (*fail_eventchannel_unbound)      	(domid_t id);
-	int  (*pre_eventchannel_interdomain)	(domid_t id1, domid_t id2);
-	int  (*fail_eventchannel_interdomain)	(domid_t id1, domid_t id2);
-	/* grant table control hooks (can be NULL)  */
-	int  (*pre_grant_map_ref)       	(domid_t id);
-	void (*fail_grant_map_ref)		(domid_t id);
-	int  (*pre_grant_setup)       		(domid_t id);
-	void (*fail_grant_setup)		(domid_t id);
+    /* policy management functions (must always be defined!) */
+    int  (*init_domain_ssid)           (void **ssid, ssidref_t ssidref);
+    void (*free_domain_ssid)           (void *ssid);
+    int  (*dump_binary_policy)         (u8 *buffer, u16 buf_size);
+    int  (*set_binary_policy)          (u8 *buffer, u16 buf_size);
+    int  (*dump_statistics)            (u8 *buffer, u16 buf_size);
+    /* domain management control hooks (can be NULL) */
+    int  (*pre_domain_create)          (void *subject_ssid, ssidref_t ssidref);
+    void (*post_domain_create)         (domid_t domid, ssidref_t ssidref);
+    void (*fail_domain_create)         (void *subject_ssid, ssidref_t ssidref);
+    void (*post_domain_destroy)        (void *object_ssid, domid_t id);
+    /* event channel control hooks  (can be NULL) */
+    int  (*pre_eventchannel_unbound)      (domid_t id);
+    void (*fail_eventchannel_unbound)     (domid_t id);
+    int  (*pre_eventchannel_interdomain)  (domid_t id1, domid_t id2);
+    int  (*fail_eventchannel_interdomain) (domid_t id1, domid_t id2);
+    /* grant table control hooks (can be NULL)  */
+    int  (*pre_grant_map_ref)          (domid_t id);
+    void (*fail_grant_map_ref)         (domid_t id);
+    int  (*pre_grant_setup)            (domid_t id);
+    void (*fail_grant_setup)           (domid_t id);
 };
 
-static inline int acm_pre_domain_create (void *subject_ssid, ssidref_t ssidref)
+static inline int acm_pre_domain_create(void *subject_ssid, ssidref_t ssidref)
 {
-	if ((acm_primary_ops->pre_domain_create != NULL) && 
-		 acm_primary_ops->pre_domain_create (subject_ssid, ssidref))
-		return ACM_ACCESS_DENIED;
-	else if ((acm_secondary_ops->pre_domain_create != NULL) && 
-		 acm_secondary_ops->pre_domain_create (subject_ssid, ssidref)) {
-		/* roll-back primary */
-		if (acm_primary_ops->fail_domain_create != NULL)
-			acm_primary_ops->fail_domain_create (subject_ssid, ssidref);
-		return ACM_ACCESS_DENIED;
-	} else
-		return ACM_ACCESS_PERMITTED;
+    if ((acm_primary_ops->pre_domain_create != NULL) && 
+        acm_primary_ops->pre_domain_create(subject_ssid, ssidref))
+        return ACM_ACCESS_DENIED;
+    else if ((acm_secondary_ops->pre_domain_create != NULL) && 
+             acm_secondary_ops->pre_domain_create(subject_ssid, ssidref)) {
+        /* roll-back primary */
+        if (acm_primary_ops->fail_domain_create != NULL)
+            acm_primary_ops->fail_domain_create(subject_ssid, ssidref);
+        return ACM_ACCESS_DENIED;
+    } else
+        return ACM_ACCESS_PERMITTED;
 }
 
-static inline void acm_post_domain_create (domid_t domid, ssidref_t ssidref)
+static inline void acm_post_domain_create(domid_t domid, ssidref_t ssidref)
 {
-	if (acm_primary_ops->post_domain_create != NULL)
-		acm_primary_ops->post_domain_create (domid, ssidref);
-	if (acm_secondary_ops->post_domain_create != NULL)
-		acm_secondary_ops->post_domain_create (domid, ssidref);
+    if (acm_primary_ops->post_domain_create != NULL)
+        acm_primary_ops->post_domain_create(domid, ssidref);
+    if (acm_secondary_ops->post_domain_create != NULL)
+        acm_secondary_ops->post_domain_create(domid, ssidref);
 }
 
-static inline void acm_fail_domain_create (void *subject_ssid, ssidref_t ssidref)
+static inline void acm_fail_domain_create(
+    void *subject_ssid, ssidref_t ssidref)
 {
-	if (acm_primary_ops->fail_domain_create != NULL)
-		acm_primary_ops->fail_domain_create (subject_ssid, ssidref);
-	if (acm_secondary_ops->fail_domain_create != NULL)
-		acm_secondary_ops->fail_domain_create (subject_ssid, ssidref);
+    if (acm_primary_ops->fail_domain_create != NULL)
+        acm_primary_ops->fail_domain_create(subject_ssid, ssidref);
+    if (acm_secondary_ops->fail_domain_create != NULL)
+        acm_secondary_ops->fail_domain_create(subject_ssid, ssidref);
 }
 
-static inline void acm_post_domain_destroy (void *object_ssid, domid_t id)
+static inline void acm_post_domain_destroy(void *object_ssid, domid_t id)
 {
-	if (acm_primary_ops->post_domain_destroy != NULL)
-		acm_primary_ops->post_domain_destroy (object_ssid, id);
-	if (acm_secondary_ops->post_domain_destroy != NULL)
-		acm_secondary_ops->post_domain_destroy (object_ssid, id);
-	return;
+    if (acm_primary_ops->post_domain_destroy != NULL)
+        acm_primary_ops->post_domain_destroy(object_ssid, id);
+    if (acm_secondary_ops->post_domain_destroy != NULL)
+        acm_secondary_ops->post_domain_destroy(object_ssid, id);
+    return;
 }
 
-/*   event channel ops */
-
-static inline int acm_pre_eventchannel_unbound (domid_t id)
+static inline int acm_pre_eventchannel_unbound(domid_t id)
 {
-	if ((acm_primary_ops->pre_eventchannel_unbound != NULL) && 
-	    acm_primary_ops->pre_eventchannel_unbound (id))
-		return ACM_ACCESS_DENIED;
-	else if ((acm_secondary_ops->pre_eventchannel_unbound != NULL) && 
-		 acm_secondary_ops->pre_eventchannel_unbound (id)) {
-		/* roll-back primary */
-		if (acm_primary_ops->fail_eventchannel_unbound != NULL)
-			acm_primary_ops->fail_eventchannel_unbound (id);
-		return ACM_ACCESS_DENIED;
-	} else
-		return ACM_ACCESS_PERMITTED;
+    if ((acm_primary_ops->pre_eventchannel_unbound != NULL) && 
+        acm_primary_ops->pre_eventchannel_unbound(id))
+        return ACM_ACCESS_DENIED;
+    else if ((acm_secondary_ops->pre_eventchannel_unbound != NULL) && 
+             acm_secondary_ops->pre_eventchannel_unbound(id)) {
+        /* roll-back primary */
+        if (acm_primary_ops->fail_eventchannel_unbound != NULL)
+            acm_primary_ops->fail_eventchannel_unbound(id);
+        return ACM_ACCESS_DENIED;
+    } else
+        return ACM_ACCESS_PERMITTED;
 }
 
-static inline int acm_pre_eventchannel_interdomain (domid_t id1, domid_t id2)
-{	
-	if ((acm_primary_ops->pre_eventchannel_interdomain != NULL) &&
-	    acm_primary_ops->pre_eventchannel_interdomain (id1, id2))
-		return ACM_ACCESS_DENIED;
-	else if ((acm_secondary_ops->pre_eventchannel_interdomain != NULL) &&
-		 acm_secondary_ops->pre_eventchannel_interdomain (id1, id2)) {
-		/* roll-back primary */
-		if (acm_primary_ops->fail_eventchannel_interdomain != NULL)
-			acm_primary_ops->fail_eventchannel_interdomain (id1, id2);
-		return ACM_ACCESS_DENIED;
-	} else
-		return ACM_ACCESS_PERMITTED;
+static inline int acm_pre_eventchannel_interdomain(domid_t id1, domid_t id2)
+{
+    if ((acm_primary_ops->pre_eventchannel_interdomain != NULL) &&
+        acm_primary_ops->pre_eventchannel_interdomain(id1, id2))
+        return ACM_ACCESS_DENIED;
+    else if ((acm_secondary_ops->pre_eventchannel_interdomain != NULL) &&
+             acm_secondary_ops->pre_eventchannel_interdomain(id1, id2)) {
+        /* roll-back primary */
+        if (acm_primary_ops->fail_eventchannel_interdomain != NULL)
+            acm_primary_ops->fail_eventchannel_interdomain(id1, id2);
+        return ACM_ACCESS_DENIED;
+    } else
+        return ACM_ACCESS_PERMITTED;
 }
 
-/************ Xen inline hooks ***************/
-
-/* small macro to make the hooks more readable 
- * (eliminates hooks if NULL policy is active)
- */
-#if (ACM_USE_SECURITY_POLICY == ACM_NULL_POLICY)
-static inline int acm_pre_dom0_op(dom0_op_t *op, void **ssid) 
-{ return 0; }
-#else
 static inline int acm_pre_dom0_op(dom0_op_t *op, void **ssid) 
 {
-	int ret = -EACCES;
-	struct domain *d;
+    int ret = -EACCES;
+    struct domain *d;
 
-	switch(op->cmd) {
-	case DOM0_CREATEDOMAIN:
-		ret = acm_pre_domain_create(current->domain->ssid, op->u.createdomain.ssidref);
-		break;
-	case DOM0_DESTROYDOMAIN:
-		d = find_domain_by_id(op->u.destroydomain.domain);
-		if (d != NULL) {
-			*ssid = d->ssid; /* save for post destroy when d is gone */
-			/* no policy-specific hook */
-			put_domain(d);
-			ret = 0;
-		}
-		break;
-	default:
-		ret = 0; /* ok */
-	}
-	return ret;
+    switch(op->cmd) {
+    case DOM0_CREATEDOMAIN:
+        ret = acm_pre_domain_create(
+            current->domain->ssid, op->u.createdomain.ssidref);
+        break;
+    case DOM0_DESTROYDOMAIN:
+        d = find_domain_by_id(op->u.destroydomain.domain);
+        if (d != NULL) {
+            *ssid = d->ssid; /* save for post destroy when d is gone */
+            /* no policy-specific hook */
+            put_domain(d);
+            ret = 0;
+        }
+        break;
+    default:
+        ret = 0; /* ok */
+    }
+    return ret;
 }
-#endif
-
 
-#if (ACM_USE_SECURITY_POLICY == ACM_NULL_POLICY)
-static inline void acm_post_dom0_op(dom0_op_t *op, void *ssid) 
-{ return; }
-#else
 static inline void acm_post_dom0_op(dom0_op_t *op, void *ssid) 
 {
-	switch(op->cmd) {
-	case DOM0_CREATEDOMAIN:
-		/* initialialize shared sHype security labels for new domain */
-		acm_init_domain_ssid(op->u.createdomain.domain, op->u.createdomain.ssidref);
-		acm_post_domain_create(op->u.createdomain.domain, op->u.createdomain.ssidref);
-		break;
-	case DOM0_DESTROYDOMAIN:
-		acm_post_domain_destroy(ssid, op->u.destroydomain.domain);
-		/* free security ssid for the destroyed domain (also if running null policy */
-		acm_free_domain_ssid((struct acm_ssid_domain *)ssid);
-		break;
-	}
+    switch(op->cmd) {
+    case DOM0_CREATEDOMAIN:
+        /* initialialize shared sHype security labels for new domain */
+        acm_init_domain_ssid(
+            op->u.createdomain.domain, op->u.createdomain.ssidref);
+        acm_post_domain_create(
+            op->u.createdomain.domain, op->u.createdomain.ssidref);
+        break;
+    case DOM0_DESTROYDOMAIN:
+        acm_post_domain_destroy(ssid, op->u.destroydomain.domain);
+        /* free security ssid for the destroyed domain (also if null policy */
+        acm_free_domain_ssid((struct acm_ssid_domain *)ssid);
+        break;
+    }
 }
-#endif
 
-
-#if (ACM_USE_SECURITY_POLICy == ACM_NULL_POLICY)
-static inline void acm_fail_dom0_op(dom0_op_t *op, void *ssid) 
-{ return; }
-#else
 static inline void acm_fail_dom0_op(dom0_op_t *op, void *ssid) 
 {
-	switch(op->cmd) {
-	case DOM0_CREATEDOMAIN:
-		acm_fail_domain_create(current->domain->ssid, op->u.createdomain.ssidref);
-		break;
-	}
+    switch(op->cmd) {
+    case DOM0_CREATEDOMAIN:
+        acm_fail_domain_create(
+            current->domain->ssid, op->u.createdomain.ssidref);
+        break;
+    }
 }
-#endif
-
 
-#if (ACM_USE_SECURITY_POLICY == ACM_NULL_POLICY)
-static inline int acm_pre_event_channel(evtchn_op_t *op) 
-{ return 0; }
-#else
 static inline int acm_pre_event_channel(evtchn_op_t *op) 
 {
-	int ret = -EACCES;
+    int ret = -EACCES;
 
-	switch(op->cmd) {
-	case EVTCHNOP_alloc_unbound:
-		ret = acm_pre_eventchannel_unbound(op->u.alloc_unbound.dom);
-		break;
-	case EVTCHNOP_bind_interdomain:
-		ret = acm_pre_eventchannel_interdomain(op->u.bind_interdomain.dom1, op->u.bind_interdomain.dom2);
-		break;
-	default:
-		ret = 0; /* ok */
-	}
-	return ret;
+    switch(op->cmd) {
+    case EVTCHNOP_alloc_unbound:
+        ret = acm_pre_eventchannel_unbound(op->u.alloc_unbound.dom);
+        break;
+    case EVTCHNOP_bind_interdomain:
+        ret = acm_pre_eventchannel_interdomain(
+            op->u.bind_interdomain.dom1, op->u.bind_interdomain.dom2);
+        break;
+    default:
+        ret = 0; /* ok */
+    }
+    return ret;
 }
-#endif
 
-#if (ACM_USE_SECURITY_POLICY == ACM_NULL_POLICY)
-static inline int acm_pre_grant_map_ref(domid_t id) 
-{ return 0; }
-#else
-static inline int acm_pre_grant_map_ref (domid_t id)
+static inline int acm_pre_grant_map_ref(domid_t id)
 {
-	if ((acm_primary_ops->pre_grant_map_ref != NULL) &&
-	    acm_primary_ops->pre_grant_map_ref (id))
-		return ACM_ACCESS_DENIED;
-	else if ((acm_secondary_ops->pre_grant_map_ref != NULL) &&
-		 acm_secondary_ops->pre_grant_map_ref (id)) {
-		/* roll-back primary */
-		if (acm_primary_ops->fail_grant_map_ref != NULL)
-			acm_primary_ops->fail_grant_map_ref (id);
-		return ACM_ACCESS_DENIED;
-	} else
-		return ACM_ACCESS_PERMITTED;
+    if ( (acm_primary_ops->pre_grant_map_ref != NULL) &&
+         acm_primary_ops->pre_grant_map_ref(id) )
+    {
+        return ACM_ACCESS_DENIED;
+    }
+    else if ( (acm_secondary_ops->pre_grant_map_ref != NULL) &&
+              acm_secondary_ops->pre_grant_map_ref(id) )
+    {
+        /* roll-back primary */
+        if ( acm_primary_ops->fail_grant_map_ref != NULL )
+            acm_primary_ops->fail_grant_map_ref(id);
+        return ACM_ACCESS_DENIED;
+    }
+    else
+    {
+        return ACM_ACCESS_PERMITTED;
+    }
 }
-#endif
 
+static inline int acm_pre_grant_setup(domid_t id)
+{
+    if ( (acm_primary_ops->pre_grant_setup != NULL) &&
+         acm_primary_ops->pre_grant_setup(id) )
+    {
+        return ACM_ACCESS_DENIED;
+    }
+    else if ( (acm_secondary_ops->pre_grant_setup != NULL) &&
+              acm_secondary_ops->pre_grant_setup(id) )
+    {
+        /* roll-back primary */
+        if (acm_primary_ops->fail_grant_setup != NULL)
+            acm_primary_ops->fail_grant_setup(id);
+        return ACM_ACCESS_DENIED;
+    }
+    else
+    {
+        return ACM_ACCESS_PERMITTED;
+    }
+}
 
-#if (ACM_USE_SECURITY_POLICY == ACM_NULL_POLICY)
-static inline int acm_pre_grant_setup(domid_t id) 
-{ return 0; }
-#else
-static inline int acm_pre_grant_setup (domid_t id)
+/* predefined ssidref for DOM0 used by xen when creating DOM0 */
+#define ACM_DOM0_SSIDREF        0
+
+static inline void acm_post_domain0_create(domid_t domid)
 {
-	if ((acm_primary_ops->pre_grant_setup != NULL) &&
-	    acm_primary_ops->pre_grant_setup (id))
-		return ACM_ACCESS_DENIED;
-	else if ((acm_secondary_ops->pre_grant_setup != NULL) &&
-		 acm_secondary_ops->pre_grant_setup (id)) {
-		/* roll-back primary */
-		if (acm_primary_ops->fail_grant_setup != NULL)
-			acm_primary_ops->fail_grant_setup (id);
-		return ACM_ACCESS_DENIED;
-	} else
-		return ACM_ACCESS_PERMITTED;
+    /* initialialize shared sHype security labels for new domain */
+    acm_init_domain_ssid(domid, ACM_DOM0_SSIDREF);
+    acm_post_domain_create(domid, ACM_DOM0_SSIDREF);
 }
-#endif
 
+extern int acm_init(void);
+
+#endif
 
 #endif
diff --git a/xen/include/public/acm_dom0_setup.h b/xen/include/public/acm_dom0_setup.h
deleted file mode 100644
index 6604156ccf..0000000000
--- a/xen/include/public/acm_dom0_setup.h
+++ /dev/null
@@ -1,34 +0,0 @@
-/****************************************************************
- * acm_dom0_setup.h
- * 
- * Copyright (C) 2005 IBM Corporation
- *
- * Author:
- * Reiner Sailer <sailer@watson.ibm.com>
- *
- * Includes necessary definitions to bring-up dom0
- */
-#include <acm/acm_hooks.h>
-
-extern int acm_init(void);
-
-#if (ACM_USE_SECURITY_POLICY == ACM_NULL_POLICY)
-
-static inline void acm_post_domain0_create(domid_t domid) 
-{ 
-	return; 
-}
-
-#else
-
-/* predefined ssidref for DOM0 used by xen when creating DOM0 */
-#define ACM_DOM0_SSIDREF	0
-
-static inline void acm_post_domain0_create(domid_t domid)
-{
-	/* initialialize shared sHype security labels for new domain */
-	acm_init_domain_ssid(domid, ACM_DOM0_SSIDREF);
-	acm_post_domain_create(domid, ACM_DOM0_SSIDREF);
-}
-
-#endif