merge with xen-unstable.hg

159 files changed, 7010 insertions, 5705 deletions

diff --git a/README b/README
index b295c300ed..af87d59493 100644
--- a/README
+++ b/README
@@ -1,176 +1,176 @@
-################################

- __  __            _____  ___  

- \ \/ /___ _ __   |___ / / _ \ 

-  \  // _ \ '_ \    |_ \| | | |

-  /  \  __/ | | |  ___) | |_| |

- /_/\_\___|_| |_| |____(_)___/ 

-

-################################

-

-http://www.xensource.com/xen/about.html

-

-What is Xen?

-============

-

-Xen is a Virtual Machine Monitor (VMM) originally developed by the

-Systems Research Group of the University of Cambridge Computer

-Laboratory, as part of the UK-EPSRC funded XenoServers project.  Xen

-is freely-distributable Open Source software, released under the GNU

-GPL. Since its initial public release, Xen has grown a large

-development community, spearheaded by XenSource Inc, a company created

-by the original Xen development team to build enterprise products

-around Xen.

-

-The 3.0 release offers excellent performance, hardware support and

-enterprise-grade features such as x86_32-PAE, x86_64, SMP guests and

-live relocation of VMs. This install tree contains source for a Linux

-2.6 guest; ports to Linux 2.4, NetBSD, FreeBSD and Solaris will follow

-later (and are already available for previous Xen releases).

-

-This file contains some quick-start instructions to install Xen on

-your system. For full documentation, see the Xen User Manual. If this

-is a pre-built release then you can find the manual at:

- dist/install/usr/share/doc/xen/pdf/user.pdf

-If you have a source release, then 'make -C docs' will build the

-manual at docs/pdf/user.pdf.

-

-Quick-Start Guide - Pre-Built Binary Release

-============================================

-

-[NB. Unless noted otherwise, all the following steps should be

-performed with root privileges.]

-

-1. Install the binary distribution onto your filesystem:

-

-    # sh ./install.sh

-

-   Among other things, this will install Xen and Xen-ready Linux

-   kernel files in /boot, kernel modules and Python packages in /lib,

-   and various control tools in standard 'bin' directories.

-

-2. Configure your bootloader to boot Xen and an initial Linux virtual

-   machine. Note that Xen currently only works with GRUB and pxelinux

-   derived boot loaders: less common alternatives such as LILO are

-   *not* supported. You can most likely find your GRUB menu file at

-   /boot/grub/menu.lst: edit this file to include an entry like the

-   following:

-

-    title Xen 3.0 / XenLinux 2.6

-       kernel /boot/xen-3.0.gz console=vga

-       module /boot/vmlinuz-2.6-xen root=<root-dev> ro console=tty0

-       module /boot/initrd-2.6-xen.img

-

-   NB: Not all kernel configs need an initial ram disk (initrd), but

-   if you do specify one you'll need to use the 'module' grub directive

-   rather than 'initrd'.

-

-   The linux command line takes all the usual options, such as

-   root=<root-dev> to specify your usual root partition (e.g.,

-   /dev/hda1).  

-

-   The Xen command line takes a number of optional arguments described

-   in the manual. The most common is 'dom0_mem=xxxM' which sets the

-   amount of memory to allocate for use by your initial virtual

-   machine (known as domain 0). Note that Xen itself reserves about

-   32MB memory for internal use, which is not available for allocation

-   to virtual machines.  

-

-3. Reboot your system and select the "Xen 3.0 / XenLinux 2.6" menu

-   option. After booting Xen, Linux will start and your initialisation

-   scripts should execute in the usual way.

-

-Quick-Start Guide - Source Release

-==================================

-

-First, there are a number of prerequisites for building a Xen source

-release. Make sure you have all the following installed, either by

-visiting the project webpage or installing a pre-built package

-provided by your Linux distributor:

-    * GCC (preferably v3.2.x or v3.3.x; older versions are unsupported) 

-    * GNU Make

-    * GNU Binutils

-    * Development install of zlib (e.g., zlib-dev)

-    * Development install of Python v2.3 or later (e.g., python-dev)

-    * bridge-utils package (/sbin/brctl)

-    * iproute package (/sbin/ip)

-    * hotplug or udev

-

-[NB. Unless noted otherwise, all the following steps should be

-performed with root privileges.]

-

-1. Download and untar the source tarball file. This will be a

-   file named xen-unstable-src.tgz, or xen-$version-src.tgz.

-   You can also pull the current version from the SCMS

-   that is being used (Bitkeeper, scheduled to change shortly).

-

-    # tar xzf xen-unstable-src.tgz

-

-   Assuming you are using the unstable tree, this will

-   untar into xen-unstable. The rest of the instructions

-   use the unstable tree as an example, substitute the

-   version for unstable.

-

-2. cd to xen-unstable (or whatever you sensibly rename it to).

-   The Linux, netbsd and freebsd kernel source trees are in

-   the $os-$version-xen-sparse directories.

-

-On Linux:

-

-3. For the very first build, or if you want to destroy existing

-   .configs and build trees, perform the following steps:

-

-    # make world

-    # make install

-

-   This will create and install onto the local machine. It will build 

-   the xen binary (xen.gz), and a linux kernel and modules that can be

-   used in both dom0 and an unprivileged guest kernel (vmlinuz-2.6.x-xen),

-   the tools and the documentation.

-

-   You can override the destination for make install by setting DESTDIR 

-   to some value.

-

-   The make command line defaults to building the kernel vmlinuz-2.6.x-xen. 

-   You can override this default by specifying KERNELS=kernelname. For 

-   example, you can make two kernels - linux-2.6-xen0 

-   and linux-2.6-xenU - which are smaller builds containing only selected 

-   modules, intended primarily for developers that don't like to wait 

-   for a full -xen kernel to build. The -xenU kernel is particularly small,

-   as it does not contain any physical device drivers, and hence is

-   only useful for guest domains.

-

-   To make these two kernels, simply specify

-

-   KERNELS="linux-2.6-xen0 linux-2.6-xenU"

-

-   in the make command line.

-

-   If you want to build an x86_32 PAE capable xen and kernel to work

-   on machines with >= 4GB of memory, use XEN_TARGET_X86_PAE=y on the

-   make command line.

-

-4. To rebuild an existing tree without modifying the config:

-    # make dist

-

-   This will build and install xen, kernels, tools, and

-   docs into the local dist/ directory. 

-

-   You can override the destination for make install by setting DISTDIR 

-   to some value.

-

-   make install and make dist differ in that make install does the 

-   right things for your local machine (installing the appropriate 

-   version of hotplug or udev scripts, for example), but make dist 

-   includes all versions of those scripts, so that you can copy the dist 

-   directory to another machine and install from that distribution.

-

-5. To rebuild a kernel with a modified config:

-

-    # make linux-2.6-xen-config CONFIGMODE=menuconfig     (or xconfig)

-    # make linux-2.6-xen-build

-    # make linux-2.6-xen-install

-

-   Depending on your config, you may need to use 'mkinitrd' to create

-   an initial ram disk, just like a native system e.g. 

-    # depmod 2.6.16-xen

-    # mkinitrd -v -f --with=aacraid --with=sd_mod --with=scsi_mod initrd-2.6.16-xen.img 2.6.16-xen

+################################
+ __  __            _____  ___  
+ \ \/ /___ _ __   |___ / / _ \ 
+  \  // _ \ '_ \    |_ \| | | |
+  /  \  __/ | | |  ___) | |_| |
+ /_/\_\___|_| |_| |____(_)___/ 
+
+################################
+
+http://www.xensource.com/xen/about.html
+
+What is Xen?
+============
+
+Xen is a Virtual Machine Monitor (VMM) originally developed by the
+Systems Research Group of the University of Cambridge Computer
+Laboratory, as part of the UK-EPSRC funded XenoServers project.  Xen
+is freely-distributable Open Source software, released under the GNU
+GPL. Since its initial public release, Xen has grown a large
+development community, spearheaded by XenSource Inc, a company created
+by the original Xen development team to build enterprise products
+around Xen.
+
+The 3.0 release offers excellent performance, hardware support and
+enterprise-grade features such as x86_32-PAE, x86_64, SMP guests and
+live relocation of VMs. This install tree contains source for a Linux
+2.6 guest; ports to Linux 2.4, NetBSD, FreeBSD and Solaris will follow
+later (and are already available for previous Xen releases).
+
+This file contains some quick-start instructions to install Xen on
+your system. For full documentation, see the Xen User Manual. If this
+is a pre-built release then you can find the manual at:
+ dist/install/usr/share/doc/xen/pdf/user.pdf
+If you have a source release, then 'make -C docs' will build the
+manual at docs/pdf/user.pdf.
+
+Quick-Start Guide - Pre-Built Binary Release
+============================================
+
+[NB. Unless noted otherwise, all the following steps should be
+performed with root privileges.]
+
+1. Install the binary distribution onto your filesystem:
+
+    # sh ./install.sh
+
+   Among other things, this will install Xen and Xen-ready Linux
+   kernel files in /boot, kernel modules and Python packages in /lib,
+   and various control tools in standard 'bin' directories.
+
+2. Configure your bootloader to boot Xen and an initial Linux virtual
+   machine. Note that Xen currently only works with GRUB and pxelinux
+   derived boot loaders: less common alternatives such as LILO are
+   *not* supported. You can most likely find your GRUB menu file at
+   /boot/grub/menu.lst: edit this file to include an entry like the
+   following:
+
+    title Xen 3.0 / XenLinux 2.6
+       kernel /boot/xen-3.0.gz console=vga
+       module /boot/vmlinuz-2.6-xen root=<root-dev> ro console=tty0
+       module /boot/initrd-2.6-xen.img
+
+   NB: Not all kernel configs need an initial ram disk (initrd), but
+   if you do specify one you'll need to use the 'module' grub directive
+   rather than 'initrd'.
+
+   The linux command line takes all the usual options, such as
+   root=<root-dev> to specify your usual root partition (e.g.,
+   /dev/hda1).  
+
+   The Xen command line takes a number of optional arguments described
+   in the manual. The most common is 'dom0_mem=xxxM' which sets the
+   amount of memory to allocate for use by your initial virtual
+   machine (known as domain 0). Note that Xen itself reserves about
+   32MB memory for internal use, which is not available for allocation
+   to virtual machines.  
+
+3. Reboot your system and select the "Xen 3.0 / XenLinux 2.6" menu
+   option. After booting Xen, Linux will start and your initialisation
+   scripts should execute in the usual way.
+
+Quick-Start Guide - Source Release
+==================================
+
+First, there are a number of prerequisites for building a Xen source
+release. Make sure you have all the following installed, either by
+visiting the project webpage or installing a pre-built package
+provided by your Linux distributor:
+    * GCC (preferably v3.2.x or v3.3.x; older versions are unsupported) 
+    * GNU Make
+    * GNU Binutils
+    * Development install of zlib (e.g., zlib-dev)
+    * Development install of Python v2.3 or later (e.g., python-dev)
+    * bridge-utils package (/sbin/brctl)
+    * iproute package (/sbin/ip)
+    * hotplug or udev
+
+[NB. Unless noted otherwise, all the following steps should be
+performed with root privileges.]
+
+1. Download and untar the source tarball file. This will be a
+   file named xen-unstable-src.tgz, or xen-$version-src.tgz.
+   You can also pull the current version from the SCMS
+   that is being used (Bitkeeper, scheduled to change shortly).
+
+    # tar xzf xen-unstable-src.tgz
+
+   Assuming you are using the unstable tree, this will
+   untar into xen-unstable. The rest of the instructions
+   use the unstable tree as an example, substitute the
+   version for unstable.
+
+2. cd to xen-unstable (or whatever you sensibly rename it to).
+   The Linux, netbsd and freebsd kernel source trees are in
+   the $os-$version-xen-sparse directories.
+
+On Linux:
+
+3. For the very first build, or if you want to destroy existing
+   .configs and build trees, perform the following steps:
+
+    # make world
+    # make install
+
+   This will create and install onto the local machine. It will build 
+   the xen binary (xen.gz), and a linux kernel and modules that can be
+   used in both dom0 and an unprivileged guest kernel (vmlinuz-2.6.x-xen),
+   the tools and the documentation.
+
+   You can override the destination for make install by setting DESTDIR 
+   to some value.
+
+   The make command line defaults to building the kernel vmlinuz-2.6.x-xen. 
+   You can override this default by specifying KERNELS=kernelname. For 
+   example, you can make two kernels - linux-2.6-xen0 
+   and linux-2.6-xenU - which are smaller builds containing only selected 
+   modules, intended primarily for developers that don't like to wait 
+   for a full -xen kernel to build. The -xenU kernel is particularly small,
+   as it does not contain any physical device drivers, and hence is
+   only useful for guest domains.
+
+   To make these two kernels, simply specify
+
+   KERNELS="linux-2.6-xen0 linux-2.6-xenU"
+
+   in the make command line.
+
+   If you want to build an x86_32 PAE capable xen and kernel to work
+   on machines with >= 4GB of memory, use XEN_TARGET_X86_PAE=y on the
+   make command line.
+
+4. To rebuild an existing tree without modifying the config:
+    # make dist
+
+   This will build and install xen, kernels, tools, and
+   docs into the local dist/ directory. 
+
+   You can override the destination for make install by setting DISTDIR 
+   to some value.
+
+   make install and make dist differ in that make install does the 
+   right things for your local machine (installing the appropriate 
+   version of hotplug or udev scripts, for example), but make dist 
+   includes all versions of those scripts, so that you can copy the dist 
+   directory to another machine and install from that distribution.
+
+5. To rebuild a kernel with a modified config:
+
+    # make linux-2.6-xen-config CONFIGMODE=menuconfig     (or xconfig)
+    # make linux-2.6-xen-build
+    # make linux-2.6-xen-install
+
+   Depending on your config, you may need to use 'mkinitrd' to create
+   an initial ram disk, just like a native system e.g. 
+    # depmod 2.6.16-xen
+    # mkinitrd -v -f --with=aacraid --with=sd_mod --with=scsi_mod initrd-2.6.16-xen.img 2.6.16-xen
diff --git a/buildconfigs/linux-defconfig_xen_x86_32 b/buildconfigs/linux-defconfig_xen_x86_32
index b5dfca04c3..19a4dc2474 100644
--- a/buildconfigs/linux-defconfig_xen_x86_32
+++ b/buildconfigs/linux-defconfig_xen_x86_32
@@ -1,7 +1,7 @@
 #
 # Automatically generated make config: don't edit
-# Linux kernel version: 2.6.16-rc3-xen0
-# Thu Feb 16 22:54:14 2006
+# Linux kernel version: 2.6.16-xen
+# Thu Apr 20 17:07:18 2006
 #
 CONFIG_X86_32=y
 CONFIG_SEMAPHORE_SLEEPERS=y
@@ -28,16 +28,18 @@ CONFIG_SWAP=y
 CONFIG_SYSVIPC=y
 CONFIG_POSIX_MQUEUE=y
 CONFIG_BSD_PROCESS_ACCT=y
-# CONFIG_BSD_PROCESS_ACCT_V3 is not set
+CONFIG_BSD_PROCESS_ACCT_V3=y
 CONFIG_SYSCTL=y
-# CONFIG_AUDIT is not set
-# CONFIG_IKCONFIG is not set
-# CONFIG_CPUSETS is not set
+CONFIG_AUDIT=y
+CONFIG_AUDITSYSCALL=y
+CONFIG_IKCONFIG=y
+CONFIG_IKCONFIG_PROC=y
+CONFIG_CPUSETS=y
 CONFIG_INITRAMFS_SOURCE=""
 CONFIG_UID16=y
 CONFIG_VM86=y
 # CONFIG_CC_OPTIMIZE_FOR_SIZE is not set
-CONFIG_EMBEDDED=y
+# CONFIG_EMBEDDED is not set
 CONFIG_KALLSYMS=y
 # CONFIG_KALLSYMS_ALL is not set
 # CONFIG_KALLSYMS_EXTRA_PASS is not set
@@ -67,7 +69,7 @@ CONFIG_MODULE_UNLOAD=y
 CONFIG_MODULE_FORCE_UNLOAD=y
 CONFIG_OBSOLETE_MODPARM=y
 CONFIG_MODVERSIONS=y
-# CONFIG_MODULE_SRCVERSION_ALL is not set
+CONFIG_MODULE_SRCVERSION_ALL=y
 CONFIG_KMOD=y
 CONFIG_STOP_MACHINE=y
 
@@ -83,11 +85,11 @@ CONFIG_IOSCHED_NOOP=y
 CONFIG_IOSCHED_AS=y
 CONFIG_IOSCHED_DEADLINE=y
 CONFIG_IOSCHED_CFQ=y
-CONFIG_DEFAULT_AS=y
+# CONFIG_DEFAULT_AS is not set
 # CONFIG_DEFAULT_DEADLINE is not set
-# CONFIG_DEFAULT_CFQ is not set
+CONFIG_DEFAULT_CFQ=y
 # CONFIG_DEFAULT_NOOP is not set
-CONFIG_DEFAULT_IOSCHED="anticipatory"
+CONFIG_DEFAULT_IOSCHED="cfq"
 
 #
 # Processor type and features
@@ -124,10 +126,10 @@ CONFIG_M686=y
 # CONFIG_MGEODE_LX is not set
 # CONFIG_MCYRIXIII is not set
 # CONFIG_MVIAC3_2 is not set
-# CONFIG_X86_GENERIC is not set
+CONFIG_X86_GENERIC=y
 CONFIG_X86_CMPXCHG=y
 CONFIG_X86_XADD=y
-CONFIG_X86_L1_CACHE_SHIFT=5
+CONFIG_X86_L1_CACHE_SHIFT=7
 CONFIG_RWSEM_XCHGADD_ALGORITHM=y
 CONFIG_GENERIC_CALIBRATE_DELAY=y
 CONFIG_X86_PPRO_FENCE=y
@@ -137,13 +139,14 @@ CONFIG_X86_BSWAP=y
 CONFIG_X86_POPAD_OK=y
 CONFIG_X86_CMPXCHG64=y
 CONFIG_X86_GOOD_APIC=y
+CONFIG_X86_INTEL_USERCOPY=y
 CONFIG_X86_USE_PPRO_CHECKSUM=y
 CONFIG_X86_TSC=y
 CONFIG_SMP=y
 CONFIG_SMP_ALTERNATIVES=y
-CONFIG_NR_CPUS=8
-CONFIG_PREEMPT_NONE=y
-# CONFIG_PREEMPT_VOLUNTARY is not set
+CONFIG_NR_CPUS=32
+# CONFIG_PREEMPT_NONE is not set
+CONFIG_PREEMPT_VOLUNTARY=y
 # CONFIG_PREEMPT is not set
 CONFIG_PREEMPT_BKL=y
 CONFIG_X86_LOCAL_APIC=y
@@ -178,7 +181,7 @@ CONFIG_FLAT_NODE_MEM_MAP=y
 # CONFIG_SPARSEMEM_STATIC is not set
 CONFIG_SPLIT_PTLOCK_CPUS=4096
 CONFIG_MTRR=y
-# CONFIG_REGPARM is not set
+CONFIG_REGPARM=y
 CONFIG_SECCOMP=y
 CONFIG_HZ_100=y
 # CONFIG_HZ_250 is not set
@@ -214,7 +217,6 @@ CONFIG_ACPI_BLACKLIST_YEAR=0
 CONFIG_ACPI_EC=y
 CONFIG_ACPI_POWER=y
 CONFIG_ACPI_SYSTEM=y
-# CONFIG_X86_PM_TIMER is not set
 CONFIG_ACPI_CONTAINER=m
 
 #
@@ -269,7 +271,8 @@ CONFIG_PCCARD_NONSTATIC=m
 #
 CONFIG_HOTPLUG_PCI=m
 CONFIG_HOTPLUG_PCI_FAKE=m
-# CONFIG_HOTPLUG_PCI_ACPI is not set
+CONFIG_HOTPLUG_PCI_ACPI=m
+CONFIG_HOTPLUG_PCI_ACPI_IBM=m
 CONFIG_HOTPLUG_PCI_CPCI=y
 CONFIG_HOTPLUG_PCI_CPCI_ZT5550=m
 CONFIG_HOTPLUG_PCI_CPCI_GENERIC=m
@@ -296,7 +299,7 @@ CONFIG_PACKET=y
 CONFIG_PACKET_MMAP=y
 CONFIG_UNIX=y
 CONFIG_XFRM=y
-CONFIG_XFRM_USER=y
+CONFIG_XFRM_USER=m
 CONFIG_NET_KEY=m
 CONFIG_INET=y
 CONFIG_IP_MULTICAST=y
@@ -518,7 +521,7 @@ CONFIG_BRIDGE_EBT_MARK_T=m
 CONFIG_BRIDGE_EBT_REDIRECT=m
 CONFIG_BRIDGE_EBT_SNAT=m
 CONFIG_BRIDGE_EBT_LOG=m
-# CONFIG_BRIDGE_EBT_ULOG is not set
+CONFIG_BRIDGE_EBT_ULOG=m
 
 #
 # DCCP Configuration (EXPERIMENTAL)
@@ -551,18 +554,10 @@ CONFIG_SCTP_HMAC_MD5=y
 #
 # TIPC Configuration (EXPERIMENTAL)
 #
-CONFIG_TIPC=m
-CONFIG_TIPC_ADVANCED=y
-CONFIG_TIPC_ZONES=3
-CONFIG_TIPC_CLUSTERS=1
-CONFIG_TIPC_NODES=255
-CONFIG_TIPC_SLAVE_NODES=0
-CONFIG_TIPC_PORTS=8191
-CONFIG_TIPC_LOG=0
-# CONFIG_TIPC_DEBUG is not set
-CONFIG_ATM=y
-CONFIG_ATM_CLIP=y
-# CONFIG_ATM_CLIP_NO_ICMP is not set
+# CONFIG_TIPC is not set
+CONFIG_ATM=m
+CONFIG_ATM_CLIP=m
+CONFIG_ATM_CLIP_NO_ICMP=y
 CONFIG_ATM_LANE=m
 CONFIG_ATM_MPOA=m
 CONFIG_ATM_BR2684=m
@@ -570,7 +565,8 @@ CONFIG_ATM_BR2684=m
 CONFIG_BRIDGE=m
 CONFIG_VLAN_8021Q=m
 CONFIG_DECNET=m
-# CONFIG_DECNET_ROUTER is not set
+CONFIG_DECNET_ROUTER=y
+CONFIG_DECNET_ROUTE_FWMARK=y
 CONFIG_LLC=y
 CONFIG_LLC2=m
 CONFIG_IPX=m
@@ -623,8 +619,8 @@ CONFIG_NET_CLS_ROUTE4=m
 CONFIG_NET_CLS_ROUTE=y
 CONFIG_NET_CLS_FW=m
 CONFIG_NET_CLS_U32=m
-# CONFIG_CLS_U32_PERF is not set
-# CONFIG_CLS_U32_MARK is not set
+CONFIG_CLS_U32_PERF=y
+CONFIG_CLS_U32_MARK=y
 CONFIG_NET_CLS_RSVP=m
 CONFIG_NET_CLS_RSVP6=m
 CONFIG_NET_EMATCH=y
@@ -717,13 +713,13 @@ CONFIG_ACT200L_DONGLE=m
 #
 CONFIG_USB_IRDA=m
 CONFIG_SIGMATEL_FIR=m
-# CONFIG_NSC_FIR is not set
-# CONFIG_WINBOND_FIR is not set
-# CONFIG_TOSHIBA_FIR is not set
-# CONFIG_SMC_IRCC_FIR is not set
-# CONFIG_ALI_FIR is not set
+CONFIG_NSC_FIR=m
+CONFIG_WINBOND_FIR=m
+CONFIG_TOSHIBA_FIR=m
+CONFIG_SMC_IRCC_FIR=m
+CONFIG_ALI_FIR=m
 CONFIG_VLSI_FIR=m
-# CONFIG_VIA_FIR is not set
+CONFIG_VIA_FIR=m
 CONFIG_BT=m
 CONFIG_BT_L2CAP=m
 CONFIG_BT_SCO=m
@@ -744,7 +740,7 @@ CONFIG_BT_HCIUART=m
 CONFIG_BT_HCIUART_H4=y
 CONFIG_BT_HCIUART_BCSP=y
 CONFIG_BT_HCIBCM203X=m
-# CONFIG_BT_HCIBPA10X is not set
+CONFIG_BT_HCIBPA10X=m
 CONFIG_BT_HCIBFUSB=m
 CONFIG_BT_HCIDTL1=m
 CONFIG_BT_HCIBT3C=m
@@ -805,7 +801,11 @@ CONFIG_RFD_FTL=m
 CONFIG_MTD_CFI=m
 CONFIG_MTD_JEDECPROBE=m
 CONFIG_MTD_GEN_PROBE=m
-# CONFIG_MTD_CFI_ADV_OPTIONS is not set
+CONFIG_MTD_CFI_ADV_OPTIONS=y
+CONFIG_MTD_CFI_NOSWAP=y
+# CONFIG_MTD_CFI_BE_BYTE_SWAP is not set
+# CONFIG_MTD_CFI_LE_BYTE_SWAP is not set
+# CONFIG_MTD_CFI_GEOMETRY is not set
 CONFIG_MTD_MAP_BANK_WIDTH_1=y
 CONFIG_MTD_MAP_BANK_WIDTH_2=y
 CONFIG_MTD_MAP_BANK_WIDTH_4=y
@@ -816,6 +816,7 @@ CONFIG_MTD_CFI_I1=y
 CONFIG_MTD_CFI_I2=y
 # CONFIG_MTD_CFI_I4 is not set
 # CONFIG_MTD_CFI_I8 is not set
+# CONFIG_MTD_OTP is not set
 CONFIG_MTD_CFI_INTELEXT=m
 CONFIG_MTD_CFI_AMDSTD=m
 CONFIG_MTD_CFI_AMDSTD_RETRY=0
@@ -840,13 +841,13 @@ CONFIG_MTD_NETSC520=m
 CONFIG_MTD_TS5500=m
 CONFIG_MTD_SBC_GXX=m
 CONFIG_MTD_SCx200_DOCFLASH=m
-# CONFIG_MTD_AMD76XROM is not set
-# CONFIG_MTD_ICHXROM is not set
-# CONFIG_MTD_SCB2_FLASH is not set
+CONFIG_MTD_AMD76XROM=m
+CONFIG_MTD_ICHXROM=m
+CONFIG_MTD_SCB2_FLASH=m
 CONFIG_MTD_NETtel=m
 CONFIG_MTD_DILNETPC=m
 CONFIG_MTD_DILNETPC_BOOTSIZE=0x80000
-# CONFIG_MTD_L440GX is not set
+CONFIG_MTD_L440GX=m
 CONFIG_MTD_PCI=m
 CONFIG_MTD_PLATRAM=m
 
@@ -864,7 +865,7 @@ CONFIG_MTD_MTDRAM=m
 CONFIG_MTDRAM_TOTAL_SIZE=4096
 CONFIG_MTDRAM_ERASE_SIZE=128
 CONFIG_MTD_BLKMTD=m
-# CONFIG_MTD_BLOCK2MTD is not set
+CONFIG_MTD_BLOCK2MTD=m
 
 #
 # Disk-On-Chip Device Drivers
@@ -886,8 +887,8 @@ CONFIG_MTD_NAND_IDS=m
 CONFIG_MTD_NAND_DISKONCHIP=m
 # CONFIG_MTD_NAND_DISKONCHIP_PROBE_ADVANCED is not set
 CONFIG_MTD_NAND_DISKONCHIP_PROBE_ADDRESS=0
-# CONFIG_MTD_NAND_DISKONCHIP_BBTWRITE is not set
-# CONFIG_MTD_NAND_NANDSIM is not set
+CONFIG_MTD_NAND_DISKONCHIP_BBTWRITE=y
+CONFIG_MTD_NAND_NANDSIM=y
 
 #
 # OneNAND Flash Device Drivers
@@ -902,7 +903,7 @@ CONFIG_PARPORT=m
 CONFIG_PARPORT_PC=m
 CONFIG_PARPORT_SERIAL=m
 CONFIG_PARPORT_PC_FIFO=y
-# CONFIG_PARPORT_PC_SUPERIO is not set
+CONFIG_PARPORT_PC_SUPERIO=y
 CONFIG_PARPORT_PC_PCMCIA=m
 CONFIG_PARPORT_NOT_PC=y
 # CONFIG_PARPORT_GSC is not set
@@ -912,7 +913,7 @@ CONFIG_PARPORT_1284=y
 # Plug and Play support
 #
 CONFIG_PNP=y
-CONFIG_PNP_DEBUG=y
+# CONFIG_PNP_DEBUG is not set
 
 #
 # Protocols
@@ -922,7 +923,7 @@ CONFIG_PNPACPI=y
 #
 # Block devices
 #
-CONFIG_BLK_DEV_FD=m
+CONFIG_BLK_DEV_FD=y
 CONFIG_PARIDE=m
 CONFIG_PARIDE_PARPORT=m
 
@@ -946,7 +947,7 @@ CONFIG_PARIDE_DSTR=m
 CONFIG_PARIDE_FIT2=m
 CONFIG_PARIDE_FIT3=m
 CONFIG_PARIDE_EPAT=m
-# CONFIG_PARIDE_EPATC8 is not set
+CONFIG_PARIDE_EPATC8=y
 CONFIG_PARIDE_EPIA=m
 CONFIG_PARIDE_FRIQ=m
 CONFIG_PARIDE_FRPW=m
@@ -960,7 +961,7 @@ CONFIG_CISS_SCSI_TAPE=y
 CONFIG_BLK_DEV_DAC960=m
 CONFIG_BLK_DEV_UMEM=m
 # CONFIG_BLK_DEV_COW_COMMON is not set
-CONFIG_BLK_DEV_LOOP=m
+CONFIG_BLK_DEV_LOOP=y
 CONFIG_BLK_DEV_CRYPTOLOOP=m
 CONFIG_BLK_DEV_NBD=m
 CONFIG_BLK_DEV_SX8=m
@@ -971,7 +972,7 @@ CONFIG_BLK_DEV_RAM_SIZE=16384
 CONFIG_BLK_DEV_INITRD=y
 CONFIG_CDROM_PKTCDVD=m
 CONFIG_CDROM_PKTCDVD_BUFFERS=8
-# CONFIG_CDROM_PKTCDVD_WCACHE is not set
+CONFIG_CDROM_PKTCDVD_WCACHE=y
 CONFIG_ATA_OVER_ETH=m
 
 #
@@ -985,59 +986,59 @@ CONFIG_BLK_DEV_IDE=y
 #
 # CONFIG_BLK_DEV_IDE_SATA is not set
 # CONFIG_BLK_DEV_HD_IDE is not set
-CONFIG_BLK_DEV_IDEDISK=y
+CONFIG_BLK_DEV_IDEDISK=m
 CONFIG_IDEDISK_MULTI_MODE=y
 CONFIG_BLK_DEV_IDECS=m
-CONFIG_BLK_DEV_IDECD=y
+CONFIG_BLK_DEV_IDECD=m
 CONFIG_BLK_DEV_IDETAPE=m
-CONFIG_BLK_DEV_IDEFLOPPY=y
+CONFIG_BLK_DEV_IDEFLOPPY=m
 CONFIG_BLK_DEV_IDESCSI=m
 # CONFIG_IDE_TASK_IOCTL is not set
 
 #
 # IDE chipset support/bugfixes
 #
-CONFIG_IDE_GENERIC=y
+CONFIG_IDE_GENERIC=m
 CONFIG_BLK_DEV_CMD640=y
 CONFIG_BLK_DEV_CMD640_ENHANCED=y
 CONFIG_BLK_DEV_IDEPNP=y
 CONFIG_BLK_DEV_IDEPCI=y
 CONFIG_IDEPCI_SHARE_IRQ=y
-# CONFIG_BLK_DEV_OFFBOARD is not set
+CONFIG_BLK_DEV_OFFBOARD=y
 CONFIG_BLK_DEV_GENERIC=y
 CONFIG_BLK_DEV_OPTI621=m
-CONFIG_BLK_DEV_RZ1000=y
+CONFIG_BLK_DEV_RZ1000=m
 CONFIG_BLK_DEV_IDEDMA_PCI=y
 # CONFIG_BLK_DEV_IDEDMA_FORCED is not set
 CONFIG_IDEDMA_PCI_AUTO=y
 # CONFIG_IDEDMA_ONLYDISK is not set
-CONFIG_BLK_DEV_AEC62XX=y
-CONFIG_BLK_DEV_ALI15X3=y
+CONFIG_BLK_DEV_AEC62XX=m
+CONFIG_BLK_DEV_ALI15X3=m
 # CONFIG_WDC_ALI15X3 is not set
-CONFIG_BLK_DEV_AMD74XX=y
-CONFIG_BLK_DEV_ATIIXP=y
-CONFIG_BLK_DEV_CMD64X=y
-CONFIG_BLK_DEV_TRIFLEX=y
-CONFIG_BLK_DEV_CY82C693=y
-CONFIG_BLK_DEV_CS5520=y
-CONFIG_BLK_DEV_CS5530=y
+CONFIG_BLK_DEV_AMD74XX=m
+CONFIG_BLK_DEV_ATIIXP=m
+CONFIG_BLK_DEV_CMD64X=m
+CONFIG_BLK_DEV_TRIFLEX=m
+CONFIG_BLK_DEV_CY82C693=m
+CONFIG_BLK_DEV_CS5520=m
+CONFIG_BLK_DEV_CS5530=m
 CONFIG_BLK_DEV_CS5535=m
-CONFIG_BLK_DEV_HPT34X=y
-# CONFIG_HPT34X_AUTODMA is not set
-CONFIG_BLK_DEV_HPT366=y
+CONFIG_BLK_DEV_HPT34X=m
+CONFIG_HPT34X_AUTODMA=y
+CONFIG_BLK_DEV_HPT366=m
 CONFIG_BLK_DEV_SC1200=m
-CONFIG_BLK_DEV_PIIX=y
+CONFIG_BLK_DEV_PIIX=m
 CONFIG_BLK_DEV_IT821X=m
 CONFIG_BLK_DEV_NS87415=m
-CONFIG_BLK_DEV_PDC202XX_OLD=y
+CONFIG_BLK_DEV_PDC202XX_OLD=m
 CONFIG_PDC202XX_BURST=y
-CONFIG_BLK_DEV_PDC202XX_NEW=y
-CONFIG_BLK_DEV_SVWKS=y
-CONFIG_BLK_DEV_SIIMAGE=y
-CONFIG_BLK_DEV_SIS5513=y
-CONFIG_BLK_DEV_SLC90E66=y
+CONFIG_BLK_DEV_PDC202XX_NEW=m
+CONFIG_BLK_DEV_SVWKS=m
+CONFIG_BLK_DEV_SIIMAGE=m
+CONFIG_BLK_DEV_SIS5513=m
+CONFIG_BLK_DEV_SLC90E66=m
 CONFIG_BLK_DEV_TRM290=m
-CONFIG_BLK_DEV_VIA82CXXX=y
+CONFIG_BLK_DEV_VIA82CXXX=m
 # CONFIG_IDE_ARM is not set
 CONFIG_BLK_DEV_IDEDMA=y
 # CONFIG_IDEDMA_IVB is not set
@@ -1112,7 +1113,7 @@ CONFIG_SCSI_ATA_PIIX=m
 CONFIG_SCSI_SATA_MV=m
 CONFIG_SCSI_SATA_NV=m
 CONFIG_SCSI_PDC_ADMA=m
-# CONFIG_SCSI_SATA_QSTOR is not set
+CONFIG_SCSI_SATA_QSTOR=m
 CONFIG_SCSI_SATA_PROMISE=m
 CONFIG_SCSI_SATA_SX4=m
 CONFIG_SCSI_SATA_SIL=m
@@ -1122,14 +1123,18 @@ CONFIG_SCSI_SATA_ULI=m
 CONFIG_SCSI_SATA_VIA=m
 CONFIG_SCSI_SATA_VITESSE=m
 CONFIG_SCSI_SATA_INTEL_COMBINED=y
-# CONFIG_SCSI_BUSLOGIC is not set
+CONFIG_SCSI_BUSLOGIC=m
+# CONFIG_SCSI_OMIT_FLASHPOINT is not set
 CONFIG_SCSI_DMX3191D=m
-# CONFIG_SCSI_EATA is not set
+CONFIG_SCSI_EATA=m
+CONFIG_SCSI_EATA_TAGGED_QUEUE=y
+CONFIG_SCSI_EATA_LINKED_COMMANDS=y
+CONFIG_SCSI_EATA_MAX_TAGS=16
 CONFIG_SCSI_FUTURE_DOMAIN=m
-# CONFIG_SCSI_GDTH is not set
+CONFIG_SCSI_GDTH=m
 CONFIG_SCSI_IPS=m
-# CONFIG_SCSI_INITIO is not set
-# CONFIG_SCSI_INIA100 is not set
+CONFIG_SCSI_INITIO=m
+CONFIG_SCSI_INIA100=m
 CONFIG_SCSI_PPA=m
 CONFIG_SCSI_IMM=m
 # CONFIG_SCSI_IZIP_EPP16 is not set
@@ -1140,8 +1145,8 @@ CONFIG_SCSI_SYM53C8XX_DEFAULT_TAGS=16
 CONFIG_SCSI_SYM53C8XX_MAX_TAGS=64
 # CONFIG_SCSI_SYM53C8XX_IOMAPPED is not set
 CONFIG_SCSI_IPR=m
-# CONFIG_SCSI_IPR_TRACE is not set
-# CONFIG_SCSI_IPR_DUMP is not set
+CONFIG_SCSI_IPR_TRACE=y
+CONFIG_SCSI_IPR_DUMP=y
 CONFIG_SCSI_QLOGIC_FC=m
 CONFIG_SCSI_QLOGIC_FC_FIRMWARE=y
 CONFIG_SCSI_QLOGIC_1280=m
@@ -1166,7 +1171,7 @@ CONFIG_PCMCIA_SYM53C500=m
 # Multi-device support (RAID and LVM)
 #
 CONFIG_MD=y
-CONFIG_BLK_DEV_MD=m
+CONFIG_BLK_DEV_MD=y
 CONFIG_MD_LINEAR=m
 CONFIG_MD_RAID0=m
 CONFIG_MD_RAID1=m
@@ -1206,7 +1211,7 @@ CONFIG_IEEE1394=m
 # CONFIG_IEEE1394_OUI_DB is not set
 CONFIG_IEEE1394_EXTRA_CONFIG_ROMS=y
 CONFIG_IEEE1394_CONFIG_ROM_IP1394=y
-# CONFIG_IEEE1394_EXPORT_FULL_API is not set
+CONFIG_IEEE1394_EXPORT_FULL_API=y
 
 #
 # Device Drivers
@@ -1254,12 +1259,11 @@ CONFIG_ARCNET=m
 CONFIG_ARCNET_1201=m
 CONFIG_ARCNET_1051=m
 CONFIG_ARCNET_RAW=m
-# CONFIG_ARCNET_CAP is not set
+CONFIG_ARCNET_CAP=m
 CONFIG_ARCNET_COM90xx=m
 CONFIG_ARCNET_COM90xxIO=m
 CONFIG_ARCNET_RIM_I=m
-CONFIG_ARCNET_COM20020=m
-CONFIG_ARCNET_COM20020_PCI=m
+# CONFIG_ARCNET_COM20020 is not set
 
 #
 # PHY device support
@@ -1295,7 +1299,8 @@ CONFIG_DE2104X=m
 CONFIG_TULIP=m
 # CONFIG_TULIP_MWI is not set
 # CONFIG_TULIP_MMIO is not set
-# CONFIG_TULIP_NAPI is not set
+CONFIG_TULIP_NAPI=y
+CONFIG_TULIP_NAPI_HW_MITIGATION=y
 CONFIG_DE4X5=m
 CONFIG_WINBOND_840=m
 CONFIG_DM9102=m
@@ -1307,10 +1312,10 @@ CONFIG_PCNET32=m
 CONFIG_AMD8111_ETH=m
 # CONFIG_AMD8111E_NAPI is not set
 CONFIG_ADAPTEC_STARFIRE=m
-# CONFIG_ADAPTEC_STARFIRE_NAPI is not set
+CONFIG_ADAPTEC_STARFIRE_NAPI=y
 CONFIG_B44=m
 CONFIG_FORCEDETH=m
-# CONFIG_DGRS is not set
+CONFIG_DGRS=m
 CONFIG_EEPRO100=m
 CONFIG_E100=m
 CONFIG_FEALNX=m
@@ -1318,8 +1323,8 @@ CONFIG_NATSEMI=m
 CONFIG_NE2K_PCI=m
 CONFIG_8139CP=m
 CONFIG_8139TOO=m
-CONFIG_8139TOO_PIO=y
-CONFIG_8139TOO_TUNE_TWISTER=y
+# CONFIG_8139TOO_PIO is not set
+# CONFIG_8139TOO_TUNE_TWISTER is not set
 CONFIG_8139TOO_8129=y
 # CONFIG_8139_OLD_RX_RESET is not set
 CONFIG_SIS900=m
@@ -1329,22 +1334,26 @@ CONFIG_SUNDANCE=m
 CONFIG_TLAN=m
 CONFIG_VIA_RHINE=m
 # CONFIG_VIA_RHINE_MMIO is not set
-# CONFIG_NET_POCKET is not set
+CONFIG_NET_POCKET=y
+CONFIG_ATP=m
+CONFIG_DE600=m
+CONFIG_DE620=m
 
 #
 # Ethernet (1000 Mbit)
 #
-# CONFIG_ACENIC is not set
+CONFIG_ACENIC=m
+# CONFIG_ACENIC_OMIT_TIGON_I is not set
 CONFIG_DL2K=m
 CONFIG_E1000=m
-# CONFIG_E1000_NAPI is not set
+CONFIG_E1000_NAPI=y
 # CONFIG_E1000_DISABLE_PACKET_SPLIT is not set
 CONFIG_NS83820=m
 CONFIG_HAMACHI=m
 CONFIG_YELLOWFIN=m
 CONFIG_R8169=m
 # CONFIG_R8169_NAPI is not set
-# CONFIG_R8169_VLAN is not set
+CONFIG_R8169_VLAN=y
 CONFIG_SIS190=m
 CONFIG_SKGE=m
 CONFIG_SKY2=m
@@ -1358,9 +1367,9 @@ CONFIG_BNX2=m
 #
 CONFIG_CHELSIO_T1=m
 CONFIG_IXGB=m
-# CONFIG_IXGB_NAPI is not set
+CONFIG_IXGB_NAPI=y
 CONFIG_S2IO=m
-# CONFIG_S2IO_NAPI is not set
+CONFIG_S2IO_NAPI=y
 
 #
 # Token Ring devices
@@ -1398,7 +1407,7 @@ CONFIG_IPW2100_MONITOR=y
 # CONFIG_IPW2100_DEBUG is not set
 CONFIG_IPW2200=m
 # CONFIG_IPW2200_DEBUG is not set
-# CONFIG_AIRO is not set
+CONFIG_AIRO=m
 CONFIG_HERMES=m
 CONFIG_PLX_HERMES=m
 CONFIG_TMD_HERMES=m
@@ -1421,7 +1430,8 @@ CONFIG_PCMCIA_WL3501=m
 #
 CONFIG_PRISM54=m
 CONFIG_HOSTAP=m
-# CONFIG_HOSTAP_FIRMWARE is not set
+CONFIG_HOSTAP_FIRMWARE=y
+CONFIG_HOSTAP_FIRMWARE_NVRAM=y
 CONFIG_HOSTAP_PLX=m
 CONFIG_HOSTAP_PCI=m
 CONFIG_HOSTAP_CS=m
@@ -1439,7 +1449,6 @@ CONFIG_PCMCIA_NMCLAN=m
 CONFIG_PCMCIA_SMC91C92=m
 CONFIG_PCMCIA_XIRC2PS=m
 CONFIG_PCMCIA_AXNET=m
-CONFIG_ARCNET_COM20020_CS=m
 CONFIG_PCMCIA_IBMTR=m
 
 #
@@ -1487,11 +1496,11 @@ CONFIG_ATM_FIRESTREAM=m
 CONFIG_ATM_ZATM=m
 # CONFIG_ATM_ZATM_DEBUG is not set
 CONFIG_ATM_NICSTAR=m
-# CONFIG_ATM_NICSTAR_USE_SUNI is not set
-# CONFIG_ATM_NICSTAR_USE_IDT77105 is not set
+CONFIG_ATM_NICSTAR_USE_SUNI=y
+CONFIG_ATM_NICSTAR_USE_IDT77105=y
 CONFIG_ATM_IDT77252=m
 # CONFIG_ATM_IDT77252_DEBUG is not set
-# CONFIG_ATM_IDT77252_RCV_ALL is not set
+CONFIG_ATM_IDT77252_RCV_ALL=y
 CONFIG_ATM_IDT77252_USE_SUNI=y
 CONFIG_ATM_AMBASSADOR=m
 # CONFIG_ATM_AMBASSADOR_DEBUG is not set
@@ -1502,18 +1511,18 @@ CONFIG_ATM_IA=m
 CONFIG_ATM_FORE200E_MAYBE=m
 CONFIG_ATM_FORE200E_PCA=y
 CONFIG_ATM_FORE200E_PCA_DEFAULT_FW=y
-# CONFIG_ATM_FORE200E_USE_TASKLET is not set
+CONFIG_ATM_FORE200E_USE_TASKLET=y
 CONFIG_ATM_FORE200E_TX_RETRY=16
 CONFIG_ATM_FORE200E_DEBUG=0
 CONFIG_ATM_FORE200E=m
 CONFIG_ATM_HE=m
 CONFIG_ATM_HE_USE_SUNI=y
 CONFIG_FDDI=y
-CONFIG_DEFXX=m
+# CONFIG_DEFXX is not set
 CONFIG_SKFP=m
 CONFIG_HIPPI=y
 CONFIG_ROADRUNNER=m
-# CONFIG_ROADRUNNER_LARGE_RINGS is not set
+CONFIG_ROADRUNNER_LARGE_RINGS=y
 CONFIG_PLIP=m
 CONFIG_PPP=m
 CONFIG_PPP_MULTILINK=y
@@ -1533,8 +1542,8 @@ CONFIG_NET_FC=y
 CONFIG_SHAPER=m
 CONFIG_NETCONSOLE=m
 CONFIG_NETPOLL=y
-# CONFIG_NETPOLL_RX is not set
-# CONFIG_NETPOLL_TRAP is not set
+CONFIG_NETPOLL_RX=y
+CONFIG_NETPOLL_TRAP=y
 CONFIG_NET_POLL_CONTROLLER=y
 
 #
@@ -1558,7 +1567,7 @@ CONFIG_ISDN_X25=y
 #
 # ISDN feature submodules
 #
-# CONFIG_ISDN_DIVERSION is not set
+CONFIG_ISDN_DIVERSION=m
 
 #
 # ISDN4Linux hardware drivers
@@ -1775,7 +1784,8 @@ CONFIG_SERIAL_8250_RUNTIME_UARTS=4
 #
 # Non-8250 serial port support
 #
-# CONFIG_SERIAL_JSM is not set
+CONFIG_SERIAL_CORE=m
+CONFIG_SERIAL_JSM=m
 CONFIG_UNIX98_PTYS=y
 CONFIG_LEGACY_PTYS=y
 CONFIG_LEGACY_PTY_COUNT=256
@@ -1890,7 +1900,11 @@ CONFIG_HANGCHECK_TIMER=m
 #
 # TPM devices
 #
-# CONFIG_TCG_TPM is not set
+CONFIG_TCG_TPM=m
+CONFIG_TCG_NSC=m
+CONFIG_TCG_ATMEL=m
+CONFIG_TCG_INFINEON=m
+CONFIG_TCG_XEN=m
 CONFIG_TELCLOCK=m
 
 #
@@ -1981,7 +1995,7 @@ CONFIG_W1_DS9490_BRIDGE=m
 CONFIG_W1_THERM=m
 CONFIG_W1_SMEM=m
 CONFIG_W1_DS2433=m
-# CONFIG_W1_DS2433_CRC is not set
+CONFIG_W1_DS2433_CRC=y
 
 #
 # Hardware Monitoring support
@@ -2016,7 +2030,7 @@ CONFIG_SENSORS_MAX1619=m
 CONFIG_SENSORS_PC87360=m
 CONFIG_SENSORS_SIS5595=m
 CONFIG_SENSORS_SMSC47M1=m
-# CONFIG_SENSORS_SMSC47B397 is not set
+CONFIG_SENSORS_SMSC47B397=m
 CONFIG_SENSORS_VIA686A=m
 CONFIG_SENSORS_VT8231=m
 CONFIG_SENSORS_W83781D=m
@@ -2050,7 +2064,7 @@ CONFIG_VIDEO_DEV=m
 #
 # CONFIG_VIDEO_ADV_DEBUG is not set
 CONFIG_VIDEO_BT848=m
-# CONFIG_VIDEO_BT848_DVB is not set
+CONFIG_VIDEO_BT848_DVB=y
 CONFIG_VIDEO_SAA6588=m
 CONFIG_VIDEO_BWQCAM=m
 CONFIG_VIDEO_CQCAM=m
@@ -2069,14 +2083,19 @@ CONFIG_VIDEO_ZORAN_DC30=m
 CONFIG_VIDEO_ZORAN_LML33=m
 CONFIG_VIDEO_ZORAN_LML33R10=m
 CONFIG_VIDEO_MEYE=m
-# CONFIG_VIDEO_SAA7134 is not set
+CONFIG_VIDEO_SAA7134=m
+CONFIG_VIDEO_SAA7134_ALSA=m
+# CONFIG_VIDEO_SAA7134_OSS is not set
+CONFIG_VIDEO_SAA7134_DVB=m
+CONFIG_VIDEO_SAA7134_DVB_ALL_FRONTENDS=y
 CONFIG_VIDEO_MXB=m
 CONFIG_VIDEO_DPC=m
 CONFIG_VIDEO_HEXIUM_ORION=m
 CONFIG_VIDEO_HEXIUM_GEMINI=m
 CONFIG_VIDEO_CX88=m
-# CONFIG_VIDEO_CX88_DVB is not set
 CONFIG_VIDEO_CX88_ALSA=m
+CONFIG_VIDEO_CX88_DVB=m
+CONFIG_VIDEO_CX88_DVB_ALL_FRONTENDS=y
 CONFIG_VIDEO_CX88_VP3054=m
 CONFIG_VIDEO_EM28XX=m
 CONFIG_VIDEO_OVCAMCHIP=m
@@ -2100,7 +2119,7 @@ CONFIG_DVB_CORE=m
 # Supported SAA7146 based PCI Adapters
 #
 CONFIG_DVB_AV7110=m
-# CONFIG_DVB_AV7110_OSD is not set
+CONFIG_DVB_AV7110_OSD=y
 CONFIG_DVB_BUDGET=m
 CONFIG_DVB_BUDGET_CI=m
 CONFIG_DVB_BUDGET_AV=m
@@ -2198,6 +2217,7 @@ CONFIG_VIDEO_SAA7146_VV=m
 CONFIG_VIDEO_VIDEOBUF=m
 CONFIG_VIDEO_TUNER=m
 CONFIG_VIDEO_BUF=m
+CONFIG_VIDEO_BUF_DVB=m
 CONFIG_VIDEO_BTCX=m
 CONFIG_VIDEO_IR=m
 CONFIG_VIDEO_TVEEPROM=m
@@ -2206,9 +2226,9 @@ CONFIG_VIDEO_TVEEPROM=m
 # Graphics support
 #
 CONFIG_FB=y
-CONFIG_FB_CFB_FILLRECT=m
-CONFIG_FB_CFB_COPYAREA=m
-CONFIG_FB_CFB_IMAGEBLIT=m
+CONFIG_FB_CFB_FILLRECT=y
+CONFIG_FB_CFB_COPYAREA=y
+CONFIG_FB_CFB_IMAGEBLIT=y
 # CONFIG_FB_MACMODES is not set
 CONFIG_FB_MODE_HELPERS=y
 CONFIG_FB_TILEBLITTING=y
@@ -2220,7 +2240,7 @@ CONFIG_FB_ARC=m
 # CONFIG_FB_ASILIANT is not set
 # CONFIG_FB_IMSTT is not set
 CONFIG_FB_VGA16=m
-# CONFIG_FB_VESA is not set
+CONFIG_FB_VESA=y
 CONFIG_VIDEO_SELECT=y
 CONFIG_FB_HGA=m
 # CONFIG_FB_HGA_ACCEL is not set
@@ -2237,10 +2257,10 @@ CONFIG_FB_INTEL=m
 CONFIG_FB_MATROX=m
 CONFIG_FB_MATROX_MILLENIUM=y
 CONFIG_FB_MATROX_MYSTIQUE=y
-# CONFIG_FB_MATROX_G is not set
-CONFIG_FB_MATROX_I2C=m
+CONFIG_FB_MATROX_G=y
+# CONFIG_FB_MATROX_I2C is not set
 CONFIG_FB_MATROX_MULTIHEAD=y
-CONFIG_FB_RADEON_OLD=m
+# CONFIG_FB_RADEON_OLD is not set
 CONFIG_FB_RADEON=m
 CONFIG_FB_RADEON_I2C=y
 # CONFIG_FB_RADEON_DEBUG is not set
@@ -2282,7 +2302,11 @@ CONFIG_FONT_8x16=y
 # Logo configuration
 #
 # CONFIG_LOGO is not set
-# CONFIG_BACKLIGHT_LCD_SUPPORT is not set
+CONFIG_BACKLIGHT_LCD_SUPPORT=y
+CONFIG_BACKLIGHT_CLASS_DEVICE=m
+CONFIG_BACKLIGHT_DEVICE=y
+CONFIG_LCD_CLASS_DEVICE=m
+CONFIG_LCD_DEVICE=y
 
 #
 # Sound
@@ -2328,7 +2352,7 @@ CONFIG_SND_MPU401=m
 # PCI devices
 #
 CONFIG_SND_AD1889=m
-# CONFIG_SND_ALS4000 is not set
+CONFIG_SND_ALS4000=m
 CONFIG_SND_ALI5451=m
 CONFIG_SND_ATIIXP=m
 CONFIG_SND_ATIIXP_MODEM=m
@@ -2345,7 +2369,7 @@ CONFIG_SND_CS46XX=m
 CONFIG_SND_CS46XX_NEW_DSP=y
 CONFIG_SND_CS5535AUDIO=m
 CONFIG_SND_EMU10K1=m
-# CONFIG_SND_EMU10K1X is not set
+CONFIG_SND_EMU10K1X=m
 CONFIG_SND_ENS1370=m
 CONFIG_SND_ENS1371=m
 CONFIG_SND_ES1938=m
@@ -2402,7 +2426,7 @@ CONFIG_SOUND_TVMIXER=m
 #
 CONFIG_USB_ARCH_HAS_HCD=y
 CONFIG_USB_ARCH_HAS_OHCI=y
-CONFIG_USB=y
+CONFIG_USB=m
 # CONFIG_USB_DEBUG is not set
 
 #
@@ -2417,7 +2441,7 @@ CONFIG_USB_BANDWIDTH=y
 #
 # USB Host Controller Drivers
 #
-CONFIG_USB_EHCI_HCD=y
+CONFIG_USB_EHCI_HCD=m
 CONFIG_USB_EHCI_SPLIT_ISO=y
 CONFIG_USB_EHCI_ROOT_HUB_TT=y
 CONFIG_USB_ISP116X_HCD=m
@@ -2461,14 +2485,17 @@ CONFIG_USB_LIBUSUAL=y
 CONFIG_USB_HID=m
 CONFIG_USB_HIDINPUT=y
 # CONFIG_USB_HIDINPUT_POWERBOOK is not set
-# CONFIG_HID_FF is not set
+CONFIG_HID_FF=y
+CONFIG_HID_PID=y
+CONFIG_LOGITECH_FF=y
+CONFIG_THRUSTMASTER_FF=y
 CONFIG_USB_HIDDEV=y
 
 #
 # USB HID Boot Protocol drivers
 #
-CONFIG_USB_KBD=m
-CONFIG_USB_MOUSE=m
+# CONFIG_USB_KBD is not set
+# CONFIG_USB_MOUSE is not set
 CONFIG_USB_AIPTEK=m
 CONFIG_USB_WACOM=m
 CONFIG_USB_ACECAD=m
@@ -2493,7 +2520,7 @@ CONFIG_USB_MICROTEK=m
 #
 # USB Multimedia devices
 #
-# CONFIG_USB_DABUSB is not set
+CONFIG_USB_DABUSB=m
 CONFIG_USB_VICAM=m
 CONFIG_USB_DSBR=m
 CONFIG_USB_ET61X251=m
@@ -2554,30 +2581,30 @@ CONFIG_USB_SERIAL_IPAQ=m
 CONFIG_USB_SERIAL_IR=m
 CONFIG_USB_SERIAL_EDGEPORT=m
 CONFIG_USB_SERIAL_EDGEPORT_TI=m
-# CONFIG_USB_SERIAL_GARMIN is not set
+CONFIG_USB_SERIAL_GARMIN=m
 CONFIG_USB_SERIAL_IPW=m
 CONFIG_USB_SERIAL_KEYSPAN_PDA=m
 CONFIG_USB_SERIAL_KEYSPAN=m
-# CONFIG_USB_SERIAL_KEYSPAN_MPR is not set
-# CONFIG_USB_SERIAL_KEYSPAN_USA28 is not set
-# CONFIG_USB_SERIAL_KEYSPAN_USA28X is not set
-# CONFIG_USB_SERIAL_KEYSPAN_USA28XA is not set
-# CONFIG_USB_SERIAL_KEYSPAN_USA28XB is not set
-# CONFIG_USB_SERIAL_KEYSPAN_USA19 is not set
-# CONFIG_USB_SERIAL_KEYSPAN_USA18X is not set
-# CONFIG_USB_SERIAL_KEYSPAN_USA19W is not set
-# CONFIG_USB_SERIAL_KEYSPAN_USA19QW is not set
-# CONFIG_USB_SERIAL_KEYSPAN_USA19QI is not set
-# CONFIG_USB_SERIAL_KEYSPAN_USA49W is not set
-# CONFIG_USB_SERIAL_KEYSPAN_USA49WLC is not set
+CONFIG_USB_SERIAL_KEYSPAN_MPR=y
+CONFIG_USB_SERIAL_KEYSPAN_USA28=y
+CONFIG_USB_SERIAL_KEYSPAN_USA28X=y
+CONFIG_USB_SERIAL_KEYSPAN_USA28XA=y
+CONFIG_USB_SERIAL_KEYSPAN_USA28XB=y
+CONFIG_USB_SERIAL_KEYSPAN_USA19=y
+CONFIG_USB_SERIAL_KEYSPAN_USA18X=y
+CONFIG_USB_SERIAL_KEYSPAN_USA19W=y
+CONFIG_USB_SERIAL_KEYSPAN_USA19QW=y
+CONFIG_USB_SERIAL_KEYSPAN_USA19QI=y
+CONFIG_USB_SERIAL_KEYSPAN_USA49W=y
+CONFIG_USB_SERIAL_KEYSPAN_USA49WLC=y
 CONFIG_USB_SERIAL_KLSI=m
 CONFIG_USB_SERIAL_KOBIL_SCT=m
 CONFIG_USB_SERIAL_MCT_U232=m
 CONFIG_USB_SERIAL_PL2303=m
 CONFIG_USB_SERIAL_HP4X=m
 CONFIG_USB_SERIAL_SAFE=m
-# CONFIG_USB_SERIAL_SAFE_PADDED is not set
-# CONFIG_USB_SERIAL_TI is not set
+CONFIG_USB_SERIAL_SAFE_PADDED=y
+CONFIG_USB_SERIAL_TI=m
 CONFIG_USB_SERIAL_CYBERJACK=m
 CONFIG_USB_SERIAL_XIRCOM=m
 CONFIG_USB_SERIAL_OPTION=m
@@ -2587,8 +2614,8 @@ CONFIG_USB_EZUSB=y
 #
 # USB Miscellaneous drivers
 #
-# CONFIG_USB_EMI62 is not set
-# CONFIG_USB_EMI26 is not set
+CONFIG_USB_EMI62=m
+CONFIG_USB_EMI26=m
 CONFIG_USB_AUERSWALD=m
 CONFIG_USB_RIO500=m
 CONFIG_USB_LEGOTOWER=m
@@ -2597,9 +2624,9 @@ CONFIG_USB_LED=m
 CONFIG_USB_CYTHERM=m
 CONFIG_USB_PHIDGETKIT=m
 CONFIG_USB_PHIDGETSERVO=m
-# CONFIG_USB_IDMOUSE is not set
+CONFIG_USB_IDMOUSE=m
 CONFIG_USB_SISUSBVGA=m
-# CONFIG_USB_SISUSBVGA_CON is not set
+CONFIG_USB_SISUSBVGA_CON=y
 CONFIG_USB_LD=m
 CONFIG_USB_TEST=m
 
@@ -2637,19 +2664,25 @@ CONFIG_USB_G_SERIAL=m
 #
 # MMC/SD Card support
 #
-# CONFIG_MMC is not set
+CONFIG_MMC=m
+# CONFIG_MMC_DEBUG is not set
+CONFIG_MMC_BLOCK=m
+CONFIG_MMC_WBSD=m
 
 #
 # InfiniBand support
 #
-# CONFIG_INFINIBAND is not set
+CONFIG_INFINIBAND=m
+CONFIG_INFINIBAND_USER_MAD=m
+CONFIG_INFINIBAND_USER_ACCESS=m
+CONFIG_INFINIBAND_MTHCA=m
+# CONFIG_INFINIBAND_MTHCA_DEBUG is not set
+CONFIG_INFINIBAND_IPOIB=m
+# CONFIG_INFINIBAND_IPOIB_DEBUG is not set
+CONFIG_INFINIBAND_SRP=m
 
 #
-# SN Devices
-#
-
-#
-# EDAC - error detection and reporting (RAS)
+# EDAC - error detection and reporting (RAS) (EXPERIMENTAL)
 #
 CONFIG_EDAC=m
 
@@ -2685,7 +2718,9 @@ CONFIG_FS_MBCACHE=y
 CONFIG_REISERFS_FS=m
 # CONFIG_REISERFS_CHECK is not set
 # CONFIG_REISERFS_PROC_INFO is not set
-# CONFIG_REISERFS_FS_XATTR is not set
+CONFIG_REISERFS_FS_XATTR=y
+CONFIG_REISERFS_FS_POSIX_ACL=y
+CONFIG_REISERFS_FS_SECURITY=y
 CONFIG_JFS_FS=m
 CONFIG_JFS_POSIX_ACL=y
 # CONFIG_JFS_SECURITY is not set
@@ -2694,7 +2729,7 @@ CONFIG_JFS_STATISTICS=y
 CONFIG_FS_POSIX_ACL=y
 CONFIG_XFS_FS=m
 CONFIG_XFS_EXPORT=y
-# CONFIG_XFS_QUOTA is not set
+CONFIG_XFS_QUOTA=y
 CONFIG_XFS_SECURITY=y
 CONFIG_XFS_POSIX_ACL=y
 CONFIG_XFS_RT=y
@@ -2768,7 +2803,7 @@ CONFIG_JFFS2_FS_WRITEBUFFER=y
 CONFIG_JFFS2_ZLIB=y
 CONFIG_JFFS2_RTIME=y
 # CONFIG_JFFS2_RUBIN is not set
-CONFIG_CRAMFS=y
+CONFIG_CRAMFS=m
 CONFIG_VXFS_FS=m
 CONFIG_HPFS_FS=m
 CONFIG_QNX4FS_FS=m
@@ -2780,27 +2815,32 @@ CONFIG_UFS_FS=m
 #
 CONFIG_NFS_FS=m
 CONFIG_NFS_V3=y
-# CONFIG_NFS_V3_ACL is not set
+CONFIG_NFS_V3_ACL=y
 CONFIG_NFS_V4=y
 CONFIG_NFS_DIRECTIO=y
 CONFIG_NFSD=m
+CONFIG_NFSD_V2_ACL=y
 CONFIG_NFSD_V3=y
-# CONFIG_NFSD_V3_ACL is not set
+CONFIG_NFSD_V3_ACL=y
 CONFIG_NFSD_V4=y
 CONFIG_NFSD_TCP=y
 CONFIG_LOCKD=m
 CONFIG_LOCKD_V4=y
 CONFIG_EXPORTFS=m
+CONFIG_NFS_ACL_SUPPORT=m
 CONFIG_NFS_COMMON=y
 CONFIG_SUNRPC=m
 CONFIG_SUNRPC_GSS=m
 CONFIG_RPCSEC_GSS_KRB5=m
 CONFIG_RPCSEC_GSS_SPKM3=m
 CONFIG_SMB_FS=m
-# CONFIG_SMB_NLS_DEFAULT is not set
+CONFIG_SMB_NLS_DEFAULT=y
+CONFIG_SMB_NLS_REMOTE="cp850"
 CONFIG_CIFS=m
-# CONFIG_CIFS_STATS is not set
-# CONFIG_CIFS_XATTR is not set
+CONFIG_CIFS_STATS=y
+CONFIG_CIFS_STATS2=y
+CONFIG_CIFS_XATTR=y
+# CONFIG_CIFS_POSIX is not set
 # CONFIG_CIFS_EXPERIMENTAL is not set
 CONFIG_NCP_FS=m
 CONFIG_NCPFS_PACKET_SIGNING=y
@@ -2821,20 +2861,14 @@ CONFIG_9P_FS=m
 # Partition Types
 #
 CONFIG_PARTITION_ADVANCED=y
-CONFIG_ACORN_PARTITION=y
-CONFIG_ACORN_PARTITION_CUMANA=y
-# CONFIG_ACORN_PARTITION_EESOX is not set
-CONFIG_ACORN_PARTITION_ICS=y
-# CONFIG_ACORN_PARTITION_ADFS is not set
-# CONFIG_ACORN_PARTITION_POWERTEC is not set
-CONFIG_ACORN_PARTITION_RISCIX=y
+# CONFIG_ACORN_PARTITION is not set
 CONFIG_OSF_PARTITION=y
-CONFIG_AMIGA_PARTITION=y
+# CONFIG_AMIGA_PARTITION is not set
 CONFIG_ATARI_PARTITION=y
 CONFIG_MAC_PARTITION=y
 CONFIG_MSDOS_PARTITION=y
 CONFIG_BSD_DISKLABEL=y
-CONFIG_MINIX_SUBPARTITION=y
+# CONFIG_MINIX_SUBPARTITION is not set
 CONFIG_SOLARIS_X86_PARTITION=y
 CONFIG_UNIXWARE_DISKLABEL=y
 CONFIG_LDM_PARTITION=y
@@ -2849,7 +2883,7 @@ CONFIG_EFI_PARTITION=y
 # Native Language Support
 #
 CONFIG_NLS=y
-CONFIG_NLS_DEFAULT="cp437"
+CONFIG_NLS_DEFAULT="utf8"
 CONFIG_NLS_CODEPAGE_437=m
 CONFIG_NLS_CODEPAGE_737=m
 CONFIG_NLS_CODEPAGE_775=m
@@ -2910,15 +2944,15 @@ CONFIG_DETECT_SOFTLOCKUP=y
 # CONFIG_DEBUG_SPINLOCK_SLEEP is not set
 # CONFIG_DEBUG_KOBJECT is not set
 # CONFIG_DEBUG_HIGHMEM is not set
-# CONFIG_DEBUG_BUGVERBOSE is not set
+CONFIG_DEBUG_BUGVERBOSE=y
 # CONFIG_DEBUG_INFO is not set
 # CONFIG_DEBUG_FS is not set
 # CONFIG_DEBUG_VM is not set
 # CONFIG_FRAME_POINTER is not set
 CONFIG_FORCED_INLINING=y
 # CONFIG_RCU_TORTURE_TEST is not set
-# CONFIG_EARLY_PRINTK is not set
-# CONFIG_DEBUG_STACKOVERFLOW is not set
+CONFIG_EARLY_PRINTK=y
+CONFIG_DEBUG_STACKOVERFLOW=y
 # CONFIG_DEBUG_STACK_USAGE is not set
 # CONFIG_DEBUG_PAGEALLOC is not set
 # CONFIG_DEBUG_RODATA is not set
@@ -2932,10 +2966,12 @@ CONFIG_X86_MPPARSE=y
 CONFIG_KEYS=y
 # CONFIG_KEYS_DEBUG_PROC_KEYS is not set
 CONFIG_SECURITY=y
-# CONFIG_SECURITY_NETWORK is not set
+CONFIG_SECURITY_NETWORK=y
+# CONFIG_SECURITY_NETWORK_XFRM is not set
 CONFIG_SECURITY_CAPABILITIES=y
 CONFIG_SECURITY_ROOTPLUG=m
 CONFIG_SECURITY_SECLVL=m
+# CONFIG_SECURITY_SELINUX is not set
 
 #
 # Cryptographic options
@@ -2972,7 +3008,7 @@ CONFIG_CRYPTO_TEST=m
 #
 # CONFIG_CRYPTO_DEV_PADLOCK is not set
 CONFIG_XEN=y
-CONFIG_NO_IDLE_HZ=y
+CONFIG_XEN_INTERFACE_VERSION=0x00030101
 
 #
 # XEN
@@ -2980,9 +3016,9 @@ CONFIG_NO_IDLE_HZ=y
 CONFIG_XEN_PRIVILEGED_GUEST=y
 # CONFIG_XEN_UNPRIVILEGED_GUEST is not set
 CONFIG_XEN_BACKEND=y
-CONFIG_XEN_PCIDEV_BACKEND=y
-# CONFIG_XEN_PCIDEV_BACKEND_VPCI is not set
-CONFIG_XEN_PCIDEV_BACKEND_PASS=y
+CONFIG_XEN_PCIDEV_BACKEND=m
+CONFIG_XEN_PCIDEV_BACKEND_VPCI=y
+# CONFIG_XEN_PCIDEV_BACKEND_PASS is not set
 # CONFIG_XEN_PCIDEV_BE_DEBUG is not set
 CONFIG_XEN_BLKDEV_BACKEND=y
 # CONFIG_XEN_BLKDEV_TAP_BE is not set
@@ -2993,12 +3029,13 @@ CONFIG_XEN_NETDEV_LOOPBACK=y
 CONFIG_XEN_BLKDEV_FRONTEND=y
 CONFIG_XEN_NETDEV_FRONTEND=y
 # CONFIG_XEN_BLKDEV_TAP is not set
-# CONFIG_XEN_TPMDEV_FRONTEND is not set
+CONFIG_XEN_TPMDEV_FRONTEND=m
 CONFIG_XEN_SCRUB_PAGES=y
 CONFIG_XEN_DISABLE_SERIAL=y
-CONFIG_XEN_SYSFS=m
+CONFIG_XEN_SYSFS=y
 CONFIG_HAVE_ARCH_ALLOC_SKB=y
 CONFIG_HAVE_ARCH_DEV_ALLOC_SKB=y
+CONFIG_NO_IDLE_HZ=y
 
 #
 # Library routines
@@ -3007,7 +3044,7 @@ CONFIG_CRC_CCITT=m
 CONFIG_CRC16=m
 CONFIG_CRC32=y
 CONFIG_LIBCRC32C=m
-CONFIG_ZLIB_INFLATE=y
+CONFIG_ZLIB_INFLATE=m
 CONFIG_ZLIB_DEFLATE=m
 CONFIG_REED_SOLOMON=m
 CONFIG_REED_SOLOMON_DEC16=y
@@ -3021,4 +3058,6 @@ CONFIG_GENERIC_PENDING_IRQ=y
 CONFIG_X86_SMP=y
 CONFIG_X86_BIOS_REBOOT=y
 CONFIG_X86_TRAMPOLINE=y
+CONFIG_X86_NO_TSS=y
+CONFIG_X86_NO_IDT=y
 CONFIG_KTIME_SCALAR=y
diff --git a/buildconfigs/linux-defconfig_xen_x86_64 b/buildconfigs/linux-defconfig_xen_x86_64
index 6ffcd71812..a076efff9d 100644
--- a/buildconfigs/linux-defconfig_xen_x86_64
+++ b/buildconfigs/linux-defconfig_xen_x86_64
@@ -1,7 +1,7 @@
 #
 # Automatically generated make config: don't edit
 # Linux kernel version: 2.6.16-xen
-# Thu Apr 13 15:01:04 2006
+# Thu Apr 20 17:05:48 2006
 #
 CONFIG_X86_64=y
 CONFIG_64BIT=y
@@ -31,16 +31,19 @@ CONFIG_LOCALVERSION=""
 # CONFIG_LOCALVERSION_AUTO is not set
 CONFIG_SWAP=y
 CONFIG_SYSVIPC=y
-# CONFIG_POSIX_MQUEUE is not set
-# CONFIG_BSD_PROCESS_ACCT is not set
+CONFIG_POSIX_MQUEUE=y
+CONFIG_BSD_PROCESS_ACCT=y
+CONFIG_BSD_PROCESS_ACCT_V3=y
 CONFIG_SYSCTL=y
-# CONFIG_AUDIT is not set
-# CONFIG_IKCONFIG is not set
-# CONFIG_CPUSETS is not set
+CONFIG_AUDIT=y
+CONFIG_AUDITSYSCALL=y
+CONFIG_IKCONFIG=y
+CONFIG_IKCONFIG_PROC=y
+CONFIG_CPUSETS=y
 CONFIG_INITRAMFS_SOURCE=""
 CONFIG_UID16=y
 CONFIG_VM86=y
-# CONFIG_CC_OPTIMIZE_FOR_SIZE is not set
+CONFIG_CC_OPTIMIZE_FOR_SIZE=y
 # CONFIG_EMBEDDED is not set
 CONFIG_KALLSYMS=y
 # CONFIG_KALLSYMS_ALL is not set
@@ -68,9 +71,9 @@ CONFIG_OBSOLETE_INTERMODULE=m
 #
 CONFIG_MODULES=y
 CONFIG_MODULE_UNLOAD=y
-# CONFIG_MODULE_FORCE_UNLOAD is not set
+CONFIG_MODULE_FORCE_UNLOAD=y
 CONFIG_OBSOLETE_MODPARM=y
-# CONFIG_MODVERSIONS is not set
+CONFIG_MODVERSIONS=y
 CONFIG_MODULE_SRCVERSION_ALL=y
 CONFIG_KMOD=y
 CONFIG_STOP_MACHINE=y
@@ -87,11 +90,11 @@ CONFIG_IOSCHED_NOOP=y
 CONFIG_IOSCHED_AS=y
 CONFIG_IOSCHED_DEADLINE=y
 CONFIG_IOSCHED_CFQ=y
-CONFIG_DEFAULT_AS=y
+# CONFIG_DEFAULT_AS is not set
 # CONFIG_DEFAULT_DEADLINE is not set
-# CONFIG_DEFAULT_CFQ is not set
+CONFIG_DEFAULT_CFQ=y
 # CONFIG_DEFAULT_NOOP is not set
-CONFIG_DEFAULT_IOSCHED="anticipatory"
+CONFIG_DEFAULT_IOSCHED="cfq"
 
 #
 # Processor type and features
@@ -108,15 +111,15 @@ CONFIG_X86_L1_CACHE_BYTES=128
 CONFIG_X86_L1_CACHE_SHIFT=7
 CONFIG_X86_GOOD_APIC=y
 CONFIG_MICROCODE=y
-# CONFIG_X86_MSR is not set
-# CONFIG_X86_CPUID is not set
+CONFIG_X86_MSR=m
+CONFIG_X86_CPUID=m
 CONFIG_X86_IO_APIC=y
 CONFIG_X86_XEN_GENAPIC=y
 CONFIG_X86_LOCAL_APIC=y
 CONFIG_MTRR=y
 CONFIG_SMP=y
-CONFIG_PREEMPT_NONE=y
-# CONFIG_PREEMPT_VOLUNTARY is not set
+# CONFIG_PREEMPT_NONE is not set
+CONFIG_PREEMPT_VOLUNTARY=y
 # CONFIG_PREEMPT is not set
 CONFIG_PREEMPT_BKL=y
 CONFIG_ARCH_SPARSEMEM_ENABLE=y
@@ -129,7 +132,7 @@ CONFIG_FLATMEM=y
 CONFIG_FLAT_NODE_MEM_MAP=y
 # CONFIG_SPARSEMEM_STATIC is not set
 CONFIG_SPLIT_PTLOCK_CPUS=4096
-CONFIG_NR_CPUS=8
+CONFIG_NR_CPUS=32
 CONFIG_HOTPLUG_CPU=y
 CONFIG_SWIOTLB=y
 # CONFIG_CRASH_DUMP is not set
@@ -226,9 +229,9 @@ CONFIG_HOTPLUG_PCI=m
 # Executable file formats / Emulations
 #
 CONFIG_BINFMT_ELF=y
-CONFIG_BINFMT_MISC=y
+CONFIG_BINFMT_MISC=m
 CONFIG_IA32_EMULATION=y
-# CONFIG_IA32_AOUT is not set
+CONFIG_IA32_AOUT=y
 CONFIG_COMPAT=y
 CONFIG_SYSVIPC_COMPAT=y
 
@@ -245,7 +248,7 @@ CONFIG_PACKET=y
 CONFIG_PACKET_MMAP=y
 CONFIG_UNIX=y
 CONFIG_XFRM=y
-CONFIG_XFRM_USER=y
+CONFIG_XFRM_USER=m
 CONFIG_NET_KEY=m
 CONFIG_INET=y
 CONFIG_IP_MULTICAST=y
@@ -258,7 +261,10 @@ CONFIG_IP_ROUTE_FWMARK=y
 CONFIG_IP_ROUTE_MULTIPATH=y
 # CONFIG_IP_ROUTE_MULTIPATH_CACHED is not set
 CONFIG_IP_ROUTE_VERBOSE=y
-# CONFIG_IP_PNP is not set
+CONFIG_IP_PNP=y
+CONFIG_IP_PNP_DHCP=y
+CONFIG_IP_PNP_BOOTP=y
+CONFIG_IP_PNP_RARP=y
 CONFIG_NET_IPIP=m
 CONFIG_NET_IPGRE=m
 CONFIG_NET_IPGRE_BROADCAST=y
@@ -441,6 +447,11 @@ CONFIG_IP6_NF_TARGET_HL=m
 CONFIG_IP6_NF_RAW=m
 
 #
+# DECnet: Netfilter Configuration
+#
+# CONFIG_DECNET_NF_GRABULATOR is not set
+
+#
 # Bridge: Netfilter Configuration
 #
 CONFIG_BRIDGE_NF_EBTABLES=m
@@ -507,20 +518,23 @@ CONFIG_ATM_BR2684=m
 # CONFIG_ATM_BR2684_IPFILTER is not set
 CONFIG_BRIDGE=m
 CONFIG_VLAN_8021Q=m
-# CONFIG_DECNET is not set
+CONFIG_DECNET=m
+# CONFIG_DECNET_ROUTER is not set
 CONFIG_LLC=y
-# CONFIG_LLC2 is not set
+CONFIG_LLC2=m
 CONFIG_IPX=m
-# CONFIG_IPX_INTERN is not set
+CONFIG_IPX_INTERN=y
 CONFIG_ATALK=m
 CONFIG_DEV_APPLETALK=y
 CONFIG_IPDDP=m
 CONFIG_IPDDP_ENCAP=y
 CONFIG_IPDDP_DECAP=y
-# CONFIG_X25 is not set
-# CONFIG_LAPB is not set
+CONFIG_X25=m
+CONFIG_LAPB=m
 CONFIG_NET_DIVERT=y
-# CONFIG_ECONET is not set
+CONFIG_ECONET=m
+# CONFIG_ECONET_AUNUDP is not set
+# CONFIG_ECONET_NATIVE is not set
 CONFIG_WAN_ROUTER=m
 
 #
@@ -577,8 +591,27 @@ CONFIG_NET_ESTIMATOR=y
 #
 # Network testing
 #
-# CONFIG_NET_PKTGEN is not set
-# CONFIG_HAMRADIO is not set
+CONFIG_NET_PKTGEN=m
+CONFIG_HAMRADIO=y
+
+#
+# Packet Radio protocols
+#
+CONFIG_AX25=m
+CONFIG_AX25_DAMA_SLAVE=y
+CONFIG_NETROM=m
+CONFIG_ROSE=m
+
+#
+# AX.25 network device drivers
+#
+CONFIG_MKISS=m
+CONFIG_6PACK=m
+CONFIG_BPQETHER=m
+CONFIG_BAYCOM_SER_FDX=m
+CONFIG_BAYCOM_SER_HDX=m
+CONFIG_BAYCOM_PAR=m
+CONFIG_YAM=m
 CONFIG_IRDA=m
 
 #
@@ -587,7 +620,7 @@ CONFIG_IRDA=m
 CONFIG_IRLAN=m
 CONFIG_IRNET=m
 CONFIG_IRCOMM=m
-# CONFIG_IRDA_ULTRA is not set
+CONFIG_IRDA_ULTRA=y
 
 #
 # IrDA options
@@ -680,13 +713,14 @@ CONFIG_IEEE80211_CRYPT_TKIP=m
 #
 CONFIG_STANDALONE=y
 CONFIG_PREVENT_FIRMWARE_BUILD=y
-CONFIG_FW_LOADER=y
+CONFIG_FW_LOADER=m
 # CONFIG_DEBUG_DRIVER is not set
 
 #
 # Connector - unified userspace <-> kernelspace linker
 #
-CONFIG_CONNECTOR=m
+CONFIG_CONNECTOR=y
+CONFIG_PROC_EVENTS=y
 
 #
 # Memory Technology Devices (MTD)
@@ -719,7 +753,11 @@ CONFIG_RFD_FTL=m
 CONFIG_MTD_CFI=m
 CONFIG_MTD_JEDECPROBE=m
 CONFIG_MTD_GEN_PROBE=m
-# CONFIG_MTD_CFI_ADV_OPTIONS is not set
+CONFIG_MTD_CFI_ADV_OPTIONS=y
+CONFIG_MTD_CFI_NOSWAP=y
+# CONFIG_MTD_CFI_BE_BYTE_SWAP is not set
+# CONFIG_MTD_CFI_LE_BYTE_SWAP is not set
+# CONFIG_MTD_CFI_GEOMETRY is not set
 CONFIG_MTD_MAP_BANK_WIDTH_1=y
 CONFIG_MTD_MAP_BANK_WIDTH_2=y
 CONFIG_MTD_MAP_BANK_WIDTH_4=y
@@ -730,13 +768,14 @@ CONFIG_MTD_CFI_I1=y
 CONFIG_MTD_CFI_I2=y
 # CONFIG_MTD_CFI_I4 is not set
 # CONFIG_MTD_CFI_I8 is not set
+# CONFIG_MTD_OTP is not set
 CONFIG_MTD_CFI_INTELEXT=m
 CONFIG_MTD_CFI_AMDSTD=m
 CONFIG_MTD_CFI_AMDSTD_RETRY=3
 CONFIG_MTD_CFI_STAA=m
 CONFIG_MTD_CFI_UTIL=m
 CONFIG_MTD_RAM=m
-CONFIG_MTD_ROM=m
+# CONFIG_MTD_ROM is not set
 CONFIG_MTD_ABSENT=m
 # CONFIG_MTD_OBSOLETE_CHIPS is not set
 
@@ -744,7 +783,10 @@ CONFIG_MTD_ABSENT=m
 # Mapping drivers for chip access
 #
 CONFIG_MTD_COMPLEX_MAPPINGS=y
-# CONFIG_MTD_PHYSMAP is not set
+CONFIG_MTD_PHYSMAP=m
+CONFIG_MTD_PHYSMAP_START=0x8000000
+CONFIG_MTD_PHYSMAP_LEN=0x4000000
+CONFIG_MTD_PHYSMAP_BANKWIDTH=2
 # CONFIG_MTD_PNC2000 is not set
 CONFIG_MTD_SC520CDP=m
 CONFIG_MTD_NETSC520=m
@@ -779,12 +821,14 @@ CONFIG_MTD_BLOCK2MTD=m
 # Disk-On-Chip Device Drivers
 #
 CONFIG_MTD_DOC2000=m
-# CONFIG_MTD_DOC2001 is not set
+CONFIG_MTD_DOC2001=m
 CONFIG_MTD_DOC2001PLUS=m
 CONFIG_MTD_DOCPROBE=m
 CONFIG_MTD_DOCECC=m
-# CONFIG_MTD_DOCPROBE_ADVANCED is not set
-CONFIG_MTD_DOCPROBE_ADDRESS=0
+CONFIG_MTD_DOCPROBE_ADVANCED=y
+CONFIG_MTD_DOCPROBE_ADDRESS=0x0000
+CONFIG_MTD_DOCPROBE_HIGH=y
+CONFIG_MTD_DOCPROBE_55AA=y
 
 #
 # NAND Flash Device Drivers
@@ -792,8 +836,11 @@ CONFIG_MTD_DOCPROBE_ADDRESS=0
 CONFIG_MTD_NAND=m
 # CONFIG_MTD_NAND_VERIFY_WRITE is not set
 CONFIG_MTD_NAND_IDS=m
-# CONFIG_MTD_NAND_DISKONCHIP is not set
-# CONFIG_MTD_NAND_NANDSIM is not set
+CONFIG_MTD_NAND_DISKONCHIP=m
+# CONFIG_MTD_NAND_DISKONCHIP_PROBE_ADVANCED is not set
+CONFIG_MTD_NAND_DISKONCHIP_PROBE_ADDRESS=0
+CONFIG_MTD_NAND_DISKONCHIP_BBTWRITE=y
+CONFIG_MTD_NAND_NANDSIM=y
 
 #
 # OneNAND Flash Device Drivers
@@ -864,7 +911,7 @@ CONFIG_CISS_SCSI_TAPE=y
 CONFIG_BLK_DEV_DAC960=m
 CONFIG_BLK_DEV_UMEM=m
 # CONFIG_BLK_DEV_COW_COMMON is not set
-CONFIG_BLK_DEV_LOOP=m
+CONFIG_BLK_DEV_LOOP=y
 CONFIG_BLK_DEV_CRYPTOLOOP=m
 CONFIG_BLK_DEV_NBD=m
 CONFIG_BLK_DEV_SX8=m
@@ -889,58 +936,58 @@ CONFIG_BLK_DEV_IDE=y
 #
 # CONFIG_BLK_DEV_IDE_SATA is not set
 # CONFIG_BLK_DEV_HD_IDE is not set
-CONFIG_BLK_DEV_IDEDISK=y
+CONFIG_BLK_DEV_IDEDISK=m
 CONFIG_IDEDISK_MULTI_MODE=y
 # CONFIG_BLK_DEV_IDECS is not set
-CONFIG_BLK_DEV_IDECD=y
-# CONFIG_BLK_DEV_IDETAPE is not set
-CONFIG_BLK_DEV_IDEFLOPPY=y
+CONFIG_BLK_DEV_IDECD=m
+CONFIG_BLK_DEV_IDETAPE=m
+CONFIG_BLK_DEV_IDEFLOPPY=m
 CONFIG_BLK_DEV_IDESCSI=m
 # CONFIG_IDE_TASK_IOCTL is not set
 
 #
 # IDE chipset support/bugfixes
 #
-CONFIG_IDE_GENERIC=y
+CONFIG_IDE_GENERIC=m
 CONFIG_BLK_DEV_CMD640=y
 CONFIG_BLK_DEV_CMD640_ENHANCED=y
 CONFIG_BLK_DEV_IDEPNP=y
 CONFIG_BLK_DEV_IDEPCI=y
 CONFIG_IDEPCI_SHARE_IRQ=y
-# CONFIG_BLK_DEV_OFFBOARD is not set
+CONFIG_BLK_DEV_OFFBOARD=y
 CONFIG_BLK_DEV_GENERIC=y
 # CONFIG_BLK_DEV_OPTI621 is not set
-CONFIG_BLK_DEV_RZ1000=y
+CONFIG_BLK_DEV_RZ1000=m
 CONFIG_BLK_DEV_IDEDMA_PCI=y
 # CONFIG_BLK_DEV_IDEDMA_FORCED is not set
 CONFIG_IDEDMA_PCI_AUTO=y
 # CONFIG_IDEDMA_ONLYDISK is not set
-CONFIG_BLK_DEV_AEC62XX=y
-CONFIG_BLK_DEV_ALI15X3=y
+CONFIG_BLK_DEV_AEC62XX=m
+CONFIG_BLK_DEV_ALI15X3=m
 # CONFIG_WDC_ALI15X3 is not set
-CONFIG_BLK_DEV_AMD74XX=y
-CONFIG_BLK_DEV_ATIIXP=y
-CONFIG_BLK_DEV_CMD64X=y
-CONFIG_BLK_DEV_TRIFLEX=y
-CONFIG_BLK_DEV_CY82C693=y
-CONFIG_BLK_DEV_CS5520=y
-CONFIG_BLK_DEV_CS5530=y
-CONFIG_BLK_DEV_HPT34X=y
-# CONFIG_HPT34X_AUTODMA is not set
-CONFIG_BLK_DEV_HPT366=y
-# CONFIG_BLK_DEV_SC1200 is not set
-CONFIG_BLK_DEV_PIIX=y
+CONFIG_BLK_DEV_AMD74XX=m
+CONFIG_BLK_DEV_ATIIXP=m
+CONFIG_BLK_DEV_CMD64X=m
+CONFIG_BLK_DEV_TRIFLEX=m
+CONFIG_BLK_DEV_CY82C693=m
+CONFIG_BLK_DEV_CS5520=m
+CONFIG_BLK_DEV_CS5530=m
+CONFIG_BLK_DEV_HPT34X=m
+CONFIG_HPT34X_AUTODMA=y
+CONFIG_BLK_DEV_HPT366=m
+CONFIG_BLK_DEV_SC1200=m
+CONFIG_BLK_DEV_PIIX=m
 CONFIG_BLK_DEV_IT821X=m
-# CONFIG_BLK_DEV_NS87415 is not set
-CONFIG_BLK_DEV_PDC202XX_OLD=y
-# CONFIG_PDC202XX_BURST is not set
-CONFIG_BLK_DEV_PDC202XX_NEW=y
-CONFIG_BLK_DEV_SVWKS=y
-CONFIG_BLK_DEV_SIIMAGE=y
-CONFIG_BLK_DEV_SIS5513=y
-CONFIG_BLK_DEV_SLC90E66=y
+CONFIG_BLK_DEV_NS87415=m
+CONFIG_BLK_DEV_PDC202XX_OLD=m
+CONFIG_PDC202XX_BURST=y
+CONFIG_BLK_DEV_PDC202XX_NEW=m
+CONFIG_BLK_DEV_SVWKS=m
+CONFIG_BLK_DEV_SIIMAGE=m
+CONFIG_BLK_DEV_SIS5513=m
+CONFIG_BLK_DEV_SLC90E66=m
 # CONFIG_BLK_DEV_TRM290 is not set
-CONFIG_BLK_DEV_VIA82CXXX=y
+CONFIG_BLK_DEV_VIA82CXXX=m
 # CONFIG_IDE_ARM is not set
 CONFIG_BLK_DEV_IDEDMA=y
 # CONFIG_IDEDMA_IVB is not set
@@ -951,13 +998,13 @@ CONFIG_IDEDMA_AUTO=y
 # SCSI device support
 #
 CONFIG_RAID_ATTRS=m
-CONFIG_SCSI=y
+CONFIG_SCSI=m
 CONFIG_SCSI_PROC_FS=y
 
 #
 # SCSI support type (disk, tape, CD-ROM)
 #
-CONFIG_BLK_DEV_SD=y
+CONFIG_BLK_DEV_SD=m
 CONFIG_CHR_DEV_ST=m
 CONFIG_CHR_DEV_OSST=m
 CONFIG_BLK_DEV_SR=m
@@ -1007,10 +1054,10 @@ CONFIG_MEGARAID_MM=m
 CONFIG_MEGARAID_MAILBOX=m
 CONFIG_MEGARAID_LEGACY=m
 CONFIG_MEGARAID_SAS=m
-CONFIG_SCSI_SATA=y
+CONFIG_SCSI_SATA=m
 CONFIG_SCSI_SATA_AHCI=m
 CONFIG_SCSI_SATA_SVW=m
-CONFIG_SCSI_ATA_PIIX=y
+CONFIG_SCSI_ATA_PIIX=m
 CONFIG_SCSI_SATA_MV=m
 CONFIG_SCSI_SATA_NV=m
 CONFIG_SCSI_PDC_ADMA=m
@@ -1026,9 +1073,12 @@ CONFIG_SCSI_SATA_VITESSE=m
 CONFIG_SCSI_SATA_INTEL_COMBINED=y
 CONFIG_SCSI_BUSLOGIC=m
 # CONFIG_SCSI_OMIT_FLASHPOINT is not set
-# CONFIG_SCSI_DMX3191D is not set
-# CONFIG_SCSI_EATA is not set
-# CONFIG_SCSI_FUTURE_DOMAIN is not set
+CONFIG_SCSI_DMX3191D=m
+CONFIG_SCSI_EATA=m
+CONFIG_SCSI_EATA_TAGGED_QUEUE=y
+CONFIG_SCSI_EATA_LINKED_COMMANDS=y
+CONFIG_SCSI_EATA_MAX_TAGS=16
+CONFIG_SCSI_FUTURE_DOMAIN=m
 CONFIG_SCSI_GDTH=m
 CONFIG_SCSI_IPS=m
 CONFIG_SCSI_INITIO=m
@@ -1043,7 +1093,8 @@ CONFIG_SCSI_SYM53C8XX_DEFAULT_TAGS=16
 CONFIG_SCSI_SYM53C8XX_MAX_TAGS=64
 # CONFIG_SCSI_SYM53C8XX_IOMAPPED is not set
 # CONFIG_SCSI_IPR is not set
-# CONFIG_SCSI_QLOGIC_FC is not set
+CONFIG_SCSI_QLOGIC_FC=m
+CONFIG_SCSI_QLOGIC_FC_FIRMWARE=y
 CONFIG_SCSI_QLOGIC_1280=m
 CONFIG_SCSI_QLA_FC=m
 # CONFIG_SCSI_QLA2XXX_EMBEDDED_FIRMWARE is not set
@@ -1148,7 +1199,15 @@ CONFIG_NET_SB1000=m
 #
 # ARCnet devices
 #
-# CONFIG_ARCNET is not set
+CONFIG_ARCNET=m
+CONFIG_ARCNET_1201=m
+CONFIG_ARCNET_1051=m
+CONFIG_ARCNET_RAW=m
+CONFIG_ARCNET_CAP=m
+CONFIG_ARCNET_COM90xx=m
+CONFIG_ARCNET_COM90xxIO=m
+CONFIG_ARCNET_RIM_I=m
+# CONFIG_ARCNET_COM20020 is not set
 
 #
 # PHY device support
@@ -1183,21 +1242,22 @@ CONFIG_NET_TULIP=y
 CONFIG_DE2104X=m
 CONFIG_TULIP=m
 # CONFIG_TULIP_MWI is not set
-CONFIG_TULIP_MMIO=y
-# CONFIG_TULIP_NAPI is not set
+# CONFIG_TULIP_MMIO is not set
+CONFIG_TULIP_NAPI=y
+CONFIG_TULIP_NAPI_HW_MITIGATION=y
 CONFIG_DE4X5=m
 CONFIG_WINBOND_840=m
 CONFIG_DM9102=m
 CONFIG_ULI526X=m
-# CONFIG_PCMCIA_XIRCOM is not set
-# CONFIG_HP100 is not set
+CONFIG_PCMCIA_XIRCOM=m
+CONFIG_HP100=m
 CONFIG_NET_PCI=y
 CONFIG_PCNET32=m
 CONFIG_AMD8111_ETH=m
 CONFIG_AMD8111E_NAPI=y
 CONFIG_ADAPTEC_STARFIRE=m
 CONFIG_ADAPTEC_STARFIRE_NAPI=y
-# CONFIG_B44 is not set
+CONFIG_B44=m
 CONFIG_FORCEDETH=m
 CONFIG_DGRS=m
 CONFIG_EEPRO100=m
@@ -1207,7 +1267,7 @@ CONFIG_NATSEMI=m
 CONFIG_NE2K_PCI=m
 CONFIG_8139CP=m
 CONFIG_8139TOO=m
-CONFIG_8139TOO_PIO=y
+# CONFIG_8139TOO_PIO is not set
 # CONFIG_8139TOO_TUNE_TWISTER is not set
 CONFIG_8139TOO_8129=y
 # CONFIG_8139_OLD_RX_RESET is not set
@@ -1216,11 +1276,8 @@ CONFIG_EPIC100=m
 CONFIG_SUNDANCE=m
 # CONFIG_SUNDANCE_MMIO is not set
 CONFIG_VIA_RHINE=m
-CONFIG_VIA_RHINE_MMIO=y
-CONFIG_NET_POCKET=y
-CONFIG_ATP=m
-CONFIG_DE600=m
-CONFIG_DE620=m
+# CONFIG_VIA_RHINE_MMIO is not set
+# CONFIG_NET_POCKET is not set
 
 #
 # Ethernet (1000 Mbit)
@@ -1272,14 +1329,14 @@ CONFIG_NET_RADIO=y
 #
 # Obsolete Wireless cards support (pre-802.11)
 #
-# CONFIG_STRIP is not set
-# CONFIG_PCMCIA_WAVELAN is not set
-# CONFIG_PCMCIA_NETWAVE is not set
+CONFIG_STRIP=m
+CONFIG_PCMCIA_WAVELAN=m
+CONFIG_PCMCIA_NETWAVE=m
 
 #
 # Wireless 802.11 Frequency Hopping cards support
 #
-# CONFIG_PCMCIA_RAYCS is not set
+CONFIG_PCMCIA_RAYCS=m
 
 #
 # Wireless 802.11b ISA/PCI cards support
@@ -1312,7 +1369,8 @@ CONFIG_PCI_ATMEL=m
 #
 CONFIG_PRISM54=m
 CONFIG_HOSTAP=m
-# CONFIG_HOSTAP_FIRMWARE is not set
+CONFIG_HOSTAP_FIRMWARE=y
+CONFIG_HOSTAP_FIRMWARE_NVRAM=y
 CONFIG_HOSTAP_PLX=m
 CONFIG_HOSTAP_PCI=m
 # CONFIG_HOSTAP_CS is not set
@@ -1354,7 +1412,9 @@ CONFIG_ATM_HE=m
 CONFIG_FDDI=y
 # CONFIG_DEFXX is not set
 CONFIG_SKFP=m
-# CONFIG_HIPPI is not set
+CONFIG_HIPPI=y
+CONFIG_ROADRUNNER=m
+CONFIG_ROADRUNNER_LARGE_RINGS=y
 CONFIG_PLIP=m
 CONFIG_PPP=m
 CONFIG_PPP_MULTILINK=y
@@ -1362,19 +1422,19 @@ CONFIG_PPP_FILTER=y
 CONFIG_PPP_ASYNC=m
 CONFIG_PPP_SYNC_TTY=m
 CONFIG_PPP_DEFLATE=m
-# CONFIG_PPP_BSDCOMP is not set
+CONFIG_PPP_BSDCOMP=m
 CONFIG_PPP_MPPE=m
 CONFIG_PPPOE=m
 CONFIG_PPPOATM=m
 CONFIG_SLIP=m
 CONFIG_SLIP_COMPRESSED=y
 CONFIG_SLIP_SMART=y
-# CONFIG_SLIP_MODE_SLIP6 is not set
+CONFIG_SLIP_MODE_SLIP6=y
 CONFIG_NET_FC=y
-# CONFIG_SHAPER is not set
+CONFIG_SHAPER=m
 CONFIG_NETCONSOLE=m
 CONFIG_NETPOLL=y
-# CONFIG_NETPOLL_RX is not set
+CONFIG_NETPOLL_RX=y
 CONFIG_NETPOLL_TRAP=y
 CONFIG_NET_POLL_CONTROLLER=y
 
@@ -1391,9 +1451,10 @@ CONFIG_ISDN_PPP=y
 CONFIG_ISDN_PPP_VJ=y
 CONFIG_ISDN_MPP=y
 CONFIG_IPPP_FILTER=y
-# CONFIG_ISDN_PPP_BSDCOMP is not set
+CONFIG_ISDN_PPP_BSDCOMP=m
 CONFIG_ISDN_AUDIO=y
 CONFIG_ISDN_TTY_FAX=y
+CONFIG_ISDN_X25=y
 
 #
 # ISDN feature submodules
@@ -1499,7 +1560,9 @@ CONFIG_ISDN_DRV_AVMB1_C4=m
 #
 # Telephony Support
 #
-# CONFIG_PHONE is not set
+CONFIG_PHONE=m
+CONFIG_PHONE_IXJ=m
+CONFIG_PHONE_IXJ_PCMCIA=m
 
 #
 # Input device support
@@ -1510,11 +1573,13 @@ CONFIG_INPUT=y
 # Userland interfaces
 #
 CONFIG_INPUT_MOUSEDEV=y
-# CONFIG_INPUT_MOUSEDEV_PSAUX is not set
+CONFIG_INPUT_MOUSEDEV_PSAUX=y
 CONFIG_INPUT_MOUSEDEV_SCREEN_X=1024
 CONFIG_INPUT_MOUSEDEV_SCREEN_Y=768
 CONFIG_INPUT_JOYDEV=m
-# CONFIG_INPUT_TSDEV is not set
+CONFIG_INPUT_TSDEV=m
+CONFIG_INPUT_TSDEV_SCREEN_X=240
+CONFIG_INPUT_TSDEV_SCREEN_Y=320
 CONFIG_INPUT_EVDEV=y
 # CONFIG_INPUT_EVBUG is not set
 
@@ -1523,14 +1588,14 @@ CONFIG_INPUT_EVDEV=y
 #
 CONFIG_INPUT_KEYBOARD=y
 CONFIG_KEYBOARD_ATKBD=y
-# CONFIG_KEYBOARD_SUNKBD is not set
+CONFIG_KEYBOARD_SUNKBD=m
 # CONFIG_KEYBOARD_LKKBD is not set
-# CONFIG_KEYBOARD_XTKBD is not set
-# CONFIG_KEYBOARD_NEWTON is not set
+CONFIG_KEYBOARD_XTKBD=m
+CONFIG_KEYBOARD_NEWTON=m
 CONFIG_INPUT_MOUSE=y
 CONFIG_MOUSE_PS2=y
 CONFIG_MOUSE_SERIAL=m
-CONFIG_MOUSE_VSXXXAA=m
+# CONFIG_MOUSE_VSXXXAA is not set
 CONFIG_INPUT_JOYSTICK=y
 CONFIG_JOYSTICK_ANALOG=m
 CONFIG_JOYSTICK_A3D=m
@@ -1571,12 +1636,12 @@ CONFIG_INPUT_UINPUT=m
 #
 CONFIG_SERIO=y
 CONFIG_SERIO_I8042=y
-CONFIG_SERIO_SERPORT=y
-# CONFIG_SERIO_CT82C710 is not set
-# CONFIG_SERIO_PARKBD is not set
-# CONFIG_SERIO_PCIPS2 is not set
+CONFIG_SERIO_SERPORT=m
+CONFIG_SERIO_CT82C710=m
+CONFIG_SERIO_PARKBD=m
+CONFIG_SERIO_PCIPS2=m
 CONFIG_SERIO_LIBPS2=y
-# CONFIG_SERIO_RAW is not set
+CONFIG_SERIO_RAW=m
 CONFIG_GAMEPORT=m
 CONFIG_GAMEPORT_NS558=m
 CONFIG_GAMEPORT_L4=m
@@ -1600,7 +1665,8 @@ CONFIG_HW_CONSOLE=y
 #
 # CONFIG_SERIAL_JSM is not set
 CONFIG_UNIX98_PTYS=y
-# CONFIG_LEGACY_PTYS is not set
+CONFIG_LEGACY_PTYS=y
+CONFIG_LEGACY_PTY_COUNT=64
 CONFIG_PRINTER=m
 CONFIG_LP_CONSOLE=y
 CONFIG_PPDEV=m
@@ -1610,7 +1676,8 @@ CONFIG_TIPAR=m
 # IPMI
 #
 CONFIG_IPMI_HANDLER=m
-# CONFIG_IPMI_PANIC_EVENT is not set
+CONFIG_IPMI_PANIC_EVENT=y
+# CONFIG_IPMI_PANIC_STRING is not set
 CONFIG_IPMI_DEVICE_INTERFACE=m
 CONFIG_IPMI_SI=m
 CONFIG_IPMI_WATCHDOG=m
@@ -1638,7 +1705,7 @@ CONFIG_WAFER_WDT=m
 CONFIG_I6300ESB_WDT=m
 CONFIG_I8XX_TCO=m
 CONFIG_SC1200_WDT=m
-# CONFIG_60XX_WDT is not set
+CONFIG_60XX_WDT=m
 CONFIG_SBC8360_WDT=m
 CONFIG_CPU5_WDT=m
 CONFIG_W83627HF_WDT=m
@@ -1659,21 +1726,27 @@ CONFIG_WDT_501_PCI=y
 #
 CONFIG_USBPCWATCHDOG=m
 CONFIG_HW_RANDOM=m
-# CONFIG_NVRAM is not set
+CONFIG_NVRAM=y
 CONFIG_RTC=y
 CONFIG_DTLK=m
 CONFIG_R3964=m
-# CONFIG_APPLICOM is not set
+CONFIG_APPLICOM=m
 
 #
 # Ftape, the floppy tape device driver
 #
-# CONFIG_AGP is not set
+CONFIG_AGP=m
+CONFIG_AGP_AMD64=m
+CONFIG_AGP_INTEL=m
 CONFIG_DRM=m
 CONFIG_DRM_TDFX=m
 CONFIG_DRM_R128=m
 CONFIG_DRM_RADEON=m
+CONFIG_DRM_I810=m
+# CONFIG_DRM_I830 is not set
+CONFIG_DRM_I915=m
 CONFIG_DRM_MGA=m
+# CONFIG_DRM_SIS is not set
 CONFIG_DRM_VIA=m
 CONFIG_DRM_SAVAGE=m
 
@@ -1691,7 +1764,11 @@ CONFIG_HANGCHECK_TIMER=m
 #
 # TPM devices
 #
-# CONFIG_TCG_TPM is not set
+CONFIG_TCG_TPM=m
+CONFIG_TCG_NSC=m
+CONFIG_TCG_ATMEL=m
+CONFIG_TCG_INFINEON=m
+CONFIG_TCG_XEN=m
 CONFIG_TELCLOCK=m
 
 #
@@ -1710,24 +1787,24 @@ CONFIG_I2C_ALGOPCA=m
 #
 # I2C Hardware Bus support
 #
-# CONFIG_I2C_ALI1535 is not set
-# CONFIG_I2C_ALI1563 is not set
-# CONFIG_I2C_ALI15X3 is not set
+CONFIG_I2C_ALI1535=m
+CONFIG_I2C_ALI1563=m
+CONFIG_I2C_ALI15X3=m
 CONFIG_I2C_AMD756=m
 CONFIG_I2C_AMD756_S4882=m
 CONFIG_I2C_AMD8111=m
-# CONFIG_I2C_I801 is not set
-# CONFIG_I2C_I810 is not set
-# CONFIG_I2C_PIIX4 is not set
+CONFIG_I2C_I801=m
+CONFIG_I2C_I810=m
+CONFIG_I2C_PIIX4=m
 CONFIG_I2C_ISA=m
 CONFIG_I2C_NFORCE2=m
-# CONFIG_I2C_PARPORT is not set
-# CONFIG_I2C_PARPORT_LIGHT is not set
+CONFIG_I2C_PARPORT=m
+CONFIG_I2C_PARPORT_LIGHT=m
 CONFIG_I2C_PROSAVAGE=m
 CONFIG_I2C_SAVAGE4=m
-# CONFIG_SCx200_ACB is not set
-# CONFIG_I2C_SIS5595 is not set
-# CONFIG_I2C_SIS630 is not set
+CONFIG_SCx200_ACB=m
+CONFIG_I2C_SIS5595=m
+CONFIG_I2C_SIS630=m
 CONFIG_I2C_SIS96X=m
 CONFIG_I2C_STUB=m
 CONFIG_I2C_VIA=m
@@ -1779,7 +1856,7 @@ CONFIG_W1_DS9490_BRIDGE=m
 CONFIG_W1_THERM=m
 CONFIG_W1_SMEM=m
 CONFIG_W1_DS2433=m
-# CONFIG_W1_DS2433_CRC is not set
+CONFIG_W1_DS2433_CRC=y
 
 #
 # Hardware Monitoring support
@@ -1828,7 +1905,7 @@ CONFIG_SENSORS_HDAPS=m
 #
 # Misc devices
 #
-# CONFIG_IBM_ASM is not set
+CONFIG_IBM_ASM=m
 
 #
 # Multimedia Capabilities Port drivers
@@ -1848,7 +1925,7 @@ CONFIG_VIDEO_DEV=m
 #
 # CONFIG_VIDEO_ADV_DEBUG is not set
 CONFIG_VIDEO_BT848=m
-# CONFIG_VIDEO_BT848_DVB is not set
+CONFIG_VIDEO_BT848_DVB=y
 CONFIG_VIDEO_SAA6588=m
 CONFIG_VIDEO_BWQCAM=m
 CONFIG_VIDEO_CQCAM=m
@@ -2021,18 +2098,20 @@ CONFIG_FB_MODE_HELPERS=y
 CONFIG_FB_TILEBLITTING=y
 CONFIG_FB_CIRRUS=m
 # CONFIG_FB_PM2 is not set
-# CONFIG_FB_CYBER2000 is not set
+CONFIG_FB_CYBER2000=m
 CONFIG_FB_ARC=m
 # CONFIG_FB_ASILIANT is not set
 # CONFIG_FB_IMSTT is not set
 CONFIG_FB_VGA16=m
 CONFIG_FB_VESA=y
 CONFIG_VIDEO_SELECT=y
-# CONFIG_FB_HGA is not set
-# CONFIG_FB_S1D13XXX is not set
-# CONFIG_FB_NVIDIA is not set
+CONFIG_FB_HGA=m
+CONFIG_FB_HGA_ACCEL=y
+CONFIG_FB_S1D13XXX=m
+CONFIG_FB_NVIDIA=m
+CONFIG_FB_NVIDIA_I2C=y
 CONFIG_FB_RIVA=m
-# CONFIG_FB_RIVA_I2C is not set
+CONFIG_FB_RIVA_I2C=y
 # CONFIG_FB_RIVA_DEBUG is not set
 CONFIG_FB_MATROX=m
 CONFIG_FB_MATROX_MILLENIUM=y
@@ -2053,7 +2132,9 @@ CONFIG_FB_ATY_GX=y
 CONFIG_FB_SAVAGE=m
 CONFIG_FB_SAVAGE_I2C=y
 CONFIG_FB_SAVAGE_ACCEL=y
-# CONFIG_FB_SIS is not set
+CONFIG_FB_SIS=m
+CONFIG_FB_SIS_300=y
+CONFIG_FB_SIS_315=y
 CONFIG_FB_NEOMAGIC=m
 CONFIG_FB_KYRO=m
 CONFIG_FB_3DFX=m
@@ -2061,8 +2142,9 @@ CONFIG_FB_3DFX_ACCEL=y
 CONFIG_FB_VOODOO1=m
 CONFIG_FB_TRIDENT=m
 CONFIG_FB_TRIDENT_ACCEL=y
-# CONFIG_FB_GEODE is not set
-# CONFIG_FB_VIRTUAL is not set
+CONFIG_FB_GEODE=y
+CONFIG_FB_GEODE_GX1=m
+CONFIG_FB_VIRTUAL=m
 
 #
 # Console display driver support
@@ -2070,7 +2152,7 @@ CONFIG_FB_TRIDENT_ACCEL=y
 CONFIG_VGA_CONSOLE=y
 CONFIG_DUMMY_CONSOLE=y
 CONFIG_FRAMEBUFFER_CONSOLE=y
-# CONFIG_FRAMEBUFFER_CONSOLE_ROTATION is not set
+CONFIG_FRAMEBUFFER_CONSOLE_ROTATION=y
 # CONFIG_FONTS is not set
 CONFIG_FONT_8x8=y
 CONFIG_FONT_8x16=y
@@ -2109,7 +2191,7 @@ CONFIG_SND_PCM_OSS=m
 CONFIG_SND_SEQUENCER_OSS=y
 CONFIG_SND_RTCTIMER=m
 CONFIG_SND_SEQ_RTCTIMER_DEFAULT=y
-# CONFIG_SND_DYNAMIC_MINORS is not set
+CONFIG_SND_DYNAMIC_MINORS=y
 CONFIG_SND_SUPPORT_OLD_API=y
 # CONFIG_SND_VERBOSE_PRINTK is not set
 # CONFIG_SND_DEBUG is not set
@@ -2125,7 +2207,7 @@ CONFIG_SND_AC97_BUS=m
 CONFIG_SND_DUMMY=m
 CONFIG_SND_VIRMIDI=m
 CONFIG_SND_MTPAV=m
-# CONFIG_SND_SERIAL_U16550 is not set
+CONFIG_SND_SERIAL_U16550=m
 CONFIG_SND_MPU401=m
 
 #
@@ -2197,7 +2279,7 @@ CONFIG_SND_USB_USX2Y=m
 #
 CONFIG_USB_ARCH_HAS_HCD=y
 CONFIG_USB_ARCH_HAS_OHCI=y
-CONFIG_USB=y
+CONFIG_USB=m
 # CONFIG_USB_DEBUG is not set
 
 #
@@ -2253,7 +2335,7 @@ CONFIG_USB_STORAGE_JUMPSHOT=y
 #
 # USB Input Devices
 #
-CONFIG_USB_HID=y
+CONFIG_USB_HID=m
 CONFIG_USB_HIDINPUT=y
 # CONFIG_USB_HIDINPUT_POWERBOOK is not set
 CONFIG_HID_FF=y
@@ -2261,6 +2343,12 @@ CONFIG_HID_PID=y
 CONFIG_LOGITECH_FF=y
 CONFIG_THRUSTMASTER_FF=y
 CONFIG_USB_HIDDEV=y
+
+#
+# USB HID Boot Protocol drivers
+#
+CONFIG_USB_KBD=m
+CONFIG_USB_MOUSE=m
 CONFIG_USB_AIPTEK=m
 CONFIG_USB_WACOM=m
 CONFIG_USB_ACECAD=m
@@ -2317,7 +2405,7 @@ CONFIG_USB_ALI_M5632=y
 CONFIG_USB_AN2720=y
 CONFIG_USB_BELKIN=y
 CONFIG_USB_ARMLINUX=y
-# CONFIG_USB_EPSON2888 is not set
+CONFIG_USB_EPSON2888=y
 CONFIG_USB_NET_ZAURUS=m
 CONFIG_USB_ZD1201=m
 CONFIG_USB_MON=y
@@ -2380,18 +2468,18 @@ CONFIG_USB_EZUSB=y
 # USB Miscellaneous drivers
 #
 CONFIG_USB_EMI62=m
-# CONFIG_USB_EMI26 is not set
+CONFIG_USB_EMI26=m
 CONFIG_USB_AUERSWALD=m
 CONFIG_USB_RIO500=m
 CONFIG_USB_LEGOTOWER=m
 CONFIG_USB_LCD=m
 CONFIG_USB_LED=m
-# CONFIG_USB_CYTHERM is not set
+CONFIG_USB_CYTHERM=m
 CONFIG_USB_PHIDGETKIT=m
 CONFIG_USB_PHIDGETSERVO=m
 CONFIG_USB_IDMOUSE=m
 CONFIG_USB_SISUSBVGA=m
-# CONFIG_USB_SISUSBVGA_CON is not set
+CONFIG_USB_SISUSBVGA_CON=y
 CONFIG_USB_LD=m
 CONFIG_USB_TEST=m
 
@@ -2482,17 +2570,17 @@ CONFIG_JFS_SECURITY=y
 CONFIG_FS_POSIX_ACL=y
 CONFIG_XFS_FS=m
 CONFIG_XFS_EXPORT=y
-# CONFIG_XFS_QUOTA is not set
+CONFIG_XFS_QUOTA=y
 CONFIG_XFS_SECURITY=y
 CONFIG_XFS_POSIX_ACL=y
-# CONFIG_XFS_RT is not set
+CONFIG_XFS_RT=y
 CONFIG_OCFS2_FS=m
 CONFIG_MINIX_FS=m
 CONFIG_ROMFS_FS=m
 CONFIG_INOTIFY=y
 CONFIG_QUOTA=y
 # CONFIG_QFMT_V1 is not set
-CONFIG_QFMT_V2=y
+CONFIG_QFMT_V2=m
 CONFIG_QUOTACTL=y
 CONFIG_DNOTIFY=y
 CONFIG_AUTOFS_FS=m
@@ -2516,8 +2604,10 @@ CONFIG_FAT_FS=m
 CONFIG_MSDOS_FS=m
 CONFIG_VFAT_FS=m
 CONFIG_FAT_DEFAULT_CODEPAGE=437
-CONFIG_FAT_DEFAULT_IOCHARSET="ascii"
-# CONFIG_NTFS_FS is not set
+CONFIG_FAT_DEFAULT_IOCHARSET="iso8859-1"
+CONFIG_NTFS_FS=m
+# CONFIG_NTFS_DEBUG is not set
+# CONFIG_NTFS_RW is not set
 
 #
 # Pseudo filesystems
@@ -2534,7 +2624,8 @@ CONFIG_CONFIGFS_FS=m
 #
 # Miscellaneous filesystems
 #
-# CONFIG_ADFS_FS is not set
+CONFIG_ADFS_FS=m
+# CONFIG_ADFS_FS_RW is not set
 CONFIG_AFFS_FS=m
 CONFIG_HFS_FS=m
 CONFIG_HFSPLUS_FS=m
@@ -2542,18 +2633,23 @@ CONFIG_BEFS_FS=m
 # CONFIG_BEFS_DEBUG is not set
 CONFIG_BFS_FS=m
 CONFIG_EFS_FS=m
-# CONFIG_JFFS_FS is not set
+CONFIG_JFFS_FS=m
+CONFIG_JFFS_FS_VERBOSE=0
+CONFIG_JFFS_PROC_FS=y
 CONFIG_JFFS2_FS=m
 CONFIG_JFFS2_FS_DEBUG=0
 CONFIG_JFFS2_FS_WRITEBUFFER=y
-# CONFIG_JFFS2_SUMMARY is not set
-# CONFIG_JFFS2_COMPRESSION_OPTIONS is not set
+CONFIG_JFFS2_SUMMARY=y
+CONFIG_JFFS2_COMPRESSION_OPTIONS=y
 CONFIG_JFFS2_ZLIB=y
 CONFIG_JFFS2_RTIME=y
 # CONFIG_JFFS2_RUBIN is not set
-CONFIG_CRAMFS=y
+# CONFIG_JFFS2_CMODE_NONE is not set
+CONFIG_JFFS2_CMODE_PRIORITY=y
+# CONFIG_JFFS2_CMODE_SIZE is not set
+CONFIG_CRAMFS=m
 CONFIG_VXFS_FS=m
-# CONFIG_HPFS_FS is not set
+CONFIG_HPFS_FS=m
 CONFIG_QNX4FS_FS=m
 CONFIG_SYSV_FS=m
 CONFIG_UFS_FS=m
@@ -2563,26 +2659,30 @@ CONFIG_UFS_FS=m
 #
 CONFIG_NFS_FS=m
 CONFIG_NFS_V3=y
-# CONFIG_NFS_V3_ACL is not set
+CONFIG_NFS_V3_ACL=y
 CONFIG_NFS_V4=y
 CONFIG_NFS_DIRECTIO=y
 CONFIG_NFSD=m
+CONFIG_NFSD_V2_ACL=y
 CONFIG_NFSD_V3=y
-# CONFIG_NFSD_V3_ACL is not set
+CONFIG_NFSD_V3_ACL=y
 CONFIG_NFSD_V4=y
 CONFIG_NFSD_TCP=y
 CONFIG_LOCKD=m
 CONFIG_LOCKD_V4=y
 CONFIG_EXPORTFS=m
+CONFIG_NFS_ACL_SUPPORT=m
 CONFIG_NFS_COMMON=y
 CONFIG_SUNRPC=m
 CONFIG_SUNRPC_GSS=m
 CONFIG_RPCSEC_GSS_KRB5=m
 CONFIG_RPCSEC_GSS_SPKM3=m
 CONFIG_SMB_FS=m
-# CONFIG_SMB_NLS_DEFAULT is not set
+CONFIG_SMB_NLS_DEFAULT=y
+CONFIG_SMB_NLS_REMOTE="cp850"
 CONFIG_CIFS=m
-# CONFIG_CIFS_STATS is not set
+CONFIG_CIFS_STATS=y
+# CONFIG_CIFS_STATS2 is not set
 CONFIG_CIFS_XATTR=y
 CONFIG_CIFS_POSIX=y
 # CONFIG_CIFS_EXPERIMENTAL is not set
@@ -2595,8 +2695,10 @@ CONFIG_NCPFS_OS2_NS=y
 CONFIG_NCPFS_SMALLDOS=y
 CONFIG_NCPFS_NLS=y
 CONFIG_NCPFS_EXTRAS=y
-# CONFIG_CODA_FS is not set
-# CONFIG_AFS_FS is not set
+CONFIG_CODA_FS=m
+# CONFIG_CODA_FS_OLD_API is not set
+CONFIG_AFS_FS=m
+CONFIG_RXRPC=m
 CONFIG_9P_FS=m
 
 #
@@ -2625,7 +2727,7 @@ CONFIG_EFI_PARTITION=y
 #
 CONFIG_NLS=y
 CONFIG_NLS_DEFAULT="utf8"
-CONFIG_NLS_CODEPAGE_437=y
+CONFIG_NLS_CODEPAGE_437=m
 CONFIG_NLS_CODEPAGE_737=m
 CONFIG_NLS_CODEPAGE_775=m
 CONFIG_NLS_CODEPAGE_850=m
@@ -2648,7 +2750,7 @@ CONFIG_NLS_CODEPAGE_874=m
 CONFIG_NLS_ISO8859_8=m
 CONFIG_NLS_CODEPAGE_1250=m
 CONFIG_NLS_CODEPAGE_1251=m
-CONFIG_NLS_ASCII=y
+CONFIG_NLS_ASCII=m
 CONFIG_NLS_ISO8859_1=m
 CONFIG_NLS_ISO8859_2=m
 CONFIG_NLS_ISO8859_3=m
@@ -2699,10 +2801,11 @@ CONFIG_KEYS=y
 CONFIG_KEYS_DEBUG_PROC_KEYS=y
 CONFIG_SECURITY=y
 CONFIG_SECURITY_NETWORK=y
-CONFIG_SECURITY_NETWORK_XFRM=y
+# CONFIG_SECURITY_NETWORK_XFRM is not set
 CONFIG_SECURITY_CAPABILITIES=y
-# CONFIG_SECURITY_ROOTPLUG is not set
-# CONFIG_SECURITY_SECLVL is not set
+CONFIG_SECURITY_ROOTPLUG=m
+CONFIG_SECURITY_SECLVL=m
+# CONFIG_SECURITY_SELINUX is not set
 
 #
 # Cryptographic options
@@ -2712,7 +2815,7 @@ CONFIG_CRYPTO_HMAC=y
 CONFIG_CRYPTO_NULL=m
 CONFIG_CRYPTO_MD4=m
 CONFIG_CRYPTO_MD5=y
-CONFIG_CRYPTO_SHA1=y
+CONFIG_CRYPTO_SHA1=m
 CONFIG_CRYPTO_SHA256=m
 CONFIG_CRYPTO_SHA512=m
 CONFIG_CRYPTO_WP512=m
@@ -2732,7 +2835,7 @@ CONFIG_CRYPTO_ANUBIS=m
 CONFIG_CRYPTO_DEFLATE=m
 CONFIG_CRYPTO_MICHAEL_MIC=m
 CONFIG_CRYPTO_CRC32C=m
-# CONFIG_CRYPTO_TEST is not set
+CONFIG_CRYPTO_TEST=m
 
 #
 # Hardware crypto devices
@@ -2746,7 +2849,7 @@ CONFIG_XEN_INTERFACE_VERSION=0x00030101
 CONFIG_XEN_PRIVILEGED_GUEST=y
 # CONFIG_XEN_UNPRIVILEGED_GUEST is not set
 CONFIG_XEN_BACKEND=y
-CONFIG_XEN_PCIDEV_BACKEND=y
+CONFIG_XEN_PCIDEV_BACKEND=m
 # CONFIG_XEN_PCIDEV_BACKEND_VPCI is not set
 CONFIG_XEN_PCIDEV_BACKEND_PASS=y
 # CONFIG_XEN_PCIDEV_BE_DEBUG is not set
@@ -2755,14 +2858,15 @@ CONFIG_XEN_BLKDEV_BACKEND=y
 CONFIG_XEN_NETDEV_BACKEND=y
 # CONFIG_XEN_NETDEV_PIPELINED_TRANSMITTER is not set
 CONFIG_XEN_NETDEV_LOOPBACK=y
-# CONFIG_XEN_TPMDEV_BACKEND is not set
+CONFIG_XEN_TPMDEV_BACKEND=m
+# CONFIG_XEN_TPMDEV_CLOSE_IF_VTPM_FAILS is not set
 CONFIG_XEN_BLKDEV_FRONTEND=y
 CONFIG_XEN_NETDEV_FRONTEND=y
 # CONFIG_XEN_BLKDEV_TAP is not set
-# CONFIG_XEN_TPMDEV_FRONTEND is not set
+CONFIG_XEN_TPMDEV_FRONTEND=m
 CONFIG_XEN_SCRUB_PAGES=y
 CONFIG_XEN_DISABLE_SERIAL=y
-CONFIG_XEN_SYSFS=m
+CONFIG_XEN_SYSFS=y
 CONFIG_HAVE_ARCH_ALLOC_SKB=y
 CONFIG_HAVE_ARCH_DEV_ALLOC_SKB=y
 CONFIG_NO_IDLE_HZ=y
@@ -2776,6 +2880,8 @@ CONFIG_CRC32=y
 CONFIG_LIBCRC32C=m
 CONFIG_ZLIB_INFLATE=y
 CONFIG_ZLIB_DEFLATE=m
+CONFIG_REED_SOLOMON=m
+CONFIG_REED_SOLOMON_DEC16=y
 CONFIG_TEXTSEARCH=y
 CONFIG_TEXTSEARCH_KMP=m
 CONFIG_TEXTSEARCH_BM=m
diff --git a/docs/man/xend-config.sxp.pod.5 b/docs/man/xend-config.sxp.pod.5
index a11db8cfde..836d00e072 100644
--- a/docs/man/xend-config.sxp.pod.5
+++ b/docs/man/xend-config.sxp.pod.5
@@ -109,6 +109,12 @@ If the value is 0, all available CPUs will be used by Domain0.
 A boolean value that tells xend whether or not core dumps of guest
 domains should be saved when a crash occurrs.  Defaults to I<no>.
 
+=item I<external-migration-tool>
+
+The name of an application or script that can handle external device
+migration, such as for example virtual TPM migration. An example
+script is I</etc/xen/scripts/external-device-migrate>.
+
 =back
 
 =head1 EXAMPLES
diff --git a/docs/man/xm.pod.1 b/docs/man/xm.pod.1
index d6e3697abe..11456687ff 100644
--- a/docs/man/xm.pod.1
+++ b/docs/man/xm.pod.1
@@ -136,7 +136,7 @@ Displays the short help message (i.e. common commands).
 The I<--long> option prints out the complete set of B<xm> subcommands,
 grouped by function.
 
-=item B<list> I<[--long]> I<[domain-id, ...]>
+=item B<list> I<[--long | --label]> I<[domain-id, ...]>
 
 Prints information about one or more domains.  If no domains are
 specified it prints out information about all domains.
@@ -213,6 +213,18 @@ Use at your own risk.
 
 =back
 
+B<LABEL OUTPUT>
+
+=over 4
+
+If I<--label> is specified, the security labels are added to the
+output of xm list and the lines are sorted by the labels (ignoring
+case). The I<--long> option prints the labels by default and cannot be
+combined with I<--label>. See the ACCESS CONTROL SUBCOMMAND section of
+this man page for more information about labels.
+
+==back
+
 B<NOTES>
 
 =over 4
@@ -775,6 +787,262 @@ Delete a vnet.
 
 =back
 
+=head1 ACCESS CONTROL SUBCOMMANDS
+
+Access Control in Xen consists of two components: (i) The Access
+Control Policy (ACP) defines security labels and access rules based on
+these labels. (ii) The Access Control Module (ACM) makes access control
+decisions by interpreting the policy when domains require to
+communicate or to access resources. The Xen access control has
+sufficient mechanisms in place to enforce the access decisions even
+against maliciously acting user domains (mandatory access control).
+
+Access rights for domains in Xen are determined by the domain security
+label only and not based on the domain Name or ID. The ACP specifies
+security labels that can then be assigned to domains and
+resources. Every domain must be assigned exactly one security label,
+otherwise access control decisions could become indeterministic. ACPs
+are distinguished by their name, which is a parameter to most of the
+subcommands described below. Currently, the ACP specifies two ways to
+interpret labels:
+
+(1) Simple Type Enforcement: Labels are interpreted to decide access
+of domains to comunication means and virtual or physical
+resources. Communication between domains as well as access to
+resources are forbidden by default and can only take place if they are
+explicitly allowed by the security policy. The proper assignment of
+labels to domains controls the sharing of information (directly
+through communication or indirectly through shared resources) between
+domains. This interpretation allows to control the overt (intended)
+communication channels in Xen.
+
+(2) Chinese Wall: Labels are interpreted to decide which domains can
+co-exist (be run simultaneously) on the same system. This
+interpretation allows to prevent direct covert (unintended) channels
+and mitigates risks caused by imperfect core domain isolation
+(trade-off between security and other system requirements). For a
+short introduction to covert channels, please refer to
+http://www.multicians.org/timing-chn.html.
+
+The following subcommands help you to manage security policies in Xen
+and to assign security labels to domains. To enable access control
+security in Xen, you must compile Xen with ACM support enabled as
+described under "Configuring Security" below. There, you will find
+also examples of each subcommand described here.
+
+=item B<makepolicy> I<policy>
+
+Compiles the XML source representation of the security I<policy>. It
+creates a mapping (.map) as well as a binary (.bin) version of the
+policy. The compiled policy can be loaded into Xen with the
+B<loadpolicy> subcommand or can be configured to be loaded at boot
+time with the B<cfgbootpolicy> subcommand.
+
+=over 4
+
+I<policy> is a dot-separated list of names. The last part is the file
+name pre-fix for the policy xml file. The preceding name parts are
+translated into the local path pointing to the policy xml file
+relative to the global policy root directory
+(/etc/xen/acm-security/policies). For example,
+example.chwall_ste.client_v1 denotes the policy file
+example/chwall_ste/client_v1-security_policy.xml relative to the
+global policy root directory.
+
+=back
+
+=item B<loadpolicy> I<policy>
+
+Loads the binary representation of the I<policy> into Xen. The binary
+representation can be created with the B<makepolicy> subcommand.
+
+=item B<cfgbootpolicy> I<policy> [I<kernelversion>]
+
+Configures I<policy> as the boot policy for Xen. It copies the binary
+policy representation into the /boot directory and adds a module line
+specifying the binary policy to the /boot/grub/menu.lst file. If your
+boot configuration includes multiple Xen boot titles, then use the
+I<kernelversion> parameter to select the proper title.
+
+=item B<dumppolicy>
+
+Prints the current security policy state information of Xen.
+
+=item B<labels> [I<policy>] [I<type>=dom|res|any]
+
+Lists all labels of a I<type> (domain, resource, or both) that are
+defined in the I<policy>. Unless specified, the default I<policy> is
+the currently enforced access control policy. The default for I<type>
+is 'dom'. The labels are arranged in alphabetical order.
+
+=item B<addlabel> I<configfile> I<label> [I<policy>]
+
+Adds the security label with name I<label> to a domain
+I<configfile>. Unless specified, the default I<policy> is the
+currently enforced access control policy. This subcommand also
+verifies that the I<policy> definition supports the specified I<label>
+name.
+
+B<CONFIGURING SECURITY>
+
+=over 4
+
+In xen_source_dir/Config.mk set the following parameters:
+
+    ACM_SECURITY ?= y
+    ACM_DEFAULT_SECURITY_POLICY ?= \
+        ACM_CHINESE_WALL_AND_SIMPLE_TYPE_ENFORCEMENT_POLICY
+
+Then recompile and install xen and the security tools and then reboot:
+
+    cd xen_source_dir/xen; make clean; make; cp xen.gz /boot;
+    cd xen_source_dir/tools/security; make install;
+    reboot into xen
+
+=back
+
+B<COMPILING A SECURITY POLICY>
+
+=over 4
+
+This step creates client_v1.map and client_v1.bin files in
+/etc/xen/acm-security/policies/example/chwall_ste.
+
+    xm makepolicy example.chwall_ste.client_v1
+
+=back
+
+B<LOADING A SECURITY POLICY>
+
+=over 4
+
+This step activates client_v1.bin as new security policy in Xen. You
+can use the dumppolicy subcommand before and afterwards to see the
+change in the Xen policy state.
+
+    xm loadpolicy example.chwall_ste.client_v1
+
+=back
+
+B<CONFIGURING A BOOT SECURITY POLICY>
+
+=over 4
+
+This configures the boot loader to load client_v1.bin at boot
+time. During system start, the ACM configures Xen with this policy and
+Xen enforces this policy from then on.
+
+    xm cfgbootpolicy example.chwall_ste.client_v1
+
+=back
+
+B<LISTING SECURITY LABELS>
+
+=over 4
+
+This subcommand shows all labels that are defined and which can be
+attached to domains.
+
+    xm labels example.chwall_ste.client_v1 type=dom
+
+will print for our example policy:
+
+        dom_BoincClient
+        dom_Fun
+        dom_HomeBanking
+        dom_NetworkDomain
+        dom_StorageDomain
+        dom_SystemManagement
+
+=back
+
+B<ATTACHING A SECURITY LABEL TO A DOMAIN>
+
+=over 4
+
+This subcommand attaches a security label to a domain configuration
+file, here a HomeBanking label. The example policy ensures that this
+domain does not share information with other non-hombanking user
+domains (i.e., domains labeled as dom_Fun or dom_Boinc) and that it
+will not run simultaneously with domains labeled as dom_Fun.
+
+We assume that the specified myconfig.xm configuration file actually
+instantiates a domain that runs workloads related to home-banking,
+probably just a browser environment for online-banking.
+
+    xm addlabel myconfig.xm dom_HomeBanking
+
+The very simple configuration file might now look as printed
+below. The I<addlabel> subcommand added the B<access_control> entry at
+the end of the file, consisting of a label name and the policy that
+specifies this label name:
+
+    kernel = "/boot/vmlinuz-2.6.16-xen"
+    ramdisk="/boot/U1_home_banking_ramdisk.img"
+    memory = 164
+    name = "homebanking"
+    vif = [ '' ]
+    dhcp = "dhcp"
+    access_control = ['policy=example.chwall_ste.client_v1,
+                       label=dom_HomeBanking']
+
+Security labels must be assigned to domain configurations because
+these labels are essential for making access control decisions as
+early as during the configuration phase of a newly instantiated
+domain. Consequently, a security-enabled Xen hypervisor will only
+start domains that have a security label configured and whose security
+label is consistent with the currently enforced policy. Otherwise,
+starting the domain will fail with the error condition "operation not
+permitted".
+
+=back
+
+B<STARTING AND LISTING LABELED DOMAINS>
+
+=over 4
+
+    xm create myconfig.xm
+
+    xm list --label
+
+      Name         ID ...  Time(s)  Label
+      homebanking  23 ...      4.4  dom_HomeBanking
+      Domain-0      0 ...   2658.8  dom_SystemManagement
+
+=back
+
+B<POLICY REPRESENTATIONS>
+
+=over 4
+
+We distinguish three representations of the Xen access control policy:
+the I<source XML> version, its I<binary> counterpart, and a I<mapping>
+representation that enables the tools to deterministically translate
+back and forth between label names of the XML policy and label
+identifiers of the binary policy. All three versions must be kept
+consistent to achieve predictable security guarantees.
+
+The XML version is the version that users are supposed to create or
+change, either by manually editing the XML file or by using the Xen
+policy generation tool (B<xensec_gen>). After changing the XML file,
+run the B<makepolicy> subcommand to ensure that these changes are
+reflected in the other versions. Use, for example, the subcommand
+B<cfgbootpolicy> to activate the changes during the next system
+reboot.
+
+The binary version of the policy is derived from the XML policy by
+tokenizing the specified labels and is used inside Xen only. It is
+created with the B<makepolicy> subcommand. Essentially, the binary
+version is much more compact than the XML version and is easier to
+evaluate during access control decisions.
+
+The mapping version of the policy is created during the XML-to-binary
+policy translation (B<makepolicy>) and is used by the Xen management
+tools to translate between label names used as input to the tools and
+their binary identifiers (ssidrefs) used inside Xen.
+
+=back
+
 =head1 EXAMPLES
 
 =head1 SEE ALSO
@@ -791,5 +1059,6 @@ Operating Systems Review, pages 261-267
 
   Sean Dague <sean at dague dot net>
   Daniel Stekloff <dsteklof at us dot ibm dot com>
+  Reiner Sailer <sailer at us dot ibm dot com>
 
 =head1 BUGS
diff --git a/docs/misc/vtpm.txt b/docs/misc/vtpm.txt
index f9532e9c7d..679e5c2451 100644
--- a/docs/misc/vtpm.txt
+++ b/docs/misc/vtpm.txt
@@ -17,13 +17,8 @@ Development Prerequisites: An emulator for TESTING ONLY is provided
 Compiling XEN tree:
 -------------------
 
-Compile the XEN tree as usual.
-
-make uninstall; make mrproper; make install 
-
-After compiling the tree, verify that in the linux-2.6.XX-xen0/.config 
-file at least the following entries are set as below (they should be set
-by default):
+Compile the XEN tree as usual after the following lines set in the
+linux-2.6.??-xen/.config file:
 
 CONFIG_XEN_TPMDEV_BACKEND=y
 CONFIG_XEN_TPMDEV_GRANT=y
@@ -32,18 +27,20 @@ CONFIG_TCG_TPM=m
 CONFIG_TCG_NSC=m
 CONFIG_TCG_ATMEL=m
 
+You must also enable the virtual TPM to be built:
 
-Verify that in the linux-2.6.XX-xenU/.config file at least the 
-Following entries are set as below (they should be set by default):
+In Config.mk in the Xen root directory set the line
 
-CONFIG_XEN_TPMDEV_FRONTEND=y
-CONFIG_XEN_TPMDEV_GRANT=y
+VTPM_TOOLS ?= y
+
+Now build the Xen sources from Xen's root directory:
+
+make install
 
-CONFIG_TCG_TPM=y
-CONFIG_TCG_XEN=y
 
+Also build the initial RAM disk if necessary.
 
-Reboot the machine with the created XEN-0 kernel.
+Reboot the machine with the created Xen kernel.
 
 Note: If you do not want any TPM-related code compiled into your
 kernel or built as module then comment all the above lines like
diff --git a/docs/src/user.tex b/docs/src/user.tex
index 9c286e27f6..8c0e9712c9 100644
--- a/docs/src/user.tex
+++ b/docs/src/user.tex
@@ -1983,8 +1983,7 @@ editing \path{grub.conf}.
   kilobytes. In previous versions of Xen, suffixes were not supported
   and the value is always interpreted as kilobytes.
 \item [ tbuf\_size=xxx ] Set the size of the per-cpu trace buffers, in
-  pages (default 1).  Note that the trace buffers are only enabled in
-  debug builds.  Most users can ignore this feature completely.
+  pages (default 0).  
 \item [ sched=xxx ] Select the CPU scheduler Xen should use.  The
   current possibilities are `sedf' (default) and `bvt'.
 \item [ apic\_verbosity=debug,verbose ] Print more detailed
diff --git a/linux-2.6-xen-sparse/arch/i386/Kconfig b/linux-2.6-xen-sparse/arch/i386/Kconfig
index 9687edf9f0..661d0bbecd 100644
--- a/linux-2.6-xen-sparse/arch/i386/Kconfig
+++ b/linux-2.6-xen-sparse/arch/i386/Kconfig
@@ -1180,11 +1180,6 @@ config X86_NO_TSS
 	depends on X86_XEN
 	default y
 
-config X86_SYSENTER
-	bool
-	depends on !X86_NO_TSS
-	default y
-
 config X86_NO_IDT
 	bool
 	depends on X86_XEN
diff --git a/linux-2.6-xen-sparse/arch/i386/kernel/Makefile b/linux-2.6-xen-sparse/arch/i386/kernel/Makefile
index 5661a9bb68..d0ccf7b375 100644
--- a/linux-2.6-xen-sparse/arch/i386/kernel/Makefile
+++ b/linux-2.6-xen-sparse/arch/i386/kernel/Makefile
@@ -49,14 +49,12 @@ else
 vsyscall_note := vsyscall-note.o
 endif
 
-VSYSCALL_TYPES-y			:= int80
-VSYSCALL_TYPES-$(CONFIG_X86_SYSENTER)	+= sysenter
 # vsyscall.o contains the vsyscall DSO images as __initdata.
 # We must build both images before we can assemble it.
 # Note: kbuild does not track this dependency due to usage of .incbin
-$(obj)/vsyscall.o: $(foreach F,$(VSYSCALL_TYPES-y),$(obj)/vsyscall-$F.so)
-targets += $(foreach F,$(VSYSCALL_TYPES-y),vsyscall-$F.o vsyscall-$F.so)
-targets += $(vsyscall_note) vsyscall.lds
+$(obj)/vsyscall.o: $(obj)/vsyscall-int80.so $(obj)/vsyscall-sysenter.so
+targets += $(foreach F,int80 sysenter,vsyscall-$F.o vsyscall-$F.so)
+targets += vsyscall-note.o vsyscall.lds
 
 # The DSO images are built using a special linker script.
 quiet_cmd_syscall = SYSCALL $@
@@ -83,8 +81,7 @@ $(obj)/built-in.o: ld_flags += -R $(obj)/vsyscall-syms.o
 
 SYSCFLAGS_vsyscall-syms.o = -r
 $(obj)/vsyscall-syms.o: $(src)/vsyscall.lds \
-			$(foreach F,$(VSYSCALL_TYPES-y),$(obj)/vsyscall-$F.o) \
-			$(obj)/$(vsyscall_note) FORCE
+			$(obj)/vsyscall-sysenter.o $(obj)/$(vsyscall_note) FORCE
 	$(call if_changed,syscall)
 
 ifdef CONFIG_XEN
diff --git a/linux-2.6-xen-sparse/arch/i386/kernel/asm-offsets.c b/linux-2.6-xen-sparse/arch/i386/kernel/asm-offsets.c
index 3c4a0f46eb..547eb452b3 100644
--- a/linux-2.6-xen-sparse/arch/i386/kernel/asm-offsets.c
+++ b/linux-2.6-xen-sparse/arch/i386/kernel/asm-offsets.c
@@ -64,10 +64,13 @@ void foo(void)
 	OFFSET(pbe_orig_address, pbe, orig_address);
 	OFFSET(pbe_next, pbe, next);
 
-#ifdef CONFIG_X86_SYSENTER
+#ifndef CONFIG_X86_NO_TSS
 	/* Offset from the sysenter stack to tss.esp0 */
-	DEFINE(TSS_sysenter_esp0, offsetof(struct tss_struct, esp0) -
+	DEFINE(SYSENTER_stack_esp0, offsetof(struct tss_struct, esp0) -
 		 sizeof(struct tss_struct));
+#else
+	/* sysenter stack points directly to esp0 */
+	DEFINE(SYSENTER_stack_esp0, 0);
 #endif
 
 	DEFINE(PAGE_SIZE_asm, PAGE_SIZE);
diff --git a/linux-2.6-xen-sparse/arch/i386/kernel/entry-xen.S b/linux-2.6-xen-sparse/arch/i386/kernel/entry-xen.S
index 072172cda7..8c5ace45ef 100644
--- a/linux-2.6-xen-sparse/arch/i386/kernel/entry-xen.S
+++ b/linux-2.6-xen-sparse/arch/i386/kernel/entry-xen.S
@@ -202,13 +202,12 @@ need_resched:
 	jmp need_resched
 #endif
 
-#ifdef CONFIG_X86_SYSENTER
 /* SYSENTER_RETURN points to after the "sysenter" instruction in
    the vsyscall page.  See vsyscall-sysentry.S, which defines the symbol.  */
 
 	# sysenter call handler stub
 ENTRY(sysenter_entry)
-	movl TSS_sysenter_esp0(%esp),%esp
+	movl SYSENTER_stack_esp0(%esp),%esp
 sysenter_past_esp:
 	sti
 	pushl $(__USER_DS)
@@ -240,7 +239,7 @@ sysenter_past_esp:
 	jae syscall_badsys
 	call *sys_call_table(,%eax,4)
 	movl %eax,EAX(%esp)
-	cli
+	DISABLE_INTERRUPTS
 	movl TI_flags(%ebp), %ecx
 	testw $_TIF_ALLWORK_MASK, %cx
 	jne syscall_exit_work
@@ -248,9 +247,23 @@ sysenter_past_esp:
 	movl EIP(%esp), %edx
 	movl OLDESP(%esp), %ecx
 	xorl %ebp,%ebp
+#ifdef CONFIG_XEN
+	__ENABLE_INTERRUPTS
+sysexit_scrit:	/**** START OF SYSEXIT CRITICAL REGION ****/
+	__TEST_PENDING
+	jnz  14f			# process more events if necessary...
+	movl ESI(%esp), %esi
+	sysexit
+14:	__DISABLE_INTERRUPTS
+sysexit_ecrit:	/**** END OF SYSEXIT CRITICAL REGION ****/
+	push %esp
+	call evtchn_do_upcall
+	add  $4,%esp
+	jmp  ret_from_intr
+#else
 	sti
 	sysexit
-#endif /* CONFIG_X86_SYSENTER */
+#endif /* !CONFIG_XEN */
 
 
 	# system call handler stub
@@ -532,6 +545,11 @@ error_code:
 # So, on entry to the handler we detect whether we interrupted an
 # existing activation in its critical region -- if so, we pop the current
 # activation and restart the handler using the previous one.
+#
+# The sysexit critical region is slightly different. sysexit
+# atomically removes the entire stack frame. If we interrupt in the
+# critical region we know that the entire frame is present and correct
+# so we can simply throw away the new one.
 ENTRY(hypervisor_callback)
 	pushl %eax
 	SAVE_ALL
@@ -540,6 +558,11 @@ ENTRY(hypervisor_callback)
 	jb   11f
 	cmpl $ecrit,%eax
 	jb   critical_region_fixup
+	cmpl $sysexit_scrit,%eax
+	jb   11f
+	cmpl $sysexit_ecrit,%eax
+	ja   11f
+	addl $0x34,%esp			# Remove cs...ebx from stack frame.
 11:	push %esp
 	call evtchn_do_upcall
 	add  $4,%esp
@@ -683,13 +706,13 @@ device_available_emulate:
 	call math_state_restore
 	jmp ret_from_exception
 
-#ifdef CONFIG_X86_SYSENTER
+#ifndef CONFIG_XEN
 /*
  * Debug traps and NMI can happen at the one SYSENTER instruction
  * that sets up the real kernel stack. Check here, since we can't
  * allow the wrong stack to be used.
  *
- * "TSS_sysenter_esp0+12" is because the NMI/debug handler will have
+ * "SYSENTER_stack_esp0+12" is because the NMI/debug handler will have
  * already pushed 3 words if it hits on the sysenter instruction:
  * eflags, cs and eip.
  *
@@ -701,19 +724,19 @@ device_available_emulate:
 	cmpw $__KERNEL_CS,4(%esp);		\
 	jne ok;					\
 label:						\
-	movl TSS_sysenter_esp0+offset(%esp),%esp;	\
+	movl SYSENTER_stack_esp0+offset(%esp),%esp;	\
 	pushfl;					\
 	pushl $__KERNEL_CS;			\
 	pushl $sysenter_past_esp
-#endif /* CONFIG_X86_SYSENTER */
+#endif /* CONFIG_XEN */
 
 KPROBE_ENTRY(debug)
-#ifdef CONFIG_X86_SYSENTER
+#ifndef CONFIG_XEN
 	cmpl $sysenter_entry,(%esp)
 	jne debug_stack_correct
 	FIX_STACK(12, debug_stack_correct, debug_esp_fix_insn)
 debug_stack_correct:
-#endif /* !CONFIG_X86_SYSENTER */
+#endif /* !CONFIG_XEN */
 	pushl $-1			# mark this as an int
 	SAVE_ALL
 	xorl %edx,%edx			# error code 0
diff --git a/linux-2.6-xen-sparse/arch/i386/kernel/io_apic-xen.c b/linux-2.6-xen-sparse/arch/i386/kernel/io_apic-xen.c
index 47edb0524b..cf0e62c5ff 100644
--- a/linux-2.6-xen-sparse/arch/i386/kernel/io_apic-xen.c
+++ b/linux-2.6-xen-sparse/arch/i386/kernel/io_apic-xen.c
@@ -1205,7 +1205,6 @@ u8 irq_vector[NR_IRQ_VECTORS] __read_mostly; /* = { FIRST_DEVICE_VECTOR , 0 }; *
 
 int assign_irq_vector(int irq)
 {
-	static int current_vector = FIRST_DEVICE_VECTOR;
 	physdev_op_t op;
 
 	BUG_ON(irq >= NR_IRQ_VECTORS);
@@ -1216,13 +1215,12 @@ int assign_irq_vector(int irq)
 	op.u.irq_op.irq = irq;
 	if (HYPERVISOR_physdev_op(&op))
 		return -ENOSPC;
-	current_vector = op.u.irq_op.vector;
 
-	vector_irq[current_vector] = irq;
+	vector_irq[op.u.irq_op.vector] = irq;
 	if (irq != AUTO_ASSIGN)
-		IO_APIC_VECTOR(irq) = current_vector;
+		IO_APIC_VECTOR(irq) = op.u.irq_op.vector;
 
-	return current_vector;
+	return op.u.irq_op.vector;
 }
 
 #ifndef CONFIG_XEN
@@ -2485,6 +2483,12 @@ static int __init io_apic_bug_finalize(void)
 {
 	if(sis_apic_bug == -1)
 		sis_apic_bug = 0;
+	if (xen_start_info->flags & SIF_INITDOMAIN) {
+		dom0_op_t op = { .cmd = DOM0_PLATFORM_QUIRK };
+		op.u.platform_quirk.quirk_id = sis_apic_bug ?
+			QUIRK_IOAPIC_BAD_REGSEL : QUIRK_IOAPIC_GOOD_REGSEL;
+		HYPERVISOR_dom0_op(&op);
+	}
 	return 0;
 }
 
diff --git a/linux-2.6-xen-sparse/arch/i386/kernel/sysenter.c b/linux-2.6-xen-sparse/arch/i386/kernel/sysenter.c
index 99193bb47f..844c87e78c 100644
--- a/linux-2.6-xen-sparse/arch/i386/kernel/sysenter.c
+++ b/linux-2.6-xen-sparse/arch/i386/kernel/sysenter.c
@@ -20,11 +20,15 @@
 #include <asm/pgtable.h>
 #include <asm/unistd.h>
 
+#ifdef CONFIG_XEN
+#include <xen/interface/callback.h>
+#endif
+
 extern asmlinkage void sysenter_entry(void);
 
 void enable_sep_cpu(void)
 {
-#ifdef CONFIG_X86_SYSENTER
+#ifndef CONFIG_X86_NO_TSS
 	int cpu = get_cpu();
 	struct tss_struct *tss = &per_cpu(init_tss, cpu);
 
@@ -54,14 +58,24 @@ int __init sysenter_setup(void)
 {
 	syscall_page = (void *)get_zeroed_page(GFP_ATOMIC);
 
-#ifdef CONFIG_X86_SYSENTER
+#ifdef CONFIG_XEN
+	if (boot_cpu_has(X86_FEATURE_SEP)) {
+		struct callback_register sysenter = {
+			.type = CALLBACKTYPE_sysenter,
+			.address = { __KERNEL_CS, (unsigned long)sysenter_entry },
+		};
+
+		if (HYPERVISOR_callback_op(CALLBACKOP_register, &sysenter) < 0)
+			clear_bit(X86_FEATURE_SEP, boot_cpu_data.x86_capability);
+	}
+#endif
+
 	if (boot_cpu_has(X86_FEATURE_SEP)) {
 		memcpy(syscall_page,
 		       &vsyscall_sysenter_start,
 		       &vsyscall_sysenter_end - &vsyscall_sysenter_start);
 		return 0;
 	}
-#endif
 
 	memcpy(syscall_page,
 	       &vsyscall_int80_start,
diff --git a/linux-2.6-xen-sparse/arch/i386/kernel/vsyscall.S b/linux-2.6-xen-sparse/arch/i386/kernel/vsyscall.S
index 432aa46649..b403890fe3 100644
--- a/linux-2.6-xen-sparse/arch/i386/kernel/vsyscall.S
+++ b/linux-2.6-xen-sparse/arch/i386/kernel/vsyscall.S
@@ -7,11 +7,9 @@ vsyscall_int80_start:
 	.incbin "arch/i386/kernel/vsyscall-int80.so"
 vsyscall_int80_end:
 
-#ifdef CONFIG_X86_SYSENTER
 	.globl vsyscall_sysenter_start, vsyscall_sysenter_end
 vsyscall_sysenter_start:
 	.incbin "arch/i386/kernel/vsyscall-sysenter.so"
 vsyscall_sysenter_end:
-#endif
 
 __FINIT
diff --git a/linux-2.6-xen-sparse/arch/i386/mm/pgtable-xen.c b/linux-2.6-xen-sparse/arch/i386/mm/pgtable-xen.c
index b6109de24e..d8a11c78d3 100644
--- a/linux-2.6-xen-sparse/arch/i386/mm/pgtable-xen.c
+++ b/linux-2.6-xen-sparse/arch/i386/mm/pgtable-xen.c
@@ -306,14 +306,14 @@ void pgd_ctor(void *pgd, kmem_cache_t *cache, unsigned long unused)
 			BUG_ON(rc);
 		}
 		if (HAVE_SHARED_KERNEL_PMD)
-			memcpy((pgd_t *)pgd + USER_PTRS_PER_PGD,
-			       swapper_pg_dir + USER_PTRS_PER_PGD,
-			       (PTRS_PER_PGD - USER_PTRS_PER_PGD) * sizeof(pgd_t));
+			clone_pgd_range((pgd_t *)pgd + USER_PTRS_PER_PGD,
+					swapper_pg_dir + USER_PTRS_PER_PGD,
+					KERNEL_PGD_PTRS);
 	} else {
 		spin_lock_irqsave(&pgd_lock, flags);
-		memcpy((pgd_t *)pgd + USER_PTRS_PER_PGD,
-		       swapper_pg_dir + USER_PTRS_PER_PGD,
-		       (PTRS_PER_PGD - USER_PTRS_PER_PGD) * sizeof(pgd_t));
+		clone_pgd_range((pgd_t *)pgd + USER_PTRS_PER_PGD,
+				swapper_pg_dir + USER_PTRS_PER_PGD,
+				KERNEL_PGD_PTRS);
 		memset(pgd, 0, USER_PTRS_PER_PGD*sizeof(pgd_t));
 		pgd_list_add(pgd);
 		spin_unlock_irqrestore(&pgd_lock, flags);
@@ -360,7 +360,7 @@ pgd_t *pgd_alloc(struct mm_struct *mm)
 			pmd_t *pmd = kmem_cache_alloc(pmd_cache, GFP_KERNEL);
 			if (!pmd)
 				goto out_oom;
-			set_pgd(&pgd[USER_PTRS_PER_PGD], __pgd(1 + __pa(pmd)));
+			set_pgd(&pgd[i], __pgd(1 + __pa(pmd)));
 		}
 
 		spin_lock_irqsave(&pgd_lock, flags);
diff --git a/linux-2.6-xen-sparse/arch/i386/oprofile/xenoprof.c b/linux-2.6-xen-sparse/arch/i386/oprofile/xenoprof.c
index f5184a2c0c..bcfdc23e74 100644
--- a/linux-2.6-xen-sparse/arch/i386/oprofile/xenoprof.c
+++ b/linux-2.6-xen-sparse/arch/i386/oprofile/xenoprof.c
@@ -35,8 +35,9 @@ static void xenoprof_stop(void);
 void * vm_map_xen_pages(unsigned long maddr, int vm_size, pgprot_t prot);
 
 static int xenoprof_enabled = 0;
-static int num_events = 0;
+static unsigned int num_events = 0;
 static int is_primary = 0;
+static int active_defined;
 
 /* sample buffers shared with Xen */
 xenoprof_buf_t * xenoprof_buf[MAX_VIRT_CPUS];
@@ -106,7 +107,7 @@ static irqreturn_t
 xenoprof_ovf_interrupt(int irq, void * dev_id, struct pt_regs * regs)
 {
 	int head, tail, size;
-	xenoprof_buf_t * buf;
+	struct xenoprof_buf * buf;
 	int cpu;
 
 	cpu = smp_processor_id();
@@ -196,28 +197,49 @@ static int bind_virq(void)
 static int xenoprof_setup(void)
 {
 	int ret;
+	int i;
 
 	ret = bind_virq();
 	if (ret)
 		return ret;
 
 	if (is_primary) {
-		ret = HYPERVISOR_xenoprof_op(XENOPROF_reserve_counters,
-					     (unsigned long)NULL,
-					     (unsigned long)NULL);
+		struct xenoprof_counter counter;
+
+		/* Define dom0 as an active domain if not done yet */
+		if (!active_defined) {
+			domid_t domid;
+			ret = HYPERVISOR_xenoprof_op(XENOPROF_reset_active_list, NULL);
+			if (ret)
+				goto err;
+			domid = 0;
+			ret = HYPERVISOR_xenoprof_op(XENOPROF_set_active, &domid);
+			if (ret)
+				goto err;
+			active_defined = 1;
+		}
+
+		ret = HYPERVISOR_xenoprof_op(XENOPROF_reserve_counters, NULL);
 		if (ret)
 			goto err;
+		for (i=0; i<num_events; i++) {
+			counter.ind       = i;
+			counter.count     = (uint64_t)counter_config[i].count;
+			counter.enabled   = (uint32_t)counter_config[i].enabled;
+			counter.event     = (uint32_t)counter_config[i].event;
+			counter.kernel    = (uint32_t)counter_config[i].kernel;
+			counter.user      = (uint32_t)counter_config[i].user;
+			counter.unit_mask = (uint64_t)counter_config[i].unit_mask;
+			HYPERVISOR_xenoprof_op(XENOPROF_counter, 
+					       &counter);
+		}
+		ret = HYPERVISOR_xenoprof_op(XENOPROF_setup_events, NULL);
 
-		ret = HYPERVISOR_xenoprof_op(XENOPROF_setup_events,
-					     (unsigned long)&counter_config,
-					     (unsigned long)num_events);
 		if (ret)
 			goto err;
 	}
 
-	ret = HYPERVISOR_xenoprof_op(XENOPROF_enable_virq,
-				     (unsigned long)NULL,
-				     (unsigned long)NULL);
+	ret = HYPERVISOR_xenoprof_op(XENOPROF_enable_virq, NULL);
 	if (ret)
 		goto err;
 
@@ -233,17 +255,15 @@ static void xenoprof_shutdown(void)
 {
 	xenoprof_enabled = 0;
 
-	HYPERVISOR_xenoprof_op(XENOPROF_disable_virq,
-			       (unsigned long)NULL,
-			       (unsigned long)NULL);
+	HYPERVISOR_xenoprof_op(XENOPROF_disable_virq, NULL);
 
 	if (is_primary) {
-		HYPERVISOR_xenoprof_op(XENOPROF_release_counters,
-				       (unsigned long)NULL,
-				       (unsigned long)NULL);
+		HYPERVISOR_xenoprof_op(XENOPROF_release_counters, NULL);
+		active_defined = 0;
 	}
 
 	unbind_virq();
+
 }
 
 
@@ -252,9 +272,8 @@ static int xenoprof_start(void)
 	int ret = 0;
 
 	if (is_primary)
-		ret = HYPERVISOR_xenoprof_op(XENOPROF_start,
-					     (unsigned long)NULL,
-					     (unsigned long)NULL);
+		ret = HYPERVISOR_xenoprof_op(XENOPROF_start, NULL);
+
 	return ret;
 }
 
@@ -262,20 +281,43 @@ static int xenoprof_start(void)
 static void xenoprof_stop(void)
 {
 	if (is_primary)
-		HYPERVISOR_xenoprof_op(XENOPROF_stop,
-				       (unsigned long)NULL,
-				       (unsigned long)NULL);
+		HYPERVISOR_xenoprof_op(XENOPROF_stop, NULL);
 }
 
 
 static int xenoprof_set_active(int * active_domains,
-			  unsigned int adomains)
+			       unsigned int adomains)
 {
 	int ret = 0;
-	if (is_primary)
-		ret = HYPERVISOR_xenoprof_op(XENOPROF_set_active,
-					     (unsigned long)active_domains,
-					     (unsigned long)adomains);
+	int i;
+	int set_dom0 = 0;
+	domid_t domid;
+
+	if (!is_primary)
+		return 0;
+
+	if (adomains > MAX_OPROF_DOMAINS)
+		return -E2BIG;
+
+	ret = HYPERVISOR_xenoprof_op(XENOPROF_reset_active_list, NULL);
+	if (ret)
+		return ret;
+
+	for (i=0; i<adomains; i++) {
+		domid = active_domains[i];
+		ret = HYPERVISOR_xenoprof_op(XENOPROF_set_active, &domid);
+		if (ret)
+			return (ret);
+		if (active_domains[i] == 0)
+			set_dom0 = 1;
+	}
+	/* dom0 must always be active but may not be in the list */ 
+	if (!set_dom0) {
+		domid = 0;
+		ret = HYPERVISOR_xenoprof_op(XENOPROF_set_active, &domid);
+	}
+	
+	active_defined = 1;
 	return ret;
 }
 
@@ -325,44 +367,48 @@ static int using_xenoprof;
 
 int __init oprofile_arch_init(struct oprofile_operations * ops)
 {
-	xenoprof_init_result_t result;
-	xenoprof_buf_t * buf;
-	int max_samples = 16;
+	struct xenoprof_init init;
+	struct xenoprof_buf * buf;
 	int vm_size;
 	int npages;
+	int ret;
 	int i;
 
-	int ret = HYPERVISOR_xenoprof_op(XENOPROF_init,
-					 (unsigned long)max_samples,
-					 (unsigned long)&result);
+	init.max_samples = 16;
+	ret = HYPERVISOR_xenoprof_op(XENOPROF_init, &init);
 
 	if (!ret) {
 		pgprot_t prot = __pgprot(_KERNPG_TABLE);
 
-		num_events = result.num_events;
-		is_primary = result.is_primary;
-		nbuf = result.nbuf;
+		num_events = init.num_events;
+		is_primary = init.is_primary;
+		nbuf = init.nbuf;
 
-		npages = (result.bufsize * nbuf - 1) / PAGE_SIZE + 1;
+		/* just in case - make sure we do not overflow event list 
+                   (i.e. counter_config list) */
+		if (num_events > OP_MAX_COUNTER)
+			num_events = OP_MAX_COUNTER;
+
+		npages = (init.bufsize * nbuf - 1) / PAGE_SIZE + 1;
 		vm_size = npages * PAGE_SIZE;
 
-		shared_buffer = (char *) vm_map_xen_pages(result.buf_maddr,
-							  vm_size, prot);
+		shared_buffer = (char *)vm_map_xen_pages(init.buf_maddr,
+							 vm_size, prot);
 		if (!shared_buffer) {
 			ret = -ENOMEM;
 			goto out;
 		}
 
 		for (i=0; i< nbuf; i++) {
-			buf = (xenoprof_buf_t*) 
-				&shared_buffer[i * result.bufsize];
+			buf = (struct xenoprof_buf*) 
+				&shared_buffer[i * init.bufsize];
 			BUG_ON(buf->vcpu_id >= MAX_VIRT_CPUS);
 			xenoprof_buf[buf->vcpu_id] = buf;
 		}
 
 		/*  cpu_type is detected by Xen */
 		cpu_type[XENOPROF_CPU_TYPE_SIZE-1] = 0;
-		strncpy(cpu_type, result.cpu_type, XENOPROF_CPU_TYPE_SIZE - 1);
+		strncpy(cpu_type, init.cpu_type, XENOPROF_CPU_TYPE_SIZE - 1);
 		xenoprof_ops.cpu_type = cpu_type;
 
 		init_driverfs();
@@ -371,6 +417,8 @@ int __init oprofile_arch_init(struct oprofile_operations * ops)
 
 		for (i=0; i<NR_CPUS; i++)
 			ovf_irq[i] = -1;
+
+		active_defined = 0;
 	}
  out:
 	printk(KERN_INFO "oprofile_arch_init: ret %d, events %d, "
@@ -389,7 +437,5 @@ void __exit oprofile_arch_exit(void)
 		shared_buffer = NULL;
 	}
 	if (is_primary)
-		HYPERVISOR_xenoprof_op(XENOPROF_shutdown,
-				       (unsigned long)NULL,
-				       (unsigned long)NULL);
+		HYPERVISOR_xenoprof_op(XENOPROF_shutdown, NULL);
 }
diff --git a/linux-2.6-xen-sparse/arch/x86_64/kernel/io_apic-xen.c b/linux-2.6-xen-sparse/arch/x86_64/kernel/io_apic-xen.c
index fd72947df7..d71120093e 100644
--- a/linux-2.6-xen-sparse/arch/x86_64/kernel/io_apic-xen.c
+++ b/linux-2.6-xen-sparse/arch/x86_64/kernel/io_apic-xen.c
@@ -869,7 +869,6 @@ u8 irq_vector[NR_IRQ_VECTORS] __read_mostly;
 
 int assign_irq_vector(int irq)
 {
-	static int current_vector = FIRST_DEVICE_VECTOR;
 	physdev_op_t op;
   
   	BUG_ON(irq != AUTO_ASSIGN && (unsigned)irq >= NR_IRQ_VECTORS);
@@ -880,13 +879,12 @@ int assign_irq_vector(int irq)
 	op.u.irq_op.irq = irq;
 	if (HYPERVISOR_physdev_op(&op))
 		return -ENOSPC;
-	current_vector = op.u.irq_op.vector;
 
-	vector_irq[current_vector] = irq;
+	vector_irq[op.u.irq_op.vector] = irq;
 	if (irq != AUTO_ASSIGN)
-		IO_APIC_VECTOR(irq) = current_vector;
+		IO_APIC_VECTOR(irq) = op.u.irq_op.vector;
 
-	return current_vector;
+	return op.u.irq_op.vector;
 }
 
 extern void (*interrupt[NR_IRQS])(void);
diff --git a/linux-2.6-xen-sparse/drivers/xen/pciback/pciback.h b/linux-2.6-xen-sparse/drivers/xen/pciback/pciback.h
index aaa0d75d3a..09deb26522 100644
--- a/linux-2.6-xen-sparse/drivers/xen/pciback/pciback.h
+++ b/linux-2.6-xen-sparse/drivers/xen/pciback/pciback.h
@@ -11,6 +11,8 @@
 #include <xen/xenbus.h>
 #include <linux/list.h>
 #include <linux/spinlock.h>
+#include <linux/workqueue.h>
+#include <asm/atomic.h>
 #include <xen/interface/io/pciif.h>
 
 struct pci_dev_entry {
@@ -18,6 +20,9 @@ struct pci_dev_entry {
 	struct pci_dev *dev;
 };
 
+#define _PDEVF_op_active 	(0)
+#define PDEVF_op_active 	(1<<(_PDEVF_op_active))
+
 struct pciback_device {
 	void *pci_dev_data;
 	spinlock_t dev_lock;
@@ -29,7 +34,12 @@ struct pciback_device {
 
 	int evtchn_irq;
 
+	struct vm_struct *sh_area;
 	struct xen_pci_sharedinfo *sh_info;
+
+	unsigned long flags;
+
+	struct work_struct op_work;
 };
 
 struct pciback_dev_data {
@@ -70,6 +80,7 @@ void pciback_release_devices(struct pciback_device *pdev);
 
 /* Handles events from front-end */
 irqreturn_t pciback_handle_event(int irq, void *dev_id, struct pt_regs *regs);
+void pciback_do_op(void *data);
 
 int pciback_xenbus_register(void);
 void pciback_xenbus_unregister(void);
diff --git a/linux-2.6-xen-sparse/drivers/xen/pciback/pciback_ops.c b/linux-2.6-xen-sparse/drivers/xen/pciback/pciback_ops.c
index 48305f549d..96715899cb 100644
--- a/linux-2.6-xen-sparse/drivers/xen/pciback/pciback_ops.c
+++ b/linux-2.6-xen-sparse/drivers/xen/pciback/pciback_ops.c
@@ -40,18 +40,25 @@ void pciback_reset_device(struct pci_dev *dev)
 	pciback_config_reset(dev);
 }
 
-irqreturn_t pciback_handle_event(int irq, void *dev_id, struct pt_regs *regs)
+static inline void test_and_schedule_op(struct pciback_device *pdev)
 {
-	struct pciback_device *pdev = dev_id;
+	/* Check that frontend is requesting an operation and that we are not
+	 * already processing a request */
+	if (test_bit(_XEN_PCIF_active, (unsigned long *)&pdev->sh_info->flags)
+	    && !test_and_set_bit(_PDEVF_op_active, &pdev->flags))
+		schedule_work(&pdev->op_work);
+}
+
+/* Performing the configuration space reads/writes must not be done in atomic
+ * context because some of the pci_* functions can sleep (mostly due to ACPI
+ * use of semaphores). This function is intended to be called from a work
+ * queue in process context taking a struct pciback_device as a parameter */
+void pciback_do_op(void *data)
+{
+	struct pciback_device *pdev = data;
 	struct pci_dev *dev;
 	struct xen_pci_op *op = &pdev->sh_info->op;
 
-	if (unlikely(!test_bit(_XEN_PCIF_active,
-			       (unsigned long *)&pdev->sh_info->flags))) {
-		pr_debug("pciback: interrupt, but no active operation\n");
-		goto out;
-	}
-
 	dev = pciback_get_pci_dev(pdev, op->domain, op->bus, op->devfn);
 
 	if (dev == NULL)
@@ -65,10 +72,26 @@ irqreturn_t pciback_handle_event(int irq, void *dev_id, struct pt_regs *regs)
 	else
 		op->err = XEN_PCI_ERR_not_implemented;
 
+	/* Tell the driver domain that we're done. */ 
 	wmb();
 	clear_bit(_XEN_PCIF_active, (unsigned long *)&pdev->sh_info->flags);
 	notify_remote_via_irq(pdev->evtchn_irq);
 
-      out:
+	/* Mark that we're done. */
+	smp_mb__before_clear_bit(); /* /after/ clearing PCIF_active */
+	clear_bit(_PDEVF_op_active, &pdev->flags);
+	smp_mb__after_clear_bit(); /* /before/ final check for work */
+
+	/* Check to see if the driver domain tried to start another request in
+	 * between clearing _XEN_PCIF_active and clearing _PDEVF_op_active. */
+	test_and_schedule_op(pdev);
+}
+
+irqreturn_t pciback_handle_event(int irq, void *dev_id, struct pt_regs *regs)
+{
+	struct pciback_device *pdev = dev_id;
+
+	test_and_schedule_op(pdev);
+
 	return IRQ_HANDLED;
 }
diff --git a/linux-2.6-xen-sparse/drivers/xen/pciback/xenbus.c b/linux-2.6-xen-sparse/drivers/xen/pciback/xenbus.c
index dc369d0efb..28074c34e8 100644
--- a/linux-2.6-xen-sparse/drivers/xen/pciback/xenbus.c
+++ b/linux-2.6-xen-sparse/drivers/xen/pciback/xenbus.c
@@ -26,10 +26,13 @@ static struct pciback_device *alloc_pdev(struct xenbus_device *xdev)
 
 	spin_lock_init(&pdev->dev_lock);
 
+	pdev->sh_area = NULL;
 	pdev->sh_info = NULL;
 	pdev->evtchn_irq = INVALID_EVTCHN_IRQ;
 	pdev->be_watching = 0;
 
+	INIT_WORK(&pdev->op_work, pciback_do_op, pdev);
+
 	if (pciback_init_devices(pdev)) {
 		kfree(pdev);
 		pdev = NULL;
@@ -47,8 +50,13 @@ static void free_pdev(struct pciback_device *pdev)
 	if (pdev->evtchn_irq != INVALID_EVTCHN_IRQ)
 		unbind_from_irqhandler(pdev->evtchn_irq, pdev);
 
+	/* If the driver domain started an op, make sure we complete it or
+	 * delete it before releasing the shared memory */
+	cancel_delayed_work(&pdev->op_work);
+	flush_scheduled_work();
+
 	if (pdev->sh_info)
-		xenbus_unmap_ring_vfree(pdev->xdev, pdev->sh_info);
+		xenbus_unmap_ring_vfree(pdev->xdev, pdev->sh_area);
 
 	pciback_release_devices(pdev);
 
@@ -63,15 +71,19 @@ static int pciback_do_attach(struct pciback_device *pdev, int gnt_ref,
 {
 	int err = 0;
 	int evtchn;
+	struct vm_struct *area;
+
 	dev_dbg(&pdev->xdev->dev,
 		"Attaching to frontend resources - gnt_ref=%d evtchn=%d\n",
 		gnt_ref, remote_evtchn);
 
-	err =
-	    xenbus_map_ring_valloc(pdev->xdev, gnt_ref,
-				   (void **)&pdev->sh_info);
-	if (err)
+	area = xenbus_map_ring_valloc(pdev->xdev, gnt_ref);
+	if (IS_ERR(area)) {
+		err = PTR_ERR(area);
 		goto out;
+	}
+	pdev->sh_area = area;
+	pdev->sh_info = area->addr;
 
 	err = xenbus_bind_evtchn(pdev->xdev, remote_evtchn, &evtchn);
 	if (err)
diff --git a/linux-2.6-xen-sparse/drivers/xen/tpmback/common.h b/linux-2.6-xen-sparse/drivers/xen/tpmback/common.h
index 44a3d4c9e9..f08e797e82 100644
--- a/linux-2.6-xen-sparse/drivers/xen/tpmback/common.h
+++ b/linux-2.6-xen-sparse/drivers/xen/tpmback/common.h
@@ -49,6 +49,7 @@ typedef struct tpmif_st {
 
 	grant_handle_t shmem_handle;
 	grant_ref_t shmem_ref;
+	struct page *pagerange;
 } tpmif_t;
 
 void tpmif_disconnect_complete(tpmif_t * tpmif);
diff --git a/linux-2.6-xen-sparse/drivers/xen/tpmback/interface.c b/linux-2.6-xen-sparse/drivers/xen/tpmback/interface.c
index c31c3fdf6e..7a7ca4c7ed 100644
--- a/linux-2.6-xen-sparse/drivers/xen/tpmback/interface.c
+++ b/linux-2.6-xen-sparse/drivers/xen/tpmback/interface.c
@@ -22,7 +22,6 @@ LIST_HEAD(tpmif_list);
 
 static tpmif_t *alloc_tpmif(domid_t domid, long int instance)
 {
-	struct page *page;
 	tpmif_t *tpmif;
 
 	tpmif = kmem_cache_alloc(tpmif_cachep, GFP_KERNEL);
@@ -35,9 +34,10 @@ static tpmif_t *alloc_tpmif(domid_t domid, long int instance)
 	tpmif->tpm_instance = instance;
 	atomic_set(&tpmif->refcnt, 1);
 
-	page = balloon_alloc_empty_page_range(TPMIF_TX_RING_SIZE);
-	BUG_ON(page == NULL);
-	tpmif->mmap_vstart = (unsigned long)pfn_to_kaddr(page_to_pfn(page));
+	tpmif->pagerange = balloon_alloc_empty_page_range(TPMIF_TX_RING_SIZE);
+	BUG_ON(tpmif->pagerange == NULL);
+	tpmif->mmap_vstart = (unsigned long)pfn_to_kaddr(
+	                                    page_to_pfn(tpmif->pagerange));
 
 	list_add(&tpmif->tpmif_list, &tpmif_list);
 	num_frontends++;
@@ -49,6 +49,7 @@ static void free_tpmif(tpmif_t * tpmif)
 {
 	num_frontends--;
 	list_del(&tpmif->tpmif_list);
+	balloon_dealloc_empty_page_range(tpmif->pagerange, TPMIF_TX_RING_SIZE);
 	kmem_cache_free(tpmif_cachep, tpmif);
 }
 
@@ -115,11 +116,11 @@ int tpmif_map(tpmif_t *tpmif, unsigned long shared_page, unsigned int evtchn)
 		.cmd = EVTCHNOP_bind_interdomain,
 		.u.bind_interdomain.remote_dom = tpmif->domid,
 		.u.bind_interdomain.remote_port = evtchn,
-        };
+	};
 
-        if (tpmif->irq) {
-                return 0;
-        }
+	if (tpmif->irq) {
+		return 0;
+	}
 
 	if ((tpmif->tx_area = alloc_vm_area(PAGE_SIZE)) == NULL)
 		return -ENOMEM;
diff --git a/linux-2.6-xen-sparse/drivers/xen/tpmback/tpmback.c b/linux-2.6-xen-sparse/drivers/xen/tpmback/tpmback.c
index cb7cc74e21..9ed254195e 100644
--- a/linux-2.6-xen-sparse/drivers/xen/tpmback/tpmback.c
+++ b/linux-2.6-xen-sparse/drivers/xen/tpmback/tpmback.c
@@ -271,6 +271,7 @@ int _packet_write(struct packet *pak,
 		struct gnttab_map_grant_ref map_op;
 		struct gnttab_unmap_grant_ref unmap_op;
 		tpmif_tx_request_t *tx;
+		unsigned long pfn, mfn, mfn_orig;
 
 		tx = &tpmif->tx->ring[i].req;
 
@@ -293,9 +294,12 @@ int _packet_write(struct packet *pak,
 			DPRINTK(" Grant table operation failure !\n");
 			return 0;
 		}
-		set_phys_to_machine(__pa(MMAP_VADDR(tpmif, i)) >> PAGE_SHIFT,
-				    FOREIGN_FRAME(map_op.
-						  dev_bus_addr >> PAGE_SHIFT));
+
+		pfn = __pa(MMAP_VADDR(tpmif, i)) >> PAGE_SHIFT;
+		mfn = FOREIGN_FRAME(map_op.dev_bus_addr >> PAGE_SHIFT);
+		mfn_orig = phys_to_machine_mapping[pfn];
+
+		set_phys_to_machine(pfn, mfn);
 
 		tocopy = MIN(size - offset, PAGE_SIZE);
 
@@ -307,6 +311,8 @@ int _packet_write(struct packet *pak,
 		}
 		tx->size = tocopy;
 
+		set_phys_to_machine(pfn, mfn_orig);
+
 		gnttab_set_unmap_op(&unmap_op, MMAP_VADDR(tpmif, i),
 				    GNTMAP_host_map, handle);
 
diff --git a/linux-2.6-xen-sparse/drivers/xen/tpmback/xenbus.c b/linux-2.6-xen-sparse/drivers/xen/tpmback/xenbus.c
index 422abd0551..61b9250e8d 100644
--- a/linux-2.6-xen-sparse/drivers/xen/tpmback/xenbus.c
+++ b/linux-2.6-xen-sparse/drivers/xen/tpmback/xenbus.c
@@ -49,6 +49,8 @@ static int tpmback_remove(struct xenbus_device *dev)
 {
 	struct backend_info *be = dev->data;
 
+	if (!be) return 0;
+
 	if (be->backend_watch.node) {
 		unregister_xenbus_watch(&be->backend_watch);
 		kfree(be->backend_watch.node);
@@ -119,37 +121,9 @@ static void backend_changed(struct xenbus_watch *watch,
 		return;
 	}
 
-	if (be->is_instance_set != 0 && be->instance != instance) {
-		printk(KERN_WARNING
-		       "tpmback: changing instance (from %ld to %ld) "
-		       "not allowed.\n",
-		       be->instance, instance);
-		return;
-	}
-
 	if (be->is_instance_set == 0) {
-		be->tpmif = tpmif_find(dev->otherend_id,
-		                       instance);
-		if (IS_ERR(be->tpmif)) {
-			err = PTR_ERR(be->tpmif);
-			be->tpmif = NULL;
-			xenbus_dev_fatal(dev,err,"creating block interface");
-			return;
-		}
 		be->instance = instance;
 		be->is_instance_set = 1;
-
-		/*
-		 * There's an unfortunate problem:
-		 * Sometimes after a suspend/resume the
-		 * state switch to XenbusStateInitialised happens
-		 * *before* I get to this point here. Since then
-		 * the connect_ring() must have failed (be->tpmif is
-		 * still NULL), I just call it here again indirectly.
-		 */
-		if (be->frontend_state == XenbusStateInitialised) {
-			frontend_changed(dev, be->frontend_state);
-		}
 	}
 }
 
@@ -186,6 +160,7 @@ static void frontend_changed(struct xenbus_device *dev,
 		 */
 		tpmif_vtpm_close(be->instance);
 		device_unregister(&be->dev->dev);
+		tpmback_remove(dev);
 		break;
 
 	case XenbusStateUnknown:
@@ -279,6 +254,18 @@ static int connect_ring(struct backend_info *be)
 				 dev->otherend);
 		return err;
 	}
+
+	if (!be->tpmif) {
+		be->tpmif = tpmif_find(dev->otherend_id,
+		                       be->instance);
+		if (IS_ERR(be->tpmif)) {
+			err = PTR_ERR(be->tpmif);
+			be->tpmif = NULL;
+			xenbus_dev_fatal(dev,err,"creating vtpm interface");
+			return err;
+		}
+	}
+
 	if (be->tpmif != NULL) {
 		err = tpmif_map(be->tpmif, ring_ref, evtchn);
 		if (err) {
diff --git a/linux-2.6-xen-sparse/drivers/xen/xenbus/xenbus_backend_client.c b/linux-2.6-xen-sparse/drivers/xen/xenbus/xenbus_backend_client.c
index 398541a1f3..5643647a6f 100644
--- a/linux-2.6-xen-sparse/drivers/xen/xenbus/xenbus_backend_client.c
+++ b/linux-2.6-xen-sparse/drivers/xen/xenbus/xenbus_backend_client.c
@@ -30,21 +30,20 @@
  * IN THE SOFTWARE.
  */
 
+#include <linux/err.h>
 #include <xen/gnttab.h>
 #include <xen/xenbus.h>
 #include <xen/driver_util.h>
 
 /* Based on Rusty Russell's skeleton driver's map_page */
-int xenbus_map_ring_valloc(struct xenbus_device *dev, int gnt_ref, void **vaddr)
+struct vm_struct *xenbus_map_ring_valloc(struct xenbus_device *dev, int gnt_ref)
 {
 	struct gnttab_map_grant_ref op;
 	struct vm_struct *area;
 
-	*vaddr = NULL;
-
 	area = alloc_vm_area(PAGE_SIZE);
 	if (!area)
-		return -ENOMEM;
+		return ERR_PTR(-ENOMEM);
 
 	gnttab_set_map_op(&op, (unsigned long)area->addr, GNTMAP_host_map,
 			  gnt_ref, dev->otherend_id);
@@ -58,14 +57,14 @@ int xenbus_map_ring_valloc(struct xenbus_device *dev, int gnt_ref, void **vaddr)
 		xenbus_dev_fatal(dev, op.status,
 				 "mapping in shared page %d from domain %d",
 				 gnt_ref, dev->otherend_id);
-		return op.status;
+		BUG_ON(!IS_ERR(ERR_PTR(op.status)));
+		return ERR_PTR(op.status);
 	}
 
 	/* Stuff the handle in an unused field */
 	area->phys_addr = (unsigned long)op.handle;
 
-	*vaddr = area->addr;
-	return 0;
+	return area;
 }
 EXPORT_SYMBOL_GPL(xenbus_map_ring_valloc);
 
@@ -92,31 +91,11 @@ EXPORT_SYMBOL_GPL(xenbus_map_ring);
 
 
 /* Based on Rusty Russell's skeleton driver's unmap_page */
-int xenbus_unmap_ring_vfree(struct xenbus_device *dev, void *vaddr)
+int xenbus_unmap_ring_vfree(struct xenbus_device *dev, struct vm_struct *area)
 {
-	struct vm_struct *area;
 	struct gnttab_unmap_grant_ref op;
 
-	/* It'd be nice if linux/vmalloc.h provided a find_vm_area(void *addr)
-	 * method so that we don't have to muck with vmalloc internals here.
-	 * We could force the user to hang on to their struct vm_struct from
-	 * xenbus_map_ring_valloc, but these 6 lines considerably simplify
-	 * this API.
-	 */
-	read_lock(&vmlist_lock);
-	for (area = vmlist; area != NULL; area = area->next) {
-		if (area->addr == vaddr)
-			break;
-	}
-	read_unlock(&vmlist_lock);
-
-	if (!area) {
-		xenbus_dev_error(dev, -ENOENT,
-				 "can't find mapped virtual address %p", vaddr);
-		return GNTST_bad_virt_addr;
-	}
-
-	gnttab_set_unmap_op(&op, (unsigned long)vaddr, GNTMAP_host_map,
+	gnttab_set_unmap_op(&op, (unsigned long)area->addr, GNTMAP_host_map,
 			    (grant_handle_t)area->phys_addr);
 
 	lock_vm_area(area);
diff --git a/linux-2.6-xen-sparse/include/asm-i386/mach-xen/asm/hypercall.h b/linux-2.6-xen-sparse/include/asm-i386/mach-xen/asm/hypercall.h
index 87e123bf78..491362c976 100644
--- a/linux-2.6-xen-sparse/include/asm-i386/mach-xen/asm/hypercall.h
+++ b/linux-2.6-xen-sparse/include/asm-i386/mach-xen/asm/hypercall.h
@@ -338,9 +338,9 @@ HYPERVISOR_callback_op(
 
 static inline int
 HYPERVISOR_xenoprof_op(
-	int op, unsigned long arg1, unsigned long arg2)
+	int op, void *arg)
 {
-	return _hypercall3(int, xenoprof_op, op, arg1, arg2);
+	return _hypercall2(int, xenoprof_op, op, arg);
 }
 
 
diff --git a/linux-2.6-xen-sparse/include/asm-i386/mach-xen/asm/processor.h b/linux-2.6-xen-sparse/include/asm-i386/mach-xen/asm/processor.h
index 5b8d8be639..6c02802144 100644
--- a/linux-2.6-xen-sparse/include/asm-i386/mach-xen/asm/processor.h
+++ b/linux-2.6-xen-sparse/include/asm-i386/mach-xen/asm/processor.h
@@ -497,13 +497,11 @@ struct thread_struct {
 static inline void __load_esp0(struct tss_struct *tss, struct thread_struct *thread)
 {
 	tss->esp0 = thread->esp0;
-#ifdef CONFIG_X86_SYSENTER
 	/* This can only happen when SEP is enabled, no need to test "SEP"arately */
 	if (unlikely(tss->ss1 != thread->sysenter_cs)) {
 		tss->ss1 = thread->sysenter_cs;
 		wrmsr(MSR_IA32_SYSENTER_CS, thread->sysenter_cs, 0);
 	}
-#endif
 }
 #define load_esp0(tss, thread) \
 	__load_esp0(tss, thread)
diff --git a/linux-2.6-xen-sparse/include/asm-i386/mach-xen/setup_arch_post.h b/linux-2.6-xen-sparse/include/asm-i386/mach-xen/setup_arch_post.h
index 71d0258b8d..279bd5a348 100644
--- a/linux-2.6-xen-sparse/include/asm-i386/mach-xen/setup_arch_post.h
+++ b/linux-2.6-xen-sparse/include/asm-i386/mach-xen/setup_arch_post.h
@@ -24,6 +24,7 @@ extern void nmi(void);
 
 static void __init machine_specific_arch_setup(void)
 {
+	int ret;
 	struct xen_platform_parameters pp;
 	struct callback_register event = {
 		.type = CALLBACKTYPE_event,
@@ -33,7 +34,10 @@ static void __init machine_specific_arch_setup(void)
 		.type = CALLBACKTYPE_failsafe,
 		.address = { __KERNEL_CS, (unsigned long)failsafe_callback },
 	};
-	struct xennmi_callback cb;
+	struct callback_register nmi_cb = {
+		.type = CALLBACKTYPE_nmi,
+		.address = { __KERNEL_CS, (unsigned long)nmi },
+	};
 
 	if (xen_feature(XENFEAT_auto_translated_physmap) &&
 	    xen_start_info->shared_info < xen_start_info->nr_pages) {
@@ -42,11 +46,22 @@ static void __init machine_specific_arch_setup(void)
 		memset(empty_zero_page, 0, sizeof(empty_zero_page));
 	}
 
-	HYPERVISOR_callback_op(CALLBACKOP_register, &event);
-	HYPERVISOR_callback_op(CALLBACKOP_register, &failsafe);
+	ret = HYPERVISOR_callback_op(CALLBACKOP_register, &event);
+	if (ret == 0)
+		ret = HYPERVISOR_callback_op(CALLBACKOP_register, &failsafe);
+	if (ret == -ENOSYS)
+		ret = HYPERVISOR_set_callbacks(
+			event.address.cs, event.address.eip,
+			failsafe.address.cs, failsafe.address.eip);
+	BUG_ON(ret);
+
+	ret = HYPERVISOR_callback_op(CALLBACKOP_register, &nmi_cb);
+	if (ret == -ENOSYS) {
+		struct xennmi_callback cb;
 
-	cb.handler_address = (unsigned long)&nmi;
-	HYPERVISOR_nmi_op(XENNMI_register_callback, &cb);
+		cb.handler_address = nmi_cb.address.eip;
+		HYPERVISOR_nmi_op(XENNMI_register_callback, &cb);
+	}
 
 	if (HYPERVISOR_xen_version(XENVER_platform_parameters,
 				   &pp) == 0)
diff --git a/linux-2.6-xen-sparse/include/asm-x86_64/mach-xen/setup_arch_post.h b/linux-2.6-xen-sparse/include/asm-x86_64/mach-xen/setup_arch_post.h
index f2342b0097..e21d4ee6f2 100644
--- a/linux-2.6-xen-sparse/include/asm-x86_64/mach-xen/setup_arch_post.h
+++ b/linux-2.6-xen-sparse/include/asm-x86_64/mach-xen/setup_arch_post.h
@@ -14,6 +14,7 @@ extern void nmi(void);
 
 static void __init machine_specific_arch_setup(void)
 {
+	int ret;
 	struct callback_register event = {
 		.type = CALLBACKTYPE_event,
 		.address = (unsigned long) hypervisor_callback,
@@ -27,15 +28,31 @@ static void __init machine_specific_arch_setup(void)
 		.address = (unsigned long)system_call,
 	};
 #ifdef CONFIG_X86_LOCAL_APIC
-	struct xennmi_callback cb;
+	struct callback_register nmi_cb = {
+		.type = CALLBACKTYPE_nmi,
+		.address = (unsigned long)nmi,
+	};
 #endif
 
-	HYPERVISOR_callback_op(CALLBACKOP_register, &event);
-	HYPERVISOR_callback_op(CALLBACKOP_register, &failsafe);
-	HYPERVISOR_callback_op(CALLBACKOP_register, &syscall);
+	ret = HYPERVISOR_callback_op(CALLBACKOP_register, &event);
+	if (ret == 0)
+		ret = HYPERVISOR_callback_op(CALLBACKOP_register, &failsafe);
+	if (ret == 0)
+		ret = HYPERVISOR_callback_op(CALLBACKOP_register, &syscall);
+	if (ret == -ENOSYS)
+		ret = HYPERVISOR_set_callbacks(
+			event.address,
+			failsafe.address,
+			syscall.address);
+	BUG_ON(ret);
 
 #ifdef CONFIG_X86_LOCAL_APIC
-	cb.handler_address = (unsigned long)&nmi;
-	HYPERVISOR_nmi_op(XENNMI_register_callback, &cb);
+	ret = HYPERVISOR_callback_op(CALLBACKOP_register, &nmi_cb);
+	if (ret == -ENOSYS) {
+		struct xennmi_callback cb;
+
+		cb.handler_address = nmi_cb.address;
+		HYPERVISOR_nmi_op(XENNMI_register_callback, &cb);
+	}
 #endif
 }
diff --git a/linux-2.6-xen-sparse/include/xen/xenbus.h b/linux-2.6-xen-sparse/include/xen/xenbus.h
index b5a9da5f64..ab0c59df76 100644
--- a/linux-2.6-xen-sparse/include/xen/xenbus.h
+++ b/linux-2.6-xen-sparse/include/xen/xenbus.h
@@ -228,8 +228,8 @@ int xenbus_grant_ring(struct xenbus_device *dev, unsigned long ring_mfn);
  * or -ENOMEM on error. If an error is returned, device will switch to
  * XenbusStateClosing and the error message will be saved in XenStore.
  */
-int xenbus_map_ring_valloc(struct xenbus_device *dev,
-			   int gnt_ref, void **vaddr);
+struct vm_struct *xenbus_map_ring_valloc(struct xenbus_device *dev,
+					 int gnt_ref);
 int xenbus_map_ring(struct xenbus_device *dev, int gnt_ref,
 			   grant_handle_t *handle, void *vaddr);
 
@@ -241,7 +241,7 @@ int xenbus_map_ring(struct xenbus_device *dev, int gnt_ref,
  * Returns 0 on success and returns GNTST_* on error
  * (see xen/include/interface/grant_table.h).
  */
-int xenbus_unmap_ring_vfree(struct xenbus_device *dev, void *vaddr);
+int xenbus_unmap_ring_vfree(struct xenbus_device *dev, struct vm_struct *);
 int xenbus_unmap_ring(struct xenbus_device *dev,
 		      grant_handle_t handle, void *vaddr);
 
diff --git a/linux-2.6-xen-sparse/mm/memory.c b/linux-2.6-xen-sparse/mm/memory.c
index f91d3bab09..3482a6bcf7 100644
--- a/linux-2.6-xen-sparse/mm/memory.c
+++ b/linux-2.6-xen-sparse/mm/memory.c
@@ -405,7 +405,7 @@ struct page *vm_normal_page(struct vm_area_struct *vma, unsigned long addr, pte_
 	 * Remove this test eventually!
 	 */
 	if (unlikely(!pfn_valid(pfn))) {
-		if (!vma->vm_flags & VM_RESERVED)
+		if (!(vma->vm_flags & VM_RESERVED))
 			print_bad_pte(vma, pte, addr);
 		return NULL;
 	}
diff --git a/linux-2.6-xen-sparse/net/core/dev.c b/linux-2.6-xen-sparse/net/core/dev.c
index e526fccc2f..55870e1254 100644
--- a/linux-2.6-xen-sparse/net/core/dev.c
+++ b/linux-2.6-xen-sparse/net/core/dev.c
@@ -1220,6 +1220,43 @@ int __skb_linearize(struct sk_buff *skb, gfp_t gfp_mask)
 	}						\
 }
 
+#ifdef CONFIG_XEN
+inline int skb_checksum_setup(struct sk_buff *skb)
+{
+	if (skb->proto_csum_blank) {
+		if (skb->protocol != htons(ETH_P_IP))
+			goto out;
+		skb->h.raw = (unsigned char *)skb->nh.iph + 4*skb->nh.iph->ihl;
+		if (skb->h.raw >= skb->tail)
+			goto out;
+		switch (skb->nh.iph->protocol) {
+		case IPPROTO_TCP:
+			skb->csum = offsetof(struct tcphdr, check);
+			break;
+		case IPPROTO_UDP:
+			skb->csum = offsetof(struct udphdr, check);
+			break;
+		default:
+			if (net_ratelimit())
+				printk(KERN_ERR "Attempting to checksum a non-"
+				       "TCP/UDP packet, dropping a protocol"
+				       " %d packet", skb->nh.iph->protocol);
+			goto out;
+		}
+		if ((skb->h.raw + skb->csum + 2) > skb->tail)
+			goto out;
+		skb->ip_summed = CHECKSUM_HW;
+		skb->proto_csum_blank = 0;
+	}
+	return 0;
+out:
+	return -EPROTO;
+}
+#else
+inline int skb_checksum_setup(struct sk_buff *skb) { return 0; }
+#endif
+
+
 /**
  *	dev_queue_xmit - transmit a buffer
  *	@skb: buffer to transmit
@@ -1266,38 +1303,12 @@ int dev_queue_xmit(struct sk_buff *skb)
 	    __skb_linearize(skb, GFP_ATOMIC))
 		goto out_kfree_skb;
 
-#ifdef CONFIG_XEN
-	/* If a checksum-deferred packet is forwarded to a device that needs a
-	 * checksum, correct the pointers and force checksumming.
-	 */
-	if (skb->proto_csum_blank) {
-		if (skb->protocol != htons(ETH_P_IP))
-			goto out_kfree_skb;
-		skb->h.raw = (unsigned char *)skb->nh.iph + 4*skb->nh.iph->ihl;
-		if (skb->h.raw >= skb->tail)
-			goto out_kfree_skb;
-		switch (skb->nh.iph->protocol) {
-		case IPPROTO_TCP:
-			skb->csum = offsetof(struct tcphdr, check);
-			break;
-		case IPPROTO_UDP:
-			skb->csum = offsetof(struct udphdr, check);
-			break;
-		default:
-			if (net_ratelimit())
-				printk(KERN_ERR "Attempting to checksum a non-"
-				       "TCP/UDP packet, dropping a protocol"
-				       " %d packet", skb->nh.iph->protocol);
-			rc = -EPROTO;
-			goto out_kfree_skb;
-		}
-		if ((skb->h.raw + skb->csum + 2) > skb->tail)
-			goto out_kfree_skb;
-		skb->ip_summed = CHECKSUM_HW;
-		skb->proto_csum_blank = 0;
-	}
-#endif
-
+ 	/* If a checksum-deferred packet is forwarded to a device that needs a
+ 	 * checksum, correct the pointers and force checksumming.
+ 	 */
+ 	if(skb_checksum_setup(skb))
+ 		goto out_kfree_skb;
+  
 	/* If packet is not checksummed and device does not support
 	 * checksumming for this protocol, complete checksumming here.
 	 */
@@ -3351,6 +3362,7 @@ EXPORT_SYMBOL(unregister_netdevice_notifier);
 EXPORT_SYMBOL(net_enable_timestamp);
 EXPORT_SYMBOL(net_disable_timestamp);
 EXPORT_SYMBOL(dev_get_flags);
+EXPORT_SYMBOL(skb_checksum_setup);
 
 #if defined(CONFIG_BRIDGE) || defined(CONFIG_BRIDGE_MODULE)
 EXPORT_SYMBOL(br_handle_frame_hook);
diff --git a/patches/linux-2.6.16/net-csum.patch b/patches/linux-2.6.16/net-csum.patch
index d6ede6b258..6543dcc47b 100644
--- a/patches/linux-2.6.16/net-csum.patch
+++ b/patches/linux-2.6.16/net-csum.patch
@@ -39,3 +39,26 @@ diff -pruN ../pristine-linux-2.6.16/net/ipv4/netfilter/ip_nat_proto_udp.c ./net/
  	*portptr = newport;
  	return 1;
  }
+diff -r 601fa226a761 net/ipv4/xfrm4_output.c
+--- a/net/ipv4/xfrm4_output.c	Wed Apr 19 18:52:30 2006
++++ b/net/ipv4/xfrm4_output.c	Thu Apr 20 15:49:40 2006
+@@ -16,6 +16,8 @@
+ #include <net/ip.h>
+ #include <net/xfrm.h>
+ #include <net/icmp.h>
++
++extern int skb_checksum_setup(struct sk_buff *skb);
+ 
+ /* Add encapsulation header.
+  *
+@@ -103,6 +105,10 @@
+ 	struct xfrm_state *x = dst->xfrm;
+ 	int err;
+ 	
++	err = skb_checksum_setup(skb);
++	if (err)
++		goto error_nolock;
++
+ 	if (skb->ip_summed == CHECKSUM_HW) {
+ 		err = skb_checksum_help(skb, 0);
+ 		if (err)
diff --git a/patches/linux-2.6.16/rename-TSS_sysenter_esp0-SYSENTER_stack_esp0.patch b/patches/linux-2.6.16/rename-TSS_sysenter_esp0-SYSENTER_stack_esp0.patch
new file mode 100644
index 0000000000..7f99a397ab
--- /dev/null
+++ b/patches/linux-2.6.16/rename-TSS_sysenter_esp0-SYSENTER_stack_esp0.patch
@@ -0,0 +1,31 @@
+Index: sysenter/linux-2.6-xen-sparse/arch/i386/kernel/entry.S
+===================================================================
+--- linux-2.6.16.orig/arch/i386/kernel/entry.S	2006-04-05 11:12:51.000000000 +0100
++++ linux-2.6.16/arch/i386/kernel/entry.S	2006-04-05 11:12:52.000000000 +0100
+@@ -177,7 +177,7 @@
+ 
+ 	# sysenter call handler stub
+ ENTRY(sysenter_entry)
+-	movl TSS_sysenter_esp0(%esp),%esp
++	movl SYSENTER_stack_esp0(%esp),%esp
+ sysenter_past_esp:
+ 	sti
+ 	pushl $(__USER_DS)
+@@ -492,7 +492,7 @@
+  * that sets up the real kernel stack. Check here, since we can't
+  * allow the wrong stack to be used.
+  *
+- * "TSS_sysenter_esp0+12" is because the NMI/debug handler will have
++ * "SYSENTER_stack_esp0+12" is because the NMI/debug handler will have
+  * already pushed 3 words if it hits on the sysenter instruction:
+  * eflags, cs and eip.
+  *
+@@ -504,7 +504,7 @@
+ 	cmpw $__KERNEL_CS,4(%esp);		\
+ 	jne ok;					\
+ label:						\
+-	movl TSS_sysenter_esp0+offset(%esp),%esp;	\
++	movl SYSENTER_stack_esp0+offset(%esp),%esp;	\
+ 	pushfl;					\
+ 	pushl $__KERNEL_CS;			\
+ 	pushl $sysenter_past_esp
diff --git a/tools/debugger/gdb/gdb-6.2.1-xen-sparse/gdb/gdbserver/server.c b/tools/debugger/gdb/gdb-6.2.1-xen-sparse/gdb/gdbserver/server.c
index 3e1f50ea49..492aab47c0 100644
--- a/tools/debugger/gdb/gdb-6.2.1-xen-sparse/gdb/gdbserver/server.c
+++ b/tools/debugger/gdb/gdb-6.2.1-xen-sparse/gdb/gdbserver/server.c
@@ -664,17 +664,13 @@ main (int argc, char *argv[])
 
          For the traditional remote protocol close the connection,
          and re-open it at the top of the loop.  */
-      if (extended_protocol)
-	{
-	  remote_close ();
+    detach_inferior ();
+    remote_close ();
+    if (extended_protocol)
 	  exit (0);
-	}
-      else
-	{
+    else
 	  fprintf (stderr, "Remote side has terminated connection.  "
 			   "GDBserver will reopen the connection.\n");
-	  remote_close ();
-	}
     sigaction(SIGINT, &old_sigaction, NULL);
     }
 }
diff --git a/tools/examples/Makefile b/tools/examples/Makefile
index 93a8242637..4cbb15658b 100644
--- a/tools/examples/Makefile
+++ b/tools/examples/Makefile
@@ -28,9 +28,11 @@ XEN_SCRIPTS += block
 XEN_SCRIPTS += block-enbd block-nbd
 XEN_SCRIPTS += vtpm vtpm-delete
 XEN_SCRIPTS += xen-hotplug-cleanup
+XEN_SCRIPTS += external-device-migrate
 XEN_SCRIPT_DATA = xen-script-common.sh locking.sh logging.sh
 XEN_SCRIPT_DATA += xen-hotplug-common.sh xen-network-common.sh vif-common.sh
 XEN_SCRIPT_DATA += block-common.sh vtpm-common.sh vtpm-hotplug-common.sh
+XEN_SCRIPT_DATA += vtpm-migration.sh
 
 XEN_HOTPLUG_DIR = /etc/hotplug
 XEN_HOTPLUG_SCRIPTS = xen-backend.agent
diff --git a/tools/examples/external-device-migrate b/tools/examples/external-device-migrate
new file mode 100644
index 0000000000..0fb2336a0e
--- /dev/null
+++ b/tools/examples/external-device-migrate
@@ -0,0 +1,85 @@
+#!/bin/sh
+
+# Copyright (c) 2005 IBM Corporation
+#
+# This library is free software; you can redistribute it and/or
+# modify it under the terms of version 2.1 of the GNU Lesser General Public
+# License as published by the Free Software Foundation.
+#
+# This library is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# Lesser General Public License for more details.
+#
+# You should have received a copy of the GNU Lesser General Public
+# License along with this library; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
+#
+
+
+# This script is called by XenD for migration of external devices
+# It does not handle the migration of those devices itself, but
+# passes the requests on to further applications
+# It handles the low-level command line parsing and some of the
+# synchronization
+
+dir=$(dirname "$0")
+. "$dir/logging.sh"
+
+
+function usage() {
+	echo " Pass the following command line paremeters to the script:"
+	echo ""
+	echo "-step <n>     : n-th migration step"
+	echo "-host <host>  : the destination host"
+	echo "-domname <domain name> : name of the domain that is migrating"
+	echo "-type <device type>    : the type of device that is migrating"
+	echo "-recover               : indicates recovery request; an error"
+	echo "                         occurred during migration"
+	echo "-help                  : display this help screen"
+}
+
+while [ 1 ]; do
+	if [ "$1" == "-step" ]; then
+		shift
+		step=$1
+	elif [ "$1" == "-host" ]; then
+		shift
+		host=$1
+	elif [ "$1" == "-domname" ]; then
+		shift
+		domname=$1
+	elif [ "$1" == "-type" ]; then
+		shift
+		typ=$1
+	elif [ "$1" == "-recover" ]; then
+		recover=1
+	elif [ "$1" == "-help" ]; then
+		usage
+		exit
+	else
+		break
+	fi
+	shift
+done
+
+if [ "$step"    == "" -o \
+     "$host"    == "" -o \
+     "$typ"     == "" -o \
+     "$domname" == "" ]; then
+	echo "Error: Parameter(s) missing (-step/-host/-type/-domname)"
+set
+	echo ""
+	echo "$0 --help for usage."
+	exit
+fi
+
+. "$dir/$typ-migration.sh"
+
+if [ "$recover" == "1" ]; then
+	func="$typ"_recover
+	eval $func $host $domname $step
+else
+	func="$typ"_migration_step
+	eval $func $host $domname $step
+fi
diff --git a/tools/examples/vtpm-common.sh b/tools/examples/vtpm-common.sh
index 7d032a6c1d..92044a482b 100644
--- a/tools/examples/vtpm-common.sh
+++ b/tools/examples/vtpm-common.sh
@@ -48,6 +48,12 @@ if [ -z "$VTPM_IMPL_DEFINED" ]; then
 	function vtpm_delete() {
 		true
 	}
+	function vtpm_migrate() {
+		echo "Error: vTPM migration accross machines not implemented."
+	}
+	function vtpm_migrate_recover() {
+		true
+	}
 fi
 
 
@@ -60,7 +66,7 @@ fi
 function vtpmdb_find_instance () {
 	local vmname=$1
 	local ret=0
-	instance=`cat $VTPMDB |                    \
+	instance=$(cat $VTPMDB |                   \
 	          awk -vvmname=$vmname             \
 	          '{                               \
 	             if ( 1 != index($1,"#")) {    \
@@ -69,7 +75,7 @@ function vtpmdb_find_instance () {
 	                 exit;                     \
 	               }                           \
 	             }                             \
-	           }'`
+	           }')
 	if [ "$instance" != "" ]; then
 		ret=$instance
 	fi
@@ -86,13 +92,13 @@ function vtpmdb_is_free_instancenum () {
 	if [ $instance -eq 0 -o $instance -gt 255 ]; then
 		avail=0
 	else
-		instances=`cat $VTPMDB |                 \
+		instances=$(cat $VTPMDB |                \
 		           gawk                          \
 		           '{                            \
 		               if (1 != index($1,"#")) { \
 		                 printf("%s ",$2);       \
 		               }                         \
-		            }'`
+		            }')
 		for i in $instances; do
 			if [ $i -eq $instance ]; then
 				avail=0
@@ -110,13 +116,13 @@ function vtpmdb_get_free_instancenum () {
 	local ctr
 	local instances
 	local don
-	instances=`cat $VTPMDB |                 \
+	instances=$(cat $VTPMDB |                \
 	           gawk                          \
 	           '{                            \
 	               if (1 != index($1,"#")) { \
 	                 printf("%s ",$2);       \
 	               }                         \
-	            }'`
+	            }')
 	ctr=1
 	don=0
 	while [ $don -eq 0 ]; do
@@ -163,7 +169,7 @@ function vtpmdb_validate_entry () {
 	local vmname=$1
 	local inst=$2
 
-	res=`cat $VTPMDB |             \
+	res=$(cat $VTPMDB |            \
 	     gawk -vvmname=$vmname     \
 	          -vinst=$inst         \
 	     '{                        \
@@ -179,7 +185,7 @@ function vtpmdb_validate_entry () {
 	            printf("2");       \
 	            exit;              \
 	         }                     \
-	     }'`
+	     }')
 
 	if [ "$res" == "1" ]; then
 		let rc=1
@@ -196,13 +202,13 @@ function vtpmdb_remove_entry () {
 	local vmname=$1
 	local instance=$2
 	local VTPMDB_TMP="$VTPMDB".tmp
-	`cat $VTPMDB |             \
+	$(cat $VTPMDB |            \
 	 gawk -vvmname=$vmname     \
 	 '{                        \
 	    if ( $1 != vmname ) {  \
 	      print $0;            \
 	    }                      \
-	 '} > $VTPMDB_TMP`
+	 '} > $VTPMDB_TMP)
 	if [ -e $VTPMDB_TMP ]; then
 		mv -f $VTPMDB_TMP $VTPMDB
 		vtpm_delete $instance
@@ -300,3 +306,62 @@ function vtpm_delete_instance () {
 
 	release_lock vtpmdb
 }
+
+# Determine whether the given address is local to this machine
+# Return values:
+#  "-1" : the given machine name is invalid
+#  "0"  : this is not an address of this machine
+#  "1"  : this is an address local to this machine
+function isLocalAddress() {
+	local addr=$(ping $1 -c 1 |  \
+	             gawk '{ print substr($3,2,length($3)-2); exit }')
+	if [ "$addr" == "" ]; then
+		echo "-1"
+		return
+	fi
+	local res=$(ifconfig | grep "inet addr" |  \
+	           gawk -vaddr=$addr               \
+	           '{                              \
+	              if ( addr == substr($2, 6)) {\
+	                print "1";                 \
+	              }                            \
+	           }'                              \
+	          )
+	if [ "$res" == "" ]; then
+		echo "0"
+		return
+	fi
+	echo "1"
+}
+
+# Perform a migration step. This function differentiates between migration
+# to the local host or to a remote machine.
+# Parameters:
+# 1st: destination host to migrate to
+# 2nd: name of the domain to migrate
+# 3rd: the migration step to perform
+function vtpm_migration_step() {
+	local instance=$(vtpmdb_find_instance $2)
+	if [ "$instance" == "" ]; then
+		echo "Error: Translation of domain name ($2) to instance failed. Check /etc/xen/vtpm.db"
+		log err "Error during translation of domain name"
+	else
+		res=$(isLocalAddress $1)
+		if [ "$res" == "0" ]; then
+			vtpm_migrate $1 $2 $3
+		fi
+	fi
+}
+
+# Recover from migration due to an error. This function differentiates
+# between migration to the local host or to a remote machine.
+# Parameters:
+# 1st: destination host the migration was going to
+# 2nd: name of the domain that was to be migrated
+# 3rd: the last successful migration step that was done
+function vtpm_recover() {
+	res=$(isLocalAddress $1)
+	if [ "$res" == "0" ]; then
+		vtpm_migrate_recover $1 $2 $3
+	fi
+}
diff --git a/tools/examples/vtpm-migration.sh b/tools/examples/vtpm-migration.sh
new file mode 100644
index 0000000000..7e38ae26f0
--- /dev/null
+++ b/tools/examples/vtpm-migration.sh
@@ -0,0 +1,19 @@
+#
+# Copyright (c) 2005 IBM Corporation
+#
+# This library is free software; you can redistribute it and/or
+# modify it under the terms of version 2.1 of the GNU Lesser General Public
+# License as published by the Free Software Foundation.
+#
+# This library is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# Lesser General Public License for more details.
+#
+# You should have received a copy of the GNU Lesser General Public
+# License along with this library; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
+#
+
+dir=$(dirname "$0")
+. "$dir/vtpm-common.sh"
diff --git a/tools/examples/xmexample.hvm b/tools/examples/xmexample.hvm
index d7576b67a0..2f136ae7ee 100644
--- a/tools/examples/xmexample.hvm
+++ b/tools/examples/xmexample.hvm
@@ -21,6 +21,10 @@ kernel = "/usr/lib/xen/boot/hvmloader"
 builder='hvm'
 
 # Initial memory allocation (in megabytes) for the new domain.
+#
+# WARNING: Creating a domain with insufficient memory may cause out of
+#          memory errors. The domain needs enough memory to boot kernel
+#          and modules. Allocating less than 32MBs is not recommended.
 memory = 128
 
 # A name for your domain. All domains must have different names.
diff --git a/tools/examples/xmexample.nbd b/tools/examples/xmexample.nbd
index 90dadc294d..7fdb74e0e0 100644
--- a/tools/examples/xmexample.nbd
+++ b/tools/examples/xmexample.nbd
@@ -10,7 +10,12 @@
 
 kernel = "/boot/vmlinuz-2.6.13-15b-xen"
 ramdisk = "/boot/initrd-2.6.13-15b-xen"
+
+# WARNING: Creating a domain with insufficient memory may cause out of
+#          memory errors. The domain needs enough memory to boot kernel
+#          and modules. Allocating less than 32MBs is not recommended.
 memory = 128
+
 name = "nbd4"
 vif = [ '' ]
 # Please change PORT
diff --git a/tools/examples/xmexample.vti b/tools/examples/xmexample.vti
index 6680858af8..5d5b433cf3 100644
--- a/tools/examples/xmexample.vti
+++ b/tools/examples/xmexample.vti
@@ -18,6 +18,10 @@ kernel = "/boot/Flash.fd"
 builder='hvm'
 
 # Initial memory allocation (in megabytes) for the new domain.
+#
+# WARNING: Creating a domain with insufficient memory may cause out of
+#          memory errors. The domain needs enough memory to boot kernel
+#          and modules. Allocating less than 32MBs is not recommended.
 memory = 256
 
 # A name for your domain. All domains must have different names.
diff --git a/tools/examples/xmexample1 b/tools/examples/xmexample1
index 8985ff2582..1ba525a962 100644
--- a/tools/examples/xmexample1
+++ b/tools/examples/xmexample1
@@ -17,6 +17,10 @@ kernel = "/boot/vmlinuz-2.6.10-xenU"
 #builder='linux'
 
 # Initial memory allocation (in megabytes) for the new domain.
+#
+# WARNING: Creating a domain with insufficient memory may cause out of
+#          memory errors. The domain needs enough memory to boot kernel
+#          and modules. Allocating less than 32MBs is not recommended.
 memory = 64
 
 # A name for your domain. All domains must have different names.
diff --git a/tools/examples/xmexample2 b/tools/examples/xmexample2
index ff39c4e7d9..2dd75687b6 100644
--- a/tools/examples/xmexample2
+++ b/tools/examples/xmexample2
@@ -45,6 +45,10 @@ kernel = "/boot/vmlinuz-2.6.10-xenU"
 #builder='linux'
 
 # Initial memory allocation (in megabytes) for the new domain.
+#
+# WARNING: Creating a domain with insufficient memory may cause out of
+#          memory errors. The domain needs enough memory to boot kernel
+#          and modules. Allocating less than 32MBs is not recommended.
 memory = 64
 
 # A name for the new domain. All domains have to have different names,
diff --git a/tools/examples/xmexample3 b/tools/examples/xmexample3
index bf20dd4862..8b01b13893 100644
--- a/tools/examples/xmexample3
+++ b/tools/examples/xmexample3
@@ -45,6 +45,10 @@ kernel = "/path/to/domU/kernel"
 #builder='linux'
 
 # Initial memory allocation (in megabytes) for the new domain.
+#
+# WARNING: Creating a domain with insufficient memory may cause out of
+#          memory errors. The domain needs enough memory to boot kernel
+#          and modules. Allocating less than 32MBs is not recommended.
 memory = 64
 
 # A name for the new domain. All domains have to have different names,
diff --git a/tools/ioemu/hw/pc.c b/tools/ioemu/hw/pc.c
index c786132d14..d2de9abc3d 100644
--- a/tools/ioemu/hw/pc.c
+++ b/tools/ioemu/hw/pc.c
@@ -40,7 +40,6 @@ int speaker_data_on;
 int dummy_refresh_clock;
 static fdctrl_t *floppy_controller;
 static RTCState *rtc_state;
-static PITState *pit;
 
 static void ioport80_write(void *opaque, uint32_t addr, uint32_t data)
 {
@@ -243,17 +242,13 @@ static void cmos_init(uint64_t ram_size, int boot_device, BlockDriverState **hd_
 
 static void speaker_ioport_write(void *opaque, uint32_t addr, uint32_t val)
 {
-    speaker_data_on = (val >> 1) & 1;
-    pit_set_gate(pit, 2, val & 1);
+    fprintf(stderr, "speaker port should not be handled in DM!\n");
 }
 
 static uint32_t speaker_ioport_read(void *opaque, uint32_t addr)
 {
-    int out;
-    out = pit_get_out(pit, 2, qemu_get_clock(vm_clock));
-    dummy_refresh_clock ^= 1;
-    return (speaker_data_on << 1) | pit_get_gate(pit, 2) | (out << 5) |
-      (dummy_refresh_clock << 4);
+    fprintf(stderr, "speaker port should not be handled in DM!\n");
+    return 0;
 }
 
 static void ioport92_write(void *opaque, uint32_t addr, uint32_t val)
@@ -529,7 +524,6 @@ void pc_init(uint64_t ram_size, int vga_ram_size, int boot_device,
     register_ioport_write(0x92, 1, 1, ioport92_write, NULL);
 
     pic_init();
-    pit = pit_init(0x40, 0);
 
     for(i = 0; i < MAX_SERIAL_PORTS; i++) {
         if (serial_hds[i]) {
diff --git a/tools/ioemu/keyboard_rdesktop.c b/tools/ioemu/keyboard_rdesktop.c
index a98df10149..a660a5f9c9 100644
--- a/tools/ioemu/keyboard_rdesktop.c
+++ b/tools/ioemu/keyboard_rdesktop.c
@@ -75,7 +75,7 @@ static kbd_layout_t* parse_keyboard_layout(const char* language,kbd_layout_t* k)
     char* file_name=malloc(strlen(prefix)+strlen(language)+strlen(bios_dir)+1);
 
 	if(!k)
-		k=calloc(sizeof(kbd_layout_t),1);
+		k=calloc(1, sizeof(kbd_layout_t));
 	strcpy(file_name,bios_dir);
 	strcat(file_name,prefix);
 	strcat(file_name,language);
diff --git a/tools/ioemu/target-i386-dm/Makefile b/tools/ioemu/target-i386-dm/Makefile
index c5dcc83208..c48e03146b 100644
--- a/tools/ioemu/target-i386-dm/Makefile
+++ b/tools/ioemu/target-i386-dm/Makefile
@@ -277,7 +277,7 @@ endif
 
 # Hardware support
 VL_OBJS+= ide.o ne2000.o pckbd.o vga.o dma.o
-VL_OBJS+= fdc.o mc146818rtc.o serial.o i8259_stub.o i8254.o pc.o port-e9.o
+VL_OBJS+= fdc.o mc146818rtc.o serial.o i8259_stub.o pc.o port-e9.o
 VL_OBJS+= cirrus_vga.o pcnet.o
 VL_OBJS+= $(SOUND_HW) $(AUDIODRV) mixeng.o
 
diff --git a/tools/libxc/xc_linux_restore.c b/tools/libxc/xc_linux_restore.c
index ac17f41edb..571f5fd839 100644
--- a/tools/libxc/xc_linux_restore.c
+++ b/tools/libxc/xc_linux_restore.c
@@ -183,9 +183,9 @@ int xc_linux_restore(int xc_handle, int io_fd,
 
 
     /* We want zeroed memory so use calloc rather than malloc. */
-    p2m        = calloc(sizeof(unsigned long), max_pfn);
-    pfn_type   = calloc(sizeof(unsigned long), max_pfn);
-    region_mfn = calloc(sizeof(unsigned long), MAX_BATCH_SIZE);
+    p2m        = calloc(max_pfn, sizeof(unsigned long));
+    pfn_type   = calloc(max_pfn, sizeof(unsigned long));
+    region_mfn = calloc(MAX_BATCH_SIZE, sizeof(unsigned long));
 
     if ((p2m == NULL) || (pfn_type == NULL) || (region_mfn == NULL)) {
         ERR("memory alloc failed");
diff --git a/tools/pygrub/Makefile b/tools/pygrub/Makefile
index 75bf46bc83..fab70ffc30 100644
--- a/tools/pygrub/Makefile
+++ b/tools/pygrub/Makefile
@@ -11,7 +11,7 @@ build:
 .PHONY: install
 ifndef XEN_PYTHON_NATIVE_INSTALL
 install: all
-	CFLAGS="$(CFLAGS)" python setup.py install --home="$(DESTDIR)/usr"
+	CFLAGS="$(CFLAGS)" python setup.py install --home="$(DESTDIR)/usr" --prefix=""
 else
 install: all
 	CFLAGS="$(CFLAGS)" python setup.py install --root="$(DESTDIR)"
diff --git a/tools/python/Makefile b/tools/python/Makefile
index b3e404cb9f..e73d624414 100644
--- a/tools/python/Makefile
+++ b/tools/python/Makefile
@@ -11,7 +11,7 @@ build:
 .PHONY: install
 ifndef XEN_PYTHON_NATIVE_INSTALL
 install: all
-	CFLAGS="$(CFLAGS)" python setup.py install --home="$(DESTDIR)/usr" --force
+	CFLAGS="$(CFLAGS)" python setup.py install --home="$(DESTDIR)/usr" --prefix="" --force
 else
 install: all
 	CFLAGS="$(CFLAGS)" python setup.py install --root="$(DESTDIR)" --force
diff --git a/tools/python/setup.py b/tools/python/setup.py
index 49f79e1b87..640dcef000 100644
--- a/tools/python/setup.py
+++ b/tools/python/setup.py
@@ -31,6 +31,13 @@ xs = Extension("xs",
                libraries          = libraries,
                sources            = [ "xen/lowlevel/xs/xs.c" ])
 
+acm = Extension("acm",
+               extra_compile_args = extra_compile_args,
+               include_dirs       = include_dirs + [ "xen/lowlevel/acm" ],
+               library_dirs       = library_dirs,
+               libraries          = libraries,
+               sources            = [ "xen/lowlevel/acm/acm.c" ])
+
 setup(name            = 'xen',
       version         = '3.0',
       description     = 'Xen',
@@ -50,7 +57,7 @@ setup(name            = 'xen',
                          'xen.xm.tests'
                          ],
       ext_package = "xen.lowlevel",
-      ext_modules = [ xc, xs ]
+      ext_modules = [ xc, xs, acm ]
       )
 
 os.chdir('logging')
diff --git a/tools/python/xen/lowlevel/acm/acm.c b/tools/python/xen/lowlevel/acm/acm.c
new file mode 100644
index 0000000000..327192d606
--- /dev/null
+++ b/tools/python/xen/lowlevel/acm/acm.c
@@ -0,0 +1,237 @@
+/****************************************************************
+ * acm.c
+ *
+ * Copyright (C) 2006 IBM Corporation
+ *
+ * Authors:
+ * Reiner Sailer <sailer@watson.ibm.com>
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License as
+ * published by the Free Software Foundation, version 2 of the
+ * License.
+ *
+ * ACM low-level code that allows Python control code to leverage
+ * the ACM hypercall interface to retrieve real-time information
+ * from the Xen hypervisor security module.
+ *
+ * indent -i4 -kr -nut
+ */
+#include <Python.h>
+
+#include <stdio.h>
+#include <fcntl.h>
+#include <sys/mman.h>
+#include <sys/types.h>
+#include <stdlib.h>
+#include <sys/ioctl.h>
+#include <netinet/in.h>
+#include <xen/acm.h>
+#include <xen/acm_ops.h>
+#include <xen/linux/privcmd.h>
+
+#define PERROR(_m, _a...) \
+fprintf(stderr, "ERROR: " _m " (%d = %s)\n" , ## _a ,    \
+    errno, strerror(errno))
+
+
+
+static inline int do_acm_op(int xc_handle, struct acm_op *op)
+{
+    int ret = -1;
+    privcmd_hypercall_t hypercall;
+
+    op->interface_version = ACM_INTERFACE_VERSION;
+
+    hypercall.op = __HYPERVISOR_acm_op;
+    hypercall.arg[0] = (unsigned long) op;
+
+    if (mlock(op, sizeof(*op)) != 0) {
+        PERROR("Could not lock memory for Xen policy hypercall");
+        goto out1;
+    }
+    ret = ioctl(xc_handle, IOCTL_PRIVCMD_HYPERCALL, &hypercall);
+    if (ret < 0) {
+        if (errno == EACCES)
+            PERROR("ACM operation failed.");
+        goto out2;
+    }
+ out2:
+    munlock(op, sizeof(*op));
+ out1:
+    return ret;
+}
+
+
+
+/* generic shared function */
+void * __getssid(int domid, uint32_t *buflen)
+{
+    struct acm_op op;
+    int acm_cmd_fd;
+    #define SSID_BUFFER_SIZE    4096
+    void *buf = NULL;
+
+    if ((acm_cmd_fd = open("/proc/xen/privcmd", O_RDONLY)) < 0) {
+        goto out1;
+    }
+    if ((buf = malloc(SSID_BUFFER_SIZE)) == NULL) {
+        PERROR("acm.policytype: Could not allocate ssid buffer!\n");
+        goto out2;
+    }
+    memset(buf, 0, SSID_BUFFER_SIZE);
+    op.cmd = ACM_GETSSID;
+    op.interface_version = ACM_INTERFACE_VERSION;
+    op.u.getssid.ssidbuf = buf;
+    op.u.getssid.ssidbuf_size = SSID_BUFFER_SIZE;
+    op.u.getssid.get_ssid_by = DOMAINID;
+    op.u.getssid.id.domainid = domid;
+
+    if (do_acm_op(acm_cmd_fd, &op) < 0) {
+        free(buf);
+        buf = NULL;
+        goto out2;
+    } else {
+        *buflen = SSID_BUFFER_SIZE;
+        goto out2;
+    }
+ out2:
+    close(acm_cmd_fd);
+ out1:
+    return buf;
+}
+
+
+/* retrieve the policytype indirectly by retrieving the
+ * ssidref for domain 0 (always exists) */
+static PyObject *policy(PyObject * self, PyObject * args)
+{
+    /* out */
+    char *policyreference;
+    PyObject *ret = NULL;
+    void *ssid_buffer;
+    uint32_t buf_len;
+
+    if (!PyArg_ParseTuple(args, "", NULL)) {
+    goto out1;
+    }
+    ssid_buffer =  __getssid(0, &buf_len);
+    if (ssid_buffer == NULL) {
+        goto out1;
+    } else if (buf_len < sizeof(struct acm_ssid_buffer)) {
+        goto out2;
+    } else {
+        struct acm_ssid_buffer *ssid = (struct acm_ssid_buffer *)ssid_buffer;
+        policyreference = (char *)(ssid_buffer + ssid->policy_reference_offset
+                       + sizeof (struct acm_policy_reference_buffer));
+    }
+    ret = Py_BuildValue("s", policyreference);
+ out2:
+    free(ssid_buffer);
+ out1:
+    return ret;
+}
+
+
+/* retrieve ssid info for a domain domid*/
+static PyObject *getssid(PyObject * self, PyObject * args)
+{
+    /* in */
+    uint32_t    domid;
+    /* out */
+    char *policytype, *policyreference;
+    uint32_t    ssidref;
+
+    void *ssid_buffer;
+    uint32_t buf_len;
+
+    if (!PyArg_ParseTuple(args, "i", &domid)) {
+        return NULL;
+    }
+    ssid_buffer =  __getssid(domid, &buf_len);
+    if (ssid_buffer == NULL) {
+        return NULL;
+    } else if (buf_len < sizeof(struct acm_ssid_buffer)) {
+        free(ssid_buffer);
+        return NULL;
+    } else {
+        struct acm_ssid_buffer *ssid = (struct acm_ssid_buffer *) ssid_buffer;
+        policytype = ACM_POLICY_NAME(ssid->secondary_policy_code << 4 |
+                     ssid->primary_policy_code);
+        ssidref = ssid->ssidref;
+        policyreference = (char *)(ssid_buffer + ssid->policy_reference_offset
+                       + sizeof (struct acm_policy_reference_buffer));
+    }
+    free(ssid_buffer);
+    return Py_BuildValue("{s:s,s:s,s:i}",
+             "policyreference",   policyreference,
+             "policytype",        policytype,
+             "ssidref",           ssidref);
+}
+
+
+/* retrieve access decision based on domain ids or ssidrefs */
+static PyObject *getdecision(PyObject * self, PyObject * args)
+{
+    char *arg1_name, *arg1, *arg2_name, *arg2, *decision = NULL;
+    struct acm_op op;
+    int acm_cmd_fd, ret;
+
+    if (!PyArg_ParseTuple(args, "ssss", &arg1_name, &arg1, &arg2_name, &arg2)) {
+        return NULL;
+    }
+
+    if ((acm_cmd_fd = open("/proc/xen/privcmd", O_RDONLY)) <= 0) {
+        PERROR("Could not open xen privcmd device!\n");
+        return NULL;
+    }
+
+    if ((strcmp(arg1_name, "domid") && strcmp(arg1_name, "ssidref")) ||
+    (strcmp(arg2_name, "domid") && strcmp(arg2_name, "ssidref")))
+        return NULL;
+
+    op.cmd = ACM_GETDECISION;
+    op.interface_version = ACM_INTERFACE_VERSION;
+    op.u.getdecision.hook = SHARING;
+    if (!strcmp(arg1_name, "domid")) {
+        op.u.getdecision.get_decision_by1 = DOMAINID;
+        op.u.getdecision.id1.domainid = atoi(arg1);
+    } else {
+        op.u.getdecision.get_decision_by1 = SSIDREF;
+        op.u.getdecision.id1.ssidref = atol(arg1);
+    }
+    if (!strcmp(arg2_name, "domid")) {
+        op.u.getdecision.get_decision_by2 = DOMAINID;
+        op.u.getdecision.id2.domainid = atoi(arg2);
+    } else {
+        op.u.getdecision.get_decision_by2 = SSIDREF;
+        op.u.getdecision.id2.ssidref = atol(arg2);
+    }
+
+    ret = do_acm_op(acm_cmd_fd, &op);
+    close(acm_cmd_fd);
+
+    if (op.u.getdecision.acm_decision == ACM_ACCESS_PERMITTED)
+        decision = "PERMITTED";
+    else if (op.u.getdecision.acm_decision == ACM_ACCESS_DENIED)
+        decision = "DENIED";
+
+    return Py_BuildValue("s", decision);
+}
+
+/*=================General Python Extension Declarations=================*/
+
+/* methods */
+static PyMethodDef acmMethods[] = {
+    {"policy", policy, METH_VARARGS, "Retrieve Active ACM Policy Reference Name"},
+    {"getssid", getssid, METH_VARARGS, "Retrieve label information and ssidref for a domain"},
+    {"getdecision", getdecision, METH_VARARGS, "Retrieve ACM access control decision"},
+    /* end of list (extend list above this line) */
+    {NULL, NULL, 0, NULL}
+};
+
+/* inits */
+PyMODINIT_FUNC initacm(void)
+{
+    Py_InitModule("acm", acmMethods);
+}
diff --git a/tools/python/xen/util/diagnose.py b/tools/python/xen/util/diagnose.py
index d2d51eb626..cd4361404c 100644
--- a/tools/python/xen/util/diagnose.py
+++ b/tools/python/xen/util/diagnose.py
@@ -11,10 +11,11 @@
 # License along with this library; if not, write to the Free Software
 # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
 #
-# Copyright (c) 2005 XenSource Ltd
+# Copyright (c) 2005-2006 XenSource Inc
 
 
 import re
+import socket
 import sys
 
 from xen.xend import sxp
@@ -45,7 +46,6 @@ def diagnose(dom):
         state = sxp.child_value(domain, 'state')
         domid = int(sxp.child_value(domain, 'domid'))
         name = sxp.child_value(domain, 'name')
-        dompath = '/local/domain/%d' % domid
 
         print "Domain ID is %d." % domid
         print "Domain name is %s." % name
@@ -55,12 +55,23 @@ def diagnose(dom):
 
         if state.find('c') != -1:
             print "Domain has crashed."
-
-        diagnose_console()
-
-        diagnose_devices()
+    except socket.error, exn:
+        print "Cannot contact Xend."
+
+        try:
+            domid = int(dom)
+            name = dom
+        except ValueError:
+            print \
+"Without Xend, you will have to specify the domain ID, not the domain name."
+            sys.exit(1)
     except xen.xend.XendProtocol.XendError, exn:
         print exn
+        sys.exit(1)
+
+    dompath = '/local/domain/%d' % domid
+    diagnose_console()
+    diagnose_devices()
 
 
 def diagnose_console():
diff --git a/tools/python/xen/util/security.py b/tools/python/xen/util/security.py
new file mode 100644
index 0000000000..752ab15e08
--- /dev/null
+++ b/tools/python/xen/util/security.py
@@ -0,0 +1,504 @@
+#===========================================================================
+# This library is free software; you can redistribute it and/or
+# modify it under the terms of version 2.1 of the GNU Lesser General Public
+# License as published by the Free Software Foundation.
+#
+# This library is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# Lesser General Public License for more details.
+#
+# You should have received a copy of the GNU Lesser General Public
+# License along with this library; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
+#============================================================================
+# Copyright (C) 2006 International Business Machines Corp.
+# Author: Reiner Sailer
+#============================================================================
+
+import commands
+import logging
+import sys, os, string, re
+import traceback
+import shutil
+from xen.lowlevel import acm
+from xen.xend import sxp
+
+#global directories and tools for security management
+policy_dir_prefix = "/etc/xen/acm-security/policies"
+boot_filename = "/boot/grub/menu.lst"
+xensec_xml2bin = "/usr/sbin/xensec_xml2bin"
+xensec_tool = "/usr/sbin/xensec_tool"
+
+#global patterns for map file
+#police_reference_tagname = "POLICYREFERENCENAME"
+primary_entry_re = re.compile("\s*PRIMARY\s+.*", re.IGNORECASE)
+secondary_entry_re = re.compile("\s*SECONDARY\s+.*", re.IGNORECASE)
+label_template_re =  re.compile(".*security_label_template.xml", re.IGNORECASE)
+mapping_filename_re = re.compile(".*\.map", re.IGNORECASE)
+policy_reference_entry_re = re.compile("\s*POLICYREFERENCENAME\s+.*", re.IGNORECASE)
+vm_label_re = re.compile("\s*LABEL->SSID\s+VM\s+.*", re.IGNORECASE)
+res_label_re = re.compile("\s*LABEL->SSID\s+RES\s+.*", re.IGNORECASE)
+all_label_re = re.compile("\s*LABEL->SSID\s+.*", re.IGNORECASE)
+access_control_re = re.compile("\s*access_control\s*=", re.IGNORECASE)
+
+#global patterns for boot configuration file
+xen_title_re = re.compile("\s*title\s+XEN", re.IGNORECASE)
+any_title_re = re.compile("\s*title\s", re.IGNORECASE)
+xen_kernel_re = re.compile("\s*kernel.*xen.*\.gz", re.IGNORECASE)
+kernel_ver_re = re.compile("\s*module.*vmlinuz", re.IGNORECASE)
+any_module_re = re.compile("\s*module\s", re.IGNORECASE)
+empty_line_re = re.compile("^\s*$")
+binary_name_re = re.compile(".*[chwall|ste|chwall_ste].*\.bin", re.IGNORECASE)
+policy_name_re = re.compile(".*[chwall|ste|chwall_ste].*", re.IGNORECASE)
+
+
+
+log = logging.getLogger("xend.util.security")
+
+# Our own exception definition. It is masked (pass) if raised and
+# whoever raises this exception must provide error information.
+class ACMError(Exception):
+    def __init__(self,value):
+        self.value = value
+    def __str__(self):
+        return repr(self.value)
+
+
+
+def err(msg):
+    """Raise ACM exception.
+    """
+    sys.stderr.write("ACMError: " + msg + "\n")
+    raise ACMError(msg)
+
+
+
+active_policy = None
+
+
+def refresh_security_policy():
+    """
+    retrieves security policy
+    """
+    global active_policy
+
+    try:
+        active_policy = acm.policy()
+    except:
+        active_policy = "INACTIVE"
+
+# now set active_policy
+refresh_security_policy()
+
+def on():
+    """
+    returns none if security policy is off (not compiled),
+    any string otherwise, use it: if not security.on() ...
+    """
+    refresh_security_policy()
+    return (active_policy not in ['INACTIVE', 'NULL'])
+
+
+
+# Assumes a 'security' info  [security access_control ...] [ssidref ...]
+def get_security_info(info, field):
+    """retrieves security field from self.info['security'])
+    allowed search fields: ssidref, label, policy
+    """
+    if isinstance(info, dict):
+        security = info['security']
+    elif isinstance(info, list):
+        security = sxp.child_value(info, 'security', )
+    if not security:
+        if field == 'ssidref':
+            #return default ssid
+            return 0
+        else:
+            err("Security information not found in info struct.")
+
+    if field == 'ssidref':
+        search = 'ssidref'
+    elif field in ['policy', 'label']:
+            search = 'access_control'
+    else:
+        err("Illegal field in get_security_info.")
+
+    for idx in range(0, len(security)):
+        if search != security[idx][0]:
+            continue
+        if search == 'ssidref':
+            return int(security[idx][1])
+        else:
+            for aidx in range(0, len(security[idx])):
+                if security[idx][aidx][0] == field:
+                    return str(security[idx][aidx][1])
+
+    if search == 'ssidref':
+        return 0
+    else:
+        return None
+
+
+
+def get_security_printlabel(info):
+    """retrieves printable security label from self.info['security']),
+    preferably the label name and otherwise (if label is not specified
+    in config and cannot be found in mapping file) a hex string of the
+    ssidref or none if both not available
+    """
+    try:
+        if not on():
+            return "INACTIVE"
+        if active_policy in ["DEFAULT"]:
+            return "DEFAULT"
+
+        printlabel = get_security_info(info, 'label')
+        if printlabel:
+            return printlabel
+        ssidref = get_security_info(info, 'ssidref')
+        if not ssidref:
+            return None
+        #try to translate ssidref to a label
+        result = ssidref2label(ssidref)
+        if not result:
+            printlabel = "0x%08x" % ssidref
+        else:
+            printlabel = result
+        return printlabel
+    except ACMError:
+        #don't throw an exception in xm list
+        return "ERROR"
+
+
+
+def getmapfile(policyname):
+    """
+    in: if policyname is None then the currently
+    active hypervisor policy is used
+    out: 1. primary policy, 2. secondary policy,
+    3. open file descriptor for mapping file, and
+    4. True if policy file is available, False otherwise
+    """
+    if not policyname:
+        policyname = active_policy
+    map_file_ok = False
+    primary = None
+    secondary = None
+    #strip last part of policy as file name part
+    policy_dir_list = string.split(policyname, ".")
+    policy_file = policy_dir_list.pop()
+    if len(policy_dir_list) > 0:
+        policy_dir = string.join(policy_dir_list, "/") + "/"
+    else:
+        policy_dir = ""
+
+    map_filename = policy_dir_prefix + "/" + policy_dir + policy_file + ".map"
+    # check if it is there, if not check if policy file is there
+    if not os.path.isfile(map_filename):
+        policy_filename =  policy_dir_prefix + "/" + policy_dir + policy_file + "-security_policy.xml"
+        if not os.path.isfile(policy_filename):
+            err("Policy file \'" + policy_filename + "\' not found.")
+        else:
+            err("Mapping file \'" + map_filename + "\' not found." +
+                " Use xm makepolicy to create it.")
+
+    f = open(map_filename)
+    for line in f:
+        if policy_reference_entry_re.match(line):
+            l = line.split()
+            if (len(l) == 2) and (l[1] == policyname):
+                map_file_ok = True
+        elif primary_entry_re.match(line):
+            l = line.split()
+            if len(l) == 2:
+                primary = l[1]
+        elif secondary_entry_re.match(line):
+            l = line.split()
+            if len(l) == 2:
+                secondary = l[1]
+    f.close()
+    f = open(map_filename)
+    if map_file_ok and primary and secondary:
+        return (primary, secondary, f, True)
+    else:
+        err("Mapping file inconsistencies found. Try makepolicy to create a new one.")
+
+
+
+def ssidref2label(ssidref_var):
+    """
+    returns labelname corresponding to ssidref;
+    maps current policy to default directory
+    to find mapping file
+    """
+    #1. translated permitted input formats
+    if isinstance(ssidref_var, str):
+        ssidref_var.strip()
+        if ssidref_var[0:2] == "0x":
+            ssidref = int(ssidref_var[2:], 16)
+        else:
+            ssidref = int(ssidref_var)
+    elif isinstance(ssidref_var, int):
+        ssidref = ssidref_var
+    else:
+        err("Instance type of ssidref not supported (must be of type 'str' or 'int')")
+
+    (primary, secondary, f, pol_exists) = getmapfile(None)
+    if not f:
+        if (pol_exists):
+            err("Mapping file for policy \'" + policyname + "\' not found.\n" +
+                "Please use makepolicy command to create mapping file!")
+        else:
+            err("Policy file for \'" + active_policy + "\' not found.")
+
+    #2. get labelnames for both ssidref parts
+    pri_ssid = ssidref & 0xffff
+    sec_ssid = ssidref >> 16
+    pri_labels = []
+    sec_labels = []
+    labels = []
+
+    for line in f:
+        l = line.split()
+        if (len(l) < 5) or (l[0] != "LABEL->SSID"):
+            continue
+        if primary and (l[2] == primary) and (int(l[4], 16) == pri_ssid):
+            pri_labels.append(l[3])
+        if secondary and (l[2] == secondary) and (int(l[4], 16) == sec_ssid):
+            sec_labels.append(l[3])
+    f.close()
+
+    #3. get the label that is in both lists (combination must be a single label)
+    if secondary == "NULL":
+        labels = pri_labels
+    else:
+        for i in pri_labels:
+            for j in sec_labels:
+                if (i==j):
+                    labels.append(i)
+    if len(labels) != 1:
+        err("Label for ssidref \'" +  str(ssidref) +
+            "\' unknown or not unique in policy \'" + active_policy + "\'")
+
+    return labels[0]
+
+
+
+def label2ssidref(labelname, policyname):
+    """
+    returns ssidref corresponding to labelname;
+    maps current policy to default directory
+    to find mapping file    """
+
+    if policyname in ['NULL', 'INACTIVE', 'DEFAULT']:
+        err("Cannot translate labels for \'" + policyname + "\' policy.")
+
+    (primary, secondary, f, pol_exists) = getmapfile(policyname)
+
+    #2. get labelnames for ssidref parts and find a common label
+    pri_ssid = []
+    sec_ssid = []
+    for line in f:
+        l = line.split()
+        if (len(l) < 5) or (l[0] != "LABEL->SSID"):
+            continue
+        if primary and (l[2] == primary) and (l[3] == labelname):
+            pri_ssid.append(int(l[4], 16))
+        if secondary and (l[2] == secondary) and (l[3] == labelname):
+            sec_ssid.append(int(l[4], 16))
+    f.close()
+
+    #3. sanity check and composition of ssidref
+    if (len(pri_ssid) == 0) or ((len(sec_ssid) == 0) and (secondary != "NULL")):
+        err("Label \'" + labelname + "\' not found.")
+    elif (len(pri_ssid) > 1) or (len(sec_ssid) > 1):
+        err("Label \'" + labelname + "\' not unique in policy (policy error)")
+    if secondary == "NULL":
+        return pri_ssid[0]
+    else:
+        return (sec_ssid[0] << 16) | pri_ssid[0]
+
+
+
+def refresh_ssidref(config):
+    """
+    looks up ssidref from security field
+    and refreshes the value if label exists
+    """
+    #called by dom0, policy could have changed after xen.utils.security was initialized
+    refresh_security_policy()
+
+    security = None
+    if isinstance(config, dict):
+        security = config['security']
+    elif isinstance(config, list):
+        security = sxp.child_value(config, 'security',)
+    else:
+        err("Instance type of config parameter not supported.")
+    if not security:
+        #nothing to do (no security label attached)
+        return config
+
+    policyname = None
+    labelname = None
+    # compose new security field
+    for idx in range(0, len(security)):
+        if security[idx][0] == 'ssidref':
+            security.pop(idx)
+            break
+        elif security[idx][0] == 'access_control':
+            for jdx in [1, 2]:
+                if security[idx][jdx][0] == 'label':
+                    labelname = security[idx][jdx][1]
+                elif security[idx][jdx][0] == 'policy':
+                    policyname = security[idx][jdx][1]
+                else:
+                    err("Illegal field in access_control")
+    #verify policy is correct
+    if active_policy != policyname:
+        err("Policy \'" + policyname + "\' in label does not match active policy \'"
+            + active_policy +"\'!")
+
+    new_ssidref = label2ssidref(labelname, policyname)
+    if not new_ssidref:
+        err("SSIDREF refresh failed!")
+
+    security.append([ 'ssidref',str(new_ssidref)])
+    security = ['security', security ]
+
+    for idx in range(0,len(config)):
+        if config[idx][0] == 'security':
+            config.pop(idx)
+            break
+        config.append(security)
+
+
+
+def get_ssid(domain):
+    """
+    enables domains to retrieve the label / ssidref of a running domain
+    """
+    if not on():
+        err("No policy active.")
+
+    if isinstance(domain, str):
+        domain_int = int(domain)
+    elif isinstance(domain, int):
+        domain_int = domain
+    else:
+        err("Illegal parameter type.")
+    try:
+        ssid_info = acm.getssid(int(domain_int))
+    except:
+        err("Cannot determine security information.")
+
+    if active_policy in ["DEFAULT"]:
+        label = "DEFAULT"
+    else:
+        label = ssidref2label(ssid_info["ssidref"])
+    return(ssid_info["policyreference"],
+           label,
+           ssid_info["policytype"],
+           ssid_info["ssidref"])
+
+
+
+def get_decision(arg1, arg2):
+    """
+    enables domains to retrieve access control decisions from
+    the hypervisor Access Control Module.
+    IN: args format = ['domid', id] or ['ssidref', ssidref]
+    or ['access_control', ['policy', policy], ['label', label]]
+    """
+
+    if not on():
+        err("No policy active.")
+
+    #translate labels before calling low-level function
+    if arg1[0] == 'access_control':
+        if (arg1[1][0] != 'policy') or (arg1[2][0] != 'label') :
+            err("Argument type not supported.")
+        ssidref = label2ssidref(arg1[2][1], arg1[1][1])
+        arg1 = ['ssidref', str(ssidref)]
+    if arg2[0] == 'access_control':
+        if (arg2[1][0] != 'policy') or (arg2[2][0] != 'label') :
+            err("Argument type not supported.")
+        ssidref = label2ssidref(arg2[2][1], arg2[1][1])
+        arg2 = ['ssidref', str(ssidref)]
+    try:
+        decision = acm.getdecision(arg1[0], arg1[1], arg2[0], arg2[1])
+    except:
+        err("Cannot determine decision.")
+
+    if decision:
+        return decision
+    else:
+        err("Cannot determine decision (Invalid parameter).")
+
+
+
+def make_policy(policy_name):
+    policy_file = string.join(string.split(policy_name, "."), "/")
+    if not os.path.isfile(policy_dir_prefix + "/" + policy_file + "-security_policy.xml"):
+        err("Unknown policy \'" + policy_name + "\'")
+
+    (ret, output) = commands.getstatusoutput(xensec_xml2bin + " -d " + policy_dir_prefix + " " + policy_file)
+    if ret:
+        err("Creating policy failed:\n" + output)
+
+
+
+def load_policy(policy_name):
+    global active_policy
+    policy_file = policy_dir_prefix + "/" + string.join(string.split(policy_name, "."), "/")
+    if not os.path.isfile(policy_file + ".bin"):
+        if os.path.isfile(policy_file + "-security_policy.xml"):
+            err("Binary file does not exist." +
+                "Please use makepolicy to build the policy binary.")
+        else:
+            err("Unknown Policy " + policy_name)
+
+    #require this policy to be the first or the same as installed
+    if active_policy not in ['DEFAULT', policy_name]:
+        err("Active policy \'" + active_policy +
+            "\' incompatible with new policy \'" + policy_name + "\'")
+    (ret, output) = commands.getstatusoutput(xensec_tool + " loadpolicy " + policy_file + ".bin")
+    if ret:
+        err("Loading policy failed:\n" + output)
+    else:
+        # refresh active policy
+        refresh_security_policy()
+
+
+
+def dump_policy():
+    if active_policy in ['NULL', 'INACTIVE']:
+        err("\'" + active_policy + "\' policy. Nothing to dump.")
+
+    (ret, output) = commands.getstatusoutput(xensec_tool + " getpolicy")
+    if ret:
+       err("Dumping hypervisor policy failed:\n" + output)
+    print output
+
+
+
+def list_labels(policy_name, condition):
+    if (not policy_name) and (active_policy) in ["NULL", "INACTIVE", "DEFAULT"]:
+        err("Current policy \'" + active_policy + "\' has no labels defined.\n")
+
+    (primary, secondary, f, pol_exists) = getmapfile(policy_name)
+    if not f:
+        if pol_exists:
+            err("Cannot find mapfile for policy \'" + policy_name +
+                "\'.\nPlease use makepolicy to create mapping file.")
+        else:
+            err("Unknown policy \'" + policy_name + "\'")
+
+    labels = []
+    for line in f:
+        if condition.match(line):
+            label = line.split()[3]
+            if label not in labels:
+                labels.append(label)
+    return labels
diff --git a/tools/python/xen/xend/XendCheckpoint.py b/tools/python/xen/xend/XendCheckpoint.py
index f9073a4823..ea3ab2a7d4 100644
--- a/tools/python/xen/xend/XendCheckpoint.py
+++ b/tools/python/xen/xend/XendCheckpoint.py
@@ -21,7 +21,8 @@ import xen.lowlevel.xc
 import balloon
 from XendError import XendError
 from XendLogging import log
-
+from XendDomainInfo import DEV_MIGRATE_STEP1, DEV_MIGRATE_STEP2
+from XendDomainInfo import DEV_MIGRATE_STEP3
 
 SIGNATURE = "LinuxGuestRecord"
 XC_SAVE = "xc_save"
@@ -65,7 +66,7 @@ def save(fd, dominfo, live, dst):
     dominfo.setName('migrating-' + domain_name)
 
     try:
-        dominfo.migrateDevices(live, dst, 1, domain_name)
+        dominfo.migrateDevices(live, dst, DEV_MIGRATE_STEP1, domain_name)
 
         write_exact(fd, pack("!i", len(config)),
                     "could not write guest state file: config len")
@@ -87,9 +88,11 @@ def save(fd, dominfo, live, dst):
                 log.debug("Suspending %d ...", dominfo.getDomid())
                 dominfo.shutdown('suspend')
                 dominfo.waitForShutdown()
-                dominfo.migrateDevices(live, dst, 2, domain_name)
+                dominfo.migrateDevices(live, dst, DEV_MIGRATE_STEP2,
+                                       domain_name)
                 log.info("Domain %d suspended.", dominfo.getDomid())
-                dominfo.migrateDevices(live, dst, 3, domain_name)
+                dominfo.migrateDevices(live, dst, DEV_MIGRATE_STEP3,
+                                       domain_name)
                 tochild.write("done\n")
                 tochild.flush()
                 log.debug('Written done')
diff --git a/tools/python/xen/xend/XendDomain.py b/tools/python/xen/xend/XendDomain.py
index 9af3bb75a8..6ab12fcd39 100644
--- a/tools/python/xen/xend/XendDomain.py
+++ b/tools/python/xen/xend/XendDomain.py
@@ -38,6 +38,7 @@ from xen.xend.XendError import XendError, XendInvalidDomain
 from xen.xend.XendLogging import log
 from xen.xend.xenstore.xstransact import xstransact
 from xen.xend.xenstore.xswatch import xswatch
+from xen.util import security
 
 
 xc = xen.lowlevel.xc.xc()
@@ -265,7 +266,7 @@ class XendDomain:
             # handling in the relocation-socket handling code (relocate.py) is
             # poor, so we need to log this for debugging.
             log.exception("Restore failed")
-            raise
+            raise XendError("Restore failed")
 
 
     def restore_(self, config):
@@ -283,6 +284,7 @@ class XendDomain:
         """
         self.domains_lock.acquire()
         try:
+            security.refresh_ssidref(config)
             dominfo = XendDomainInfo.restore(config)
             self._add_domain(dominfo)
             return dominfo
diff --git a/tools/python/xen/xend/XendDomainInfo.py b/tools/python/xen/xend/XendDomainInfo.py
index c7c26c1d9c..222b0c3c5c 100644
--- a/tools/python/xen/xend/XendDomainInfo.py
+++ b/tools/python/xen/xend/XendDomainInfo.py
@@ -33,7 +33,7 @@ import threading
 import xen.lowlevel.xc
 from xen.util import asserts
 from xen.util.blkif import blkdev_uname_to_file
-
+from xen.util import security
 import balloon
 import image
 import sxp
@@ -87,6 +87,12 @@ SHUTDOWN_TIMEOUT = 30.0
 
 ZOMBIE_PREFIX = 'Zombie-'
 
+"""Constants for the different stages of ext. device migration """
+DEV_MIGRATE_TEST  = 0
+DEV_MIGRATE_STEP1 = 1
+DEV_MIGRATE_STEP2 = 2
+DEV_MIGRATE_STEP3 = 3
+
 """Minimum time between domain restarts in seconds."""
 MINIMUM_RESTART_TIME = 20
 
@@ -120,7 +126,6 @@ VM_CONFIG_PARAMS = [
 # file, so those are handled separately.
 ROUNDTRIPPING_CONFIG_ENTRIES = [
     ('uuid',       str),
-    ('ssidref',    int),
     ('vcpus',      int),
     ('vcpu_avail', int),
     ('cpu_weight', float),
@@ -138,7 +143,6 @@ ROUNDTRIPPING_CONFIG_ENTRIES += VM_CONFIG_PARAMS
 #
 VM_STORE_ENTRIES = [
     ('uuid',       str),
-    ('ssidref',    int),
     ('vcpus',      int),
     ('vcpu_avail', int),
     ('memory',     int),
@@ -291,6 +295,9 @@ def parseConfig(config):
     result['cpu']   = get_cfg('cpu',  int)
     result['cpus']  = get_cfg('cpus', str)
     result['image'] = get_cfg('image')
+    tmp_security = get_cfg('security')
+    if tmp_security:
+        result['security'] = tmp_security
 
     try:
         if result['image']:
@@ -437,7 +444,7 @@ class XendDomainInfo:
         self.validateInfo()
 
         self.image = None
-
+        self.security = None
         self.store_port = None
         self.store_mfn = None
         self.console_port = None
@@ -515,6 +522,7 @@ class XendDomainInfo:
         else:
             entries = VM_STORE_ENTRIES
         entries.append(('image', str))
+        entries.append(('security', str))
 
         map(lambda x, y: useIfNeeded(x[0], y), entries,
             self.readVMDetails(entries))
@@ -538,7 +546,6 @@ class XendDomainInfo:
 
         try:
             defaultInfo('name',         lambda: "Domain-%d" % self.domid)
-            defaultInfo('ssidref',      lambda: 0)
             defaultInfo('on_poweroff',  lambda: "destroy")
             defaultInfo('on_reboot',    lambda: "restart")
             defaultInfo('on_crash',     lambda: "restart")
@@ -565,12 +572,16 @@ class XendDomainInfo:
             defaultInfo('backend',      lambda: [])
             defaultInfo('device',       lambda: [])
             defaultInfo('image',        lambda: None)
+            defaultInfo('security',     lambda: None)
 
             self.check_name(self.info['name'])
 
             if isinstance(self.info['image'], str):
                 self.info['image'] = sxp.from_string(self.info['image'])
 
+            if isinstance(self.info['security'], str):
+                self.info['security'] = sxp.from_string(self.info['security'])
+
             if self.info['memory'] == 0:
                 if self.infoIsSet('mem_kb'):
                     self.info['memory'] = (self.info['mem_kb'] + 1023) / 1024
@@ -668,6 +679,20 @@ class XendDomainInfo:
         if self.infoIsSet('image'):
             to_store['image'] = sxp.to_string(self.info['image'])
 
+        if self.infoIsSet('security'):
+            security = self.info['security']
+            to_store['security'] = sxp.to_string(security)
+            for idx in range(0, len(security)):
+                if security[idx][0] == 'access_control':
+                    to_store['security/access_control'] = sxp.to_string([ security[idx][1] , security[idx][2] ])
+                    for aidx in range(1, len(security[idx])):
+                        if security[idx][aidx][0] == 'label':
+                            to_store['security/access_control/label'] = security[idx][aidx][1]
+                        if security[idx][aidx][0] == 'policy':
+                            to_store['security/access_control/policy'] = security[idx][aidx][1]
+                if security[idx][0] == 'ssidref':
+                    to_store['security/ssidref'] = str(security[idx][1])
+
         log.debug("Storing VM details: %s", to_store)
 
         self.writeVm(to_store)
@@ -760,9 +785,8 @@ class XendDomainInfo:
         self.storeVm('vcpu_avail', self.info['vcpu_avail'])
         self.writeDom(self.vcpuDomDetails())
 
-
-    def getSsidref(self):
-        return self.info['ssidref']
+    def getLabel(self):
+        return security.get_security_info(self.info, 'label')
 
     def getMemoryTarget(self):
         """Get this domain's target memory size, in KB."""
@@ -954,12 +978,21 @@ class XendDomainInfo:
         """
 
         log.trace("XendDomainInfo.update(%s) on domain %d", info, self.domid)
-
         if not info:
             info = dom_get(self.domid)
             if not info:
                 return
             
+        #manually update ssidref / security fields
+        if security.on() and info.has_key('ssidref'):
+            if (info['ssidref'] != 0) and self.info.has_key('security'):
+                security_field = self.info['security']
+                if not security_field:
+                    #create new security element
+                    self.info.update({'security': [['ssidref', str(info['ssidref'])]]})
+            #ssidref field not used any longer
+        info.pop('ssidref')
+
         self.info.update(info)
         self.validateInfo()
         self.refreshShutdown(info)
@@ -996,7 +1029,6 @@ class XendDomainInfo:
         s += " id=" + str(self.domid)
         s += " name=" + self.info['name']
         s += " memory=" + str(self.info['memory'])
-        s += " ssidref=" + str(self.info['ssidref'])
         s += ">"
         return s
 
@@ -1058,6 +1090,9 @@ class XendDomainInfo:
         if self.infoIsSet('image'):
             sxpr.append(['image', self.info['image']])
 
+        if self.infoIsSet('security'):
+            sxpr.append(['security', self.info['security']])
+
         for cls in controllerClasses:
             for config in self.getDeviceConfigurations(cls):
                 sxpr.append(['device', config])
@@ -1159,12 +1194,11 @@ class XendDomainInfo:
         @raise: VmError on error
         """
 
-        log.debug('XendDomainInfo.construct: %s %s',
-                  self.domid,
-                  self.info['ssidref'])
+        log.debug('XendDomainInfo.construct: %s',
+                  self.domid)
 
         self.domid = xc.domain_create(
-            dom = 0, ssidref = self.info['ssidref'],
+            dom = 0, ssidref = security.get_security_info(self.info, 'ssidref'),
             handle = uuid.fromString(self.info['uuid']))
 
         if self.domid < 0:
@@ -1402,7 +1436,7 @@ class XendDomainInfo:
         @raise: XendError for a device that cannot be migrated
         """
         for (n, c) in self.info['device']:
-            rc = self.migrateDevice(n, c, live, dst, 0)
+            rc = self.migrateDevice(n, c, live, dst, DEV_MIGRATE_TEST)
             if rc != 0:
                 raise XendError("Device of type '%s' refuses migration." % n)
 
diff --git a/tools/python/xen/xend/server/tpmif.py b/tools/python/xen/xend/server/tpmif.py
index 338bcbffc2..7ab4e50fd0 100644
--- a/tools/python/xen/xend/server/tpmif.py
+++ b/tools/python/xen/xend/server/tpmif.py
@@ -25,6 +25,7 @@ from xen.xend import sxp
 from xen.xend.XendLogging import log
 from xen.xend.XendError import XendError
 from xen.xend import XendRoot
+from xen.xend.XendDomainInfo import DEV_MIGRATE_TEST
 
 from xen.xend.server.DevController import DevController
 
@@ -78,7 +79,7 @@ class TPMifController(DevController):
                 log.info("Request to live-migrate device to %s. step=%d.",
                          dst, step)
 
-                if step == 0:
+                if step == DEV_MIGRATE_TEST:
                     """Assuming for now that everything is ok and migration
                        with the given tool can proceed.
                     """
@@ -90,8 +91,8 @@ class TPMifController(DevController):
                     for line in fd.readlines():
                         mo = re.search('Error', line)
                         if mo:
-                            raise XendError("vtpm: Fatal error in migration step %d." %
-                                            step)
+                            raise XendError("vtpm: Fatal error in migration step %d: %s" %
+                                            (step, line))
                     return 0
             else:
                 log.debug("External migration tool not in configuration.")
diff --git a/tools/python/xen/xm/addlabel.py b/tools/python/xen/xm/addlabel.py
new file mode 100644
index 0000000000..052d395971
--- /dev/null
+++ b/tools/python/xen/xm/addlabel.py
@@ -0,0 +1,76 @@
+#============================================================================
+# This library is free software; you can redistribute it and/or
+# modify it under the terms of version 2.1 of the GNU Lesser General Public
+# License as published by the Free Software Foundation.
+#
+# This library is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# Lesser General Public License for more details.
+#
+# You should have received a copy of the GNU Lesser General Public
+# License along with this library; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
+#============================================================================
+# Copyright (C) 2006 International Business Machines Corp.
+# Author: Reiner Sailer <sailer@us.ibm.com>
+#============================================================================
+
+"""Labeling a domain configuration file.
+"""
+import sys, os
+import traceback
+
+
+from xen.util.security import ACMError, err, active_policy, label2ssidref, on, access_control_re
+
+
+def usage():
+    print "\nUsage: xm addlabel <configfile> <label> [<policy>]\n"
+    print "  This program adds an acm_label entry into the 'configfile'."
+    print "  It derives the policy from the running hypervisor if it"
+    print "  is not given (optional parameter). If the configfile is"
+    print "  already labeled, then addlabel fails.\n"
+    err("Usage")
+
+
+def main(argv):
+    try:
+        policyref = None
+        if len(argv) not in [3,4]:
+            usage()
+        configfile = argv[1]
+        label = argv[2]
+
+        if len(argv) == 4:
+            policyref = argv[3]
+        elif on():
+            policyref = active_policy
+        else:
+            err("No active policy. Policy must be specified in command line.")
+
+        #sanity checks: make sure this label can be instantiated later on
+        ssidref = label2ssidref(label, policyref)
+
+        new_label = "access_control = ['policy=%s,label=%s']\n" % (policyref, label)
+        if not os.path.isfile(configfile):
+            err("Configuration file \'" + configfile + "\' not found.")
+        config_fd = open(configfile, "ra+")
+        for line in config_fd:
+            if not access_control_re.match(line):
+                continue
+            config_fd.close()
+            err("Config file \'" + configfile + "\' is already labeled.")
+        config_fd.write(new_label)
+        config_fd.close()
+
+    except ACMError:
+        pass
+    except:
+        traceback.print_exc(limit=1)
+
+
+if __name__ == '__main__':
+    main(sys.argv)
+
+
diff --git a/tools/python/xen/xm/cfgbootpolicy.py b/tools/python/xen/xm/cfgbootpolicy.py
new file mode 100644
index 0000000000..8e8f955a13
--- /dev/null
+++ b/tools/python/xen/xm/cfgbootpolicy.py
@@ -0,0 +1,188 @@
+#============================================================================
+# This library is free software; you can redistribute it and/or
+# modify it under the terms of version 2.1 of the GNU Lesser General Public
+# License as published by the Free Software Foundation.
+#
+# This library is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# Lesser General Public License for more details.
+#
+# You should have received a copy of the GNU Lesser General Public
+# License along with this library; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
+#============================================================================
+# Copyright (C) 2006 International Business Machines Corp.
+# Author: Reiner Sailer <sailer@us.ibm.com>
+#============================================================================
+"""Configuring a security policy into the boot configuration
+"""
+
+import sys
+import traceback
+import tempfile
+import os, stat
+import re
+import commands
+import shutil
+import string
+from xen.util.security import ACMError, err
+from xen.util.security import policy_dir_prefix, boot_filename, xen_title_re
+from xen.util.security import any_title_re, xen_kernel_re, kernel_ver_re, any_module_re
+from xen.util.security import empty_line_re, binary_name_re, policy_name_re
+
+
+def usage():
+    print "\nUsage: xm cfgbootpolicy <policy> [<kernelversion>]\n"
+    print "  Adds a 'module' line to the Xen grub.conf entry"
+    print "  so that xen boots into a specific access control"
+    print "  policy. If kernelversion is not given, then this"
+    print "  script tries to determine it by looking for a grub"
+    print "  entry with a line kernel xen.* If there are multiple"
+    print "  Xen entries, then it must be called with an explicit"
+    print "  version (it will fail otherwise).\n"
+    err("Usage")
+
+
+
+def determine_kernelversion(user_specified):
+    within_xen_title = 0
+    within_xen_entry = 0
+    version_list = []
+    guess_version = None
+
+    grub_fd = open(boot_filename)
+    for line in grub_fd:
+        if xen_title_re.match(line):
+            within_xen_title = 1
+        elif within_xen_title and xen_kernel_re.match(line):
+            within_xen_entry = 1
+        elif within_xen_title and within_xen_entry and kernel_ver_re.match(line):
+            for i in line.split():
+                if (i.find("vmlinuz-") >= 0):
+                    # skip start until "vmlinuz-"
+                    guess_version = i[i.find("vmlinuz-") + len("vmlinuz-"):]
+                    if user_specified:
+                        if (guess_version == user_specified):
+                            version_list.append(guess_version)
+                    else:
+                        version_list.append(guess_version)
+        elif len(line.split()) > 0:
+            if line.split()[0] == "title":
+                within_xen_title = 0
+                within_xen_entry = 0
+    if len(version_list) > 1:
+        err("Cannot decide between entries for kernels: " + version_list)
+    elif len(version_list) == 0:
+        err("Cannot find a boot entry candidate (please create a Xen boot entry first).")
+    else:
+        return version_list[0]
+
+
+
+def insert_policy(boot_file, kernel_version, policy_name):
+    """
+    inserts policy binary file as last line of the grub entry
+    matching the kernel_version version
+    """
+    within_xen_title = 0
+    within_xen_entry = 0
+    insert_at_end_of_entry = 0
+    path_prefix = ''
+    done = False
+    (tmp_fd, tmp_grub) = tempfile.mkstemp()
+    #follow symlink since menue.lst might be linked to grub.conf
+    if stat.S_ISLNK(os.lstat(boot_file)[stat.ST_MODE]):
+        new_name = os.readlink(boot_file)
+        if new_name[0] == "/":
+            boot_file = new_name
+        else:
+            path = boot_file.split('/')
+            path[len(path)-1] = new_name
+            boot_file = '/'.join(path)
+        if not os.path.exists(boot_file):
+            err("Boot file \'" + boot_file + "\' not found.")
+    grub_fd = open(boot_file)
+    for line in grub_fd:
+        if xen_title_re.match(line):
+            within_xen_title = 1
+        elif within_xen_title and xen_kernel_re.match(line):
+            within_xen_entry = 1
+        elif within_xen_title and within_xen_entry and kernel_ver_re.match(line):
+            for i in line.split():
+                if (i.find("vmlinuz-") >= 0):
+                    if  kernel_version == i[i.find("vmlinuz-") + len("vmlinuz-"):]:
+                        insert_at_end_of_entry = 1
+                        path_prefix = i[0:i.find("vmlinuz-")]
+        elif any_module_re.match(line) and insert_at_end_of_entry:
+            if binary_name_re.match(line):
+                #delete existing policy module line
+                line=''
+        elif any_title_re.match(line):
+            within_xen_title = 0
+            within_xen_entry = 0
+
+        if (empty_line_re.match(line) or any_title_re.match(line)) and insert_at_end_of_entry:
+            #newline or new title: we insert the policy module line here
+            os.write(tmp_fd, "\tmodule " + path_prefix + policy_name + ".bin\n")
+            insert_at_end_of_entry = 0
+        #write the line that was read (except potential existing policy entry)
+        os.write(tmp_fd, line)
+
+    if insert_at_end_of_entry:
+        #last entry, no empty line at end of file
+        os.write(tmp_fd, "\tmodule " + path_prefix + policy_name + ".bin\n")
+
+    #temp file might be destroyed when closing it, first copy ...
+    shutil.move(boot_file, boot_file+"_save")
+    shutil.copyfile(tmp_grub, boot_file)
+    os.close(tmp_fd)
+    #temp file did not disappear on my system ...
+    try:
+        os.remove(tmp_grub)
+    except:
+        pass
+
+
+
+def main(argv):
+    try:
+        user_kver = None
+        policy = None
+        if len(argv) == 2:
+            policy = argv[1]
+        elif len(argv) == 3:
+            policy = argv[1]
+            user_kver = argv[2]
+        else:
+            usage()
+
+        if not policy_name_re.match(policy):
+            err("Illegal policy name \'" + policy + "\'")
+
+        policy_file = policy_dir_prefix + "/" + string.join(string.split(policy, "."), "/")
+        src_binary_policy_file = policy_file + ".bin"
+        #check if .bin exists or if policy file exists
+        if not os.path.isfile(src_binary_policy_file):
+            if not os.path.isfile(policy_file + "-security_policy.xml"):
+                err("Unknown policy \'" + policy +"\'")
+            else:
+                err("Cannot find binary file for policy \'" + policy +
+                    "\'. Please use makepolicy to create binary file.")
+        dst_binary_policy_file = "/boot/" + policy + ".bin"
+        shutil.copyfile(src_binary_policy_file, dst_binary_policy_file)
+
+        kernel_version = determine_kernelversion(user_kver)
+        insert_policy(boot_filename, kernel_version, policy)
+        print "Boot entry created and \'%s\' copied to /boot" % (policy + ".bin")
+
+    except ACMError:
+        pass
+    except:
+        traceback.print_exc(limit=1)
+
+
+
+if __name__ == '__main__':
+    main(sys.argv)
+
diff --git a/tools/python/xen/xm/create.py b/tools/python/xen/xm/create.py
index 2716e7fc44..2e757848cd 100644
--- a/tools/python/xen/xm/create.py
+++ b/tools/python/xen/xm/create.py
@@ -35,6 +35,7 @@ import xen.xend.XendClient
 from xen.xend.XendClient import server
 from xen.xend.XendBootloader import bootloader
 from xen.util import blkif
+from xen.util import security
 
 from xen.xm.opts import *
 
@@ -145,10 +146,6 @@ gopts.var('memory', val='MEMORY',
           fn=set_int, default=128,
           use="Domain memory in MB.")
 
-gopts.var('ssidref', val='SSIDREF',
-          fn=set_u32, default=0, 
-          use="Security Identifier.")
-
 gopts.var('maxmem', val='MEMORY',
           fn=set_int, default=None,
           use="Maximum domain memory in MB.")
@@ -293,6 +290,14 @@ gopts.var('vtpm', val="instance=INSTANCE,backend=DOM",
           number can be found in /etc/xen/vtpm.db. Use the backend in the
           given domain.""")
 
+gopts.var('access_control', val="policy=POLICY,label=LABEL",
+          fn=append_value, default=[],
+          use="""Add a security label and the security policy reference that defines it.
+          The local ssid reference is calculated when starting/resuming the domain. At
+          this time, the policy is checked against the active policy as well. This way,
+          migrating through save/restore is covered and local labels are automatically
+          created correctly on the system where a domain is started / resumed.""")
+
 gopts.var('nics', val="NUM",
           fn=set_int, default=-1,
           use="""DEPRECATED.  Use empty vif entries instead.
@@ -502,6 +507,43 @@ def configure_usb(config_devs, vals):
         config_usb = ['usb', ['path', path]]
         config_devs.append(['device', config_usb])
 
+
+def configure_security(config, vals):
+    """Create the config for ACM security labels.
+    """
+    access_control = vals.access_control
+    num = len(access_control)
+    if num == 1:
+        d = access_control[0]
+        policy = d.get('policy')
+        label = d.get('label')
+        if policy != security.active_policy:
+            err("Security policy (" + policy + ") incompatible with enforced policy ("
+                + security.active_policy + ")." )
+        config_access_control = ['access_control',
+                                 ['policy', policy],
+                                 ['label', label] ]
+
+        #ssidref cannot be specified together with access_control
+        if sxp.child_value(config, 'ssidref'):
+            err("ERROR: SSIDREF and access_control are mutually exclusive but both specified!")
+        #else calculate ssidre from label
+        ssidref = security.label2ssidref(label, policy)
+        if not ssidref :
+            err("ERROR calculating ssidref from access_control.")
+        security_label = ['security', [ config_access_control, ['ssidref' , ssidref ] ] ]
+        config.append(security_label)
+    elif num == 0:
+        if hasattr(vals, 'ssidref'):
+            if not security.on():
+                err("ERROR: Security ssidref specified but no policy active.")
+            ssidref = getattr(vals, 'ssidref')
+            security_label = ['security', [ [ 'ssidref' , int(ssidref) ] ] ]
+            config.append(security_label)
+    elif num > 1:
+        err("VM config error: Multiple access_control definitions!")
+
+
 def configure_vtpm(config_devs, vals):
     """Create the config for virtual TPM interfaces.
     """
@@ -595,9 +637,9 @@ def make_config(vals):
             if v:
                 config.append([n, v])
 
-    map(add_conf, ['name', 'memory', 'ssidref', 'maxmem', 'restart',
-                   'on_poweroff', 'on_reboot', 'on_crash', 'vcpus'])
-    
+    map(add_conf, ['name', 'memory', 'maxmem', 'restart', 'on_poweroff',
+                   'on_reboot', 'on_crash', 'vcpus'])
+
     if vals.uuid is not None:
         config.append(['uuid', vals.uuid])
     if vals.cpu is not None:
@@ -628,6 +670,7 @@ def make_config(vals):
     configure_vifs(config_devs, vals)
     configure_usb(config_devs, vals)
     configure_vtpm(config_devs, vals)
+    configure_security(config, vals)
     config += config_devs
 
     return config
@@ -696,6 +739,29 @@ def preprocess_vtpm(vals):
         vtpms.append(d)
     vals.vtpm = vtpms
 
+def preprocess_access_control(vals):
+    if not vals.access_control:
+        return
+    access_controls = []
+    num = len(vals.access_control)
+    if num == 1:
+        access_control = (vals.access_control)[0]
+        d = {}
+        a = access_control.split(',')
+        if len(a) > 2:
+            err('Too many elements in access_control specifier: ' + access_control)
+        for b in a:
+            (k, v) = b.strip().split('=', 1)
+            k = k.strip()
+            v = v.strip()
+            if k not in ['policy','label']:
+                err('Invalid access_control specifier: ' + access_control)
+            d[k] = v
+        access_controls.append(d)
+        vals.access_control = access_controls
+    elif num > 1:
+        err('Multiple access_control definitions.')
+
 def preprocess_ip(vals):
     if vals.ip or vals.dhcp != 'off':
         dummy_nfs_server = '1.2.3.4'
@@ -785,6 +851,7 @@ def preprocess(vals):
     preprocess_nfs(vals)
     preprocess_vnc(vals)
     preprocess_vtpm(vals)
+    preprocess_access_control(vals)
 
 
 def comma_sep_kv_to_dict(c):
diff --git a/tools/python/xen/xm/dumppolicy.py b/tools/python/xen/xm/dumppolicy.py
new file mode 100644
index 0000000000..f0b7fb47a7
--- /dev/null
+++ b/tools/python/xen/xm/dumppolicy.py
@@ -0,0 +1,49 @@
+#============================================================================
+# This library is free software; you can redistribute it and/or
+# modify it under the terms of version 2.1 of the GNU Lesser General Public
+# License as published by the Free Software Foundation.
+#
+# This library is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# Lesser General Public License for more details.
+#
+# You should have received a copy of the GNU Lesser General Public
+# License along with this library; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
+#============================================================================
+# Copyright (C) 2006 International Business Machines Corp.
+# Author: Reiner Sailer <sailer@us.ibm.com>
+#============================================================================
+"""Display currently enforced policy (low-level hypervisor representation).
+"""
+import sys
+import traceback
+import os
+import commands
+import shutil
+import string
+from xen.util.security import ACMError, err, dump_policy
+
+
+def usage():
+    print "\nUsage: xm dumppolicy\n"
+    print " Retrieve and print currently enforced"
+    print " hypervisor policy information (low-level).\n"
+    err("Usage")
+
+
+def main(argv):
+    try:
+        dump_policy()
+
+    except ACMError:
+        pass
+    except:
+        traceback.print_exc(limit=1)
+
+
+if __name__ == '__main__':
+    main(sys.argv)
+
+
diff --git a/tools/python/xen/xm/labels.py b/tools/python/xen/xm/labels.py
new file mode 100644
index 0000000000..66685e14ee
--- /dev/null
+++ b/tools/python/xen/xm/labels.py
@@ -0,0 +1,85 @@
+#============================================================================
+# This library is free software; you can redistribute it and/or
+# modify it under the terms of version 2.1 of the GNU Lesser General Public
+# License as published by the Free Software Foundation.
+#
+# This library is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# Lesser General Public License for more details.
+#
+# You should have received a copy of the GNU Lesser General Public
+# License along with this library; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
+#============================================================================
+# Copyright (C) 2006 International Business Machines Corp.
+# Author: Reiner Sailer <sailer@us.ibm.com>
+#============================================================================
+
+"""Listing available labels for a policy.
+"""
+import sys
+import traceback
+import os
+import commands
+import shutil
+import string
+from xen.util.security import ACMError, err, list_labels, active_policy
+from xen.util.security import vm_label_re, res_label_re, all_label_re
+
+def usage():
+    print "\nUsage: xm labels [<policy>] [<type=dom|res|any>]\n"
+    print " Prints labels of the specified type (default is dom)"
+    print " that are defined in policy (default is current"
+    print " hypervisor policy).\n"
+    err("Usage")
+
+
+def main(argv):
+    try:
+        policy = None
+        type = None
+        for i in argv[1:]:
+            i_s = string.split(i, '=')
+            if len(i_s) > 1:
+                if (i_s[0] == 'type') and (len(i_s) == 2):
+                    if not type:
+                        type = i_s[1]
+                    else:
+                        usage()
+                else:
+                    usage()
+            else:
+                if not policy:
+                    policy = i
+                else:
+                    usage()
+
+        if not policy:
+            policy = active_policy
+            if active_policy in ['NULL', 'INACTIVE', 'DEFAULT']:
+                err("No policy active. Please specify the <policy> parameter.")
+
+        if not type or (type in ['DOM', 'dom']):
+            condition = vm_label_re
+        elif type in ['RES', 'res']:
+            condition = res_label_re
+        elif type in ['ANY', 'any']:
+            condition = all_label_re
+        else:
+            err("Unknown label type \'" + type + "\'")
+
+        labels = list_labels(policy, condition)
+        labels.sort()
+        for label in labels:
+            print label
+    except ACMError:
+        pass
+    except:
+        traceback.print_exc(limit=1)
+
+
+if __name__ == '__main__':
+    main(sys.argv)
+
+
diff --git a/tools/python/xen/xm/loadpolicy.py b/tools/python/xen/xm/loadpolicy.py
new file mode 100644
index 0000000000..c449603ef4
--- /dev/null
+++ b/tools/python/xen/xm/loadpolicy.py
@@ -0,0 +1,51 @@
+#============================================================================
+# This library is free software; you can redistribute it and/or
+# modify it under the terms of version 2.1 of the GNU Lesser General Public
+# License as published by the Free Software Foundation.
+#
+# This library is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# Lesser General Public License for more details.
+#
+# You should have received a copy of the GNU Lesser General Public
+# License along with this library; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
+#============================================================================
+# Copyright (C) 2006 International Business Machines Corp.
+# Author: Reiner Sailer <sailer@us.ibm.com>
+#============================================================================
+
+"""Loading a compiled binary policy into the hypervisor.
+"""
+import sys
+import traceback
+import os
+import commands
+import shutil
+import string
+from xen.util.security import ACMError, err, load_policy
+
+
+def usage():
+    print "\nUsage: xm loadpolicy <policy>\n"
+    print " Load the compiled binary (.bin) policy"
+    print " into the running hypervisor.\n"
+    err("Usage")
+
+def main(argv):
+    try:
+        if len(argv) != 2:
+            usage()
+        load_policy(argv[1])
+    except ACMError:
+        pass
+    except:
+        traceback.print_exc(limit=1)
+
+
+
+if __name__ == '__main__':
+    main(sys.argv)
+
+
diff --git a/tools/python/xen/xm/main.py b/tools/python/xen/xm/main.py
index 9a3c6f5d32..8a9b42080b 100644
--- a/tools/python/xen/xm/main.py
+++ b/tools/python/xen/xm/main.py
@@ -40,6 +40,7 @@ from xen.xm.opts import *
 import console
 import xen.xend.XendClient
 from xen.xend.XendClient import server
+from xen.util import security
 
 # getopt.gnu_getopt is better, but only exists in Python 2.3+.  Use
 # getopt.getopt if gnu_getopt is not available.  This will mean that options
@@ -55,6 +56,8 @@ create_help =  """create [-c] <ConfigFile>
 destroy_help = "destroy <DomId>                  Terminate a domain immediately"
 help_help =    "help                             Display this message"
 list_help =    "list [--long] [DomId, ...]       List information about domains"
+list_label_help = "list [--label] [DomId, ...]      List information about domains including their labels"
+
 mem_max_help = "mem-max <DomId> <Mem>            Set maximum memory reservation for a domain"
 mem_set_help = "mem-set <DomId> <Mem>            Adjust the current memory usage for a domain"
 migrate_help = "migrate <DomId> <Host>           Migrate a domain to another machine"
@@ -114,6 +117,12 @@ vnet_list_help = "vnet-list [-l|--long]            list vnets"
 vnet_create_help = "vnet-create <config>             create a vnet from a config file"
 vnet_delete_help = "vnet-delete <vnetid>             delete a vnet"
 vtpm_list_help = "vtpm-list <DomId> [--long]       list virtual TPM devices"
+addlabel_help =  "addlabel <ConfigFile> <label>    Add security label to ConfigFile"
+cfgbootpolicy_help = "cfgbootpolicy <policy>           Add policy to boot configuration "
+dumppolicy_help = "dumppolicy                       Print hypervisor ACM state information"
+loadpolicy_help = "loadpolicy <policy>              Load binary policy into hypervisor"
+makepolicy_help = "makepolicy <policy>              Build policy and create .bin/.map files"
+labels_help     = "labels [policy] [type=DOM|..]    List <type> labels for (active) policy."
 
 short_command_list = [
     "console",
@@ -140,6 +149,7 @@ domain_commands = [
     "domid",
     "domname",
     "list",
+    "list_label",
     "mem-max",
     "mem-set",
     "migrate",
@@ -185,8 +195,17 @@ vnet_commands = [
     "vnet-delete",
     ]
 
+acm_commands = [
+    "labels",
+    "addlabel",
+    "makepolicy",
+    "loadpolicy",
+    "cfgbootpolicy",
+    "dumppolicy"
+    ]
+
 all_commands = (domain_commands + host_commands + scheduler_commands +
-                device_commands + vnet_commands)
+                device_commands + vnet_commands + acm_commands)
 
 
 def commandToHelp(cmd):
@@ -225,6 +244,9 @@ xm full list of subcommands:
   Vnet commands:
    """ + help_spacer.join(map(commandToHelp,  vnet_commands)) + """
 
+  Access Control commands:
+   """ + help_spacer.join(map(commandToHelp,  acm_commands)) + """
+
 <DomName> can be substituted for <DomId> in xm subcommands.
 
 For a short list of subcommands run 'xm help'
@@ -332,8 +354,9 @@ def getDomains(domain_names):
 def xm_list(args):
     use_long = 0
     show_vcpus = 0
+    show_labels = 0
     try:
-        (options, params) = getopt.gnu_getopt(args, 'lv', ['long','vcpus'])
+        (options, params) = getopt.gnu_getopt(args, 'lv', ['long','vcpus','label'])
     except getopt.GetoptError, opterr:
         err(opterr)
         sys.exit(1)
@@ -343,6 +366,8 @@ def xm_list(args):
             use_long = 1
         if k in ['-v', '--vcpus']:
             show_vcpus = 1
+        if k in ['--label']:
+            show_labels = 1
 
     if show_vcpus:
         print >>sys.stderr, (
@@ -354,6 +379,8 @@ def xm_list(args):
 
     if use_long:
         map(PrettyPrint.prettyprint, doms)
+    elif show_labels:
+        xm_label_list(doms)
     else:
         xm_brief_list(doms)
 
@@ -369,7 +396,7 @@ def parse_doms_info(info):
         'vcpus'    : get_info('online_vcpus', int,   0),
         'state'    : get_info('state',        str,   '??'),
         'cpu_time' : get_info('cpu_time',     float, 0),
-        'ssidref'  : get_info('ssidref',      int,   0),
+        'seclabel' : security.get_security_printlabel(info),
         }
 
 
@@ -391,13 +418,29 @@ def xm_brief_list(doms):
     print 'Name                              ID Mem(MiB) VCPUs State  Time(s)'
     for dom in doms:
         d = parse_doms_info(dom)
-        if (d['ssidref'] != 0):
-            d['ssidstr'] = (" s:%04x/p:%04x" % 
-                            ((d['ssidref'] >> 16) & 0xffff,
-                              d['ssidref']        & 0xffff))
+        print ("%(name)-32s %(dom)3d %(mem)8d %(vcpus)5d %(state)5s %(cpu_time)7.1f" % d)
+
+
+def xm_label_list(doms):
+    output = []
+    print 'Name                              ID Mem(MiB) VCPUs State  Time(s)  Label'
+    for dom in doms:
+        d = parse_doms_info(dom)
+        l = "%(name)-32s %(dom)3d %(mem)8d %(vcpus)5d %(state)5s %(cpu_time)7.1f  " % d
+        if security.active_policy not in ['INACTIVE', 'NULL', 'DEFAULT']:
+            if d['seclabel']:
+                line = (l, d['seclabel'])
+            else:
+                line = (l, "ERROR")
+        elif security.active_policy in ['DEFAULT']:
+            line = (l, "DEFAULT")
         else:
-            d['ssidstr'] = ""
-        print ("%(name)-32s %(dom)3d %(mem)8d %(vcpus)5d %(state)5s %(cpu_time)7.1f%(ssidstr)s" % d)
+            line = (l, "INACTIVE")
+        output.append(line)
+    #sort by labels
+    output.sort(lambda x,y: cmp( x[1].lower(), y[1].lower()))
+    for l in output:
+        print l[0] + l[1]
 
 
 def xm_vcpu_list(args):
@@ -1010,7 +1053,13 @@ subcommands = [
     'create',
     'migrate',
     'sysrq',
-    'shutdown'
+    'shutdown',
+    'labels',
+    'addlabel',
+    'cfgbootpolicy',
+    'makepolicy',
+    'loadpolicy',
+    'dumppolicy'
     ]
 
 for c in subcommands:
diff --git a/tools/python/xen/xm/makepolicy.py b/tools/python/xen/xm/makepolicy.py
new file mode 100644
index 0000000000..d194a4f6f5
--- /dev/null
+++ b/tools/python/xen/xm/makepolicy.py
@@ -0,0 +1,53 @@
+#============================================================================
+# This library is free software; you can redistribute it and/or
+# modify it under the terms of version 2.1 of the GNU Lesser General Public
+# License as published by the Free Software Foundation.
+#
+# This library is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# Lesser General Public License for more details.
+#
+# You should have received a copy of the GNU Lesser General Public
+# License along with this library; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
+#============================================================================
+# Copyright (C) 2006 International Business Machines Corp.
+# Author: Reiner Sailer <sailer@us.ibm.com>
+#============================================================================
+"""Compiling a XML source policy file into mapping and binary versions.
+"""
+import sys
+import traceback
+import os
+import commands
+import shutil
+import string
+from xen.util.security import ACMError, err, make_policy
+
+
+def usage():
+    print "\nUsage: xm makepolicy <policy>\n"
+    print " Translate an XML source policy and create"
+    print " mapping file and binary policy.\n"
+    err("Usage")
+
+
+
+def main(argv):
+    try:
+        if len(argv) != 2:
+            usage()
+        make_policy(argv[1])
+
+    except ACMError:
+        pass
+    except:
+        traceback.print_exc(limit=1)
+
+
+
+if __name__ == '__main__':
+    main(sys.argv)
+
+
diff --git a/tools/security/Makefile b/tools/security/Makefile
index 7ac197b854..018ba643b2 100644
--- a/tools/security/Makefile
+++ b/tools/security/Makefile
@@ -30,28 +30,23 @@ SRCS_TOOL     = secpol_tool.c
 OBJS_TOOL    := $(patsubst %.c,%.o,$(filter %.c,$(SRCS_TOOL)))
 SRCS_XML2BIN  = secpol_xml2bin.c secpol_xml2bin.h
 OBJS_XML2BIN := $(patsubst %.c,%.o,$(filter %.c,$(SRCS_XML2BIN)))
-SRCS_GETD     = get_decision.c
-OBJS_GETD    := $(patsubst %.c,%.o,$(filter %.c,$(SRCS_GETD)))
 
 ACM_INST_TOOLS    = xensec_tool xensec_xml2bin xensec_gen
-ACM_NOINST_TOOLS  = get_decision
 ACM_OBJS          = $(OBJS_TOOL) $(OBJS_XML2BIN) $(OBJS_GETD)
-ACM_SCRIPTS       = getlabel.sh setlabel.sh updategrub.sh labelfuncs.sh
+ACM_SCRIPTS       = python/xensec_tools/acm_getlabel python/xensec_tools/acm_getdecision
 
 ACM_CONFIG_DIR    = /etc/xen/acm-security
 ACM_POLICY_DIR    = $(ACM_CONFIG_DIR)/policies
 ACM_SCRIPT_DIR    = $(ACM_CONFIG_DIR)/scripts
 
 ACM_INST_HTML     = python/xensec_gen/index.html
-ACM_INST_CGI      = python/xensec_gen/cgi-bin/policy.cgi \
-                    python/xensec_gen/cgi-bin/policylabel.cgi
+ACM_INST_CGI      = python/xensec_gen/cgi-bin/policy.cgi
 ACM_SECGEN_HTMLDIR= /var/lib/xensec_gen
 ACM_SECGEN_CGIDIR = $(ACM_SECGEN_HTMLDIR)/cgi-bin
 
 ACM_SCHEMA        = security_policy.xsd
-ACM_EXAMPLES      = null chwall ste chwall_ste
+ACM_EXAMPLES      = chwall ste chwall_ste
 ACM_POLICY_SUFFIX = security_policy.xml
-ACM_LABEL_SUFFIX  = security_label_template.xml
 
 ifeq ($(ACM_SECURITY),y)
 .PHONY: all
@@ -64,10 +59,10 @@ install: all $(ACM_CONFIG_FILE)
 	$(INSTALL_DIR) -p $(DESTDIR)$(ACM_CONFIG_DIR)
 	$(INSTALL_DIR) -p $(DESTDIR)$(ACM_POLICY_DIR)
 	$(INSTALL_DATA) -p policies/$(ACM_SCHEMA) $(DESTDIR)$(ACM_POLICY_DIR)
+	$(INSTALL_DIR) -p $(DESTDIR)$(ACM_POLICY_DIR)/example
 	for i in $(ACM_EXAMPLES); do \
-		$(INSTALL_DIR) -p $(DESTDIR)$(ACM_POLICY_DIR)/$$i; \
-		$(INSTALL_DATA) -p policies/$$i/$$i-$(ACM_POLICY_SUFFIX) $(DESTDIR)$(ACM_POLICY_DIR)/$$i; \
-		$(INSTALL_DATA) -p policies/$$i/$$i-$(ACM_LABEL_SUFFIX) $(DESTDIR)$(ACM_POLICY_DIR)/$$i; \
+		$(INSTALL_DIR) -p $(DESTDIR)$(ACM_POLICY_DIR)/example/$$i; \
+		$(INSTALL_DATA) -p policies/example/$$i/client_v1-$(ACM_POLICY_SUFFIX) $(DESTDIR)$(ACM_POLICY_DIR)/example/$$i; \
 	done
 	$(INSTALL_DIR) -p $(DESTDIR)$(ACM_SCRIPT_DIR)
 	$(INSTALL_PROG) -p $(ACM_SCRIPTS) $(DESTDIR)$(ACM_SCRIPT_DIR)
@@ -99,9 +94,6 @@ xensec_tool: $(OBJS_TOOL)
 xensec_xml2bin: $(OBJS_XML2BIN)
 	$(CC) $(CFLAGS) $(LDFLAGS) -o $@ $^
 
-get_decision: $(OBJS_GETD)
-	$(CC) $(CFLAGS) $(LDFLAGS) -o $@ $^
-
 xensec_gen: xensec_gen.py
 	cp -f $^ $@
 
@@ -116,8 +108,4 @@ clean:
 .PHONY: mrproper
 mrproper: clean
 
-.PHONY: boot_install
-boot_install: install
-	$(ACM_SCRIPT_DIR)/updategrub.sh $(POLICY) $(KERNEL_VERSION)
-
 -include $(PROG_DEPS)
diff --git a/tools/security/example.txt b/tools/security/example.txt
index 1a6f62e6ca..c9afe88714 100644
--- a/tools/security/example.txt
+++ b/tools/security/example.txt
@@ -3,119 +3,79 @@
 #
 # Author:
 # Reiner Sailer 08/15/2005 <sailer@watson.ibm.com>
+#               04/07/2006 update to using labels instead of ssidref
 #
 #
 # This file introduces into the tools to manage policies
 # and to label domains and resources.
 ##
 
-We will show how to install and use the example chwall_ste policy.
-Other policies work similarly. Feedback welcome!
+We will show how to install and use the example one of the client_v1
+policies. Other policies work similarly. Feedback welcome!
 
 
 
-1. Using xensec_xml2bin to translate the chwall_ste policy:
-===========================================================
+1. Using xm tools to translate example.chwall_ste.client_v1 policy:
+===================================================================
 
-#xensec_xml2bin chwall_ste
-
-Successful execution should print:
-
-    [root@laptopxn security]# xensec_xml2bin chwall_ste
-    Validating label file /etc/xen/acm-security/policies/chwall_ste/chwall_ste-security_label_template.xml...
-    XML Schema /etc/xen/acm-security/policies/security_policy.xsd valid.
-    Validating policy file /etc/xen/acm-security/policies/chwall_ste/chwall_ste-security_policy.xml...
-    XML Schema /etc/xen/acm-security/policies/security_policy.xsd valid.
-    Creating ssid mappings ...
-    Creating label mappings ...
-    Max chwall labels:  7
-    Max chwall-types:   4
-    Max chwall-ssids:   5
-    Max ste labels:     14
-    Max ste-types:      6
-    Max ste-ssids:      10
+#xm makepolicy example.chwall_ste.client_v1
 
 By default, the tool looks in directory /etc/xen/acm-security/policies
-for a directory that matches the policy name (i.e. chwall_ste) to find
-the label and policy files.
-The '-d' option can be used to override the /etc/xen/acm-security/policies
-directory, for example if running the tool in the Xen security tool build
-directory.
+for a directory that matches the policy name
+(here:example/chwall_ste/client_v1-security_policy.xml) to find the
+policy files.  The '-d' option can be used to override the default
+/etc/xen/acm-security/policies policy-root directory.
 
 The default policy directory structure under /etc/xen/acm-security (and
 the Xen security tool build directory - tools/security) looks like:
 
 policies
 |-- security_policy.xsd
-|-- chwall
-|   |-- chwall-security_label_template.xml
-|   `-- chwall-security_policy.xml
-|-- chwall_ste
-|   |-- chwall_ste-security_label_template.xml
-|   `-- chwall_ste-security_policy.xml
-|-- null
-|   |-- null-security_label_template.xml
-|   `-- null-security_policy.xml
-`-- ste
-    |-- ste-security_label_template.xml
-    `-- ste-security_policy.xml
-
-The security_policy.xsd file contains the schema against which both the
-label-template and the policy files must validate during translation.
-
-The files ending in -security_policy.xml define the policies and the
-types known to the policies.
-
-The files ending in -security_label_template.xml contain the label
-definitions that group types together and make them easier to use for
-users.
-
-After executing the above xensec_xml2bin command, you will find 2 new
-files in the /etc/xen/acm-security/policies/chwall_ste sub-directory:
-
-  chwall_ste.map ... this file includes the mapping
+|-- example
+    |-- chwall
+    |   |-- client_v1-security_policy.xml
+    |
+    |-- chwall_ste
+    |   |-- client_v1-security_policy.xml
+    |
+    |-- ste
+        |-- client_v1-security_policy.xml
+
+The security_policy.xsd file contains the schema against which the
+policy files must validate during translation.
+
+The policy files, ending in -security_policy.xml, define the policies,
+the types known to the policies, and the label definitions that group
+types together and make them easier to use for users.
+
+After executing the above 'xm makepolicy' command, you will find 2 new
+files in the /etc/xen/acm-security/policies/example/chwall_ste
+sub-directory:
+
+  client_v1.map ... this file includes the mapping
     of names from the xml files into their binary code representation.
 
-  chwall_ste.bin ... this is the binary policy file,
-    the result of parsing the xml files and using the mapping to extract a
-    binary version that can be loaded into the hypervisor.
+  client_v1.bin ... this is the binary policy file, the result of
+    parsing the xml files and using the mapping to create a binary
+    version that can be loaded into the hypervisor.
 
 
 
 2. Loading and activating the policy:
 =====================================
 
-We assume that xen is already configured to use the chwall_ste policy;
+We assume that xen is already configured for security;
 please refer to install.txt for instructions.
 
-To activate the policy from the command line (assuming that the
-currently established policy is the minimal boot-policy that is
-hard-coded into the hypervisor):
-
-# xensec_tool loadpolicy /etc/xen/acm-security/policies/chwall_ste/chwall_ste.bin
-
-To activate the policy at next reboot:
-
-# cp /etc/xen/acm-security/policies/chwall_ste/chwall_ste.bin /boot
-
-Add a module line to your /boot/grub/grub.conf Xen entry.
-My boot entry with chwall_ste enabled looks like this:
+To activate the policy from the command line:
 
-    title Xen (2.6.12)
-        root (hd0,5)
-        kernel /boot/xen.gz dom0_mem=1200000 console=vga
-        module /boot/vmlinuz-2.6.12-xen0 ro root=/dev/hda6 rhgb
-        module /boot/initrd-2.6.12-xen0.img
-        module /boot/chwall_ste.bin
-
-This tells the grub boot-loader to load the binary policy, which
-the hypervisor will recognize. The hypervisor will then establish
-this binary policy during boot instead of the minimal policy that
-is hardcoded as default.
-
-If you have any trouble here, maks sure you have the access control
-framework enabled (see: install.txt).
+# xm loadpolicy example.chwall_ste.client_v1
 
+See install.txt for how to install a policy at boot time. This the
+recommended default. You can only load a policy if the currently
+enforced policy is "DEFAULT", a minimal startup policy, or if the
+currently enforced policy has the same name as the new one. Support
+for dynamic policy changes at run-time are a current working item.
 
 
 3. Labeling domains:
@@ -127,156 +87,143 @@ The chwall_ste-security_label_template.xml file includes an attribute
 "bootstrap", which is set to the label name that will be assigned to
 Dom0 (this label will be mapped to ssidref 1/1, the default for Dom0).
 
-b) Labeling User Domains:
-
-Use the script tools/security/setlabel.sh to choose a label and to
-assign labels to user domains.
+b) Labeling User Domains (domains started from dom0 using xm commands):
 
-To show available labels for the chwall_ste policy:
-
-# /etc/xen/acm-security/scripts/setlabel.sh -l
-
-lists all available labels. For the default chwall_ste it should print
-the following:
+We distinguish two kinds of labels: a) VM labels (for domains) and RES
+Labels (for resources). We focus here on VM labels. Resource labels
+will be supported later.
 
-    [root@laptopxn security]# /etc/xen/acm-security/scripts/setlabel.sh -l chwall_ste
-    The following labels are available:
-    dom_SystemManagement
-    dom_HomeBanking
-    dom_Fun
-    dom_BoincClient
-    dom_StorageDomain
-    dom_NetworkDomain
+To list all available domain labels of a policy, use:
+   #xm labels example.chwall_ste.client_v1
 
-You need to have compiled the policy beforehand so that a .map file
-exists. Setlabel.sh uses the mapping file created throughout the
-policy translation to translate a user-friendly label string into a
-ssidref-number that is eventually used by the Xen hypervisor.
+To list all available labels including resource labels (their support
+is current work), use:
 
-We distinguish two kinds of labels: a) VM labels (for domains) and RES
-Labels (for resources). We are currently working on support for
-resource labeling but will focus here on VM labels.
+   #xm labels example.chwall_ste.client_v1 type=any
 
-Setlabel.sh only prints VM labels (which we have prefixed with "dom_")
-since only those are used at this time.
+The policy parameter is optional. The currently enforced hypervisor
+policy is used by default.
 
-If you would like to assign the dom_HomeBanking label to one of your
-user domains (which you hopefully keep clean), look at the hypothetical
-domain configuration contained in /etc/xen/homebanking.xm:
+If you would like to assign the dom_HomeBanking label to one of your user domains,
+look at the hypothetical domain configuration contained in /etc/xen/homebanking.xm:
 
-    #------HOMEBANKING---------
-    kernel = "/boot/vmlinuz-2.6.12-xenU"
+    #------FOR HOME/ONLINE BANKING---------
+    kernel = "/boot/vmlinuz-2.6.16-xen"
     ramdisk="/boot/U1_ramdisk.img"
-    memory = 65
-    name = "test34"
-    cpu = -1   # leave to Xen to pick
-    # Number of network interfaces. Default is 1.
-    nics=1
-    dhcp="dhcp"
+    memory = 164
+    name = "homebanking"
+    vif=['']
+    dhcp = "dhcp"
     #-------------------------
 
-Now we label this domain
+Now we label this domain (policy name is optional, see above):
 
-[root@laptopxn security]# /etc/xen/acm-securit/scripts/setlabel.sh /etc/xen/homebanking.xm dom_HomeBanking chwall_ste
-Mapped label 'dom_HomeBanking' to ssidref '0x00020002'.
+    # xm addlabel homebanking.xm dom_HomeBanking example.chwall_ste.client_v1
 
-The domain configuration my look now like:
+The domain configuration should look now like:
 
-    [root@laptopxn security]# cat homebanking.xm
-    #------HOMEBANKING---------
-    kernel = "/boot/vmlinuz-2.6.12-xenU"
+    # cat homebanking.xm
+    #------FOR HOME/ONLINE BANKING---------
+    kernel = "/boot/vmlinuz-2.6.16-xen"
     ramdisk="/boot/U1_ramdisk.img"
-    memory = 65
-    name = "test34"
-    cpu = -1   # leave to Xen to pick
-    # Number of network interfaces. Default is 1.
-    nics=1
-    dhcp="dhcp"
-    #-------------------------
-    #ACM_POLICY=chwall_ste-security_policy.xml
-    #ACM_LABEL=dom_HomeBanking
-    ssidref = 0x00020002
-
-You can see 3 new entries, two of which are comments.  The only value
-that the hypervisor cares about is the ssidref that will reference
-those types assigned to this label. You can look them up in the
-xml label-template file for the chwall_ste policy.
-
-This script will eventually move into the domain management and will
-be called when the domain is instantiated. For now, the setlabel
-script must be run on domains whenever the policy files change since
-the mapping between label names and ssidrefs can change in this case.
+    memory = 164
+    name = "homebanking"
+    vif=['']
+    dhcp = "dhcp"
+    access_control = ['policy=example.chwall_ste.client_v1, label=dom_HomeBanking']
+
+You can see the access_control line that was added to the
+configuration. This label will be translated into a local ssidref when
+a domain is created or resumed (also after migration and
+live-migration). The ssidref is a local security reference that is
+used inside the hypervisor instead of the security label for
+efficiency reasons. Since the same label can be mapped onto different
+ssidrefs in different policy translations (e.g., if the position of
+the label definition is changed in the policy file) or on different
+systems, the ssidref is re-calculated from the label each time a
+domain is instantiated or re-instantiated.
+
+Currently, the labels are not held in the hypervisor but only in
+.map files in the /etc/xen/acm-security/policies subdirectories. Only
+ssidrefs are known inside the hypervisr. This of course can change in
+the future.
 
 
 4. Starting a labeled domain
 ============================
 
 Now, start the domain:
-    #xm create -c homebanking.xm
 
+    #xm create homebanking.xm
+    Using config file "homebanking.xm".
+    Started domain fun
+
+
+[root@941e-4 VMconfigs]# xm list --label
 
-If you label another domain configuration as dom_Fun and try to start
-it afterwards, its start will fail. Why?
+Name         ID Mem(MiB) VCPUs State  Time(s)  Label
+fun           1       64     1 -b----     5.9  dom_HomeBanking
+Domain-0      0     1954     1 r-----  1321.4  dom_SystemManagement
 
-Because the running homebanking domain has the chinese wall type
-"cw_Sensitive". The new domain dom_Fun has the chinese wall label
-"cw_Distrusted". This domain is not allowed to run simultaneously
-because of the defined conflict set
+
+
+If you label another domain configuration as dom_Fun and if
+you try to start it afterwards, this create will fail.
+
+Why? -- Because the running 'homebanking' domain has the chinese
+wall type "cw_Sensitive". The new domain 'fun' has the chinese wall
+label "cw_Distrusted". These domains are not allowed to run simultaneously
+on the same system because of the defined conflict set
 
 			<conflictset name="Protection1">
 				<type>cw_Sensitive</type>
 				<type>cw_Distrusted</type>
 			</conflictset>
 
-(in chwall_ste-security_policy.xml), which says that only one of the
+(in client_v1-security_policy.xml), which says that only one of the
 types cw_Sensitive and cw_Distrusted can run at a time.
 
-If you save or shutdown the HomeBanking domain, you will be able to
-start the "Fun" domain. You can look into the Xen log to see if a
+If you save or shutdown the 'homebanking' domain, you will be able to
+start the 'fun' domain. You can look into the Xen log to see if a
 domain was denied to start because of the access control framework
 with the command 'xm dmesg'.
 
 It is important (and usually non-trivial) to define the labels in a
 way that the semantics of the labels are enforced and supported by the
-types and the conflict sets.
+types and the conflict sets. Usually, a workload abstraction seems
+helpful on the hypervisor level.
 
 Note: While the chinese wall policy enforcement is complete, the type
-enforcement is currently enforced in the Xen hypervisor
+enforcement is currently enforced inside the Xen hypervisor
 only. Therefore, only point-to-point sharing with regard to the type
-enforcement is currently controlled. We are working on enhancements to
-Dom0 that enforce types also for network traffic that is routed
-through Dom0 and on the enforcement of resource labeling when binding
-resources to domains (e.g., enforcing types between domains and
-hardware resources, such as disk partitions).
+enforcement is currently controlled. Enforcing the STE policy while
+sharing virtual resources is ongoing work and assumed to be complete
+by year end as well as enforcing the STE policy for network traffic
+routed through dom0.
 
 
-4. Adding your own policies
+5. Adding your own policies
 ===========================
 
-Writing your own policy (e.g. "mypolicy") requires the following:
+Writing your own policy (e.g. "mypolicy.chwall.test") requires the policy
+definition (types etc.) and the label definitions. Any policy name
+must have chwall, ste, or chwall_ste in its name. This is used by the
+configuration tool to identify existing binary policy entries in the
+boot configuration file (menu.lst, grub.con). This part should, of
+course, be consistent with policy type that is defined.
 
-a) the policy definition (types etc.) file
-b) the label template definition (labels etc.) file
-
-If your policy name is "mypolicy", you need to create a
-subdirectory mypolicy in /etc/xen/acm-security/policies.
-
-Then you create
-/etc/xen/acm-security/policies/mypolicy/mypolicy-security_policy.xml and
-/etc/xen/acm-security/policies/mypolicy/mypolicy-security_label_template.xml.
+First, you create
+/etc/xen/acm-security/policies/mypolicy/chwall/test-security_policy.xml.
 
 You need to keep to the schema as defined in
-/etc/xen/acm-security/security_policy.xsd since the translation tool
-xensec_xml2bin is written against this schema.
-
-If you keep to the security policy schema, then you can use all the
-tools described above. Refer to install.txt to install it.
+/etc/xen/acm-security/security_policy.xsd since the translation tools
+are written against this schema.
 
 You can hand-edit the xml files to create your policy or you can use the
 xensec_gen utility.
 
 
-5. Generating policy files using xensec_gen:
+6. Generating policy files using xensec_gen:
 ============================================
 
 The xensec_gen utility starts a web-server that can be used to generate the
@@ -290,25 +237,28 @@ to see the full list of options available.
 Once the xensec_gen utility is running, point a browser at the host and port
 on which the utility is running (e.g. http://localhost:7777/).  You will be
 presented with a web page that allows you to create or modify the XML policy
-files:
+file:
 
-  - The Security Policy section allows you to create or modify a policy
-    definition file
+  - The Security Policy types section allows you to create or modify
+    the policy types and conflict set definitions
 
   - The Security Policy Labeling section allows you to create or modify a
-    label template definition file
+    label definitions
 
-  Security Policy:
-  ----------------
-  The Security Policy section allows you to modify an existing policy definition
-  file or create a new policy definition file.  To modify an existing policy
-  definition, enter the full path to the existing file (the "Browse" button can
-  be used to aid in this) in the Policy File entry field.  To create a new
-  policy definition file leave the Policy File entry field blank.  At this point
-  click the "Create" button to begin modifying or creating your policy definition.
+The policy generation tool allows you to modify an existing policy
+definition or create a new policy definition file. To modify an
+existing policy definition, enter the full path to the existing file
+(the "Browse" button can be used to aid in this) in the Policy File
+entry field.  To create a new policy definition file leave the Policy
+File entry field blank.  At this point click the "Create" button to
+begin modifying or creating your policy definition.
 
-  You will then be presented with a web page that will allow you to create either
-  Simple Type Enforcement types or Chinese Wall types or both.
+  Security Policy Types Section
+  -----------------------------
+
+You will then be presented with a web page. The upper part of it will
+allow you to create either Simple Type Enforcement types or Chinese
+Wall types or both, as well as Chinese Wall conflict type sets.
 
   As an example:
     - To add a Simple Type Enforcement type:
@@ -326,32 +276,13 @@ files:
   Wall Conflict Set will allow you to add Chinese Wall types from the list of
   defined Chinese Wall types.
 
-  To create your policy definition file, click on the "Generate XML" button on
-  the top of the page.  This will present you with a dialog box to save the
-  generated XML file on your system.  The default name will be security_policy.xml
-  which you should change to follow the policy file naming conventions based on
-  the policy name that you choose to use.
-
-  To get a feel for the tool, you could use one of the example policy definition
-  files from /etc/xen/acm-security/policies as input.
-
-
   Security Policy Labeling:
   -------------------------
-  The Security Policy Labeling section allows you to modify an existing label
-  template definition file or create a new label template definition file.  To
-  modify an existing label template definition, enter the full path to the
-  existing file (the "Browse" button can be used to aid in this) in the Policy
-  Labeling File entry field.  Whether creating a new label template definition
-  file or modifying an existing one, you will need to specify the policy
-  definition file that is or will be associated with this label template
-  definition file.  At this point click the "Create" button to begin modifying
-  or creating your label template definition file.
-
-  You will then be presented with a web page that will allow you to create labels
-  for classes of virtual machines.  The input policy definition file will provide
-  the available types (Simple Type Enforcement and/or Chinese Wall) that can be
-  assigned to a virtual machine class.
+
+  The security policy label section of the web page allows you to create labels
+  for classes of virtual machines.  The input policy type definitions on the upper
+  part of the web page will provide the available types (Simple Type Enforcement
+  and/or Chinese Wall) that can be assigned to a virtual machine class.
 
   As an example:
     - To add a Virtual Machine class (the name entered will become the label
@@ -372,11 +303,74 @@ files:
   bootstrap domain (or Dom0 domain).  By default, the first Virtual Machine class
   created will be associated as the bootstrap domain.
 
-  To create your label template definition file, click on the "Generate XML" button
+  To save your policy definition file, click on the "Generate XML" button
   on the top of the page.  This will present you with a dialog box to save the
   generated XML file on your system.  The default name will be
-  security_label_template.xml which you should change to follow the policy file
+  security_policy.xml which you should change to follow the policy file
   naming conventions based on the policy name that you choose to use.
 
-  To get a feel for the tool, you could use one of the example policy definition
-  and label template definition files from /etc/xen/acm-security/policies as input.
+  To get a feel for the tool, you could use one of the example policy definitions
+  files from /etc/xen/acm-security/policies/example as input.
+
+
+7. Hypervisor - OS Security Interface
+=====================================
+
+We currently provide 2 hypercalls through which user operating systems
+can interact with the hypervisor Access Control Module. Examples of
+using them are under "xen_root"/tools/security/python/xensec_tools:
+
+
+I) acm_getdecision -i domainid -l labelname
+   Call this example script without arguments to show its usage
+   information.
+
+   This script enables a domain to retrieve an access control decision
+   regarding the STE policy from the hypervisor. It will be used to
+   control access to virtual/real resources in hosting domains.
+
+   The script can be provided with any combination of domain ids or
+   labelnames. Before calling into the hypervisor, labels are translated
+   into ssidrefs. The hypervisor then retrieves for any domain id
+   paramter the ssidref before deciding access.
+
+   Example:
+   #/etc/xen/acm-security/scripts/acm_getdecision -l dom_Fun
+						 -l dom_SystemManagement
+   PERMITTED
+
+   #/etc/xen/acm-security/scripts/acm_getdecision -i 0 -i 1
+   PERMITTED
+
+   #/etc/xen/acm-security/scripts/acm_getdecision -i 0 -l dom_Fun
+   PERMITTED
+
+   #/etc/xen/acm-security/scripts/acm_getdecision -i 0 -l no_label
+   ACMError: Label 'nolabel' not found.
+
+   Now, assume domain 123454 does not exist:
+   #/etc/xen/acm-security/scripts/acm_getdecision -i 123454 -l dom_Fun
+   ACMError: Cannot determine decision (Invalid parameter).
+
+   Return values:
+            * DENIED: access is denied based on the current hypervisor
+                      policy
+
+            * PERMITTED: access is permitted based on the current
+
+            * Exception ACMError: one of the parameters was illegal,
+                                  i.e. an unknown label or a
+                                  non-existing domain id
+
+I) acm_getlabel -i domainid
+   Retrieves the label of a runing domain. This function can be used
+   by domains to determine their own label or (if authorized) the label
+   other domains.
+
+   Example (result is broken up into different lines to simplify description):
+   # /etc/xen/acm-security/scripts/acm_getlabel -i 0
+  ('example.chwall.client_v1',         <--- policy describing labels etc.
+   'dom_SystemManagement',             <--- label name of the domain
+   'CHINESE WALL',                     <--- policy type
+   65537)                              <--- hypervisor internal ssidref
+
diff --git a/tools/security/get_decision.c b/tools/security/get_decision.c
deleted file mode 100644
index 888c0e8f6a..0000000000
--- a/tools/security/get_decision.c
+++ /dev/null
@@ -1,176 +0,0 @@
-/****************************************************************
- * get_decision.c
- *
- * Copyright (C) 2005 IBM Corporation
- *
- * Authors:
- * Reiner Sailer <sailer@watson.ibm.com>
- *
- * This program is free software; you can redistribute it and/or
- * modify it under the terms of the GNU General Public License as
- * published by the Free Software Foundation, version 2 of the
- * License.
- *
- * An example program that shows how to retrieve an access control
- * decision from the hypervisor ACM based on the currently active policy.
- *
- */
-
-#include <unistd.h>
-#include <stdio.h>
-#include <errno.h>
-#include <fcntl.h>
-#include <getopt.h>
-#include <sys/mman.h>
-#include <sys/types.h>
-#include <sys/stat.h>
-#include <stdlib.h>
-#include <sys/ioctl.h>
-#include <string.h>
-#include <netinet/in.h>
-#include <xen/acm.h>
-#include <xen/acm_ops.h>
-#include <xen/linux/privcmd.h>
-
-#define PERROR(_m, _a...) \
-fprintf(stderr, "ERROR: " _m " (%d = %s)\n" , ## _a ,	\
-                errno, strerror(errno))
-
-void usage(char *progname)
-{
-    printf("Use: %s \n", progname);
-    printf(" Test program illustrating the retrieval of\n");
-    printf(" access control decisions from xen. At this time,\n");
-    printf(" only sharing (STE) policy decisions are supported.\n");
-    printf(" parameter options:\n");
-    printf("\t -i domid -i domid\n");
-    printf("\t -i domid -s ssidref\n");
-    printf("\t -s ssidref -s ssidref\n\n");
-    exit(-1);
-}
-
-static inline int do_policycmd(int xc_handle, unsigned int cmd,
-                               unsigned long data)
-{
-    return ioctl(xc_handle, cmd, data);
-}
-
-static inline int do_xen_hypercall(int xc_handle,
-                                   privcmd_hypercall_t * hypercall)
-{
-    return do_policycmd(xc_handle,
-                        IOCTL_PRIVCMD_HYPERCALL,
-                        (unsigned long) hypercall);
-}
-
-static inline int do_acm_op(int xc_handle, struct acm_op *op)
-{
-    int ret = -1;
-    privcmd_hypercall_t hypercall;
-
-    op->interface_version = ACM_INTERFACE_VERSION;
-
-    hypercall.op = __HYPERVISOR_acm_op;
-    hypercall.arg[0] = (unsigned long) op;
-
-    if (mlock(op, sizeof(*op)) != 0) {
-        PERROR("Could not lock memory for Xen policy hypercall");
-        goto out1;
-    }
-
-    if ((ret = do_xen_hypercall(xc_handle, &hypercall)) < 0) {
-        if (errno == EACCES)
-            fprintf(stderr, "ACM operation failed -- need to"
-                    " rebuild the user-space tool set?\n");
-        goto out2;
-    }
-
-  out2:(void) munlock(op, sizeof(*op));
-  out1:return ret;
-}
-
-
-/************************ get decision ******************************/
-
-/* this example uses two domain ids and retrieves the decision if these domains
- * can share information (useful, i.e., to enforce policy onto network traffic in dom0
- */
-int acm_get_decision(int xc_handle, int argc, char *const argv[])
-{
-    struct acm_op op;
-    int ret;
-
-    op.cmd = ACM_GETDECISION;
-    op.interface_version = ACM_INTERFACE_VERSION;
-    op.u.getdecision.get_decision_by1 = UNSET;
-    op.u.getdecision.get_decision_by2 = UNSET;
-    op.u.getdecision.hook = SHARING;
-
-    while (1) {
-        int c = getopt(argc, argv, "i:s:");
-        if (c == -1)
-            break;
-
-        if (c == 'i') {
-            if (op.u.getdecision.get_decision_by1 == UNSET) {
-                op.u.getdecision.get_decision_by1 = DOMAINID;
-                op.u.getdecision.id1.domainid = strtoul(optarg, NULL, 0);
-            } else if (op.u.getdecision.get_decision_by2 == UNSET) {
-                op.u.getdecision.get_decision_by2 = DOMAINID;
-                op.u.getdecision.id2.domainid = strtoul(optarg, NULL, 0);
-            } else
-                usage(argv[0]);
-        } else if (c == 's') {
-            if (op.u.getdecision.get_decision_by1 == UNSET) {
-                op.u.getdecision.get_decision_by1 = SSIDREF;
-                op.u.getdecision.id1.ssidref = strtoul(optarg, NULL, 0);
-            } else if (op.u.getdecision.get_decision_by2 == UNSET) {
-                op.u.getdecision.get_decision_by2 = SSIDREF;
-                op.u.getdecision.id2.ssidref = strtoul(optarg, NULL, 0);
-            } else
-                usage(argv[0]);
-        } else
-            usage(argv[0]);
-    }
-    if ((op.u.getdecision.get_decision_by1 == UNSET) ||
-        (op.u.getdecision.get_decision_by2 == UNSET))
-        usage(argv[0]);
-
-    if ((ret = do_acm_op(xc_handle, &op))) {
-        printf("%s: Error getting decision (%d).\n", __func__, ret);
-        printf("%s: decision = %s.\n", __func__,
-               (op.u.getdecision.acm_decision ==
-                ACM_ACCESS_PERMITTED) ? "PERMITTED" : ((op.u.getdecision.
-                                                        acm_decision ==
-                                                        ACM_ACCESS_DENIED)
-                                                       ? "DENIED" :
-                                                       "ERROR"));
-        return ret;
-    }
-    return op.u.getdecision.acm_decision;
-}
-
-/***************************** main **************************************/
-
-int main(int argc, char **argv)
-{
-
-    int acm_cmd_fd, ret = 0;
-
-    if (argc < 5)
-        usage(argv[0]);
-
-    if ((acm_cmd_fd = open("/proc/xen/privcmd", O_RDONLY)) <= 0) {
-        printf("ERROR: Could not open xen privcmd device!\n");
-        exit(-1);
-    }
-
-    ret = acm_get_decision(acm_cmd_fd, argc, argv);
-
-    printf("Decision: %s (%d)\n",
-           (ret == ACM_ACCESS_PERMITTED) ? "PERMITTED" :
-           ((ret == ACM_ACCESS_DENIED) ? "DENIED" : "ERROR"), ret);
-
-    close(acm_cmd_fd);
-    return ret;
-}
diff --git a/tools/security/getlabel.sh b/tools/security/getlabel.sh
deleted file mode 100644
index f5064c39c1..0000000000
--- a/tools/security/getlabel.sh
+++ /dev/null
@@ -1,94 +0,0 @@
-#!/bin/sh
-# *
-# * getlabel
-# *
-# * Copyright (C) 2005 IBM Corporation
-# *
-# * Authors:
-# * Stefan Berger <stefanb@us.ibm.com>
-# *
-# * This program is free software; you can redistribute it and/or
-# * modify it under the terms of the GNU General Public License as
-# * published by the Free Software Foundation, version 2 of the
-# * License.
-# *
-# * 'getlabel' tries to find the labels corresponding to the ssidref
-# *
-# * 'getlabel -?' shows the usage of the program
-# *
-# * 'getlabel -sid <ssidref> [<policy name>]' lists the label corresponding
-# *                              to the given ssidref.
-# *
-# * 'getlabel -dom <domain id> [<policy name>]' lists the label of the
-# *                              domain with given id
-# *
-#
-
-if [ -z "$runbash" ]; then
-	runbash="1"
-	export runbash
-	exec sh -c "bash $0 $*"
-fi
-
-
-export PATH=$PATH:.
-dir=`dirname $0`
-source $dir/labelfuncs.sh
-
-usage ()
-{
-	prg=`basename $0`
-echo "Use this tool to display the label of a domain or the label that is
-corresponding to an ssidref given the name of the running policy.
-
-Usage: $prg -sid <ssidref> [<policy name> [<policy dir>]] or
-       $prg -dom <domid>   [<policy name> [<policy dir>]]
-
-policy name : the name of the policy, i.e. 'chwall'
-              If the policy name is omitted, the grub.conf
-              entry of the running system is tried to be read
-              and the policy name determined from there.
-policy dir  : the directory where the <policy name> policy is located
-              The default location is '/etc/xen/acm-security/policies'
-ssidref     : an ssidref in hex or decimal format, i.e., '0x00010002'
-              or '65538'
-domid       : id of the domain, i.e., '1'; Use numbers from the 2nd
-              column shown when invoking 'xm list'
-"
-}
-
-
-
-if [ "$1" == "-h" ]; then
-	usage
-	exit 0
-elif [ "$1" == "-dom" ]; then
-	mode="domid"
-	shift
-elif [ "$1" == "-sid" ]; then
-	mode="sid"
-	shift
-else
-	usage
-	exit -1
-fi
-
-setPolicyVars $2 $3
-findMapFile $policy $policydir
-ret=$?
-if [ $ret -eq 0 ]; then
-	echo "Could not find map file for policy '$policy'."
-	exit -1
-fi
-
-if [ "$mode" == "domid" ]; then
-	getSSIDUsingSecpolTool $1
-	ret=$?
-	if [ $ret -eq 0 ]; then
-		echo "Could not determine the SSID of the domain."
-		exit -1
-	fi
-	translateSSIDREF $ssid $mapfile
-else # mode == sid
-	translateSSIDREF $1 $mapfile
-fi
diff --git a/tools/security/install.txt b/tools/security/install.txt
index 3eb4296536..ebdf84f7d4 100644
--- a/tools/security/install.txt
+++ b/tools/security/install.txt
@@ -3,10 +3,11 @@
 #
 # Author:
 # Reiner Sailer 08/15/2005 <sailer@watson.ibm.com>
+#               03/18/2006 update: new labeling
 #
 #
 # This file shows how to activate and install the access control
-# framework.
+# framework for Xen.
 ##
 
 
@@ -20,43 +21,54 @@ Simple Type Enforcement policy. Some file names need to be replaced
 below to activate the Chinese Wall OR the Type Enforcement policy
 exclusively (chwall_ste --> {chwall, ste}).
 
+0. build and install the xm man page. It includes the description of
+   available management commands for the security policy for Xen and
+   the labeling of domains. If not installed by default, you can make
+   and install the xm man page as follows:
+       # cd "xen_root"/doc
+       # make install
+   Then, use man xm to read it:
+       # man xm
+
 1. enable access control in Xen
        # cd "xen_root"
        # edit/xemacs/vi Config.mk
 
        change the lines:
        ACM_SECURITY ?= n
-       ACM_DEFAULT_SECURITY_POLICY ?= ACM_NULL_POLICY
-
        to:
        ACM_SECURITY ?= y
+
+       Now the hypervisor will boot into the policy that is specified
+       in the grub configuration. If you would like to boot into a
+       specific policy (even if you can't specify a boot policy but
+       need to set the policy later using the 'xensec_tool
+       loadpolicy'), then use the other config parameter to change
+       from NULL to any other default policy, e.g.:
        ACM_DEFAULT_SECURITY_POLICY ?= ACM_CHINESE_WALL_AND_SIMPLE_TYPE_ENFORCEMENT_POLICY
 
-       # make all
+       # make dist
        # ./install.sh
 
-2. compile the policy from xml to a binary format that can be loaded
-   into the hypervisor for enforcement
+2. Build acm and policy tools and create boot-able policy:
        # cd tools/security
-       # make
+       # make install
 
-       manual steps (alternative to make boot_install):
-       # ./xensec_xml2bin -d policies/ chwall_ste
-       # cp policies/chwall_ste/chwall_ste.bin /boot
-       # edit /boot/grub/grub.conf
-        add the follwoing line to your xen boot entry:
-       "module /boot/chwall_ste.bin"
+       For description of the following commands, please see the xm
+       man page (docs/man1/xm.1). If it is not built, then you can
+       create it manually: cd "xen_root"/docs; make; man man1/xm.1
 
-       alternatively, you can try our automatic translation and
-       installation of the policy:
-       # make boot_install
-
-       [we try hard to do the right thing to the right boot entry but
-        please verify boot entry in /boot/grub/grub.conf afterwards;
-        your xen boot entry should have an additional module line
-        specifying a chwall_ste.bin file with the correct directory
-        (e.g. "/" or "/boot").]
+       Step1: Building binary version of an example policy:
+       # xm makepolicy example.chwall_ste.client_v1
+       # xm cfgbootpolicy example.chwall_ste.client_v1
 
+       Please verify boot entry in /boot/grub/grub.conf (or menu.lst):
+        title Xen (2.6.16)
+        root (hd0,0)
+        kernel /xen.gz dom0_mem=2000000 console=vga
+        module /vmlinuz-2.6.16-xen ro root=/dev/VolGroup00/LogVol00 rhgb
+        module /initrd-2.6.165-xen-U.img
+        module /example.chwall_ste.client_v1.bin
 
 3. reboot into the newly compiled hypervisor
 
@@ -64,6 +76,12 @@ exclusively (chwall_ste --> {chwall, ste}).
 	# xm dmesg should show an entry about the policy being loaded
             during the boot process
 
-        # xensec_tool getpolicy
-            should print the new chwall_ste binary policy representation
+        # xm dumppolicy
+            should print the new binary policy representation
+            including the policy name example.chwall_ste.client_v1
+
+	# xm list --label
+	    should show security label names behind the running domains
 
+For more information about how to use the security-enabled Xen, see
+the examples.txt file in this directory.
diff --git a/tools/security/labelfuncs.sh b/tools/security/labelfuncs.sh
deleted file mode 100644
index 6eaaba5c60..0000000000
--- a/tools/security/labelfuncs.sh
+++ /dev/null
@@ -1,799 +0,0 @@
-# *
-# * labelfuncs.sh
-# *
-# * Copyright (C) 2005 IBM Corporation
-# *
-# * Authors:
-# * Stefan Berger <stefanb@us.ibm.com>
-# *
-# * This program is free software; you can redistribute it and/or
-# * modify it under the terms of the GNU General Public License as
-# * published by the Free Software Foundation, version 2 of the
-# * License.
-# *
-# *
-# * A collection of functions to handle polcies, mapfiles,
-# * and ssidrefs.
-#
-
-
-#Some global variables for tools using this module
-ACM_DEFAULT_ROOT="/etc/xen/acm-security"
-
-# Set the policy and policydir variables
-# Parameters:
-# 1st : possible policy name
-# 2nd : possible policy directory
-# Results:
-# The variables policy and policydir will hold the values for locating
-# policy information
-# If there are no errors, the functions returns a '1',
-# a '0' otherwise.
-setPolicyVars ()
-{
-	local ret
-	# Set default values
-	policydir="$ACM_DEFAULT_ROOT/policies"
-	policy=""
-
-	if [ "$1" == "" ]; then
-		findGrubConf
-		ret=$?
-		if [ $ret -eq 0 ]; then
-			echo "Could not find grub.conf."
-			return 0;
-		fi
-		findPolicyInGrub $grubconf
-		if [ "$policy" == "" ]; then
-			echo "Could not find policy in grub.conf. Looked for entry using kernel $linux."
-			return 0;
-		fi
-		echo "Assuming policy to be '$policy'.";
-	else
-		policy=$1
-		if [ "$2" != "" ]; then
-			policydir=$2
-		fi
-	fi
-
-	return 1
-}
-
-# Find the mapfile given a policy nmame
-# Parameters:
-# 1st : the name of the policy whose map file is to be found, i.e.,
-#       chwall
-# 2nd : the policy directory for locating the map file
-# Results:
-# The variable mapfile will hold the realtive path to the mapfile
-# for the given policy.
-# In case the mapfile could be found, the functions returns a '1',
-# a '0' otherwise.
-findMapFile ()
-{
-	mapfile="$2/$1/$1.map"
-	if [ -r "$mapfile" ]; then
-		return 1
-	fi
-	return 0
-}
-
-
-# Determine the name of the primary policy
-# Parameters
-# 1st : the path to the mapfile; the path may be relative
-#       to the current directory
-# Results
-# The variable primary will hold the name of the primary policy
-getPrimaryPolicy ()
-{
-	local mapfile=$1
-	primary=`cat $mapfile  |   \
-	         awk '             \
-	          {                \
-	            if ( $1 == "PRIMARY" ) { \
-	              res=$2;                \
-	            }                        \
-	          } END {                    \
-	            print res;               \
-	          } '`
-}
-
-
-# Determine the name of the secondary policy
-# Parameters
-# 1st : the path to the mapfile; the path may be relative
-#       to the current directory
-# Results
-# The variable secondary will hold the name of the secondary policy
-getSecondaryPolicy ()
-{
-	local mapfile=$1
-	secondary=`cat $mapfile  |   \
-	         awk '             \
-	          {                \
-	            if ( $1 == "SECONDARY" ) { \
-	              res=$2;                \
-	            }                        \
-	          } END {                    \
-	            print res;               \
-	          } '`
-}
-
-
-#Return where the grub.conf file is.
-#I only know of one place it can be.
-#Returns:
-# 1 : if the file is writeable and readable
-# 2 : if the file is only readable
-# 0 : if the file does not exist
-findGrubConf()
-{
-	grubconf="/boot/grub/grub.conf"
-	if [ -w $grubconf ]; then
-		return 1
-	fi
-	if [ -r $grubconf ]; then
-		return 2
-	fi
-	return 0
-}
-
-
-# This function sets the global variable 'linux'
-# to the name and version of the Linux kernel that was compiled
-# for domain 0.
-# If this variable could not be found, the variable 'linux'
-# will hold a pattern
-# Parameters:
-# 1st: the path to reach the root directory of the XEN build tree
-#      where linux-*-xen0 is located at
-# Results:
-# The variable linux holds then name and version of the compiled
-# kernel, i.e., 'vmlinuz-2.6.12-xen0'
-getLinuxVersion ()
-{
-	local path
-	local versionfile
-	local lnx
-	if [ "$1" == "" ]; then
-		path="/lib/modules/*-xen0"
-	else
-		path="/lib/modules/$1"
-	fi
-
-	linux=""
-	for f in $path/linux-*-xen0 ; do
-		versionfile=$f/build/include/linux/version.h
-		if [ -r $versionfile ]; then
-			lnx=`cat $versionfile | \
-			     grep UTS_RELEASE | \
-			     awk '{             \
-			       len=length($3);  \
-			       version=substr($3,2,len-2);     \
-			       split(version,numbers,".");     \
-			       if (numbers[4]=="") {           \
-			         printf("%s.%s.%s",            \
-			                 numbers[1],           \
-			                 numbers[2],           \
-			                 numbers[3]);          \
-			       } else {                        \
-			         printf("%s.%s.%s[.0-9]*-xen0",\
-			                numbers[1],            \
-			                numbers[2],            \
-			                numbers[3]);           \
-			       }                               \
-			     }'`
-		fi
-		if [ "$lnx" != "" ]; then
-			linux="[./0-9a-zA-z]*$lnx"
-			return;
-		fi
-	done
-
-	#Last resort.
-	linux="vmlinuz-2.[45678].[0-9]*[.0-9]*-xen0$"
-}
-
-
-# Find out with which policy the hypervisor was booted with.
-# Parameters
-# 1st : The complete path to grub.conf, i.e., /boot/grub/grub.conf
-# Result:
-# Sets the variable 'policy' to the name of the policy
-findPolicyInGrub ()
-{
-	local grubconf=$1
-	local linux=`uname -r`
-	policy=`cat $grubconf |                        \
-	         awk -vlinux=$linux '{                 \
-	           if ( $1 == "title" ) {              \
-	             kernelfound = 0;                  \
-	             policymaycome = 0;                \
-	           }                                   \
-	           else if ( $1 == "kernel" ) {        \
-	             if ( match($2,"xen.gz$") ) {      \
-	               pathlen=RSTART;                 \
-	               kernelfound = 1;                \
-	             }                                 \
-	           }                                   \
-	           else if ( $1 == "module" &&         \
-	                     kernelfound == 1 &&       \
-	                     match($2,linux) ) {       \
-	              policymaycome = 1;               \
-	           }                                   \
-	           else if ( $1 == "module" &&         \
-	                     kernelfound == 1 &&       \
-	                     policymaycome == 1 &&     \
-	                     match($2,"[0-9a-zA-Z_]*.bin$") ) { \
-	              policymaycome = 0;               \
-	              kernelfound = 0;                 \
-	              polname = substr($2,pathlen);    \
-	              len=length(polname);             \
-	              polname = substr(polname,0,len-4); \
-	           }                                   \
-	         } END {                               \
-	           print polname                       \
-	         }'`
-}
-
-
-# Get the SSID of a domain
-# Parameters:
-# 1st : domain ID, i.e. '1'
-# Results
-# If the ssid could be found, the variable 'ssid' will hold
-# the currently used ssid in the hex format, i.e., '0x00010001'.
-# The funtion returns '1' on success, '0' on failure
-getSSIDUsingSecpolTool ()
-{
-	local domid=$1
-	export PATH=$PATH:.
-	ssid=`xensec_tool getssid -d $domid -f | \
-	        grep -E "SSID:" |          \
-	        awk '{ print $4 }'`
-
-	if [ "$ssid" != "" ]; then
-		return 1
-	fi
-	return 0
-}
-
-
-# Break the ssid identifier into its high and low values,
-# which are equal to the secondary and primary policy references.
-# Parameters:
-# 1st: ssid to break into high and low value, i.e., '0x00010002'
-# Results:
-# The variable ssidlo_int and ssidhi_int will hold the low and
-# high ssid values as integers.
-getSSIDLOHI ()
-{
-	local ssid=$1
-	ssidlo_int=`echo $ssid | awk          \
-	            '{                        \
-	               len=length($0);        \
-	               beg=substr($0,1,2);    \
-	               if ( beg == "0x" ) {   \
-	                   dig = len - 2;     \
-	                   if (dig <= 0) {    \
-	                     exit;            \
-	                   }                  \
-	                   if (dig > 4) {     \
-	                     dig=4;           \
-	                   }                  \
-	                   lo=sprintf("0x%s",substr($0,len-dig+1,dig)); \
-	                   print strtonum(lo);\
-	               } else {               \
-	                   lo=strtonum($0);   \
-	                   if (lo < 65536) {  \
-	                     print lo;        \
-	                   } else {           \
-	                     hi=lo;           \
-	                     hi2= (hi / 65536);\
-	                     hi2_str=sprintf("%d",hi2); \
-	                     hi2=strtonum(hi2_str);\
-	                     lo=hi-(hi2*65536); \
-	                     printf("%d",lo); \
-	                   }                  \
-			}                     \
-	            }'`
-	ssidhi_int=`echo $ssid | awk          \
-	            '{                        \
-	               len=length($0);        \
-	               beg=substr($0,1,2);    \
-	               if ( beg == "0x" ) {   \
-	                   dig = len - 2;     \
-	                   if (dig <= 0 ||    \
-	                     dig >  8) {      \
-	                     exit;            \
-	                   }                  \
-	                   if (dig < 4) {     \
-	                     print 0;         \
-	                     exit;            \
-	                   }                  \
-	                   dig -= 4;          \
-	                   hi=sprintf("0x%s",substr($0,len-4-dig+1,dig)); \
-	                   print strtonum(hi);\
-	               } else {               \
-	                   hi=strtonum($0);   \
-	                   if (hi >= 65536) { \
-	                     hi = hi / 65536; \
-	                     printf ("%d",hi);\
-	                   } else {           \
-	                     printf ("0");    \
-	                   }                  \
-	               }                      \
-	            }'`
-	if [ "$ssidhi_int" == "" -o \
-	     "$ssidlo_int" == "" ]; then
-		return 0;
-	fi
-	return 1
-}
-
-
-#Update the grub configuration file.
-#Search for existing entries and replace the current
-#policy entry with the policy passed to this script
-#
-#Arguments passed to this function
-# 1st : the grub configuration file with full path
-# 2nd : the binary policy file name, i.e. chwall.bin
-# 3rd : the name or pattern of the linux kernel name to match
-#       (this determines where the module entry will be made)
-#
-# The algorithm here is based on pattern matching
-# and is working correctly if
-# - under a title a line beginning with 'kernel' is found
-#   whose following item ends with "xen.gz"
-#   Example:  kernel /xen.gz dom0_mem=....
-# - a module line matching the 3rd parameter is found
-#
-updateGrub ()
-{
-	local grubconf=$1
-	local policyfile=$2
-	local linux=$3
-
-	local tmpfile="/tmp/new_grub.conf"
-
-	cat $grubconf |                                \
-	         awk -vpolicy=$policyfile              \
-	             -vlinux=$linux '{                 \
-	           if ( $1 == "title" ) {              \
-	             kernelfound = 0;                  \
-	             if ( policymaycome == 1 ){        \
-	               printf ("\tmodule %s%s\n", path, policy);      \
-	             }                                 \
-	             policymaycome = 0;                \
-	           }                                   \
-	           else if ( $1 == "kernel" ) {        \
-	             if ( match($2,"xen.gz$") ) {      \
-	               path=substr($2,1,RSTART-1);     \
-	               kernelfound = 1;                \
-	             }                                 \
-	           }                                   \
-	           else if ( $1 == "module" &&         \
-	                     kernelfound == 1 &&       \
-	                     match($2,linux) ) {       \
-	              policymaycome = 1;               \
-	           }                                   \
-	           else if ( $1 == "module" &&         \
-	                     kernelfound == 1 &&       \
-	                     policymaycome == 1 &&     \
-	                     match($2,"[0-9a-zA-Z]*.bin$") ) { \
-	              printf ("\tmodule %s%s\n", path, policy); \
-	              policymaycome = 0;               \
-	              kernelfound = 0;                 \
-	              dontprint = 1;                   \
-	           }                                   \
-	           else if ( $1 == "" &&               \
-	                     kernelfound == 1 &&       \
-	                     policymaycome == 1) {     \
-	              dontprint = 1;                   \
-	           }                                   \
-	           if (dontprint == 0) {               \
-	             printf ("%s\n", $0);              \
-	           }                                   \
-	           dontprint = 0;                      \
-	         } END {                               \
-	           if ( policymaycome == 1 ) {         \
-	             printf ("\tmodule %s%s\n", path, policy);  \
-	           }                                   \
-	         }' > $tmpfile
-	if [ ! -r $tmpfile ]; then
-		echo "Could not create temporary file! Aborting."
-		exit -1
-	fi
-	diff $tmpfile $grubconf > /dev/null
-	RES=$?
-	if [ "$RES" == "0" ]; then
-		echo "No changes were made to $grubconf."
-	else
-		echo "Successfully updated $grubconf."
-		mv -f $tmpfile $grubconf
-	fi
-}
-
-
-#Compile a policy into its binary representation
-# Parameters:
-# 1st: The directory where the ./policies directory is located at
-# 2nd: The name of the policy
-genBinPolicy ()
-{
-	local root=$1
-	local policy=$2
-	pushd $root > /dev/null
-	xensec_xml2bin -d policies $policy > /dev/null
-	popd > /dev/null
-}
-
-
-# Copy the bootpolicy into the destination directory
-# Generate the policy's .bin and .map files if necessary
-# Parameters:
-# 1st: Destination directory
-# 2nd: The root directory of the security tools; this is where the
-#      policies directory is located at
-# 3rd: The policy name
-# Returns  '1' on success, '0' on failure.
-cpBootPolicy ()
-{
-	local dest=$1
-	local root=$2
-	local policy=$3
-	local binfile=$root/policies/$policy/$policy.bin
-	local dstfile=$dest/$policy.bin
-	if [ ! -e $binfile ]; then
-		genBinPolicy $root $policy
-		if [ ! -e $binfile ]; then
-			echo "Could not compile policy '$policy'."
-			return 0
-		fi
-	fi
-
-	if [ ! -e $dstfile -o \
-	     $binfile -nt $dstfile ]; then
-		cp -f $binfile $dstfile
-	fi
-	return 1
-}
-
-
-# Display all the labels in a given mapfile
-# Parameters
-# 1st: Full or relative path to the policy's mapfile
-showLabels ()
-{
-	local mapfile=$1
-	local line
-	local ITEM
-	local found=0
-
-	if [ ! -r "$mapfile" -o "$mapfile" == "" ]; then
-		echo "Cannot read from vm configuration file $vmfile."
-		return -1
-	fi
-
-	getPrimaryPolicy $mapfile
-	getSecondaryPolicy $mapfile
-
-	echo "The following labels are available:"
-	let line=1
-	while [ 1 ]; do
-		ITEM=`cat $mapfile |         \
-		      awk -vline=$line       \
-		          -vprimary=$primary \
-		      '{                     \
-		         if ($1 == "LABEL->SSID" &&  \
-		             $2 == "VM" &&           \
-		             $3 == primary ) {       \
-		           ctr++;                    \
-		           if (ctr == line) {        \
-		             print $4;               \
-		           }                         \
-		         }                           \
-		       } END {                       \
-		       }'`
-
-		if [ "$ITEM" == "" ]; then
-			break
-		fi
-		if [ "$secondary" != "NULL" ]; then
-			LABEL=`cat $mapfile |     \
-			       awk -vitem=$ITEM   \
-			       '{
-			          if ($1 == "LABEL->SSID" && \
-			              $2 == "VM" &&          \
-			              $3 == "CHWALL" &&      \
-			              $4 == item ) {         \
-			            result = item;           \
-			          }                          \
-			        } END {                      \
-			            print result             \
-			        }'`
-		else
-			LABEL=$ITEM
-		fi
-
-		if [ "$LABEL" != "" ]; then
-			echo "$LABEL"
-			found=1
-		fi
-		let line=line+1
-	done
-	if [ "$found" != "1" ]; then
-		echo "No labels found."
-	fi
-}
-
-
-# Get the default SSID given a mapfile and the policy name
-# Parameters
-# 1st: Full or relative path to the policy's mapfile
-# 2nd: the name of the policy
-getDefaultSsid ()
-{
-	local mapfile=$1
-	local pol=$2
-	RES=`cat $mapfile    \
-	     awk -vpol=$pol  \
-	      {              \
-	        if ($1 == "LABEL->SSID" && \
-	            $2 == "ANY"         && \
-	            $3 == pol           && \
-	            $4 == "DEFAULT"       ) {\
-	              res=$5;                \
-	        }                            \
-	      } END {                        \
-	        printf "%04x", strtonum(res) \
-	     }'`
-	echo "default NULL mapping is $RES"
-	defaultssid=$RES
-}
-
-
-#Relabel a VM configuration file
-# Parameters
-# 1st: Full or relative path to the VM configuration file
-# 2nd: The label to translate into an ssidref
-# 3rd: Full or relative path to the policy's map file
-# 4th: The mode this function is supposed to operate in:
-#      'relabel' : Relabels the file without querying the user
-#      other     : Prompts the user whether to proceed
-relabel ()
-{
-	local vmfile=$1
-	local label=$2
-	local mapfile=$3
-	local mode=$4
-	local SSIDLO
-	local SSIDHI
-	local RES
-
-	if [ ! -r "$vmfile" ]; then
-		echo "Cannot read from vm configuration file $vmfile."
-		return -1
-	fi
-
-	if [ ! -w "$vmfile" ]; then
-		echo "Cannot write to vm configuration file $vmfile."
-		return -1
-	fi
-
-	if [ ! -r "$mapfile" ] ; then
-		echo "Cannot read mapping file $mapfile."
-		return -1
-	fi
-
-	# Determine which policy is primary, which sec.
-	getPrimaryPolicy $mapfile
-	getSecondaryPolicy $mapfile
-
-	# Calculate the primary policy's SSIDREF
-	if [ "$primary" == "NULL" ]; then
-		SSIDLO="0001"
-	else
-		SSIDLO=`cat $mapfile |                    \
-		        awk -vlabel=$label                \
-		            -vprimary=$primary            \
-		           '{                             \
-		              if ( $1 == "LABEL->SSID" && \
-		                   $2 == "VM" &&          \
-		                   $3 == primary  &&      \
-		                   $4 == label ) {        \
-		                result=$5                 \
-		              }                           \
-		           } END {                        \
-		             if (result != "" )           \
-		               {printf "%04x", strtonum(result)}\
-		           }'`
-	fi
-
-	# Calculate the secondary policy's SSIDREF
-	if [ "$secondary" == "NULL" ]; then
-		if [ "$primary" == "NULL" ]; then
-			SSIDHI="0001"
-		else
-			SSIDHI="0000"
-		fi
-	else
-		SSIDHI=`cat $mapfile |                    \
-		        awk -vlabel=$label                \
-		            -vsecondary=$secondary        \
-		           '{                             \
-		              if ( $1 == "LABEL->SSID" && \
-		                   $2 == "VM"          && \
-		                   $3 == secondary     && \
-		                   $4 == label ) {        \
-		                result=$5                 \
-		              }                           \
-		            }  END {                      \
-		              if (result != "" )          \
-		                {printf "%04x", strtonum(result)}\
-		            }'`
-	fi
-
-	if [ "$SSIDLO" == "" -o \
-	     "$SSIDHI" == "" ]; then
-		echo "Could not map the given label '$label'."
-		return -1
-	fi
-
-	ACM_POLICY=`cat $mapfile |             \
-	    awk ' { if ( $1 == "POLICY" ) {    \
-	              result=$2                \
-	            }                          \
-	          }                            \
-	          END {                        \
-	            if (result != "") {        \
-	              printf result            \
-	            }                          \
-	          }'`
-
-	if [ "$ACM_POLICY" == "" ]; then
-		echo "Could not find 'POLICY' entry in map file."
-		return -1
-	fi
-
-	SSIDREF="0x$SSIDHI$SSIDLO"
-
-	if [ "$mode" != "relabel" ]; then
-		RES=`cat $vmfile |  \
-		     awk '{         \
-		       if ( substr($1,0,7) == "ssidref" ) {\
-		         print $0;             \
-		       }                       \
-		     }'`
-		if [ "$RES" != "" ]; then
-			echo "Do you want to overwrite the existing mapping ($RES)? (y/N)"
-			read user
-			if [ "$user" != "y" -a "$user" != "Y" ]; then
-				echo "Aborted."
-				return 0
-			fi
-		fi
-	fi
-
-	#Write the output
-	local vmtmp1="/tmp/__setlabel.tmp1"
-	local vmtmp2="/tmp/__setlabel.tmp2"
-	touch $vmtmp1
-	touch $vmtmp2
-	if [ ! -w "$vmtmp1" -o ! -w "$vmtmp2" ]; then
-		echo "Cannot create temporary files. Aborting."
-		return -1
-	fi
-	RES=`sed -e '/^#ACM_POLICY/d' $vmfile > $vmtmp1`
-	RES=`sed -e '/^#ACM_LABEL/d' $vmtmp1 > $vmtmp2`
-	RES=`sed -e '/^ssidref/d' $vmtmp2 > $vmtmp1`
-	echo "#ACM_POLICY=$ACM_POLICY" >> $vmtmp1
-	echo "#ACM_LABEL=$label" >> $vmtmp1
-	echo "ssidref = $SSIDREF" >> $vmtmp1
-	mv -f $vmtmp1 $vmfile
-	rm -rf $vmtmp1 $vmtmp2
-	echo "Mapped label '$label' to ssidref '$SSIDREF'."
-}
-
-
-# Translate an ssidref into its label. This does the reverse lookup
-# to the relabel function above.
-# This function displays the results.
-# Parameters:
-# 1st: The ssidref to translate; must be in the form '0x00010002'
-# 2nd: Full or relative path to the policy's mapfile
-translateSSIDREF ()
-{
-	local ssidref=$1
-	local mapfile=$2
-	local line1
-	local line2
-
-	if [ ! -r "$mapfile" -o "$mapfile" == "" ]; then
-		echo "Cannot read from vm configuration file $vmfile."
-		return -1
-	fi
-
-	getPrimaryPolicy $mapfile
-	getSecondaryPolicy $mapfile
-
-	if [ "$primary" == "NULL" -a "$secondary" == "NULL" ]; then
-		echo "There are no labels for the NULL policy."
-		return
-	fi
-
-	getSSIDLOHI $ssidref
-	ret=$?
-	if [ $ret -ne 1 ]; then
-		echo "Error while parsing the ssid ref number '$ssidref'."
-	fi;
-
-	let line1=0
-	let line2=0
-	while [ 1 ]; do
-		ITEM1=`cat $mapfile |                       \
-		      awk -vprimary=$primary                \
-		          -vssidlo=$ssidlo_int              \
-		          -vline=$line1                     \
-		      '{                                    \
-		         if ( $1 == "LABEL->SSID" &&        \
-		              $3 == primary &&              \
-		              int($5) == ssidlo     ) {     \
-		             if (l == line) {               \
-		                 print $4;                  \
-		                 exit;                      \
-		             }                              \
-		             l++;                           \
-		         }                                  \
-		       }'`
-
-		ITEM2=`cat $mapfile |                       \
-		      awk -vsecondary=$secondary            \
-		          -vssidhi=$ssidhi_int              \
-		          -vline=$line2                     \
-		      '{                                    \
-		         if ( $1 == "LABEL->SSID" &&        \
-		              $3 == secondary &&            \
-		              int($5) == ssidhi     ) {     \
-		             if (l == line) {               \
-		                 print $4;                  \
-		                 exit;                      \
-		             }                              \
-		             l++;                           \
-		         }                                  \
-		       }'`
-
-		if [ "$secondary" != "NULL" ]; then
-			if [ "$ITEM1" == "" ]; then
-				let line1=0
-				let line2=line2+1
-			else
-				let line1=line1+1
-			fi
-
-			if [ "$ITEM1" == "" -a \
-			     "$ITEM2" == "" ]; then
-				echo "Could not determine the referenced label."
-				break
-			fi
-
-			if [ "$ITEM1" == "$ITEM2" ]; then
-				echo "Label: $ITEM1"
-				break
-			fi
-		else
-			if [ "$ITEM1" != "" ]; then
-				echo "Label: $ITEM1"
-			else
-				if [ "$found" == "0" ]; then
-					found=1
-				else
-					break
-				fi
-			fi
-			let line1=line1+1
-		fi
-	done
-}
diff --git a/tools/security/policies/chwall/chwall-security_label_template.xml b/tools/security/policies/chwall/chwall-security_label_template.xml
deleted file mode 100644
index 3a286f7fc6..0000000000
--- a/tools/security/policies/chwall/chwall-security_label_template.xml
+++ /dev/null
@@ -1,76 +0,0 @@
-<?xml version="1.0"?>
-<!-- Author: Reiner Sailer, Ray Valdez {sailer,rvaldez}@us.ibm.com  -->
-<!--              This file defines the security labels, which can  -->
-<!--              be attached to Domains and resources. Based on    -->
-<!--              these labels, the access control module decides   -->
-<!--              about sharing between Domains and about access    -->
-<!--              of Domains to real resources.                     -->
-
-<SecurityLabelTemplate
- xmlns="http://www.ibm.com"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://www.ibm.com security_policy.xsd">
-   <LabelHeader>
-      <Name>chwall-security_label_template</Name>
-      <Date>2005-08-10</Date>
-      <PolicyName>
-         <Url>chwall-security_policy.xml</Url>
-         <Reference>abcdef123456abcdef</Reference>
-      </PolicyName>
-   </LabelHeader>
-
-   <SubjectLabels bootstrap="dom_SystemManagement">
-      <!-- single ste typed domains            -->
-      <!-- ACM enforces that only domains with -->
-      <!-- the same type can share information -->
-      <!--                                     -->
-      <!-- Bootstrap label is assigned to Dom0 -->
-      <VirtualMachineLabel>
-      	<Name>dom_HomeBanking</Name>
-         <ChineseWallTypes>
-            <Type>cw_Sensitive</Type>
-         </ChineseWallTypes>
-      </VirtualMachineLabel>
-
-      <VirtualMachineLabel>
-      	<Name>dom_Fun</Name>
-         <ChineseWallTypes>
-            <Type>cw_Distrusted</Type>
-         </ChineseWallTypes>
-      </VirtualMachineLabel>
-
-      <VirtualMachineLabel>
-        <!-- donating some cycles to seti@home -->
-      	<Name>dom_BoincClient</Name>
-         <ChineseWallTypes>
-            <Type>cw_Isolated</Type>
-         </ChineseWallTypes>
-      </VirtualMachineLabel>
-
-      <!-- Domains with multiple ste types services; such domains   -->
-      <!-- must keep the types inside their domain safely confined. -->
-      <VirtualMachineLabel>
-      	<Name>dom_SystemManagement</Name>
-         <ChineseWallTypes>
-            <Type>cw_SystemManagement</Type>
-         </ChineseWallTypes>
-      </VirtualMachineLabel>
-
-      <VirtualMachineLabel>
-        <!-- serves persistent storage to other domains -->
-      	<Name>dom_StorageDomain</Name>
-         <ChineseWallTypes>
-            <Type>cw_SystemManagement</Type>
-         </ChineseWallTypes>
-      </VirtualMachineLabel>
-
-      <VirtualMachineLabel>
-        <!-- serves network access to other domains -->
-      	<Name>dom_NetworkDomain</Name>
-         <ChineseWallTypes>
-            <Type>cw_SystemManagement</Type>
-         </ChineseWallTypes>
-      </VirtualMachineLabel>
-   </SubjectLabels>
-</SecurityLabelTemplate>
-
diff --git a/tools/security/policies/chwall/chwall-security_policy.xml b/tools/security/policies/chwall/chwall-security_policy.xml
deleted file mode 100644
index fabe1ae161..0000000000
--- a/tools/security/policies/chwall/chwall-security_policy.xml
+++ /dev/null
@@ -1,36 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!-- Author: Reiner Sailer, Ray Valdez {sailer,rvaldez}@us.ibm.com  -->
-<!--             This file defines the security policies, which     -->
-<!--             can be enforced by the Xen Access Control Module.  -->
-<!--             Currently: Chinese Wall and Simple Type Enforcement-->
-<SecurityPolicyDefinition xmlns="http://www.ibm.com"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://www.ibm.com security_policy.xsd">
-<PolicyHeader>
-		<Name>chwall-security_policy</Name>
-		<Date>2005-08-10</Date>
-</PolicyHeader>
-<!--                                             -->
-<!-- example of a chinese wall type definition   -->
-<!-- along with its conflict sets                -->
-<!-- (typse in a confict set are exclusive, i.e. -->
-<!--  once a Domain with one type of a set is    -->
-<!--  running, no other Domain with another type -->
-<!--  of the same conflict set can start.)       -->
-	<ChineseWall priority="PrimaryPolicyComponent">
-        <ChineseWallTypes>
-            <Type>cw_SystemManagement</Type>
-            <Type>cw_Sensitive</Type>
-            <Type>cw_Isolated</Type>
-            <Type>cw_Distrusted</Type>
-        </ChineseWallTypes>
-
-        <ConflictSets>
-        <Conflict name="Protection1">
-            <Type>cw_Sensitive</Type>
-            <Type>cw_Distrusted</Type>
-        </Conflict>
-        </ConflictSets>
-	</ChineseWall>
-</SecurityPolicyDefinition>
-
diff --git a/tools/security/policies/chwall_ste/chwall_ste-security_label_template.xml b/tools/security/policies/chwall_ste/chwall_ste-security_label_template.xml
deleted file mode 100644
index 1a311fbb4a..0000000000
--- a/tools/security/policies/chwall_ste/chwall_ste-security_label_template.xml
+++ /dev/null
@@ -1,167 +0,0 @@
-<?xml version="1.0"?>
-<!-- Author: Reiner Sailer, Ray Valdez {sailer,rvaldez}@us.ibm.com  -->
-<!--              This file defines the security labels, which can  -->
-<!--              be attached to Domains and resources. Based on    -->
-<!--              these labels, the access control module decides   -->
-<!--              about sharing between Domains and about access    -->
-<!--              of Domains to real resources.                     -->
-
-<SecurityLabelTemplate
- xmlns="http://www.ibm.com"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://www.ibm.com security_policy.xsd">
-   <LabelHeader>
-      <Name>chwall_ste-security_label_template</Name>
-      <Date>2005-08-10</Date>
-      <PolicyName>
-         <Url>chwall_ste-security_policy.xml</Url>
-         <Reference>abcdef123456abcdef</Reference>
-      </PolicyName>
-   </LabelHeader>
-
-   <SubjectLabels bootstrap="dom_SystemManagement">
-      <!-- single ste typed domains            -->
-      <!-- ACM enforces that only domains with -->
-      <!-- the same type can share information -->
-      <!--                                     -->
-      <!-- Bootstrap label is assigned to Dom0 -->
-      <VirtualMachineLabel>
-      	<Name>dom_HomeBanking</Name>
-         <SimpleTypeEnforcementTypes>
-            <Type>ste_PersonalFinances</Type>
-         </SimpleTypeEnforcementTypes>
-
-         <ChineseWallTypes>
-            <Type>cw_Sensitive</Type>
-         </ChineseWallTypes>
-      </VirtualMachineLabel>
-
-      <VirtualMachineLabel>
-      	<Name>dom_Fun</Name>
-         <SimpleTypeEnforcementTypes>
-            <Type>ste_InternetInsecure</Type>
-         </SimpleTypeEnforcementTypes>
-
-         <ChineseWallTypes>
-            <Type>cw_Distrusted</Type>
-         </ChineseWallTypes>
-      </VirtualMachineLabel>
-
-      <VirtualMachineLabel>
-        <!-- donating some cycles to seti@home -->
-      	<Name>dom_BoincClient</Name>
-         <SimpleTypeEnforcementTypes>
-            <Type>ste_DonatedCycles</Type>
-         </SimpleTypeEnforcementTypes>
-
-         <ChineseWallTypes>
-            <Type>cw_Isolated</Type>
-         </ChineseWallTypes>
-      </VirtualMachineLabel>
-
-      <!-- Domains with multiple ste types services; such domains   -->
-      <!-- must keep the types inside their domain safely confined. -->
-      <VirtualMachineLabel>
-      	<Name>dom_SystemManagement</Name>
-         <SimpleTypeEnforcementTypes>
-            <!-- since dom0 needs access to every domain and -->
-            <!-- resource right now ... -->
-            <Type>ste_SystemManagement</Type>
-            <Type>ste_PersonalFinances</Type>
-            <Type>ste_InternetInsecure</Type>
-            <Type>ste_DonatedCycles</Type>
-            <Type>ste_PersistentStorageA</Type>
-            <Type>ste_NetworkAdapter0</Type>
-         </SimpleTypeEnforcementTypes>
-
-         <ChineseWallTypes>
-            <Type>cw_SystemManagement</Type>
-         </ChineseWallTypes>
-      </VirtualMachineLabel>
-
-      <VirtualMachineLabel>
-        <!-- serves persistent storage to other domains -->
-      	<Name>dom_StorageDomain</Name>
-         <SimpleTypeEnforcementTypes>
-            <!-- access right to the resource (hard drive a) -->
-            <Type>ste_PersistentStorageA</Type>
-            <!-- can serve following types -->
-            <Type>ste_PersonalFinances</Type>
-            <Type>ste_InternetInsecure</Type>
-         </SimpleTypeEnforcementTypes>
-
-         <ChineseWallTypes>
-            <Type>cw_SystemManagement</Type>
-         </ChineseWallTypes>
-      </VirtualMachineLabel>
-
-      <VirtualMachineLabel>
-        <!-- serves network access to other domains -->
-      	<Name>dom_NetworkDomain</Name>
-         <SimpleTypeEnforcementTypes>
-            <!-- access right to the resource (ethernet card) -->
-            <Type>ste_NetworkAdapter0</Type>
-            <!-- can serve following types -->
-            <Type>ste_PersonalFinances</Type>
-            <Type>ste_InternetInsecure</Type>
-            <Type>ste_DonatedCycles</Type>
-         </SimpleTypeEnforcementTypes>
-
-         <ChineseWallTypes>
-            <Type>cw_SystemManagement</Type>
-         </ChineseWallTypes>
-      </VirtualMachineLabel>
-   </SubjectLabels>
-
-   <ObjectLabels>
-      <ResourceLabel>
-      	<Name>res_ManagementResource</Name>
-         <SimpleTypeEnforcementTypes>
-            <Type>ste_SystemManagement</Type>
-         </SimpleTypeEnforcementTypes>
-      </ResourceLabel>
-
-      <ResourceLabel>
-      	<Name>res_HardDrive (hda)</Name>
-         <SimpleTypeEnforcementTypes>
-            <Type>ste_PersistentStorageA</Type>
-         </SimpleTypeEnforcementTypes>
-      </ResourceLabel>
-
-      <ResourceLabel>
-      	<Name>res_LogicalDiskPartition1 (hda1)</Name>
-         <SimpleTypeEnforcementTypes>
-            <Type>ste_PersonalFinances</Type>
-         </SimpleTypeEnforcementTypes>
-      </ResourceLabel>
-
-      <ResourceLabel>
-      	<Name>res_LogicalDiskPartition2 (hda2)</Name>
-         <SimpleTypeEnforcementTypes>
-            <Type>ste_InternetInsecure</Type>
-         </SimpleTypeEnforcementTypes>
-      </ResourceLabel>
-
-      <ResourceLabel>
-      	<Name>res_EthernetCard</Name>
-         <SimpleTypeEnforcementTypes>
-            <Type>ste_NetworkAdapter0</Type>
-         </SimpleTypeEnforcementTypes>
-      </ResourceLabel>
-
-      <ResourceLabel>
-      	<Name>res_SecurityToken</Name>
-         <SimpleTypeEnforcementTypes>
-            <Type>ste_PersonalFinances</Type>
-         </SimpleTypeEnforcementTypes>
-      </ResourceLabel>
-
-      <ResourceLabel>
-      	<Name>res_GraphicsAdapter</Name>
-         <SimpleTypeEnforcementTypes>
-            <Type>ste_SystemManagement</Type>
-         </SimpleTypeEnforcementTypes>
-      </ResourceLabel>
-   </ObjectLabels>
-</SecurityLabelTemplate>
-
diff --git a/tools/security/policies/chwall_ste/chwall_ste-security_policy.xml b/tools/security/policies/chwall_ste/chwall_ste-security_policy.xml
deleted file mode 100644
index bbbad3b3f0..0000000000
--- a/tools/security/policies/chwall_ste/chwall_ste-security_policy.xml
+++ /dev/null
@@ -1,49 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!-- Author: Reiner Sailer, Ray Valdez {sailer,rvaldez}@us.ibm.com  -->
-<!--             This file defines the security policies, which     -->
-<!--             can be enforced by the Xen Access Control Module.  -->
-<!--             Currently: Chinese Wall and Simple Type Enforcement-->
-<SecurityPolicyDefinition xmlns="http://www.ibm.com"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://www.ibm.com security_policy.xsd">
-<PolicyHeader>
-		<Name>chwall_ste-security_policy</Name>
-		<Date>2005-08-10</Date>
-</PolicyHeader>
-<!--                                                        -->
-<!-- example of a simple type enforcement policy definition -->
-<!--                                                        -->
-	<SimpleTypeEnforcement>
-        <SimpleTypeEnforcementTypes>
-            <Type>ste_SystemManagement</Type>   <!-- machine/security management -->
-            <Type>ste_PersonalFinances</Type>   <!-- personal finances -->
-            <Type>ste_InternetInsecure</Type>   <!-- games, active X, etc. -->
-            <Type>ste_DonatedCycles</Type>      <!-- donation to BOINC/seti@home -->
-            <Type>ste_PersistentStorageA</Type> <!-- domain managing the harddrive A-->
-            <Type>ste_NetworkAdapter0</Type>    <!-- type of the domain managing ethernet adapter 0-->
-        </SimpleTypeEnforcementTypes>
-	</SimpleTypeEnforcement>
-<!--                                             -->
-<!-- example of a chinese wall type definition   -->
-<!-- along with its conflict sets                -->
-<!-- (typse in a confict set are exclusive, i.e. -->
-<!--  once a Domain with one type of a set is    -->
-<!--  running, no other Domain with another type -->
-<!--  of the same conflict set can start.)       -->
-	<ChineseWall priority="PrimaryPolicyComponent">
-        <ChineseWallTypes>
-            <Type>cw_SystemManagement</Type>
-            <Type>cw_Sensitive</Type>
-            <Type>cw_Isolated</Type>
-            <Type>cw_Distrusted</Type>
-        </ChineseWallTypes>
-
-        <ConflictSets>
-        <Conflict name="Protection1">
-            <Type>cw_Sensitive</Type>
-            <Type>cw_Distrusted</Type>
-        </Conflict>
-        </ConflictSets>
-	</ChineseWall>
-</SecurityPolicyDefinition>
-
diff --git a/tools/security/policies/example/chwall/client_v1-security_policy.xml b/tools/security/policies/example/chwall/client_v1-security_policy.xml
new file mode 100644
index 0000000000..6c1ee84e5e
--- /dev/null
+++ b/tools/security/policies/example/chwall/client_v1-security_policy.xml
@@ -0,0 +1,90 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!-- Author: Reiner Sailer, Ray Valdez {sailer,rvaldez}@us.ibm.com  -->
+<!--             This file defines the security policies, which     -->
+<!--             can be enforced by the Xen Access Control Module.  -->
+<!--             Currently: Chinese Wall and Simple Type Enforcement-->
+<SecurityPolicyDefinition xmlns="http://www.ibm.com" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.ibm.com ../../security_policy.xsd ">
+	<PolicyHeader>
+		<PolicyName>example.chwall.client_v1</PolicyName>
+		<PolicyUrl>www.ibm.com/example/chwall/client_v1</PolicyUrl>
+		<Date>2006-03-31</Date>
+	</PolicyHeader>
+	<!--                                             -->
+	<!-- example of a chinese wall type definition   -->
+	<!-- along with its conflict sets                -->
+	<!-- (typse in a confict set are exclusive, i.e. -->
+	<!--  once a Domain with one type of a set is    -->
+	<!--  running, no other Domain with another type -->
+	<!--  of the same conflict set can start.)       -->
+	<ChineseWall priority="PrimaryPolicyComponent">
+		<ChineseWallTypes>
+			<Type>cw_SystemManagement</Type>
+			<Type>cw_Sensitive</Type>
+			<Type>cw_Isolated</Type>
+			<Type>cw_Distrusted</Type>
+		</ChineseWallTypes>
+		<ConflictSets>
+			<Conflict name="Protection1">
+				<Type>cw_Sensitive</Type>
+				<Type>cw_Distrusted</Type>
+			</Conflict>
+		</ConflictSets>
+	</ChineseWall>
+	<SecurityLabelTemplate>
+		<SubjectLabels bootstrap="dom_SystemManagement">
+			<!-- single ste typed domains            -->
+			<!-- ACM enforces that only domains with -->
+			<!-- the same type can share information -->
+			<!--                                     -->
+			<!-- Bootstrap label is assigned to Dom0 -->
+			<VirtualMachineLabel>
+				<Name>dom_HomeBanking</Name>
+				<ChineseWallTypes>
+					<Type>cw_Sensitive</Type>
+				</ChineseWallTypes>
+			</VirtualMachineLabel>
+
+			<VirtualMachineLabel>
+				<Name>dom_Fun</Name>
+				<ChineseWallTypes>
+					<Type>cw_Distrusted</Type>
+				</ChineseWallTypes>
+			</VirtualMachineLabel>
+
+			<VirtualMachineLabel>
+				<!-- donating some cycles to seti@home -->
+				<Name>dom_BoincClient</Name>
+				<ChineseWallTypes>
+					<Type>cw_Isolated</Type>
+				</ChineseWallTypes>
+			</VirtualMachineLabel>
+
+			<!-- Domains with multiple ste types services; such domains   -->
+			<!-- must keep the types inside their domain safely confined. -->
+			<VirtualMachineLabel>
+				<Name>dom_SystemManagement</Name>
+				<ChineseWallTypes>
+					<Type>cw_SystemManagement</Type>
+				</ChineseWallTypes>
+			</VirtualMachineLabel>
+
+			<VirtualMachineLabel>
+				<!-- serves persistent storage to other domains -->
+				<Name>dom_StorageDomain</Name>
+				<ChineseWallTypes>
+					<Type>cw_SystemManagement</Type>
+				</ChineseWallTypes>
+			</VirtualMachineLabel>
+
+			<VirtualMachineLabel>
+				<!-- serves network access to other domains -->
+				<Name>dom_NetworkDomain</Name>
+				<ChineseWallTypes>
+					<Type>cw_SystemManagement</Type>
+				</ChineseWallTypes>
+			</VirtualMachineLabel>
+		</SubjectLabels>
+	</SecurityLabelTemplate>
+
+</SecurityPolicyDefinition>
+
diff --git a/tools/security/policies/example/chwall_ste/client_v1-security_policy.xml b/tools/security/policies/example/chwall_ste/client_v1-security_policy.xml
new file mode 100644
index 0000000000..55da60af34
--- /dev/null
+++ b/tools/security/policies/example/chwall_ste/client_v1-security_policy.xml
@@ -0,0 +1,194 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!-- Author: Reiner Sailer, Ray Valdez {sailer,rvaldez}@us.ibm.com  -->
+<!--             This file defines the security policies, which     -->
+<!--             can be enforced by the Xen Access Control Module.  -->
+<!--             Currently: Chinese Wall and Simple Type Enforcement-->
+<SecurityPolicyDefinition xmlns="http://www.ibm.com" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.ibm.com ../../security_policy.xsd ">
+	<PolicyHeader>
+		<PolicyName>example.chwall_ste.client_v1</PolicyName>
+		<PolicyUrl>www.ibm.com/example/chwall_ste/client_v1</PolicyUrl>
+		<Date>2006-03-31</Date>
+	</PolicyHeader>
+	<!--                                                        -->
+	<!-- example of a simple type enforcement policy definition -->
+	<!--                                                        -->
+	<SimpleTypeEnforcement>
+		<SimpleTypeEnforcementTypes>
+			<Type>ste_SystemManagement</Type><!-- machine/security management -->
+			<Type>ste_PersonalFinances</Type><!-- personal finances -->
+			<Type>ste_InternetInsecure</Type><!-- games, active X, etc. -->
+			<Type>ste_DonatedCycles</Type><!-- donation to BOINC/seti@home -->
+			<Type>ste_PersistentStorageA</Type><!-- domain managing the harddrive A-->
+			<Type>ste_NetworkAdapter0</Type><!-- type of the domain managing ethernet adapter 0-->
+		</SimpleTypeEnforcementTypes>
+	</SimpleTypeEnforcement>
+	<!--                                             -->
+	<!-- example of a chinese wall type definition   -->
+	<!-- along with its conflict sets                -->
+	<!-- (typse in a confict set are exclusive, i.e. -->
+	<!--  once a Domain with one type of a set is    -->
+	<!--  running, no other Domain with another type -->
+	<!--  of the same conflict set can start.)       -->
+	<ChineseWall priority="PrimaryPolicyComponent">
+		<ChineseWallTypes>
+			<Type>cw_SystemManagement</Type>
+			<Type>cw_Sensitive</Type>
+			<Type>cw_Isolated</Type>
+			<Type>cw_Distrusted</Type>
+		</ChineseWallTypes>
+
+		<ConflictSets>
+			<Conflict name="Protection1">
+				<Type>cw_Sensitive</Type>
+				<Type>cw_Distrusted</Type>
+			</Conflict>
+		</ConflictSets>
+	</ChineseWall>
+	<SecurityLabelTemplate>
+		<SubjectLabels bootstrap="dom_SystemManagement">
+			<!-- single ste typed domains            -->
+			<!-- ACM enforces that only domains with -->
+			<!-- the same type can share information -->
+			<!--                                     -->
+			<!-- Bootstrap label is assigned to Dom0 -->
+			<VirtualMachineLabel>
+				<Name>dom_HomeBanking</Name>
+				<SimpleTypeEnforcementTypes>
+					<Type>ste_PersonalFinances</Type>
+				</SimpleTypeEnforcementTypes>
+
+				<ChineseWallTypes>
+					<Type>cw_Sensitive</Type>
+				</ChineseWallTypes>
+			</VirtualMachineLabel>
+
+			<VirtualMachineLabel>
+				<Name>dom_Fun</Name>
+				<SimpleTypeEnforcementTypes>
+					<Type>ste_InternetInsecure</Type>
+				</SimpleTypeEnforcementTypes>
+
+				<ChineseWallTypes>
+					<Type>cw_Distrusted</Type>
+				</ChineseWallTypes>
+			</VirtualMachineLabel>
+
+			<VirtualMachineLabel>
+				<!-- donating some cycles to seti@home -->
+				<Name>dom_BoincClient</Name>
+				<SimpleTypeEnforcementTypes>
+					<Type>ste_DonatedCycles</Type>
+				</SimpleTypeEnforcementTypes>
+
+				<ChineseWallTypes>
+					<Type>cw_Isolated</Type>
+				</ChineseWallTypes>
+			</VirtualMachineLabel>
+
+			<!-- Domains with multiple ste types services; such domains   -->
+			<!-- must keep the types inside their domain safely confined. -->
+			<VirtualMachineLabel>
+				<Name>dom_SystemManagement</Name>
+				<SimpleTypeEnforcementTypes>
+					<!-- since dom0 needs access to every domain and -->
+					<!-- resource right now ... -->
+					<Type>ste_SystemManagement</Type>
+					<Type>ste_PersonalFinances</Type>
+					<Type>ste_InternetInsecure</Type>
+					<Type>ste_DonatedCycles</Type>
+					<Type>ste_PersistentStorageA</Type>
+					<Type>ste_NetworkAdapter0</Type>
+				</SimpleTypeEnforcementTypes>
+
+				<ChineseWallTypes>
+					<Type>cw_SystemManagement</Type>
+				</ChineseWallTypes>
+			</VirtualMachineLabel>
+
+			<VirtualMachineLabel>
+				<!-- serves persistent storage to other domains -->
+				<Name>dom_StorageDomain</Name>
+				<SimpleTypeEnforcementTypes>
+					<!-- access right to the resource (hard drive a) -->
+					<Type>ste_PersistentStorageA</Type>
+					<!-- can serve following types -->
+					<Type>ste_PersonalFinances</Type>
+					<Type>ste_InternetInsecure</Type>
+				</SimpleTypeEnforcementTypes>
+
+				<ChineseWallTypes>
+					<Type>cw_SystemManagement</Type>
+				</ChineseWallTypes>
+			</VirtualMachineLabel>
+
+			<VirtualMachineLabel>
+				<!-- serves network access to other domains -->
+				<Name>dom_NetworkDomain</Name>
+				<SimpleTypeEnforcementTypes>
+					<!-- access right to the resource (ethernet card) -->
+					<Type>ste_NetworkAdapter0</Type>
+					<!-- can serve following types -->
+					<Type>ste_PersonalFinances</Type>
+					<Type>ste_InternetInsecure</Type>
+					<Type>ste_DonatedCycles</Type>
+				</SimpleTypeEnforcementTypes>
+
+				<ChineseWallTypes>
+					<Type>cw_SystemManagement</Type>
+				</ChineseWallTypes>
+			</VirtualMachineLabel>
+		</SubjectLabels>
+
+		<ObjectLabels>
+			<ResourceLabel>
+				<Name>res_ManagementResource</Name>
+				<SimpleTypeEnforcementTypes>
+					<Type>ste_SystemManagement</Type>
+				</SimpleTypeEnforcementTypes>
+			</ResourceLabel>
+
+			<ResourceLabel>
+				<Name>res_HardDrive(hda)</Name>
+				<SimpleTypeEnforcementTypes>
+					<Type>ste_PersistentStorageA</Type>
+				</SimpleTypeEnforcementTypes>
+			</ResourceLabel>
+
+			<ResourceLabel>
+				<Name>res_LogicalDiskPartition1(hda1)</Name>
+				<SimpleTypeEnforcementTypes>
+					<Type>ste_PersonalFinances</Type>
+				</SimpleTypeEnforcementTypes>
+			</ResourceLabel>
+
+			<ResourceLabel>
+				<Name>res_LogicalDiskPartition2(hda2)</Name>
+				<SimpleTypeEnforcementTypes>
+					<Type>ste_InternetInsecure</Type>
+				</SimpleTypeEnforcementTypes>
+			</ResourceLabel>
+
+			<ResourceLabel>
+				<Name>res_EthernetCard</Name>
+				<SimpleTypeEnforcementTypes>
+					<Type>ste_NetworkAdapter0</Type>
+				</SimpleTypeEnforcementTypes>
+			</ResourceLabel>
+
+			<ResourceLabel>
+				<Name>res_SecurityToken</Name>
+				<SimpleTypeEnforcementTypes>
+					<Type>ste_PersonalFinances</Type>
+				</SimpleTypeEnforcementTypes>
+			</ResourceLabel>
+
+			<ResourceLabel>
+				<Name>res_GraphicsAdapter</Name>
+				<SimpleTypeEnforcementTypes>
+					<Type>ste_SystemManagement</Type>
+				</SimpleTypeEnforcementTypes>
+			</ResourceLabel>
+		</ObjectLabels>
+	</SecurityLabelTemplate>
+</SecurityPolicyDefinition>
+
diff --git a/tools/security/policies/example/ste/client_v1-security_policy.xml b/tools/security/policies/example/ste/client_v1-security_policy.xml
new file mode 100644
index 0000000000..dcdc1c05d9
--- /dev/null
+++ b/tools/security/policies/example/ste/client_v1-security_policy.xml
@@ -0,0 +1,149 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!-- Author: Reiner Sailer, Ray Valdez {sailer,rvaldez}@us.ibm.com  -->
+<!--             This file defines the security policies, which     -->
+<!--             can be enforced by the Xen Access Control Module.  -->
+<!--             Currently: Chinese Wall and Simple Type Enforcement-->
+<SecurityPolicyDefinition xmlns="http://www.ibm.com" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.ibm.com ../../security_policy.xsd ">
+	<PolicyHeader>
+		<PolicyName>example.ste.client_v1</PolicyName>
+		<PolicyUrl>www.ibm.com/example/ste/client_v1</PolicyUrl>
+		<Date>2006-03-31</Date>
+	</PolicyHeader>
+	<!--                                                        -->
+	<!-- example of a simple type enforcement policy definition -->
+	<!--                                                        -->
+	<SimpleTypeEnforcement>
+		<SimpleTypeEnforcementTypes>
+			<Type>ste_SystemManagement</Type><!-- machine/security management -->
+			<Type>ste_PersonalFinances</Type><!-- personal finances -->
+			<Type>ste_InternetInsecure</Type><!-- games, active X, etc. -->
+			<Type>ste_DonatedCycles</Type><!-- donation to BOINC/seti@home -->
+			<Type>ste_PersistentStorageA</Type><!-- domain managing the harddrive A-->
+			<Type>ste_NetworkAdapter0</Type><!-- type of the domain managing ethernet adapter 0-->
+		</SimpleTypeEnforcementTypes>
+	</SimpleTypeEnforcement>
+	<SecurityLabelTemplate>
+		<SubjectLabels bootstrap="dom_SystemManagement">
+			<!-- single ste typed domains            -->
+			<!-- ACM enforces that only domains with -->
+			<!-- the same type can share information -->
+			<!--                                     -->
+			<!-- Bootstrap label is assigned to Dom0 -->
+			<VirtualMachineLabel>
+				<Name>dom_HomeBanking</Name>
+				<SimpleTypeEnforcementTypes>
+					<Type>ste_PersonalFinances</Type>
+				</SimpleTypeEnforcementTypes>
+			</VirtualMachineLabel>
+
+			<VirtualMachineLabel>
+				<Name>dom_Fun</Name>
+				<SimpleTypeEnforcementTypes>
+					<Type>ste_InternetInsecure</Type>
+				</SimpleTypeEnforcementTypes>
+			</VirtualMachineLabel>
+
+			<VirtualMachineLabel>
+				<!-- donating some cycles to seti@home -->
+				<Name>dom_BoincClient</Name>
+				<SimpleTypeEnforcementTypes>
+					<Type>ste_DonatedCycles</Type>
+				</SimpleTypeEnforcementTypes>
+			</VirtualMachineLabel>
+
+			<!-- Domains with multiple ste types services; such domains   -->
+			<!-- must keep the types inside their domain safely confined. -->
+			<VirtualMachineLabel>
+				<Name>dom_SystemManagement</Name>
+				<SimpleTypeEnforcementTypes>
+					<!-- since dom0 needs access to every domain and -->
+					<!-- resource right now ... -->
+					<Type>ste_SystemManagement</Type>
+					<Type>ste_PersonalFinances</Type>
+					<Type>ste_InternetInsecure</Type>
+					<Type>ste_DonatedCycles</Type>
+					<Type>ste_PersistentStorageA</Type>
+					<Type>ste_NetworkAdapter0</Type>
+				</SimpleTypeEnforcementTypes>
+			</VirtualMachineLabel>
+
+			<VirtualMachineLabel>
+				<!-- serves persistent storage to other domains -->
+				<Name>dom_StorageDomain</Name>
+				<SimpleTypeEnforcementTypes>
+					<!-- access right to the resource (hard drive a) -->
+					<Type>ste_PersistentStorageA</Type>
+					<!-- can serve following types -->
+					<Type>ste_PersonalFinances</Type>
+					<Type>ste_InternetInsecure</Type>
+				</SimpleTypeEnforcementTypes>
+			</VirtualMachineLabel>
+
+			<VirtualMachineLabel>
+				<!-- serves network access to other domains -->
+				<Name>dom_NetworkDomain</Name>
+				<SimpleTypeEnforcementTypes>
+					<!-- access right to the resource (ethernet card) -->
+					<Type>ste_NetworkAdapter0</Type>
+					<!-- can serve following types -->
+					<Type>ste_PersonalFinances</Type>
+					<Type>ste_InternetInsecure</Type>
+					<Type>ste_DonatedCycles</Type>
+				</SimpleTypeEnforcementTypes>
+			</VirtualMachineLabel>
+		</SubjectLabels>
+
+		<ObjectLabels>
+			<ResourceLabel>
+				<Name>res_ManagementResource</Name>
+				<SimpleTypeEnforcementTypes>
+					<Type>ste_SystemManagement</Type>
+				</SimpleTypeEnforcementTypes>
+			</ResourceLabel>
+
+			<ResourceLabel>
+				<Name>res_HardDrive(hda)</Name>
+				<SimpleTypeEnforcementTypes>
+					<Type>ste_PersistentStorageA</Type>
+				</SimpleTypeEnforcementTypes>
+			</ResourceLabel>
+
+			<ResourceLabel>
+				<Name>res_LogicalDiskPartition1(hda1)</Name>
+				<SimpleTypeEnforcementTypes>
+					<Type>ste_PersonalFinances</Type>
+				</SimpleTypeEnforcementTypes>
+			</ResourceLabel>
+
+			<ResourceLabel>
+				<Name>res_LogicalDiskPartition2(hda2)</Name>
+				<SimpleTypeEnforcementTypes>
+					<Type>ste_InternetInsecure</Type>
+				</SimpleTypeEnforcementTypes>
+			</ResourceLabel>
+
+			<ResourceLabel>
+				<Name>res_EthernetCard</Name>
+				<SimpleTypeEnforcementTypes>
+					<Type>ste_NetworkAdapter0</Type>
+				</SimpleTypeEnforcementTypes>
+			</ResourceLabel>
+
+			<ResourceLabel>
+				<Name>res_SecurityToken</Name>
+				<SimpleTypeEnforcementTypes>
+					<Type>ste_PersonalFinances</Type>
+				</SimpleTypeEnforcementTypes>
+			</ResourceLabel>
+
+			<ResourceLabel>
+				<Name>res_GraphicsAdapter</Name>
+				<SimpleTypeEnforcementTypes>
+					<Type>ste_SystemManagement</Type>
+				</SimpleTypeEnforcementTypes>
+			</ResourceLabel>
+		</ObjectLabels>
+	</SecurityLabelTemplate>
+
+</SecurityPolicyDefinition>
+
diff --git a/tools/security/policies/null/null-security_label_template.xml b/tools/security/policies/null/null-security_label_template.xml
deleted file mode 100644
index 858d919fe9..0000000000
--- a/tools/security/policies/null/null-security_label_template.xml
+++ /dev/null
@@ -1,24 +0,0 @@
-<?xml version="1.0"?>
-<!-- Author: Reiner Sailer, Ray Valdez {sailer,rvaldez}@us.ibm.com  -->
-<!--              This file defines the security labels, which can  -->
-<!--              be attached to Domains and resources. Based on    -->
-<!--              these labels, the access control module decides   -->
-<!--              about sharing between Domains and about access    -->
-<!--              of Domains to real resources.                     -->
-
-<SecurityLabelTemplate
- xmlns="http://www.ibm.com"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://www.ibm.com security_policy.xsd">
-   <LabelHeader>
-      <Name>null-security_label_template</Name>
-
-      <Date>2005-08-10</Date>
-      <PolicyName>
-         <Url>null-security_policy.xml</Url>
-
-         <Reference>abcdef123456abcdef</Reference>
-      </PolicyName>
-   </LabelHeader>
-</SecurityLabelTemplate>
-
diff --git a/tools/security/policies/null/null-security_policy.xml b/tools/security/policies/null/null-security_policy.xml
deleted file mode 100644
index 4d68b20d4c..0000000000
--- a/tools/security/policies/null/null-security_policy.xml
+++ /dev/null
@@ -1,14 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!-- Author: Reiner Sailer, Ray Valdez {sailer,rvaldez}@us.ibm.com  -->
-<!--             This file defines the security policies, which     -->
-<!--             can be enforced by the Xen Access Control Module.  -->
-<!--             Currently: Chinese Wall and Simple Type Enforcement-->
-<SecurityPolicyDefinition xmlns="http://www.ibm.com"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://www.ibm.com security_policy.xsd">
-<PolicyHeader>
-		<Name>null-security_policy</Name>
-		<Date>2005-08-10</Date>
-</PolicyHeader>
-</SecurityPolicyDefinition>
-
diff --git a/tools/security/policies/security_policy.xsd b/tools/security/policies/security_policy.xsd
index ce512e9ce0..f2e9b67e97 100644
--- a/tools/security/policies/security_policy.xsd
+++ b/tools/security/policies/security_policy.xsd
@@ -1,55 +1,37 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!-- Author: Ray Valdez, Reiner Sailer {rvaldez,sailer}@us.ibm.com -->
 <!--         This file defines the schema, which is used to define -->
-<!--         the security policy and the security labels in Xe.    -->
+<!--         the security policy and the security labels in Xen.    -->
 
 <xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" targetNamespace="http://www.ibm.com" xmlns="http://www.ibm.com" elementFormDefault="qualified">
 	<xsd:element name="SecurityPolicyDefinition">
 		<xsd:complexType>
 			<xsd:sequence>
-				<xsd:element ref="PolicyHeader" minOccurs="0" maxOccurs="1"></xsd:element>
+				<xsd:element ref="PolicyHeader" minOccurs="1" maxOccurs="1"></xsd:element>
 				<xsd:element ref="SimpleTypeEnforcement" minOccurs="0" maxOccurs="1"></xsd:element>
 				<xsd:element ref="ChineseWall" minOccurs="0" maxOccurs="1"></xsd:element>
-			</xsd:sequence>
-		</xsd:complexType>
-	</xsd:element>
-	<xsd:element name="SecurityLabelTemplate">
-		<xsd:complexType>
-			<xsd:sequence>
-				<xsd:element ref="LabelHeader" minOccurs="1" maxOccurs="1"></xsd:element>
-				<xsd:element name="SubjectLabels" minOccurs="0" maxOccurs="1">
-					<xsd:complexType>
-						<xsd:sequence>
-							<xsd:element ref="VirtualMachineLabel" minOccurs="1" maxOccurs="unbounded"></xsd:element>
-						</xsd:sequence>
-						<xsd:attribute name="bootstrap" type="xsd:string" use="required"></xsd:attribute>
-					</xsd:complexType>
-				</xsd:element>
-				<xsd:element name="ObjectLabels" minOccurs="0" maxOccurs="1">
-					<xsd:complexType>
-						<xsd:sequence>
-							<xsd:element ref="ResourceLabel" minOccurs="1" maxOccurs="unbounded"></xsd:element>
-						</xsd:sequence>
-					</xsd:complexType>
-				</xsd:element>
+				<xsd:element ref="SecurityLabelTemplate" minOccurs="1" maxOccurs="1"></xsd:element>
 			</xsd:sequence>
 		</xsd:complexType>
 	</xsd:element>
 	<xsd:element name="PolicyHeader">
 		<xsd:complexType>
 			<xsd:sequence>
-				<xsd:element ref="Name" minOccurs="1" maxOccurs="1" />
-				<xsd:element ref="Date" minOccurs="1" maxOccurs="1" />
+				<xsd:element name="PolicyName" minOccurs="1" maxOccurs="1" type="xsd:string"></xsd:element>
+				<xsd:element name="PolicyUrl" minOccurs="0" maxOccurs="1" type="xsd:string"></xsd:element>
+				<xsd:element name="Reference" type="xsd:string" minOccurs="0" maxOccurs="1" />
+				<xsd:element name="Date" minOccurs="0" maxOccurs="1" type="xsd:string"></xsd:element>
+				<xsd:element name="NameSpaceUrl" minOccurs="0" maxOccurs="1" type="xsd:string"></xsd:element>
 			</xsd:sequence>
 		</xsd:complexType>
 	</xsd:element>
-	<xsd:element name="LabelHeader">
+	<xsd:element name="ChineseWall">
 		<xsd:complexType>
 			<xsd:sequence>
-				<xsd:element ref="Name"></xsd:element>
-				<xsd:element ref="Date" minOccurs="1" maxOccurs="1"></xsd:element>
-				<xsd:element ref="PolicyName" minOccurs="1" maxOccurs="1"></xsd:element>
+				<xsd:element ref="ChineseWallTypes" minOccurs="1" maxOccurs="1" />
+				<xsd:element ref="ConflictSets" minOccurs="0" maxOccurs="1" />
 			</xsd:sequence>
+			<xsd:attribute name="priority" type="PolicyOrder" use="optional"></xsd:attribute>
 		</xsd:complexType>
 	</xsd:element>
 	<xsd:element name="SimpleTypeEnforcement">
@@ -60,13 +42,25 @@
 			<xsd:attribute name="priority" type="PolicyOrder" use="optional"></xsd:attribute>
 		</xsd:complexType>
 	</xsd:element>
-	<xsd:element name="ChineseWall">
+	<xsd:element name="SecurityLabelTemplate">
 		<xsd:complexType>
 			<xsd:sequence>
-				<xsd:element ref="ChineseWallTypes" />
-				<xsd:element ref="ConflictSets" />
+				<xsd:element name="SubjectLabels" minOccurs="0" maxOccurs="1">
+					<xsd:complexType>
+						<xsd:sequence>
+							<xsd:element ref="VirtualMachineLabel" minOccurs="1" maxOccurs="unbounded"></xsd:element>
+						</xsd:sequence>
+						<xsd:attribute name="bootstrap" type="xsd:string" use="required"></xsd:attribute>
+					</xsd:complexType>
+				</xsd:element>
+				<xsd:element name="ObjectLabels" minOccurs="0" maxOccurs="1">
+					<xsd:complexType>
+						<xsd:sequence>
+							<xsd:element ref="ResourceLabel" minOccurs="1" maxOccurs="unbounded"></xsd:element>
+						</xsd:sequence>
+					</xsd:complexType>
+				</xsd:element>
 			</xsd:sequence>
-			<xsd:attribute name="priority" type="PolicyOrder" use="optional"></xsd:attribute>
 		</xsd:complexType>
 	</xsd:element>
 	<xsd:element name="ChineseWallTypes">
@@ -115,24 +109,11 @@
 			</xsd:sequence>
 		</xsd:complexType>
 	</xsd:element>
-	<xsd:element name="PolicyName">
-		<xsd:complexType>
-			<xsd:sequence>
-				<xsd:element ref="Url" />
-				<xsd:element ref="Reference" />
-			</xsd:sequence>
-		</xsd:complexType>
-	</xsd:element>
-	<xsd:element name="Date" type="xsd:string" />
 	<xsd:element name="Name" type="xsd:string" />
 	<xsd:element name="Type" type="xsd:string" />
-	<xsd:element name="Reference" type="xsd:string" />
-	<xsd:element name="Url"></xsd:element>
-
 	<xsd:simpleType name="PolicyOrder">
 		<xsd:restriction base="xsd:string">
 			<xsd:enumeration value="PrimaryPolicyComponent"></xsd:enumeration>
 		</xsd:restriction>
 	</xsd:simpleType>
-
 </xsd:schema>
diff --git a/tools/security/policies/ste/ste-security_label_template.xml b/tools/security/policies/ste/ste-security_label_template.xml
deleted file mode 100644
index 66af16229a..0000000000
--- a/tools/security/policies/ste/ste-security_label_template.xml
+++ /dev/null
@@ -1,143 +0,0 @@
-<?xml version="1.0"?>
-<!-- Author: Reiner Sailer, Ray Valdez {sailer,rvaldez}@us.ibm.com  -->
-<!--              This file defines the security labels, which can  -->
-<!--              be attached to Domains and resources. Based on    -->
-<!--              these labels, the access control module decides   -->
-<!--              about sharing between Domains and about access    -->
-<!--              of Domains to real resources.                     -->
-
-<SecurityLabelTemplate
- xmlns="http://www.ibm.com"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://www.ibm.com security_policy.xsd">
-   <LabelHeader>
-      <Name>ste-security_label_template</Name>
-      <Date>2005-08-10</Date>
-      <PolicyName>
-         <Url>ste-security_policy.xml</Url>
-         <Reference>abcdef123456abcdef</Reference>
-      </PolicyName>
-   </LabelHeader>
-
-   <SubjectLabels bootstrap="dom_SystemManagement">
-      <!-- single ste typed domains            -->
-      <!-- ACM enforces that only domains with -->
-      <!-- the same type can share information -->
-      <!--                                     -->
-      <!-- Bootstrap label is assigned to Dom0 -->
-      <VirtualMachineLabel>
-      	<Name>dom_HomeBanking</Name>
-         <SimpleTypeEnforcementTypes>
-            <Type>ste_PersonalFinances</Type>
-         </SimpleTypeEnforcementTypes>
-      </VirtualMachineLabel>
-
-      <VirtualMachineLabel>
-      	<Name>dom_Fun</Name>
-         <SimpleTypeEnforcementTypes>
-            <Type>ste_InternetInsecure</Type>
-         </SimpleTypeEnforcementTypes>
-      </VirtualMachineLabel>
-
-      <VirtualMachineLabel>
-        <!-- donating some cycles to seti@home -->
-      	<Name>dom_BoincClient</Name>
-         <SimpleTypeEnforcementTypes>
-            <Type>ste_DonatedCycles</Type>
-         </SimpleTypeEnforcementTypes>
-      </VirtualMachineLabel>
-
-      <!-- Domains with multiple ste types services; such domains   -->
-      <!-- must keep the types inside their domain safely confined. -->
-      <VirtualMachineLabel>
-      	<Name>dom_SystemManagement</Name>
-         <SimpleTypeEnforcementTypes>
-            <!-- since dom0 needs access to every domain and -->
-            <!-- resource right now ... -->
-            <Type>ste_SystemManagement</Type>
-            <Type>ste_PersonalFinances</Type>
-            <Type>ste_InternetInsecure</Type>
-            <Type>ste_DonatedCycles</Type>
-            <Type>ste_PersistentStorageA</Type>
-            <Type>ste_NetworkAdapter0</Type>
-         </SimpleTypeEnforcementTypes>
-      </VirtualMachineLabel>
-
-      <VirtualMachineLabel>
-        <!-- serves persistent storage to other domains -->
-      	<Name>dom_StorageDomain</Name>
-         <SimpleTypeEnforcementTypes>
-            <!-- access right to the resource (hard drive a) -->
-            <Type>ste_PersistentStorageA</Type>
-            <!-- can serve following types -->
-            <Type>ste_PersonalFinances</Type>
-            <Type>ste_InternetInsecure</Type>
-         </SimpleTypeEnforcementTypes>
-      </VirtualMachineLabel>
-
-      <VirtualMachineLabel>
-        <!-- serves network access to other domains -->
-      	<Name>dom_NetworkDomain</Name>
-         <SimpleTypeEnforcementTypes>
-            <!-- access right to the resource (ethernet card) -->
-            <Type>ste_NetworkAdapter0</Type>
-            <!-- can serve following types -->
-            <Type>ste_PersonalFinances</Type>
-            <Type>ste_InternetInsecure</Type>
-            <Type>ste_DonatedCycles</Type>
-         </SimpleTypeEnforcementTypes>
-      </VirtualMachineLabel>
-   </SubjectLabels>
-
-   <ObjectLabels>
-      <ResourceLabel>
-      	<Name>res_ManagementResource</Name>
-         <SimpleTypeEnforcementTypes>
-            <Type>ste_SystemManagement</Type>
-         </SimpleTypeEnforcementTypes>
-      </ResourceLabel>
-
-      <ResourceLabel>
-      	<Name>res_HardDrive (hda)</Name>
-         <SimpleTypeEnforcementTypes>
-            <Type>ste_PersistentStorageA</Type>
-         </SimpleTypeEnforcementTypes>
-      </ResourceLabel>
-
-      <ResourceLabel>
-      	<Name>res_LogicalDiskPartition1 (hda1)</Name>
-         <SimpleTypeEnforcementTypes>
-            <Type>ste_PersonalFinances</Type>
-         </SimpleTypeEnforcementTypes>
-      </ResourceLabel>
-
-      <ResourceLabel>
-      	<Name>res_LogicalDiskPartition2 (hda2)</Name>
-         <SimpleTypeEnforcementTypes>
-            <Type>ste_InternetInsecure</Type>
-         </SimpleTypeEnforcementTypes>
-      </ResourceLabel>
-
-      <ResourceLabel>
-      	<Name>res_EthernetCard</Name>
-         <SimpleTypeEnforcementTypes>
-            <Type>ste_NetworkAdapter0</Type>
-         </SimpleTypeEnforcementTypes>
-      </ResourceLabel>
-
-      <ResourceLabel>
-      	<Name>res_SecurityToken</Name>
-         <SimpleTypeEnforcementTypes>
-            <Type>ste_PersonalFinances</Type>
-         </SimpleTypeEnforcementTypes>
-      </ResourceLabel>
-
-      <ResourceLabel>
-      	<Name>res_GraphicsAdapter</Name>
-         <SimpleTypeEnforcementTypes>
-            <Type>ste_SystemManagement</Type>
-         </SimpleTypeEnforcementTypes>
-      </ResourceLabel>
-   </ObjectLabels>
-</SecurityLabelTemplate>
-
diff --git a/tools/security/policies/ste/ste-security_policy.xml b/tools/security/policies/ste/ste-security_policy.xml
deleted file mode 100644
index 16b83223d5..0000000000
--- a/tools/security/policies/ste/ste-security_policy.xml
+++ /dev/null
@@ -1,27 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!-- Author: Reiner Sailer, Ray Valdez {sailer,rvaldez}@us.ibm.com  -->
-<!--             This file defines the security policies, which     -->
-<!--             can be enforced by the Xen Access Control Module.  -->
-<!--             Currently: Chinese Wall and Simple Type Enforcement-->
-<SecurityPolicyDefinition xmlns="http://www.ibm.com"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://www.ibm.com security_policy.xsd">
-<PolicyHeader>
-		<Name>ste-security_policy</Name>
-		<Date>2005-08-10</Date>
-</PolicyHeader>
-<!--                                                        -->
-<!-- example of a simple type enforcement policy definition -->
-<!--                                                        -->
-	<SimpleTypeEnforcement>
-        <SimpleTypeEnforcementTypes>
-            <Type>ste_SystemManagement</Type>   <!-- machine/security management -->
-            <Type>ste_PersonalFinances</Type>   <!-- personal finances -->
-            <Type>ste_InternetInsecure</Type>   <!-- games, active X, etc. -->
-            <Type>ste_DonatedCycles</Type>      <!-- donation to BOINC/seti@home -->
-            <Type>ste_PersistentStorageA</Type> <!-- domain managing the harddrive A-->
-            <Type>ste_NetworkAdapter0</Type>    <!-- type of the domain managing ethernet adapter 0-->
-        </SimpleTypeEnforcementTypes>
-	</SimpleTypeEnforcement>
-</SecurityPolicyDefinition>
-
diff --git a/tools/security/policy.txt b/tools/security/policy.txt
index 792ed2c236..4888577a1a 100644
--- a/tools/security/policy.txt
+++ b/tools/security/policy.txt
@@ -59,22 +59,34 @@ migrate). These controls decide based on the active policy
 configuration (see i. and ii.) if the operation proceeds of if the
 operation is aborted (denied).
 
-
 In general, security policy instantiations in the Xen access control
-framework are defined by two files:
-
-a) a single "policy-name"-security_policy.xml file that defines the
-types known to the ACM and policy rules based on these types
-
-b) a single "policy-name"-security_label_template.xml file that
-defines labels based on known types
-
-Every security policy has its own sub-directory under
-"Xen-root"/tools/security/policies in order to simplify their
-management and the security policy tools. We will describe those files
-for our example policy (Chinese Wall and Simple Type Enforcement) in
-more detail as we go along. Eventually, we will move towards a system
-installation where the policies will reside under /etc.
+framework are defined by XML policy files. Each security policy has
+exactly one file including all the information the hypervisor needs to
+enforce the policy.
+
+The name of a policy is unique and consists of a colon-separated list
+of names, which can be translated into the location (subtree) where
+this policy must be located. The last part of the name is the file
+name pre-fix for the policy xml file. The preceding name parts are
+translated into the local path relative to the global policy root
+(/etc/xen/acm-security/policies) pointing to the policy xml file. For
+example: example.chwall_ste.client_v1 denotes the policy file
+example/chwall_ste/client_v1-security_policy.xml relative to the
+global policy root directory.
+
+Every security policy has its own sub-directory under the global
+policy root directory /etc/xen/acm-security/policies, which is
+installed during the Xen installation or can be manually installed
+(when switching from a "security disabled" Xen to a "security enabled"
+Xen AFTER configuring security, see install.txt) by the command
+sequence:
+
+   cd "Xen-root"/tools/security/policies; make install
+
+We will describe those files for our example policy (Chinese Wall and
+Simple Type Enforcement) in more detail as we go along. Eventually, we
+will move towards a system installation where the policies will reside
+under /etc.
 
 
 CHINESE WALL
@@ -117,9 +129,9 @@ constraints where necessary.
 Example of a Chinese Wall Policy Instantiation
 ----------------------------------------------
 
-The file chwall-security_policy.xml defines the Chinese Wall types as
-well as the conflict sets for our example policy (you find it in the
-directory "xen_root"/tools/security/policies/chwall).
+The file client_v1-security_policy.xml defines the Chinese Wall types
+as well as the conflict sets for our example policy (you find it in
+the directory "policy_root"/example/chwall).
 
 It defines four Chinese Wall types (prefixed with cw_) with the
 following meaning:
@@ -168,11 +180,11 @@ policy.
 SIMPLE TYPE ENFORCEMENT
 =======================
 
-The file ste-security_policy.xml defines the simple type enforcement
-types for our example policy (you find it in the directory
-"xen_root"/tools/security/policies/ste). The Simple Type Enforcement
-policy defines which domains can share information with which other
-domains. To this end, it controls
+The file client_v1-security_policy.xml defines the simple type
+enforcement types for our example policy (you find it in the directory
+"policy_root"/example/ste). The Simple Type Enforcement policy defines
+which domains can share information with which other domains. To this
+end, it controls
 
 i) inter-domain communication channels (e.g., network traffic, events,
 and shared memory).
diff --git a/tools/security/python/xensec_gen/cgi-bin/policy.cgi b/tools/security/python/xensec_gen/cgi-bin/policy.cgi
index 997dad39bc..fa655c76c7 100644
--- a/tools/security/python/xensec_gen/cgi-bin/policy.cgi
+++ b/tools/security/python/xensec_gen/cgi-bin/policy.cgi
@@ -2,7 +2,7 @@
 #
 # The Initial Developer of the Original Code is International
 # Business Machines Corporation. Portions created by IBM
-# Corporation are Copyright (C) 2005 International Business
+# Corporation are Copyright (C) 2005, 2006 International Business
 # Machines Corporation. All Rights Reserved.
 #
 # This program is free software; you can redistribute it and/or modify
@@ -31,9 +31,9 @@ from StringIO import StringIO
 from sets import Set
 
 def getSavedData( ):
-	global formData, policyXml, formVariables, formCSNames
-	global templateCSMTypes, templateCSMDel, templateCSMType, templateCSMAdd
-	global allCSMTypes
+	global formData, policyXml
+	global formVariables, formCSNames, formVmNames, formResNames
+	global allCSMTypes, allVmChWs, allVmStes, allResStes
 
 	# Process the XML upload policy file
 	if formData.has_key( 'i_policy' ):
@@ -64,6 +64,46 @@ def getSavedData( ):
 			if len( dataList ) > 0:
 				exec 'allCSMTypes[csName][1] = ' + dataList[0]
 
+	# The form can contain any number of "Virtual Machines"
+	#   so update the list of form variables to include
+	#   each virtual machine (hidden input variable)
+	for vmName in formVmNames[1]:
+		newVm( vmName )
+
+		vmFormVar = allVmChWs[vmName]
+		if (vmFormVar[2] != '') and formData.has_key( vmFormVar[2] ):
+			dataList = formData.getlist( vmFormVar[2] )
+			if len( dataList ) > 0:
+				if isinstance( vmFormVar[1], list ):
+					exec 'vmFormVar[1] = ' + dataList[0]
+				else:
+					vmFormVar[1] = dataList[0]
+
+		vmFormVar = allVmStes[vmName]
+		if (vmFormVar[2] != '') and formData.has_key( vmFormVar[2] ):
+			dataList = formData.getlist( vmFormVar[2] )
+			if len( dataList ) > 0:
+				if isinstance( vmFormVar[1], list ):
+					exec 'vmFormVar[1] = ' + dataList[0]
+				else:
+					vmFormVar[1] = dataList[0]
+
+	# The form can contain any number of "Resources"
+	#   so update the list of form variables to include
+	#   each resource (hidden input variable)
+	for resName in formResNames[1]:
+		newRes( resName )
+
+		resFormVar = allResStes[resName]
+		if (resFormVar[2] != '') and formData.has_key( resFormVar[2] ):
+			dataList = formData.getlist( resFormVar[2] )
+			if len( dataList ) > 0:
+				if isinstance( resFormVar[1], list ):
+					exec 'resFormVar[1] = ' + dataList[0]
+				else:
+					resFormVar[1] = dataList[0]
+
+
 def getCurrentTime( ):
 	return time.strftime( '%Y-%m-%d %H:%M:%S', time.localtime( ) )
 
@@ -77,14 +117,49 @@ def getName( domNode ):
 	for childNode in nameNodes[0].childNodes:
 		if childNode.nodeType == xml.dom.Node.TEXT_NODE:
 			name = name + childNode.data
+	return name
+
+def getPolicyName( domNode ):
+	nameNodes = domNode.getElementsByTagName( 'PolicyName' )
+	if len( nameNodes ) == 0:
+		formatXmlError( '"<PolicyName>" tag is missing' )
+		return None
+
+	name = ''
+	for childNode in nameNodes[0].childNodes:
+		if childNode.nodeType == xml.dom.Node.TEXT_NODE:
+			name = name + childNode.data
 
 	return name
 
+def getUrl( domNode ):
+	urlNodes = domNode.getElementsByTagName( 'PolicyUrl' )
+	if len( urlNodes ) == 0:
+		return ''
+
+	url = ''
+	for childNode in urlNodes[0].childNodes:
+		if childNode.nodeType == xml.dom.Node.TEXT_NODE:
+			url = url + childNode.data
+
+	return url
+
+def getRef( domNode ):
+	refNodes = domNode.getElementsByTagName( 'Reference' )
+	if len( refNodes ) == 0:
+		return ''
+
+	ref = ''
+	for childNode in refNodes[0].childNodes:
+		if childNode.nodeType == xml.dom.Node.TEXT_NODE:
+			ref = ref + childNode.data
+
+	return ref
+
 def getDate( domNode ):
 	dateNodes = domNode.getElementsByTagName( 'Date' )
 	if len( dateNodes ) == 0:
-		formatXmlError( '"<Date>" tag is missing' )
-		return None
+		return ''
 
 	date = ''
 	for childNode in dateNodes[0].childNodes:
@@ -93,6 +168,18 @@ def getDate( domNode ):
 
 	return date
 
+def getNSUrl( domNode ):
+	urlNodes = domNode.getElementsByTagName( 'NameSpaceUrl' )
+	if len( urlNodes ) == 0:
+		return ''
+
+	url = ''
+	for childNode in urlNodes[0].childNodes:
+		if childNode.nodeType == xml.dom.Node.TEXT_NODE:
+			url = url + childNode.data
+
+	return url
+
 def getSteTypes( domNode, missingIsError = 0 ):
 	steNodes = domNode.getElementsByTagName( 'SimpleTypeEnforcementTypes' )
 	if len( steNodes ) == 0:
@@ -170,9 +257,7 @@ def formatXmlGenError( msg ):
 	xmlMessages.append( cgi.escape( msg ) )
 
 def parseXml( xmlInput ):
-	global xmlMessages, xmlError, xmlLine, xmlColumn
-
-	xmlParser  = xml.sax.make_parser( )
+	xmlParser = xml.sax.make_parser( )
 	try:
 		domDoc = xml.dom.minidom.parseString( xmlInput, xmlParser )
 
@@ -198,14 +283,16 @@ def parseXml( xmlInput ):
 
 def parsePolicyXml( ):
 	global policyXml
-	global formPolicyName, formPolicyDate, formPolicyOrder
-	global formSteTypes, formChWallTypes
-	global allCSMTypes
+	global formPolicyName, formPolicyUrl, formPolicyRef, formPolicyDate, formPolicyNSUrl
+	global formPolicyOrder
+	global formSteTypes, formChWallTypes, formVmNames, formVmNameDom0
+	global allCSMTypes, allVmStes, allVmChWs
 
 	domDoc = parseXml( policyXml )
 	if domDoc == None:
 		return
 
+	# Process the PolicyHeader
 	domRoot    = domDoc.documentElement
 	domHeaders = domRoot.getElementsByTagName( 'PolicyHeader' )
 	if len( domHeaders ) == 0:
@@ -215,7 +302,7 @@ def parsePolicyXml( ):
 		formatXmlError( msg )
 		return
 
-	pName = getName( domHeaders[0] )
+	pName = getPolicyName( domHeaders[0] )
 	if pName == None:
 		msg = ''
 		msg = msg + 'Error processing the Policy header information.\n'
@@ -223,18 +310,13 @@ def parsePolicyXml( ):
 		formatXmlError( msg )
 		return
 
-	formPolicyName[1] = pName
-
-	pDate = getDate( domHeaders[0] )
-	if pDate == None:
-		msg = ''
-		msg = msg + 'Error processing the Policy header information.\n'
-		msg = msg + 'Please validate the Policy file used.'
-		formatXmlError( msg )
-		return
-
-	formPolicyDate[1] = pDate
+	formPolicyName[1]  = pName
+	formPolicyUrl[1]   = getUrl( domHeaders[0] )
+	formPolicyRef[1]   = getRef( domHeaders[0] )
+	formPolicyDate[1]  = getDate( domHeaders[0] )
+	formPolicyNSUrl[1] = getNSUrl( domHeaders[0] )
 
+	# Process the STEs
 	pOrder = ''
 	domStes = domRoot.getElementsByTagName( 'SimpleTypeEnforcement' )
 	if len( domStes ) > 0:
@@ -259,6 +341,7 @@ def parsePolicyXml( ):
 
 		formSteTypes[1] = steTypes
 
+	# Process the ChineseWalls and Conflict Sets
 	domChWalls = domRoot.getElementsByTagName( 'ChineseWall' )
 	if len( domChWalls ) > 0:
 		if domChWalls[0].hasAttribute( 'priority' ):
@@ -291,56 +374,118 @@ def parsePolicyXml( ):
 		formChWallTypes[1] = chwTypes
 
 		csNodes = domChWalls[0].getElementsByTagName( 'ConflictSets' )
-		if len( csNodes ) == 0:
-			msg = ''
-			msg = msg + 'Required "<ConflictSets>" tag missing.\n'
-			msg = msg + 'Please validate the Policy file used.'
-			formatXmlError( msg )
-			return
+		if csNodes and (len( csNodes ) > 0):
+			cNodes = csNodes[0].getElementsByTagName( 'Conflict' )
+			if not cNodes or len( cNodes ) == 0:
+				msg = ''
+				msg = msg + 'Required "<Conflict>" tag missing.\n'
+				msg = msg + 'Please validate the Policy file used.'
+				formatXmlError( msg )
+				return
+
+			for cNode in cNodes:
+				csName = cNode.getAttribute( 'name' )
+				newCS( csName, 1 )
+
+				csMemberList = getTypes( cNode )
+				if csMemberList == None:
+					msg = ''
+					msg = msg + 'Error processing the Conflict Set members.\n'
+					msg = msg + 'Please validate the Policy file used.'
+					formatXmlError( msg )
+					return
+
+				# Verify the conflict set members are valid types
+				ctSet = Set( formChWallTypes[1] )
+				csSet = Set( csMemberList )
+				if not csSet.issubset( ctSet ):
+					msg = ''
+					msg = msg + 'Error processing Conflict Set "' + csName + '".\n'
+					msg = msg + 'Members of the conflict set are not valid '
+					msg = msg + 'Chinese Wall types.\n'
+					msg = msg + 'Please validate the Policy file used.'
+					formatXmlError( msg )
+
+					allCSMTypes[csName][1] = csMemberList
 
-		cNodes = csNodes[0].getElementsByTagName( 'Conflict' )
-		if len( cNodes ) == 0:
+	if pOrder != '':
+		formPolicyOrder[1] = pOrder
+	else:
+		if (len( domStes ) > 0) or (len( domChWalls ) > 0):
 			msg = ''
-			msg = msg + 'Required "<Conflict>" tag missing.\n'
+			msg = msg + 'The "priority" attribute has not been specified.\n'
+			msg = msg + 'It must be specified on one of the access control types.\n'
 			msg = msg + 'Please validate the Policy file used.'
 			formatXmlError( msg )
 			return
 
-		for cNode in cNodes:
-			csName = cNode.getAttribute( 'name' )
-			newCS( csName, 1 )
+	# Process the Labels
+	domLabels = domRoot.getElementsByTagName( 'SecurityLabelTemplate' )
+	if not domLabels or (len( domLabels ) == 0):
+		msg = ''
+		msg = msg + '<SecurityLabelTemplate> tag is missing.\n'
+		msg = msg + 'Please validate the Policy file used.'
+		formatXmlError( msg )
+		return
+
 
-			csMemberList = getTypes( cNode )
-			if csMemberList == None:
+	# Process the VMs
+	domSubjects = domLabels[0].getElementsByTagName( 'SubjectLabels' )
+	if len( domSubjects ) > 0:
+		formVmNameDom0[1] = domSubjects[0].getAttribute( 'bootstrap' )
+		domNodes = domSubjects[0].getElementsByTagName( 'VirtualMachineLabel' )
+		for domNode in domNodes:
+			vmName = getName( domNode )
+			if vmName == None:
 				msg = ''
-				msg = msg + 'Error processing the Conflict Set members.\n'
+				msg = msg + 'Error processing the VirtualMachineLabel name.\n'
+				msg = msg + 'Please validate the Policy file used.'
+				formatXmlError( msg )
+				continue
+
+			steTypes = getSteTypes( domNode )
+			if steTypes == None:
+				msg = ''
+				msg = msg + 'Error processing the SimpleTypeEnforcement types.\n'
 				msg = msg + 'Please validate the Policy file used.'
 				formatXmlError( msg )
 				return
 
-			# Verify the conflict set members are valid types
-			ctSet = Set( formChWallTypes[1] )
-			csSet = Set( csMemberList )
-			if not csSet.issubset( ctSet ):
+			chwTypes = getChWTypes( domNode )
+			if chwTypes == None:
 				msg = ''
-				msg = msg + 'Error processing Conflict Set "' + csName + '".\n'
-				msg = msg + 'Members of the conflict set are not valid '
-				msg = msg + 'Chinese Wall types.\n'
+				msg = msg + 'Error processing the ChineseWall types.\n'
 				msg = msg + 'Please validate the Policy file used.'
 				formatXmlError( msg )
+				return
 
-			allCSMTypes[csName][1] = csMemberList
+			newVm( vmName, 1 )
+			allVmStes[vmName][1] = steTypes
+			allVmChWs[vmName][1] = chwTypes
+
+	# Process the Resources
+	domObjects = domLabels[0].getElementsByTagName( 'ObjectLabels' )
+	if len( domObjects ) > 0:
+		domNodes = domObjects[0].getElementsByTagName( 'ResourceLabel' )
+		for domNode in domNodes:
+			resName = getName( domNode )
+			if resName == None:
+				msg = ''
+				msg = msg + 'Error processing the ResourceLabel name.\n'
+				msg = msg + 'Please validate the Policy file used.'
+				formatXmlError( msg )
+				continue
 
-	if pOrder != '':
-		formPolicyOrder[1] = pOrder
-	else:
-		if (len( domStes ) > 0) or (len( domChWalls ) > 0):
-			msg = ''
-			msg = msg + 'The "priority" attribute has not been specified.\n'
-			msg = msg + 'It must be specified on one of the access control types.\n'
-			msg = msg + 'Please validate the Policy file used.'
-			formatXmlError( msg )
-			return
+			steTypes = getSteTypes( domNode )
+			if steTypes == None:
+				msg = ''
+				msg = msg + 'Error processing the SimpleTypeEnforcement types.\n'
+				msg = msg + 'Please validate the Policy file used.'
+				formatXmlError( msg )
+				return
+
+			newRes( resName, 1 )
+			allResStes[resName][1] = steTypes
 
 def modFormTemplate( formTemplate, suffix ):
 	formVar = [x for x in formTemplate]
@@ -383,19 +528,80 @@ def newCS( csName, addToList = 0 ):
 			formCSNames[1].append( csName )
 			formCSNames[1] = removeDups( formCSNames[1] )
 
+def newVm( vmName, addToList = 0 ):
+	global formVmNames
+	global templateVmDel, allVmDel, templateVmDom0, allVmDom0
+	global templateVmChWs, templateVmChWDel, templateVmChW, templateVmChWAdd
+	global allVmChWs, allVmChWDel, allVmChWType, allVmChWAdd
+	global templateVmStes, templateVmSteDel, templateVmSte, templateVmSteAdd
+	global allVmStes, allVmSteDel, allVmSteType, allVmSteAdd
+
+	# Make sure we have an actual name and check one of the 'all'
+	# variables to be sure it hasn't been previously defined
+	if (len( vmName ) > 0) and (not allVmDom0.has_key( vmName )):
+		vmSuffix = '_' + vmName
+		allVmDom0[vmName]   = modFormTemplate( templateVmDom0,   vmSuffix )
+		allVmDel[vmName]    = modFormTemplate( templateVmDel,    vmSuffix )
+		allVmChWs[vmName]   = modFormTemplate( templateVmChWs,   vmSuffix )
+		allVmChWDel[vmName] = modFormTemplate( templateVmChWDel, vmSuffix )
+		allVmChW[vmName]    = modFormTemplate( templateVmChW,    vmSuffix )
+		allVmChWAdd[vmName] = modFormTemplate( templateVmChWAdd, vmSuffix )
+		allVmStes[vmName]   = modFormTemplate( templateVmStes,   vmSuffix )
+		allVmSteDel[vmName] = modFormTemplate( templateVmSteDel, vmSuffix )
+		allVmSte[vmName]    = modFormTemplate( templateVmSte,    vmSuffix )
+		allVmSteAdd[vmName] = modFormTemplate( templateVmSteAdd, vmSuffix )
+		if addToList == 1:
+			formVmNames[1].append( vmName )
+			formVmNames[1] = removeDups( formVmNames[1] )
+
+def newRes( resName, addToList = 0 ):
+	global formResNames
+	global templateResDel, allResDel
+	global templateResStes, templateResSteDel, templateResSte, templateResSteAdd
+	global allResStes, allResSteDel, allResSteType, allResSteAdd
+
+	# Make sure we have an actual name and check one of the 'all'
+	# variables to be sure it hasn't been previously defined
+	if (len( resName ) > 0) and (not allResDel.has_key( resName )):
+		resSuffix = '_' + resName
+		allResDel[resName]    = modFormTemplate( templateResDel,    resSuffix )
+		allResStes[resName]   = modFormTemplate( templateResStes,   resSuffix )
+		allResSteDel[resName] = modFormTemplate( templateResSteDel, resSuffix )
+		allResSte[resName]    = modFormTemplate( templateResSte,    resSuffix )
+		allResSteAdd[resName] = modFormTemplate( templateResSteAdd, resSuffix )
+		if addToList == 1:
+			formResNames[1].append( resName )
+			formResNames[1] = removeDups( formResNames[1] )
+
 def updateInfo( ):
-	global formData, formPolicyName, formPolicyDate, formPolicyOrder
+	global formData, formPolicyName, formPolicyUrl, formPolicyRef, formPolicyDate, formPolicyNSUrl
+	global formPolicyOrder
 
 	if formData.has_key( formPolicyName[3] ):
 		formPolicyName[1] = formData[formPolicyName[3]].value
 	elif formData.has_key( formPolicyUpdate[3] ):
 		formPolicyName[1] = ''
 
+	if formData.has_key( formPolicyUrl[3] ):
+		formPolicyUrl[1] = formData[formPolicyUrl[3]].value
+	elif formData.has_key( formPolicyUpdate[3] ):
+		formPolicyUrl[1] = ''
+
+	if formData.has_key( formPolicyRef[3] ):
+		formPolicyRef[1] = formData[formPolicyRef[3]].value
+	elif formData.has_key( formPolicyUpdate[3] ):
+		formPolicyRef[1] = ''
+
 	if formData.has_key( formPolicyDate[3] ):
 		formPolicyDate[1] = formData[formPolicyDate[3]].value
 	elif formData.has_key( formPolicyUpdate[3] ):
 		formPolicyDate[1] = ''
 
+	if formData.has_key( formPolicyNSUrl[3] ):
+		formPolicyNSUrl[1] = formData[formPolicyNSUrl[3]].value
+	elif formData.has_key( formPolicyUpdate[3] ):
+		formPolicyNSUrl[1] = ''
+
 	if formData.has_key( formPolicyOrder[3] ):
 		formPolicyOrder[1] = formData[formPolicyOrder[3]].value
 
@@ -483,6 +689,136 @@ def delCSMember( csName ):
 			csm = csm.strip( )
 			formVar[1].remove( csm )
 
+def addVm( ):
+	global formData, fromVmName, formVmNames, formVmNameDom0
+
+	if (formData.has_key( formDefaultButton[3] )) or (formData.has_key( formVmAdd[3] )):
+		if formData.has_key( formVmName[3] ):
+			vmName = formData[formVmName[3]].value
+			vmName = vmName.strip( )
+			newVm( vmName, 1 )
+			if formVmNameDom0[1] == '':
+				formVmNameDom0[1] = vmName
+
+def delVm( vmName ):
+	global formVmNames, formVmNameDom0
+	global allVmDel, allVmDom0
+	global allVmChWs, allVmChWDel, allVmChWType, allVmChWAdd
+	global allVmStes, allVmSteDel, allVmSteType, allVmSteAdd
+
+	vmName = vmName.strip( )
+	formVmNames[1].remove( vmName )
+	del allVmDom0[vmName]
+	del allVmDel[vmName]
+	del allVmChWs[vmName]
+	del allVmChWDel[vmName]
+	del allVmChW[vmName]
+	del allVmChWAdd[vmName]
+	del allVmStes[vmName]
+	del allVmSteDel[vmName]
+	del allVmSte[vmName]
+	del allVmSteAdd[vmName]
+
+	if formVmNameDom0[1] == vmName:
+		if len( formVmNames[1] ) > 0:
+			formVmNameDom0[1] = formVmNames[1][0]
+		else:
+			formVmNameDom0[1] = ''
+
+def makeVmDom0( vmName ):
+	global formVmNameDom0
+
+	vmName = vmName.strip( )
+	formVmNameDom0[1] = vmName
+
+def addVmChW( vmName ):
+	global formData, allVmChW, allVmChWs
+
+	formVar = allVmChW[vmName]
+	if formData.has_key( formVar[3] ):
+		chwList = formData.getlist( formVar[3] )
+		formVar = allVmChWs[vmName]
+		for chw in chwList:
+			chw = chw.strip( )
+			formVar[1].append( chw )
+			formVar[1] = removeDups( formVar[1] )
+
+def delVmChW( vmName ):
+	global formData, allVmChWs
+
+	formVar = allVmChWs[vmName]
+	if formData.has_key( formVar[3] ):
+		chwList = formData.getlist( formVar[3] )
+		for chw in chwList:
+			chw = chw.strip( )
+			formVar[1].remove( chw )
+
+def addVmSte( vmName ):
+	global formData, allVmSte, allVmStes
+
+	formVar = allVmSte[vmName]
+	if formData.has_key( formVar[3] ):
+		steList = formData.getlist( formVar[3] )
+		formVar = allVmStes[vmName]
+		for ste in steList:
+			ste = ste.strip( )
+			formVar[1].append( ste )
+			formVar[1] = removeDups( formVar[1] )
+
+def delVmSte( vmName ):
+	global formData, allVmStes
+
+	formVar = allVmStes[vmName]
+	if formData.has_key( formVar[3] ):
+		steList = formData.getlist( formVar[3] )
+		for ste in steList:
+			ste = ste.strip( )
+			formVar[1].remove( ste )
+
+def addRes( ):
+	global formData, fromResName, formResNames
+
+	if (formData.has_key( formDefaultButton[3] )) or (formData.has_key( formResAdd[3] )):
+		if formData.has_key( formResName[3] ):
+			resName = formData[formResName[3]].value
+			resName = resName.strip( )
+			newRes( resName, 1 )
+
+def delRes( resName ):
+	global formResNames
+	global allResDel
+	global allResStes, allResSteDel, allResSteType, allResSteAdd
+
+	resName = resName.strip( )
+	formResNames[1].remove( resName )
+	del allResDel[resName]
+	del allResStes[resName]
+	del allResSteDel[resName]
+	del allResSte[resName]
+	del allResSteAdd[resName]
+
+def addResSte( vmName ):
+	global formData, allResSte, allResStes
+
+	formVar = allResSte[vmName]
+	if formData.has_key( formVar[3] ):
+		steList = formData.getlist( formVar[3] )
+		formVar = allResStes[vmName]
+		for ste in steList:
+			ste = ste.strip( )
+			formVar[1].append( ste )
+			formVar[1] = removeDups( formVar[1] )
+
+def delResSte( vmName ):
+	global formData, allResStes
+
+	formVar = allResStes[vmName]
+	if formData.has_key( formVar[3] ):
+		steList = formData.getlist( formVar[3] )
+		for ste in steList:
+			ste = ste.strip( )
+			formVar[1].remove( ste )
+
 def processRequest( ):
 	global policyXml
 	global formData, formPolicyUpdate
@@ -490,6 +826,12 @@ def processRequest( ):
 	global formChWallAdd, formChWallDel
 	global formCSAdd, allCSDel
 	global formCSNames, allCSMAdd, allCSMDel
+	global formVmAdd
+	global formVmNames, allVmDel, allVmDom0
+	global allVmChWAdd, allVmChWDel, allVmSteAdd, allVmSteDel
+	global formResAdd
+	global formResNames, allResDel
+	global allResSteAdd, allResSteDel
 
 	if policyXml != '':
 		parsePolicyXml( )
@@ -498,11 +840,13 @@ def processRequest( ):
 	# an action is performed
 	updateInfo( )
 
-	# Allow the adding of types/sets if the user has hit the
-	# enter key when attempting to add a type/set
+	# Allow the adding of types/sets/vms if the user has hit the
+	# enter key when attempting to add a type/set/vm
 	addSteType( )
 	addChWallType( )
 	addCS( )
+	addVm( )
+	addRes( )
 
 	if formData.has_key( formSteDel[3] ):
 		delSteType( )
@@ -522,6 +866,37 @@ def processRequest( ):
 			elif formData.has_key( allCSMDel[csName][3] ):
 				delCSMember( csName )
 
+	for vmName in formVmNames[1]:
+		if formData.has_key( allVmDel[vmName][3] ):
+			delVm( vmName )
+			continue
+
+		if formData.has_key( allVmDom0[vmName][3] ):
+			makeVmDom0( vmName )
+
+		if formData.has_key( allVmChWAdd[vmName][3] ):
+			addVmChW( vmName )
+
+		elif formData.has_key( allVmChWDel[vmName][3] ):
+			delVmChW( vmName )
+
+		elif formData.has_key( allVmSteAdd[vmName][3] ):
+			addVmSte( vmName )
+
+		elif formData.has_key( allVmSteDel[vmName][3] ):
+			delVmSte( vmName )
+
+	for resName in formResNames[1]:
+		if formData.has_key( allResDel[resName][3] ):
+			delRes( resName )
+			continue
+
+		if formData.has_key( allResSteAdd[resName][3] ):
+			addResSte( resName )
+
+		elif formData.has_key( allResSteDel[resName][3] ):
+			delResSte( resName )
+
 def makeName( name, suffix='' ):
 	rName = name
 	if suffix != '':
@@ -553,7 +928,7 @@ def makeValue( value, suffix='' ):
 def makeValueAttr( value, suffix='' ):
 	return 'value="' + makeValue( value, suffix ) + '"'
 
-def sendHtmlFormVar( formVar, attrs='' ):
+def sendHtmlFormVar( formVar, attrs='', rb_select=0 ):
 	nameAttr  = ''
 	valueAttr = ''
 	htmlText  = ''
@@ -614,7 +989,7 @@ def sendHtmlFormVar( formVar, attrs='' ):
 
 				print '<INPUT type="radio"', nameAttr, valueAttr, addAttrs, checked, '>', htmlText, '<BR>'
 
-	if formVar[2] != '':
+	if ( formVar[2] != '' ) and ( rb_select == 0 ):
 		nameAttr = makeNameAttr( formVar[2] )
 		valueAttr = makeValueAttr( formVar[1] )
 		print '<INPUT type="hidden"', nameAttr, valueAttr, '>'
@@ -625,7 +1000,9 @@ def sendHtmlHeaders( ):
 	print
 
 def sendPolicyHtml( ):
-	global xmlError, xmlIncomplete, xmlMessages, formXmlGen
+	global xmlError, xmlIncomplete, xmlMessages
+	global formDefaultButton, formXmlGen
+	global formVmNameDom0
 
 	print '<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"'
 	print '  "http://www.w3.org/TR/html4/loose.dtd">'
@@ -704,12 +1081,17 @@ def sendPolicyHtml( ):
 	print '  <TR>'
 	print '    <TD>'
 	print '      <TABLE class="full">'
+	print '        <COLGROUP>'
+	print '          <COL width="49%">'
+	print '          <COL width="2%">'
+	print '          <COL width="49%">'
+	print '        </COLGROUP>'
 	print '        <TR>'
-	print '          <TD width="49%">'
+	print '          <TD>'
 	sendPSteHtml( )
 	print '          </TD>'
-	print '          <TD width="2%">&nbsp;</TD>'
-	print '          <TD width="49%">'
+	print '          <TD>&nbsp;</TD>'
+	print '          <TD>'
 	sendPChWallHtml( )
 	print '          </TD>'
 	print '        </TR>'
@@ -717,7 +1099,57 @@ def sendPolicyHtml( ):
 	print '    </TD>'
 	print '  </TR>'
 
+	# Separator
+	print '  <TR>'
+	print '    <TD>'
+	print '      <HR>'
+	print '    </TD>'
+	print '  </TR>'
+
+	# Policy Labels (vms)
+	print '  <TR>'
+	print '    <TD>'
+	print '      <TABLE class="full">'
+	print '        <COLGROUP>'
+	print '          <COL width="100%">'
+	print '        </COLGROUP>'
+	print '        <TR>'
+	print '          <TD>'
+	sendPLSubHtml( )
+	print '          </TD>'
+	print '        </TR>'
+	print '      </TABLE>'
+	print '    </TD>'
+	print '  </TR>'
+
+	# Separator
+	print '  <TR>'
+	print '    <TD>'
+	print '      <HR>'
+	print '    </TD>'
+	print '  </TR>'
+
+	# Policy Labels (resources)
+	print '  <TR>'
+	print '    <TD>'
+	print '      <TABLE class="full">'
+	print '        <COLGROUP>'
+	print '          <COL width="100%">'
+	print '        </COLGROUP>'
+	print '        <TR>'
+	print '          <TD>'
+	sendPLObjHtml( )
+	print '          </TD>'
+	print '        </TR>'
+	print '      </TABLE>'
+	print '    </TD>'
+	print '  </TR>'
+
 	print '</TABLE>'
+
+	# Send some data that needs to be available across sessions
+	sendHtmlFormVar( formVmNameDom0 )
+
 	print '</FORM>'
 	print '</CENTER>'
 
@@ -733,8 +1165,8 @@ def sendHtmlHead( ):
 	print '<!--'
 	print 'BODY            {background-color: #EEEEFF;}'
 	print 'TABLE.container {width:  90%; border: 1px solid black; border-collapse: seperate;}'
-	print 'TABLE.fullbox   {width: 100%; border: 1px solid black; border-collapse: collapse;}'
-	print 'TABLE.full      {width: 100%; border: 0px solid black; border-collapse: collapse;}'
+	print 'TABLE.full      {width: 100%; border: 0px solid black; border-collapse: collapse; border-spacing: 3px;}'
+	print 'TABLE.fullbox   {width: 100%; border: 0px solid black; border-collapse: collapse; border-spacing: 3px;}'
 	print 'THEAD           {font-weight: bold; font-size: larger;}'
 	print 'TD              {border: 0px solid black; vertical-align: top;}'
 	print 'TD.heading      {border: 0px solid black; vertical-align: top; font-weight: bold; font-size: larger;}'
@@ -752,7 +1184,8 @@ def sendHtmlHead( ):
 	print '</HEAD>'
 
 def sendPHeaderHtml( ):
-	global formPolicyName, formPolicyDate, formPolicyOrder, formPolicyUpdate
+	global formPolicyName, formPolicyUrl, formPolicyRef, formPolicyDate, formPolicyNSUrl
+	global formPolicyOrder, formPolicyUpdate
 
 	# Policy header definition
 	print '<TABLE class="full">'
@@ -770,12 +1203,30 @@ def sendPHeaderHtml( ):
 	print '    </TD>'
 	print '  </TR>'
 	print '  <TR>'
+	print '    <TD align="right">Url:</TD>'
+	print '    <TD align="left">'
+	sendHtmlFormVar( formPolicyUrl, 'class="full"' )
+	print '    </TD>'
+	print '  </TR>'
+	print '  <TR>'
+	print '    <TD align="right">Reference:</TD>'
+	print '    <TD align="left">'
+	sendHtmlFormVar( formPolicyRef, 'class="full"' )
+	print '    </TD>'
+	print '  </TR>'
+	print '  <TR>'
 	print '    <TD align="right">Date:</TD>'
 	print '    <TD align="left">'
 	sendHtmlFormVar( formPolicyDate, 'class="full"' )
 	print '    </TD>'
 	print '  </TR>'
 	print '  <TR>'
+	print '    <TD align="right">NameSpace URL:</TD>'
+	print '    <TD align="left">'
+	sendHtmlFormVar( formPolicyNSUrl, 'class="full"' )
+	print '    </TD>'
+	print '  </TR>'
+	print '  <TR>'
 	print '    <TD align="right">Primary Policy:</TD>'
 	print '    <TD align="left">'
 	sendHtmlFormVar( formPolicyOrder )
@@ -983,17 +1434,335 @@ def sendPChWallHtml( ):
 
 	print '</TABLE>'
 
+def sendPLSubHtml( ):
+	global formVmNames, formVmDel, formVmName, formVmAdd
+	global allVmDel, allVmDom0
+	global allVmChWs, allVmChWDel, allVmChW, allVmChWAdd
+	global allVmStes, allVmSteDel, allVmSte, allVmSteAdd
+	global formSteTypes, formChWallTypes
+
+	print '<TABLE class="full">'
+	print '  <COLGROUP>'
+	print '    <COL width="100%">'
+	print '  </COLGROUP>'
+
+	# Virtual Machines...
+	print '  <TR>'
+	print '    <TD>'
+	print '      <TABLE class="full">'
+	print '        <COLGROUP>'
+	print '          <COL width="10%">'
+	print '          <COL width="40%">'
+	print '          <COL width="50%">'
+	print '        </COLGROUP>'
+	print '        <TR>'
+	print '          <TD class="heading" align="center" colspan="3">Virtual Machine Classes</TD>'
+	print '        </TR>'
+	print '        <TR>'
+	print '          <TD colspan="2">'
+	sendHtmlFormVar( formVmName, 'class="full"' )
+	sendHtmlFormVar( formVmNames )
+	print '          </TD>'
+	print '          <TD>&nbsp;</TD>'
+	print '        </TR>'
+	print '        <TR>'
+	print '          <TD>'
+	sendHtmlFormVar( formVmAdd, 'class="full"' )
+	print '          </TD>'
+	print '          <TD colspan="2">'
+	print '            Create a new VM class with the above name'
+	print '          </TD>'
+	print '        </TR>'
+	print '      </TABLE>'
+	print '    </TD>'
+	print '  </TR>'
+	if len( formVmNames[1] ) > 0:
+		print '  <TR>'
+		print '    <TD colspan="1">'
+		print '      &nbsp;'
+		print '    </TD>'
+		print '  </TR>'
+		print '  <TR>'
+		print '    <TD>'
+		print '      <TABLE class="fullbox">'
+		print '        <COLGROUP>'
+		print '          <COL width="10%">'
+		print '          <COL width="40%">'
+		print '          <COL width="50%">'
+		print '        </COLGROUP>'
+		print '        <THEAD>'
+		print '          <TR>'
+		print '            <TD class="fullbox">Dom 0?</TD>'
+		print '            <TD class="fullbox">Name</TD>'
+		print '            <TD class="fullbox">Actions</TD>'
+		print '          </TR>'
+		print '        </THEAD>'
+		for i, vmName in enumerate( formVmNames[1] ):
+			print '        <TR>'
+			print '          <TD class="fullbox">'
+			if formVmNameDom0[1] == vmName:
+				print 'Yes'
+			else:
+				print '&nbsp;'
+			print '          </TD>'
+			print '          <TD class="fullbox">' + vmName + '</TD>'
+			print '          <TD class="fullbox">'
+			print '            <A href="#' + vmName + '">Edit</A>'
+			formVar = allVmDel[vmName]
+			sendHtmlFormVar( formVar, 'class="link"' )
+			formVar = allVmDom0[vmName]
+			sendHtmlFormVar( formVar, 'class="link"' )
+			print '          </TD>'
+			print '        </TR>'
+		print '      </TABLE>'
+		print '    </TD>'
+		print '  </TR>'
+		for vmName in formVmNames[1]:
+			print '  <TR>'
+			print '    <TD>'
+			print '      <HR>'
+			print '    </TD>'
+			print '  </TR>'
+			print '  <TR>'
+			print '    <TD>'
+			print '      <TABLE class="full">'
+			print '        <COLGROUP>'
+			print '          <COL width="10%">'
+			print '          <COL width="39%">'
+			print '          <COL width="2%">'
+			print '          <COL width="10%">'
+			print '          <COL width="39%">'
+			print '        </COLGROUP>'
+			print '        <TR>'
+			print '          <TD colspan="5" align="center" class="heading">'
+			print '            <A name="' + vmName + '">Virtual Machine Class: ' + vmName + '</A>'
+			print '          </TD>'
+			print '        </TR>'
+			print '        <TR>'
+			print '          <TD colspan="2" align="center">Simple Type Enforcement Types</TD>'
+			print '          <TD>&nbsp;</TD>'
+			print '          <TD colspan="2" align="center">Chinese Wall Types</TD>'
+			print '        </TR>'
+			print '        <TR>'
+			print '          <TD colspan="2">'
+			formVar = allVmStes[vmName];
+			sendHtmlFormVar( formVar, 'class="full" size="4" multiple"' )
+			print '          </TD>'
+			print '          <TD>&nbsp;</TD>'
+			print '          <TD colspan="2">'
+			formVar = allVmChWs[vmName];
+			sendHtmlFormVar( formVar, 'class="full" size="4" multiple"' )
+			print '          </TD>'
+			print '        </TR>'
+			print '        <TR>'
+			print '          <TD>'
+			formVar = allVmSteDel[vmName];
+			sendHtmlFormVar( formVar, 'class="full"' )
+			print '          </TD>'
+			print '          <TD>'
+			print '            Delete the type(s) selected above'
+			print '          </TD>'
+			print '          <TD>&nbsp;</TD>'
+			print '          <TD>'
+			formVar = allVmChWDel[vmName];
+			sendHtmlFormVar( formVar, 'class="full"' )
+			print '          </TD>'
+			print '          <TD>'
+			print '            Delete the type(s) selected above'
+			print '          </TD>'
+			print '        </TR>'
+			print '        <TR>'
+			print '          <TD colspan="2">'
+			stSet = Set( formSteTypes[1] )
+			vmSet = Set( allVmStes[vmName][1] )
+			formVar = allVmSte[vmName]
+			formVar[1] = []
+			for steType in stSet.difference( vmSet ):
+				formVar[1].append( steType )
+			formVar[1].sort( )
+			sendHtmlFormVar( formVar, 'class="full" size="2" multiple"' )
+			print '          </TD>'
+			print '          <TD>&nbsp;</TD>'
+			print '          <TD colspan="2">'
+			ctSet = Set( formChWallTypes[1] )
+			vmSet = Set( allVmChWs[vmName][1] )
+			formVar = allVmChW[vmName]
+			formVar[1] = []
+			for chwallType in ctSet.difference( vmSet ):
+				formVar[1].append( chwallType )
+			formVar[1].sort( )
+			sendHtmlFormVar( formVar, 'class="full" size="2" multiple"' )
+			print '          </TD>'
+			print '        </TR>'
+			print '        <TR>'
+			print '          <TD>'
+			formVar = allVmSteAdd[vmName];
+			sendHtmlFormVar( formVar, 'class="full"' )
+			print '          </TD>'
+			print '          <TD>'
+			print '            Add the type(s) selected above'
+			print '          </TD>'
+			print '          <TD>&nbsp;</TD>'
+			print '          <TD>'
+			formVar = allVmChWAdd[vmName];
+			sendHtmlFormVar( formVar, 'class="full"' )
+			print '          </TD>'
+			print '          <TD>'
+			print '            Add the type(s) selected above'
+			print '          </TD>'
+			print '        </TR>'
+			print '      </TABLE>'
+			print '    </TD>'
+			print '  </TR>'
+
+	print '</TABLE>'
+
+def sendPLObjHtml( ):
+	global formResNames, formResDel, formResName, formResAdd
+	global allResDel
+	global allResStes, allResSteDel, allResSte, allResSteAdd
+	global formSteTypes, formChWallTypes
+
+	print '<TABLE class="full">'
+	print '  <COLGROUP>'
+	print '    <COL width="100%">'
+	print '  </COLGROUP>'
+
+	# Resources...
+	print '  <TR>'
+	print '    <TD>'
+	print '      <TABLE class="full">'
+	print '        <COLGROUP>'
+	print '          <COL width="10%">'
+	print '          <COL width="40%">'
+	print '          <COL width="50%">'
+	print '        </COLGROUP>'
+	print '        <TR>'
+	print '          <TD class="heading" align="center" colspan="3">Resource Classes</TD>'
+	print '        </TR>'
+	print '        <TR>'
+	print '          <TD colspan="2">'
+	sendHtmlFormVar( formResName, 'class="full"' )
+	sendHtmlFormVar( formResNames )
+	print '          </TD>'
+	print '          <TD>&nbsp;</TD>'
+	print '        </TR>'
+	print '        <TR>'
+	print '          <TD>'
+	sendHtmlFormVar( formResAdd, 'class="full"' )
+	print '          </TD>'
+	print '          <TD colspan="2">'
+	print '            Create a new Resource class with the above name'
+	print '          </TD>'
+	print '        </TR>'
+	print '      </TABLE>'
+	print '    </TD>'
+	print '  </TR>'
+	if len( formResNames[1] ) > 0:
+		print '  <TR>'
+		print '    <TD colspan="1">'
+		print '      &nbsp;'
+		print '    </TD>'
+		print '  </TR>'
+		print '  <TR>'
+		print '    <TD>'
+		print '      <TABLE class="fullbox">'
+		print '        <COLGROUP>'
+		print '          <COL width="50%">'
+		print '          <COL width="50%">'
+		print '        </COLGROUP>'
+		print '        <THEAD>'
+		print '          <TR>'
+		print '            <TD class="fullbox">Name</TD>'
+		print '            <TD class="fullbox">Actions</TD>'
+		print '          </TR>'
+		print '        </THEAD>'
+		for i, resName in enumerate( formResNames[1] ):
+			print '        <TR>'
+			print '          <TD class="fullbox">' + resName + '</TD>'
+			print '          <TD class="fullbox">'
+			print '            <A href="#' + resName + '">Edit</A>'
+			formVar = allResDel[resName]
+			sendHtmlFormVar( formVar, 'class="link"' )
+			print '          </TD>'
+			print '        </TR>'
+		print '      </TABLE>'
+		print '    </TD>'
+		print '  </TR>'
+		for resName in formResNames[1]:
+			print '  <TR>'
+			print '    <TD>'
+			print '      <HR>'
+			print '    </TD>'
+			print '  </TR>'
+			print '  <TR>'
+			print '    <TD>'
+			print '      <TABLE class="full">'
+			print '        <COLGROUP>'
+			print '          <COL width="10%">'
+			print '          <COL width="90%">'
+			print '        </COLGROUP>'
+			print '        <TR>'
+			print '          <TD colspan="2" align="center" class="heading">'
+			print '            <A name="' + resName + '">Resource Class: ' + resName + '</A>'
+			print '          </TD>'
+			print '        </TR>'
+			print '        <TR>'
+			print '          <TD colspan="2" align="center">Simple Type Enforcement Types</TD>'
+			print '        </TR>'
+			print '        <TR>'
+			print '          <TD colspan="2">'
+			formVar = allResStes[resName];
+			sendHtmlFormVar( formVar, 'class="full" size="4" multiple"' )
+			print '          </TD>'
+			print '        </TR>'
+			print '        <TR>'
+			print '          <TD>'
+			formVar = allResSteDel[resName];
+			sendHtmlFormVar( formVar, 'class="full"' )
+			print '          </TD>'
+			print '          <TD>'
+			print '            Delete the type(s) selected above'
+			print '          </TD>'
+			print '        </TR>'
+			print '        <TR>'
+			print '          <TD colspan="2">'
+			stSet = Set( formSteTypes[1] )
+			resSet = Set( allResStes[resName][1] )
+			formVar = allResSte[resName]
+			formVar[1] = []
+			for steType in stSet.difference( resSet ):
+				formVar[1].append( steType )
+			formVar[1].sort( )
+			sendHtmlFormVar( formVar, 'class="full" size="2" multiple"' )
+			print '          </TD>'
+			print '        </TR>'
+			print '        <TR>'
+			print '          <TD>'
+			formVar = allResSteAdd[resName];
+			sendHtmlFormVar( formVar, 'class="full"' )
+			print '          </TD>'
+			print '          <TD>'
+			print '            Add the type(s) selected above'
+			print '          </TD>'
+			print '        </TR>'
+			print '      </TABLE>'
+			print '    </TD>'
+			print '  </TR>'
+
+	print '</TABLE>'
+
 def checkXmlData( ):
 	global xmlIncomplete
+	global formPolicyName, formPolicyOrder
+	global formChWallTypes, formSteTypes, formCSNames
 
 	# Validate the Policy Header requirements
-	if ( len( formPolicyName[1] ) > 0 ) or ( len( formPolicyDate[1] ) > 0 ):
-		if ( len( formPolicyName[1] ) == 0 ) or ( len( formPolicyDate[1] ) == 0 ):
-			msg = ''
-			msg = msg + 'The XML policy schema requires that the Policy '
-			msg = msg + 'Information Name and Date fields both have values '
-			msg = msg + 'or both not have values.'
-			formatXmlGenError( msg )
+	if ( len( formPolicyName[1] ) == 0 ):
+		msg = ''
+		msg = msg + 'The XML policy schema requires that the Policy '
+		msg = msg + 'Information Name field have a value.'
+		formatXmlGenError( msg )
 
 	if formPolicyOrder[1] == 'v_ChWall':
 		if len( formChWallTypes[1] ) == 0:
@@ -1014,14 +1783,6 @@ def checkXmlData( ):
 			msg = msg + 'primary policy.'
 			formatXmlGenError( msg )
 
-	# Validate the Chinese Wall required data
-	if len( formChWallTypes[1] ) > 0:
-		if len( formCSNames[1] ) == 0:
-			msg = ''
-			msg = msg + 'The XML policy schema for the Chinese Wall '
-			msg = msg + 'requires at least one Conflict Set be defined.'
-			formatXmlGenError( msg )
-
 def sendXmlHeaders( ):
 	# HTML headers
 	print 'Content-Type: text/xml'
@@ -1042,17 +1803,28 @@ def sendPolicyXml( ):
 	sendPSteXml( )
 	sendPChWallXml( )
 
+	# Policy Labels (subjects and objects)
+	print '<SecurityLabelTemplate>'
+	sendPLSubXml( )
+	sendPLObjXml( )
+	print '</SecurityLabelTemplate>'
 	print '</SecurityPolicyDefinition>'
 
 def sendPHeaderXml( ):
-	global formPolicyName, formPolicyDate
+	global formPolicyName, formPolicyUrl, formPolicyRef, formPolicyDate, formPolicyNSUrl
 
 	# Policy header definition
-	if ( len( formPolicyName[1] ) > 0 ) or ( len( formPolicyDate[1] ) > 0 ):
-		print '<PolicyHeader>'
-		print '  <Name>' + formPolicyName[1] + '</Name>'
+	print '<PolicyHeader>'
+	print '  <PolicyName>' + formPolicyName[1] + '</PolicyName>'
+	if len( formPolicyUrl[1] ) > 0:
+		print '  <PolicyUrl>' + formPolicyUrl[1] + '</PolicyUrl>'
+	if len( formPolicyRef[1] ) > 0:
+		print '  <Reference>' + formPolicyRef[1] + '</Reference>'
+	if len( formPolicyDate[1] ) > 0:
 		print '  <Date>' + formPolicyDate[1] + '</Date>'
-		print '</PolicyHeader>'
+	if len( formPolicyNSUrl[1] ) > 0:
+		print '  <NameSpaceUrl>' + formPolicyNSUrl[1] + '</NameSpaceUrl>'
+	print '</PolicyHeader>'
 
 def sendPSteXml( ):
 	global formPolicyOrder, formSteTypes
@@ -1091,20 +1863,72 @@ def sendPChWallXml( ):
 		print '    <Type>' + chWallType + '</Type>'
 	print '  </ChineseWallTypes>'
 
-	# Chinese Wall Conflict Sets...
-	print '  <ConflictSets>'
-	for cs in formCSNames[1]:
-		formVar = allCSMTypes[cs]
-		if len( formVar[1] ) == 0:
-			continue
-		print '    <Conflict name="' + cs + '">'
-		for csm in formVar[1]:
-			print '      <Type>' + csm + '</Type>'
-		print '    </Conflict>'
-	print '  </ConflictSets>'
+	# Chinese Wall Conflict Sets (if any) ...
+	if len( formCSNames[1] ) > 0:
+		print '  <ConflictSets>'
+		for cs in formCSNames[1]:
+			formVar = allCSMTypes[cs]
+			if len( formVar[1] ) == 0:
+				continue
+			print '    <Conflict name="' + cs + '">'
+			for csm in formVar[1]:
+				print '      <Type>' + csm + '</Type>'
+			print '    </Conflict>'
+		print '  </ConflictSets>'
 
 	print '</ChineseWall>'
 
+def sendPLSubXml( ):
+	global formVmNames, allVmChWs, allVmStes
+
+	# Virtual machines...
+	if len( formVmNames[1] ) == 0:
+		return
+
+	print '  <SubjectLabels bootstrap="' + formVmNameDom0[1] + '">'
+	for vmName in formVmNames[1]:
+		print '    <VirtualMachineLabel>'
+		print '      <Name>' + vmName + '</Name>'
+		formVar = allVmStes[vmName]
+		if len( formVar[1] ) > 0:
+			print '      <SimpleTypeEnforcementTypes>'
+			for ste in formVar[1]:
+				print '      <Type>' + ste + '</Type>'
+			print '      </SimpleTypeEnforcementTypes>'
+
+		formVar = allVmChWs[vmName]
+		if len( formVar[1] ) > 0:
+			print '      <ChineseWallTypes>'
+			for chw in formVar[1]:
+				print '        <Type>' + chw + '</Type>'
+			print '      </ChineseWallTypes>'
+
+		print '    </VirtualMachineLabel>'
+
+	print '  </SubjectLabels>'
+
+def sendPLObjXml( ):
+	global formResNames, allResStes
+
+	# Resources...
+	if len( formResNames[1] ) == 0:
+		return
+
+	print '  <ObjectLabels>'
+	for resName in formResNames[1]:
+		print '    <ResourceLabel>'
+		print '      <Name>' + resName + '</Name>'
+		formVar = allResStes[resName]
+		if len( formVar[1] ) > 0:
+			print '      <SimpleTypeEnforcementTypes>'
+			for ste in formVar[1]:
+				print '        <Type>' + ste + '</Type>'
+			print '      </SimpleTypeEnforcementTypes>'
+
+		print '    </ResourceLabel>'
+
+	print '  </ObjectLabels>'
+
 
 # Set up initial HTML variables
 headTitle = 'Xen Policy Generation'
@@ -1125,6 +1949,20 @@ formPolicyName    = [ 'text',
 			'',
 			'',
 		    ]
+formPolicyUrl     = [ 'text',
+			'',
+			'h_policyUrl',
+			'i_policyUrl',
+			'',
+			'',
+			]
+formPolicyRef    = [ 'text',
+			'',
+			'h_policyRef',
+			'i_policyRef',
+			'',
+			'',
+			]
 formPolicyDate    = [ 'text',
 			getCurrentTime( ),
 			'h_policyDate',
@@ -1132,6 +1970,13 @@ formPolicyDate    = [ 'text',
 			'',
 			'',
 		    ]
+formPolicyNSUrl   = [ 'text',
+			'',
+			'h_policyNSUrl',
+			'i_policyNSUrl',
+			'',
+			'',
+			]
 formPolicyOrder   = [ 'radiobutton-all',
 			'v_ChWall',
 			'h_policyOrder',
@@ -1289,13 +2134,218 @@ allCSMDel         = {};
 allCSMType        = {};
 allCSMAdd         = {};
 
+formVmNames       = [ '',
+			[],
+			'h_vmNames',
+			'',
+			'',
+			'',
+		    ]
+formVmDel         = [ 'button',
+			'',
+			'',
+			'i_vmDel',
+			'Delete',
+			'',
+		    ]
+formVmName        = [ 'text',
+			'',
+			'',
+			'i_vmName',
+			'',
+			'',
+		    ]
+formVmAdd         = [ 'button',
+			'',
+			'',
+			'i_vmAdd',
+			'New',
+			'',
+		    ]
+
+formVmNameDom0    = [ '',
+			'',
+			'h_vmDom0',
+			'',
+			'',
+			'',
+		    ]
+
+# This is a set of templates used for each virtual machine
+#   Each virtual machine is initially assigned these templates,
+#   then each form attribute value is changed to append
+#   "_virtual-machine-name" for uniqueness.
+templateVmDel     = [ 'button',
+			'',
+			'',
+			'i_vmDel',
+			'Delete',
+			'',
+		    ]
+templateVmDom0    = [ 'button',
+			'',
+			'',
+			'i_vmDom0',
+			'SetDom0',
+			'',
+		    ]
+allVmDel          = {};
+allVmDom0         = {};
+
+templateVmChWs    = [ 'list',
+			[],
+			'h_vmChWs',
+			'i_vmChWs',
+			'',
+			'',
+		    ]
+templateVmChWDel  = [ 'button',
+			'',
+			'',
+			'i_vmChWDel',
+			'Delete',
+			'',
+		    ]
+templateVmChW     = [ 'list',
+			[],
+			'',
+			'i_vmChW',
+			'',
+			'',
+		    ]
+templateVmChWAdd  = [ 'button',
+			'',
+			'',
+			'i_vmChWAdd',
+			'Add',
+			'',
+		    ]
+allVmChWs         = {};
+allVmChWDel       = {};
+allVmChW          = {};
+allVmChWAdd       = {};
+
+templateVmStes    = [ 'list',
+			[],
+			'h_vmStes',
+			'i_vmStes',
+			'',
+			'',
+		    ]
+templateVmSteDel  = [ 'button',
+			'',
+			'',
+			'i_vmSteDel',
+			'Delete',
+			'',
+		    ]
+templateVmSte     = [ 'list',
+			[],
+			'',
+			'i_vmSte',
+			'',
+			'',
+		    ]
+templateVmSteAdd  = [ 'button',
+			'',
+			'',
+			'i_vmSteAdd',
+			'Add',
+			'',
+		    ]
+allVmStes         = {};
+allVmSteDel       = {};
+allVmSte          = {};
+allVmSteAdd       = {};
+
+formResNames      = [ '',
+			[],
+			'h_resNames',
+			'',
+			'',
+			'',
+		    ]
+formResDel        = [ 'button',
+			'',
+			'',
+			'i_resDel',
+			'Delete',
+			'',
+		    ]
+formResName       = [ 'text',
+			'',
+			'',
+			'i_resName',
+			'',
+			'',
+		    ]
+formResAdd        = [ 'button',
+			'',
+			'',
+			'i_resAdd',
+			'New',
+			'',
+		    ]
+
+# This is a set of templates used for each resource
+#   Each resource is initially assigned these templates,
+#   then each form attribute value is changed to append
+#   "_resource-name" for uniqueness.
+templateResDel    = [ 'button',
+			'',
+			'',
+			'i_resDel',
+			'Delete',
+			'',
+		    ]
+allResDel         = {};
+
+templateResStes   = [ 'list',
+			[],
+			'h_resStes',
+			'i_resStes',
+			'',
+			'',
+		    ]
+templateResSteDel = [ 'button',
+			'',
+			'',
+			'i_resSteDel',
+			'Delete',
+			'',
+		    ]
+templateResSte    = [ 'list',
+			[],
+			'',
+			'i_resSte',
+			'',
+			'',
+		    ]
+templateResSteAdd = [ 'button',
+			'',
+			'',
+			'i_resSteAdd',
+			'Add',
+			'',
+		    ]
+allResStes        = {};
+allResSteDel      = {};
+allResSte         = {};
+allResSteAdd      = {};
+
 # A list of all form variables used for saving info across requests
 formVariables     = [ formPolicyName,
+			formPolicyUrl,
+			formPolicyRef,
 			formPolicyDate,
+			formPolicyNSUrl,
 			formPolicyOrder,
 			formSteTypes,
 			formChWallTypes,
 			formCSNames,
+			formVmNames,
+			formVmNameDom0,
+			formResNames,
 		    ]
 
 policyXml         = ''
diff --git a/tools/security/python/xensec_gen/cgi-bin/policylabel.cgi b/tools/security/python/xensec_gen/cgi-bin/policylabel.cgi
deleted file mode 100644
index 3863d3e5aa..0000000000
--- a/tools/security/python/xensec_gen/cgi-bin/policylabel.cgi
+++ /dev/null
@@ -1,1396 +0,0 @@
-#!/usr/bin/python
-#
-# The Initial Developer of the Original Code is International
-# Business Machines Corporation. Portions created by IBM
-# Corporation are Copyright (C) 2005 International Business
-# Machines Corporation. All Rights Reserved.
-#
-# This program is free software; you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation; either version 2 of the License,
-# or (at your option) any later version.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with this program; if not, write to the Free Software
-# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
-#
-
-import os
-import cgi
-import cgitb; cgitb.enable( )
-import time
-import xml.dom.minidom
-import xml.sax
-import xml.sax.handler
-from StringIO import StringIO
-from sets import Set
-
-def getSavedData( ):
-	global formData, policyXml, policyLabelXml
-	global formVariables, formVmNames
-	global allVmChWs, allVmStes
-
-	# Process the XML upload policy file
-	if formData.has_key( 'i_policy' ):
-		dataList = formData.getlist( 'i_policy' )
-		if len( dataList ) > 0:
-			policyXml = dataList[0].strip( )
-
-	# The XML upload policy file must be specified at the start
-	if formData.has_key( 'i_policyLabelCreate' ):
-		if policyXml == '':
-			msg = ''
-			msg = msg + 'A Policy file was not supplied.  A Policy file '
-			msg = msg + 'must be supplied in order to successfully create '
-			msg = msg + 'a Policy Labeling file.'
-			formatXmlError( msg )
-
-	# Process the XML upload policy label file
-	if formData.has_key( 'i_policyLabel' ):
-		dataList = formData.getlist( 'i_policyLabel' )
-		if len( dataList ) > 0:
-			policyLabelXml = dataList[0].strip( )
-
-	# Process all the hidden input variables (if present)
-	for formVar in formVariables:
-		if formVar[2] == '':
-			continue
-
-		if formData.has_key( formVar[2] ):
-			dataList = formData.getlist( formVar[2] )
-			if len( dataList ) > 0:
-				if isinstance( formVar[1], list ):
-					exec 'formVar[1] = ' + dataList[0]
-				else:
-					formVar[1] = dataList[0]
-
-	# The form can contain any number of "Virtual Machines"
-	#   so update the list of form variables to include
-	#   each virtual machine (hidden input variable)
-	for vmName in formVmNames[1]:
-		newVm( vmName )
-
-		vmFormVar = allVmChWs[vmName]
-		if (vmFormVar[2] != '') and formData.has_key( vmFormVar[2] ):
-			dataList = formData.getlist( vmFormVar[2] )
-			if len( dataList ) > 0:
-				if isinstance( vmFormVar[1], list ):
-					exec 'vmFormVar[1] = ' + dataList[0]
-				else:
-					vmFormVar[1] = dataList[0]
-
-		vmFormVar = allVmStes[vmName]
-		if (vmFormVar[2] != '') and formData.has_key( vmFormVar[2] ):
-			dataList = formData.getlist( vmFormVar[2] )
-			if len( dataList ) > 0:
-				if isinstance( vmFormVar[1], list ):
-					exec 'vmFormVar[1] = ' + dataList[0]
-				else:
-					vmFormVar[1] = dataList[0]
-
-def getCurrentTime( ):
-	return time.strftime( '%Y-%m-%d %H:%M:%S', time.localtime( ) )
-
-def getName( domNode ):
-	nameNodes = domNode.getElementsByTagName( 'Name' )
-	if len( nameNodes ) == 0:
-		formatXmlError( '"<Name>" tag is missing' )
-		return None
-
-	name = ''
-	for childNode in nameNodes[0].childNodes:
-		if childNode.nodeType == xml.dom.Node.TEXT_NODE:
-			name = name + childNode.data
-
-	return name
-
-def getDate( domNode ):
-	dateNodes = domNode.getElementsByTagName( 'Date' )
-	if len( dateNodes ) == 0:
-		formatXmlError( '"<Date>" tag is missing' )
-		return None
-
-	date = ''
-	for childNode in dateNodes[0].childNodes:
-		if childNode.nodeType == xml.dom.Node.TEXT_NODE:
-			date = date + childNode.data
-
-	return date
-
-def getDefUrl( domNode ):
-	domNodes = domNode.getElementsByTagName( 'PolicyName' )
-	if len( domNodes ) == 0:
-		formatXmlError( '"<PolicyName>" tag is missing' )
-		return None
-
-	urlNodes = domNode.getElementsByTagName( 'Url' )
-	if len( urlNodes ) == 0:
-		formatXmlError( '"<Url>" tag is missing' )
-		return None
-
-	url = ''
-	for childNode in urlNodes[0].childNodes:
-		if childNode.nodeType == xml.dom.Node.TEXT_NODE:
-			url = url + childNode.data
-
-	return url
-
-def getDefRef( domNode ):
-	domNodes = domNode.getElementsByTagName( 'PolicyName' )
-	if len( domNodes ) == 0:
-		formatXmlError( '"<PolicyName>" tag is missing' )
-		return None
-
-	refNodes = domNode.getElementsByTagName( 'Reference' )
-	if len( refNodes ) == 0:
-		formatXmlError( '"<Reference>" tag is missing' )
-		return None
-
-	ref = ''
-	for childNode in refNodes[0].childNodes:
-		if childNode.nodeType == xml.dom.Node.TEXT_NODE:
-			ref = ref + childNode.data
-
-	return ref
-
-def getSteTypes( domNode, missingIsError = 0 ):
-	steNodes = domNode.getElementsByTagName( 'SimpleTypeEnforcementTypes' )
-	if len( steNodes ) == 0:
-		if missingIsError == 1:
-			formatXmlError( '"<SimpleTypeEnforcementTypes>" tag is missing' )
-			return None
-		else:
-			return []
-
-	return getTypes( steNodes[0] )
-
-def getChWTypes( domNode, missingIsError = 0 ):
-	chwNodes = domNode.getElementsByTagName( 'ChineseWallTypes' )
-	if len( chwNodes ) == 0:
-		if missingIsError == 1:
-			formatXmlError( '"<ChineseWallTypes>" tag is missing' )
-			return None
-		else:
-			return []
-
-	return getTypes( chwNodes[0] )
-
-def getTypes( domNode ):
-	types = []
-
-	domNodes = domNode.getElementsByTagName( 'Type' )
-	if len( domNodes ) == 0:
-		formatXmlError( '"<Type>" tag is missing' )
-		return None
-
-	for domNode in domNodes:
-		typeText = ''
-		for childNode in domNode.childNodes:
-			if childNode.nodeType == xml.dom.Node.TEXT_NODE:
-				typeText = typeText + childNode.data
-
-		if typeText == '':
-			formatXmlError( 'No text associated with the "<Type>" tag' )
-			return None
-
-		types.append( typeText )
-
-	return types
-
-def formatXmlError( msg, xml = '', lineNum = -1, colNum = -1 ):
-	global xmlMessages, xmlError
-
-	xmlError = 1
-	addMsg = cgi.escape( msg )
-
-	if lineNum != -1:
-		sio = StringIO( xml )
-		for xmlLine in sio:
-			lineNum = lineNum - 1
-			if lineNum == 0:
-				break;
-
-		addMsg += '<BR><PRE>' + cgi.escape( xmlLine.rstrip( ) )
-
-		if colNum != -1:
-			errLine = ''
-			for i in range( colNum ):
-				errLine = errLine + '-'
-
-			addMsg += '\n' + errLine + '^'
-
-		addMsg += '</PRE>'
-
-	xmlMessages.append( addMsg )
-
-def formatXmlGenError( msg ):
-	global xmlMessages, xmlIncomplete
-
-	xmlIncomplete = 1
-	xmlMessages.append( cgi.escape( msg ) )
-
-def parseXml( xmlInput ):
-	global xmlMessages, xmlError, xmlLine, xmlColumn
-
-	xmlParser  = xml.sax.make_parser( )
-	try:
-		domDoc = xml.dom.minidom.parseString( xmlInput, xmlParser )
-
-	except xml.sax.SAXParseException, xmlErr:
-		msg = ''
-		msg = msg + 'XML parsing error occurred at line '
-		msg = msg + `xmlErr.getLineNumber( )`
-		msg = msg + ', column '
-		msg = msg + `xmlErr.getColumnNumber( )`
-		msg = msg + ': reason = "'
-		msg = msg + xmlErr.getMessage( )
-		msg = msg + '"'
-		formatXmlError( msg, xmlInput, xmlErr.getLineNumber( ), xmlErr.getColumnNumber( ) )
-		return None
-
-	except xml.sax.SAXException, xmlErr:
-		msg = ''
-		msg = msg + 'XML Parsing error: ' + `xmlErr`
-		formatXmlError( msg, xmlInput, xmlErr.getLineNumber( ), xmlErr.getColumnNumber( ) )
-		return None
-
-	return domDoc
-
-def parsePolicyXml( ):
-	global policyXml
-	global formSteTypes, formChWallTypes
-
-	domDoc = parseXml( policyXml )
-	if domDoc == None:
-		return
-
-	domRoot  = domDoc.documentElement
-	domNodes = domRoot.getElementsByTagName( 'SimpleTypeEnforcement' )
-	if len( domNodes ) > 0:
-		steTypes = getSteTypes( domNodes[0], 1 )
-		if steTypes == None:
-			msg = ''
-			msg = msg + 'Error processing the SimpleTypeEnforcement types.\n'
-			msg = msg + 'Please validate the Policy Definition file used.'
-			formatXmlError( msg )
-			return
-
-		formSteTypes[1] = steTypes
-
-	domNodes = domRoot.getElementsByTagName( 'ChineseWall' )
-	if len( domNodes ) > 0:
-		chwTypes = getChWTypes( domNodes[0], 1 )
-		if chwTypes == None:
-			msg = ''
-			msg = msg + 'Error processing the ChineseWall types.\n'
-			msg = msg + 'Please validate the Policy Definition file used.'
-			formatXmlError( msg )
-			return
-
-		formChWallTypes[1] = chwTypes
-
-def parsePolicyLabelXml( ):
-	global policyLabelXml
-
-	domDoc = parseXml( policyLabelXml )
-	if domDoc == None:
-		return
-
-	domRoot     = domDoc.documentElement
-	domHeaders = domRoot.getElementsByTagName( 'LabelHeader' )
-	if len( domHeaders ) == 0:
-		msg = ''
-		msg = msg + '"<LabelHeader>" tag is missing.\n'
-		msg = msg + 'Please validate the Policy Labeling file used.'
-		formatXmlError( msg )
-		return
-
-	pName = getName( domHeaders[0] )
-	if pName == None:
-		msg = ''
-		msg = msg + 'Error processing the Policy Labeling header information.\n'
-		msg = msg + 'Please validate the Policy Labeling file used.'
-		formatXmlError( msg )
-		return
-
-	formPolicyLabelName[1] = pName
-
-	pDate = getDate( domHeaders[0] )
-	if pDate == None:
-		msg = ''
-		msg = msg + 'Error processing the Policy Labeling header information.\n'
-		msg = msg + 'Please validate the Policy Labeling file used.'
-		formatXmlError( msg )
-		return
-
-	formPolicyLabelDate[1] = pDate
-
-	pUrl = getDefUrl( domHeaders[0] )
-	if pUrl == None:
-		msg = ''
-		msg = msg + 'Error processing the Policy Labeling header information.\n'
-		msg = msg + 'Please validate the Policy Labeling file used.'
-		formatXmlError( msg )
-		return
-
-	formPolicyUrl[1] = pUrl
-
-	pRef = getDefRef( domHeaders[0] )
-	if pRef == None:
-		msg = ''
-		msg = msg + 'Error processing the Policy Labeling header information.\n'
-		msg = msg + 'Please validate the Policy Labeling file used.'
-		formatXmlError( msg )
-		return
-
-	formPolicyRef[1] = pRef
-
-	domSubjects = domRoot.getElementsByTagName( 'SubjectLabels' )
-	if len( domSubjects ) > 0:
-		formVmNameDom0[1] = domSubjects[0].getAttribute( 'bootstrap' )
-		domNodes = domSubjects[0].getElementsByTagName( 'VirtualMachineLabel' )
-		for domNode in domNodes:
-			vmName = getName( domNode )
-			if vmName == None:
-				msg = ''
-				msg = msg + 'Error processing the VirtualMachineLabel name.\n'
-				msg = msg + 'Please validate the Policy Labeling file used.'
-				formatXmlError( msg )
-				continue
-
-			steTypes = getSteTypes( domNode )
-			if steTypes == None:
-				msg = ''
-				msg = msg + 'Error processing the SimpleTypeEnforcement types.\n'
-				msg = msg + 'Please validate the Policy Labeling file used.'
-				formatXmlError( msg )
-				return
-
-			chwTypes = getChWTypes( domNode )
-			if chwTypes == None:
-				msg = ''
-				msg = msg + 'Error processing the ChineseWall types.\n'
-				msg = msg + 'Please validate the Policy Labeling file used.'
-				formatXmlError( msg )
-				return
-
-			newVm( vmName, 1 )
-			allVmStes[vmName][1] = steTypes
-			allVmChWs[vmName][1] = chwTypes
-
-def removeDups( curList ):
-	newList = []
-	curSet  = Set( curList )
-	for x in curSet:
-		newList.append( x )
-	newList.sort( )
-
-	return newList
-
-def newVm( vmName, addToList = 0 ):
-	global formVmNames
-	global templateVmDel, allVmDel, templateVmDom0, allVmDom0
-	global templateVmChWs, templateVmChWDel, templateVmChW, templateVmChWAdd
-	global allVmChWs, allVmChWDel, allVmChWType, allVmChWAdd
-	global templateVmStes, templateVmSteDel, templateVmSte, templateVmSteAdd
-	global allVmStes, allVmSteDel, allVmSteType, allVmSteAdd
-
-	# Make sure we have an actual name and check one of the 'all'
-	# variables to be sure it hasn't been previously defined
-	if (len( vmName ) > 0) and (not allVmDom0.has_key( vmName )):
-		vmSuffix = '_' + vmName
-		allVmDom0[vmName]   = modFormTemplate( templateVmDom0,   vmSuffix )
-		allVmDel[vmName]    = modFormTemplate( templateVmDel,    vmSuffix )
-		allVmChWs[vmName]   = modFormTemplate( templateVmChWs,   vmSuffix )
-		allVmChWDel[vmName] = modFormTemplate( templateVmChWDel, vmSuffix )
-		allVmChW[vmName]    = modFormTemplate( templateVmChW,    vmSuffix )
-		allVmChWAdd[vmName] = modFormTemplate( templateVmChWAdd, vmSuffix )
-		allVmStes[vmName]   = modFormTemplate( templateVmStes,   vmSuffix )
-		allVmSteDel[vmName] = modFormTemplate( templateVmSteDel, vmSuffix )
-		allVmSte[vmName]    = modFormTemplate( templateVmSte,    vmSuffix )
-		allVmSteAdd[vmName] = modFormTemplate( templateVmSteAdd, vmSuffix )
-		if addToList == 1:
-			formVmNames[1].append( vmName )
-			formVmNames[1] = removeDups( formVmNames[1] )
-
-def updateInfo( ):
-	global formData, formPolicyLabelName, formPolicyLabelDate
-	global formPolicyUrl, formPolicyRef
-
-	if formData.has_key( formPolicyLabelName[3] ):
-		formPolicyLabelName[1] = formData[formPolicyLabelName[3]].value
-	elif formData.has_key( formPolicyLabelUpdate[3] ):
-		formPolicyLabelName[1] = ''
-
-	if formData.has_key( formPolicyLabelDate[3] ):
-		formPolicyLabelDate[1] = formData[formPolicyLabelDate[3]].value
-	elif formData.has_key( formPolicyLabelUpdate[3] ):
-		formPolicyLabelDate[1] = ''
-
-	if formData.has_key( formPolicyUrl[3] ):
-		formPolicyUrl[1] = formData[formPolicyUrl[3]].value
-	elif formData.has_key( formPolicyLabelUpdate[3] ):
-		formPolicyUrl[1] = ''
-
-	if formData.has_key( formPolicyRef[3] ):
-		formPolicyRef[1] = formData[formPolicyRef[3]].value
-	elif formData.has_key( formPolicyLabelUpdate[3] ):
-		formPolicyRef[1] = ''
-
-def addVm( ):
-	global formData, fromVmName, formVmNames, formVmNameDom0
-
-	if (formData.has_key( formDefaultButton[3] )) or (formData.has_key( formVmAdd[3] )):
-		if formData.has_key( formVmName[3] ):
-			vmName = formData[formVmName[3]].value
-			vmName = vmName.strip( )
-			newVm( vmName, 1 )
-			if formVmNameDom0[1] == '':
-				formVmNameDom0[1] = vmName
-
-def delVm( vmName ):
-	global formVmNames, formVmNameDom0
-	global allVmDel, allVmDom0
-	global allVmChWs, allVmChWDel, allVmChWType, allVmChWAdd
-	global allVmStes, allVmSteDel, allVmSteType, allVmSteAdd
-
-	vmName = vmName.strip( )
-	formVmNames[1].remove( vmName )
-	del allVmDom0[vmName]
-	del allVmDel[vmName]
-	del allVmChWs[vmName]
-	del allVmChWDel[vmName]
-	del allVmChW[vmName]
-	del allVmChWAdd[vmName]
-	del allVmStes[vmName]
-	del allVmSteDel[vmName]
-	del allVmSte[vmName]
-	del allVmSteAdd[vmName]
-
-	if formVmNameDom0[1] == vmName:
-		if len( formVmNames[1] ) > 0:
-			formVmNameDom0[1] = formVmNames[1][0]
-		else:
-			formVmNameDom0[1] = ''
-
-def makeVmDom0( vmName ):
-	global formVmNameDom0
-
-	vmName = vmName.strip( )
-	formVmNameDom0[1] = vmName
-
-def addVmChW( chwName ):
-	global formData, allVmChW, allVmChWs
-
-	formVar = allVmChW[chwName]
-	if formData.has_key( formVar[3] ):
-		chwList = formData.getlist( formVar[3] )
-		formVar = allVmChWs[chwName]
-		for chw in chwList:
-			chw = chw.strip( )
-			formVar[1].append( chw )
-			formVar[1] = removeDups( formVar[1] )
-
-def delVmChW( chwName ):
-	global formData, allVmChWs
-
-	formVar = allVmChWs[chwName]
-	if formData.has_key( formVar[3] ):
-		chwList = formData.getlist( formVar[3] )
-		for chw in chwList:
-			chw = chw.strip( )
-			formVar[1].remove( chw )
-
-def addVmSte( steName ):
-	global formData, allVmSte, allVmStes
-
-	formVar = allVmSte[steName]
-	if formData.has_key( formVar[3] ):
-		steList = formData.getlist( formVar[3] )
-		formVar = allVmStes[steName]
-		for ste in steList:
-			ste = ste.strip( )
-			formVar[1].append( ste )
-			formVar[1] = removeDups( formVar[1] )
-
-def delVmSte( steName ):
-	global formData, allVmStes
-
-	formVar = allVmStes[steName]
-	if formData.has_key( formVar[3] ):
-		steList = formData.getlist( formVar[3] )
-		for ste in steList:
-			ste = ste.strip( )
-			formVar[1].remove( ste )
-
-def processRequest( ):
-	global formData, policyXml, policyLabelXml, formPolicyLabelUpdate
-	global formVmAdd
-	global formVmNames, allVmDel, allVmDom0
-	global allVmChWAdd, allVmChWDel, allVmSteAdd, allVmSteDel
-
-	if policyXml != '':
-		parsePolicyXml( )
-
-	if policyLabelXml != '':
-		parsePolicyLabelXml( )
-
-	# Allow the updating of the header information whenever
-	# an action is performed
-	updateInfo( )
-
-	# Allow the adding of labels if the user has hit the
-	# enter key when attempting to add a type/set
-	addVm( )
-
-	for vmName in formVmNames[1]:
-		if formData.has_key( allVmDel[vmName][3] ):
-			delVm( vmName )
-			continue
-
-		if formData.has_key( allVmDom0[vmName][3] ):
-			makeVmDom0( vmName )
-
-		if formData.has_key( allVmChWAdd[vmName][3] ):
-			addVmChW( vmName )
-
-		elif formData.has_key( allVmChWDel[vmName][3] ):
-			delVmChW( vmName )
-
-		elif formData.has_key( allVmSteAdd[vmName][3] ):
-			addVmSte( vmName )
-
-		elif formData.has_key( allVmSteDel[vmName][3] ):
-			delVmSte( vmName )
-
-def modFormTemplate( formTemplate, suffix ):
-	formVar = [x for x in formTemplate]
-
-	if formVar[2] != '':
-		formVar[2] = formVar[2] + suffix
-	if formVar[3] != '':
-		formVar[3] = formVar[3] + suffix
-	if (formVar[0] != 'button') and (formVar[4] != ''):
-		formVar[4] = formVar[4] + suffix
-
-	return formVar;
-
-def makeName( name, suffix='' ):
-	rName = name
-	if suffix != '':
-		rName = rName + '_' + suffix
-
-	return rName
-
-def makeNameAttr( name, suffix='' ):
-	return 'name="' + makeName( name, suffix ) + '"'
-
-def makeValue( value, suffix='' ):
-	rValue = value
-
-	if isinstance( value, list ):
-		rValue = '['
-		for val in value:
-			rValue = rValue + '\'' + val
-			if suffix != '':
-				rValue = rValue + '_' + suffix
-			rValue = rValue + '\','
-		rValue = rValue + ']'
-
-	else:
-		if suffix != '':
-			rValue = rValue + '_' + suffix
-
-	return rValue
-
-def makeValueAttr( value, suffix='' ):
-	return 'value="' + makeValue( value, suffix ) + '"'
-
-def sendHtmlFormVar( formVar, attrs='', rb_select=0 ):
-	nameAttr  = ''
-	valueAttr = ''
-	htmlText  = ''
-
-	if formVar[0] == 'text':
-		if formVar[3] != '':
-			nameAttr = makeNameAttr( formVar[3] )
-		valueAttr = makeValueAttr( formVar[1] )
-
-		print '<INPUT type="text"', nameAttr, valueAttr, attrs, '>'
-
-	elif formVar[0] == 'list':
-		if formVar[3] != '':
-			nameAttr = makeNameAttr( formVar[3] )
-
-		print '<SELECT', nameAttr, attrs, '>'
-		for option in formVar[1]:
-			print '<OPTION>' + option + '</OPTION>'
-		print '</SELECT>'
-
-	elif formVar[0] == 'button':
-		if formVar[3] != '':
-			nameAttr = makeNameAttr( formVar[3] )
-		if formVar[4] != '':
-			valueAttr = makeValueAttr( formVar[4] )
-
-		print '<INPUT type="submit"', nameAttr, valueAttr, attrs, '>'
-
-	elif formVar[0] == 'radiobutton':
-		if formVar[3] != '':
-			nameAttr  = makeNameAttr( formVar[3] )
-			valueAttr = makeValueAttr( formVar[4][rb_select] )
-			htmlText  = formVar[5][rb_select]
-			if formVar[4][rb_select] == formVar[1]:
-				checked = 'checked'
-			else:
-				checked = ''
-
-			print '<INPUT type="radio"', nameAttr, valueAttr, attrs, checked, '>', htmlText
-
-	elif formVar[0] == 'radiobutton-all':
-		if formVar[3] != '':
-			nameAttr = makeNameAttr( formVar[3] )
-			buttonVals  = formVar[4]
-			for i, buttonVal in enumerate( buttonVals ):
-				htmlText = ''
-				addAttrs = ''
-				checked  = ''
-
-				valueAttr = makeValueAttr( buttonVal )
-				if formVar[5] != '':
-					htmlText = formVar[5][i]
-				if attrs != '':
-					addAttrs = attrs[i]
-				if buttonVal == formVar[1]:
-					checked = 'checked'
-
-				print '<INPUT type="radio"', nameAttr, valueAttr, addAttrs, checked, '>', htmlText
-
-	if ( formVar[2] != '' ) and ( rb_select == 0 ):
-		nameAttr = makeNameAttr( formVar[2] )
-		valueAttr = makeValueAttr( formVar[1] )
-		print '<INPUT type="hidden"', nameAttr, valueAttr, '>'
-
-def sendHtmlHeaders( ):
-	# HTML headers
-	print 'Content-Type: text/html'
-	print
-
-def sendPolicyLabelHtml( ):
-	global xmlError, xmlIncomplete, xmlMessages, formXmlGen
-	global formVmNameDom0, formSteTypes, formChWallTypes
-
-	print '<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"'
-	print '  "http://www.w3.org/TR/html4/loose.dtd">'
-
-	print '<HTML>'
-
-	sendHtmlHead( )
-
-	print '<BODY>'
-
-	# An input XML file was specified that had errors, output the
-	# error information
-	if xmlError == 1:
-		print '<P>'
-		print 'An error has been encountered while processing the input'
-		print 'XML file:'
-		print '<UL>'
-		for msg in xmlMessages:
-			print '<LI>'
-			print msg
-		print '</UL>'
-		print '</BODY>'
-		print '</HTML>'
-		return
-
-	# When attempting to generate the XML output, all required data was not
-	# present, output the error information
-	if xmlIncomplete == 1:
-		print '<P>'
-		print 'An error has been encountered while validating the data'
-		print 'required for the output XML file:'
-		print '<UL>'
-		for msg in xmlMessages:
-			print '<LI>'
-			print msg
-		print '</UL>'
-		print '</BODY>'
-		print '</HTML>'
-		return
-
-	print '<CENTER>'
-	print '<FORM action="' + os.environ['SCRIPT_NAME'] + '" method="post">'
-	print '<TABLE class="container">'
-	print '  <COLGROUP>'
-	print '    <COL width="100%">'
-	print '  </COLGROUP>'
-
-	print '  <TR>'
-	print '    <TD>'
-	sendHtmlFormVar( formDefaultButton, 'class="hidden"' )
-	print '    </TD>'
-	print '  </TR>'
-	print '  <TR>'
-	print '    <TD>'
-	sendHtmlFormVar( formXmlGen )
-	print '    </TD>'
-	print '  </TR>'
-
-	# Policy Labeling header
-	print '  <TR>'
-	print '    <TD>'
-	sendPLHeaderHtml( )
-	print '    </TD>'
-	print '  </TR>'
-
-	# Separator
-	print '  <TR>'
-	print '    <TD>'
-	print '      <HR>'
-	print '    </TD>'
-	print '  </TR>'
-
-	# Policy Labels (vms)
-	print '  <TR>'
-	print '    <TD>'
-	print '      <TABLE class="full">'
-	print '        <TR>'
-	print '          <TD width="100%">'
-	sendPLSubHtml( )
-	print '          </TD>'
-	print '        </TR>'
-	print '      </TABLE>'
-	print '    </TD>'
-	print '  </TR>'
-
-	print '</TABLE>'
-
-	# Send some data that needs to be available across sessions
-	sendHtmlFormVar( formVmNameDom0 )
-	sendHtmlFormVar( formSteTypes )
-	sendHtmlFormVar( formChWallTypes )
-
-	print '</FORM>'
-	print '</CENTER>'
-
-	print '</BODY>'
-
-	print '</HTML>'
-
-def sendHtmlHead( ):
-	global headTitle
-
-	print '<HEAD>'
-	print '<STYLE type="text/css">'
-	print '<!--'
-	print 'BODY            {background-color: #EEEEFF;}'
-	print 'TABLE.container {width:  90%; border: 1px solid black; border-collapse: seperate;}'
-	print 'TABLE.full      {width: 100%; border: 0px solid black; border-collapse: collapse; border-spacing: 3px;}'
-	print 'TABLE.fullbox   {width: 100%; border: 0px solid black; border-collapse: collapse; border-spacing: 3px;}'
-	print 'THEAD           {font-weight: bold; font-size: larger;}'
-	print 'TD              {border: 0px solid black; vertical-align: top;}'
-	print 'TD.heading      {border: 0px solid black; vertical-align: top; font-weight: bold; font-size: larger;}'
-	print 'TD.subheading   {border: 0px solid black; vertical-align: top; font-size: smaller;}'
-	print 'TD.fullbox      {border: 1px solid black; vertical-align: top;}'
-	print 'SELECT.full     {width: 100%;}'
-	print 'INPUT.full      {width: 100%;}'
-	print 'INPUT.link      {cursor: pointer; background-color: #EEEEFF; border: 0px; text-decoration: underline; color: blue;}'
-	print 'INPUT.hidden    {visibility: hidden; width: 1px; height: 1px;}'
-	print ':link           {color: blue;}'
-	print ':visited        {color: red;}'
-	print '-->'
-	print '</STYLE>'
-	print '<TITLE>', headTitle, '</TITLE>'
-	print '</HEAD>'
-
-def sendPLHeaderHtml( ):
-	global formPolicyLabelName, formPolicyLabelDate
-	global formPolicyUrl, formPolicyRef
-	global formPolicyLabelUpdate
-
-	# Policy Labeling header definition
-	print '<TABLE class="full">'
-	print '  <COLGROUP>'
-	print '    <COL width="20%">'
-	print '    <COL width="80%">'
-	print '  </COLGROUP>'
-	print '  <TR>'
-	print '    <TD class="heading" align="center" colspan="2">Policy Labeling Information</TD>'
-	print '  </TR>'
-	print '  <TR>'
-	print '    <TD align="right">Name:</TD>'
-	print '    <TD align="left">'
-	sendHtmlFormVar( formPolicyLabelName, 'class="full"' )
-	print '    </TD>'
-	print '  </TR>'
-	print '  <TR>'
-	print '    <TD align="right">Date:</TD>'
-	print '    <TD align="left">'
-	sendHtmlFormVar( formPolicyLabelDate, 'class="full"' )
-	print '    </TD>'
-	print '  </TR>'
-	print '  <TR>'
-	print '    <TD align="right">Policy URL:</TD>'
-	print '    <TD align="left">'
-	sendHtmlFormVar( formPolicyUrl, 'class="full"' )
-	print '    </TD>'
-	print '  </TR>'
-	print '  <TR>'
-	print '    <TD align="right">Policy Reference:</TD>'
-	print '    <TD align="left">'
-	sendHtmlFormVar( formPolicyRef, 'class="full"' )
-	print '    </TD>'
-	print '  </TR>'
-	print '  <TR>'
-	print '    <TD align="center" colspan="2">'
-	sendHtmlFormVar( formPolicyLabelUpdate )
-	print '    </TD>'
-	print '  </TR>'
-	print '  <TR>'
-	print '    <TD align="center" colspan="2" class="subheading">'
-	print '      (The Policy Labeling Information is updated whenever an action is performed'
-	print '       or it can be updated separately using the "Update" button)'
-	print '    </TD>'
-	print '  </TR>'
-	print '</TABLE>'
-
-def sendPLSubHtml( ):
-	global formVmNames, formVmDel, formVmName, formVmAdd
-	global allVmDel, allVmDom0
-	global allVmChWs, allVmChWDel, allVmChW, allVmChWAdd
-	global allVmStes, allVmSteDel, allVmSte, allVmSteAdd
-	global formSteTypes, formChWallTypes
-
-	print '<TABLE class="full">'
-	print '  <COLGROUP>'
-	print '    <COL width="100%">'
-	print '  </COLGROUP>'
-
-	# Virtual Machines...
-	print '  <TR>'
-	print '    <TD>'
-	print '      <TABLE class="full">'
-	print '        <COLGROUP>'
-	print '          <COL width="10%">'
-	print '          <COL width="40%">'
-	print '          <COL width="50%">'
-	print '        </COLGROUP>'
-	print '        <TR>'
-	print '          <TD class="heading" align="center" colspan="3">Virtual Machine Classes</TD>'
-	print '        </TR>'
-	print '        <TR>'
-	print '          <TD colspan="2">'
-	sendHtmlFormVar( formVmName, 'class="full"' )
-	sendHtmlFormVar( formVmNames )
-	print '          </TD>'
-	print '          <TD>&nbsp;</TD>'
-	print '        </TR>'
-	print '        <TR>'
-	print '          <TD>'
-	sendHtmlFormVar( formVmAdd, 'class="full"' )
-	print '          </TD>'
-	print '          <TD colspan="2">'
-	print '            Create a new VM class with the above name'
-	print '          </TD>'
-	print '        </TR>'
-	print '      </TABLE>'
-	print '    </TD>'
-	print '  </TR>'
-	if len( formVmNames[1] ) > 0:
-		print '  <TR>'
-		print '    <TD colspan="1">'
-		print '      &nbsp;'
-		print '    </TD>'
-		print '  </TR>'
-		print '  <TR>'
-		print '    <TD>'
-		print '      <TABLE class="fullbox">'
-		print '        <COLGROUP>'
-		print '          <COL width="10%">'
-		print '          <COL width="40%">'
-		print '          <COL width="50%">'
-		print '        </COLGROUP>'
-		print '        <THEAD>'
-		print '          <TR>'
-		print '            <TD class="fullbox">Dom 0?</TD>'
-		print '            <TD class="fullbox">Name</TD>'
-		print '            <TD class="fullbox">Actions</TD>'
-		print '          </TR>'
-		print '        </THEAD>'
-		for i, vmName in enumerate( formVmNames[1] ):
-			print '        <TR>'
-			print '          <TD class="fullbox">'
-			if formVmNameDom0[1] == vmName:
-				print 'Yes'
-			else:
-				print '&nbsp;'
-			print '          </TD>'
-			print '          <TD class="fullbox">' + vmName + '</TD>'
-			print '          <TD class="fullbox">'
-			print '            <A href="#' + vmName + '">Edit</A>'
-			formVar = allVmDel[vmName]
-			sendHtmlFormVar( formVar, 'class="link"' )
-			formVar = allVmDom0[vmName]
-			sendHtmlFormVar( formVar, 'class="link"' )
-			print '          </TD>'
-			print '        </TR>'
-		print '      </TABLE>'
-		print '    </TD>'
-		print '  </TR>'
-		for vmName in formVmNames[1]:
-			print '  <TR>'
-			print '    <TD>'
-			print '      <HR>'
-			print '    </TD>'
-			print '  </TR>'
-			print '  <TR>'
-			print '    <TD>'
-			print '      <TABLE class="full">'
-			print '        <COLGROUP>'
-			print '          <COL width="10%">'
-			print '          <COL width="39%">'
-			print '          <COL width="2%">'
-			print '          <COL width="10%">'
-			print '          <COL width="39%">'
-			print '        </COLGROUP>'
-			print '        <TR>'
-			print '          <TD colspan="5" align="center" class="heading">'
-			print '            <A name="' + vmName + '">Virtual Machine Class: ' + vmName + '</A>'
-			print '          </TD>'
-			print '        </TR>'
-			print '        <TR>'
-			print '          <TD colspan="2" align="center">Simple Type Enforcement Types</TD>'
-			print '          <TD>&nbsp;</TD>'
-			print '          <TD colspan="2" align="center">Chinese Wall Types</TD>'
-			print '        </TR>'
-			print '        <TR>'
-			print '          <TD colspan="2">'
-			formVar = allVmStes[vmName];
-			sendHtmlFormVar( formVar, 'class="full" size="4" multiple"' )
-			print '          </TD>'
-			print '          <TD>&nbsp;</TD>'
-			print '          <TD colspan="2">'
-			formVar = allVmChWs[vmName];
-			sendHtmlFormVar( formVar, 'class="full" size="4" multiple"' )
-			print '          </TD>'
-			print '        </TR>'
-			print '        <TR>'
-			print '          <TD>'
-			formVar = allVmSteDel[vmName];
-			sendHtmlFormVar( formVar, 'class="full"' )
-			print '          </TD>'
-			print '          <TD>'
-			print '            Delete the type(s) selected above'
-			print '          </TD>'
-			print '          <TD>&nbsp;</TD>'
-			print '          <TD>'
-			formVar = allVmChWDel[vmName];
-			sendHtmlFormVar( formVar, 'class="full"' )
-			print '          </TD>'
-			print '          <TD>'
-			print '            Delete the type(s) selected above'
-			print '          </TD>'
-			print '        </TR>'
-			print '        <TR>'
-			print '          <TD colspan="2">'
-			stSet = Set( formSteTypes[1] )
-			vmSet = Set( allVmStes[vmName][1] )
-			formVar = allVmSte[vmName]
-			formVar[1] = []
-			for steType in stSet.difference( vmSet ):
-				formVar[1].append( steType )
-			formVar[1].sort( )
-			sendHtmlFormVar( formVar, 'class="full" size="2" multiple"' )
-			print '          </TD>'
-			print '          <TD>&nbsp;</TD>'
-			print '          <TD colspan="2">'
-			ctSet = Set( formChWallTypes[1] )
-			vmSet = Set( allVmChWs[vmName][1] )
-			formVar = allVmChW[vmName]
-			formVar[1] = []
-			for chwallType in ctSet.difference( vmSet ):
-				formVar[1].append( chwallType )
-			formVar[1].sort( )
-			sendHtmlFormVar( formVar, 'class="full" size="2" multiple"' )
-			print '          </TD>'
-			print '        </TR>'
-			print '        <TR>'
-			print '          <TD>'
-			formVar = allVmSteAdd[vmName];
-			sendHtmlFormVar( formVar, 'class="full"' )
-			print '          </TD>'
-			print '          <TD>'
-			print '            Add the type(s) selected above'
-			print '          </TD>'
-			print '          <TD>&nbsp;</TD>'
-			print '          <TD>'
-			formVar = allVmChWAdd[vmName];
-			sendHtmlFormVar( formVar, 'class="full"' )
-			print '          </TD>'
-			print '          <TD>'
-			print '            Add the type(s) selected above'
-			print '          </TD>'
-			print '        </TR>'
-			print '      </TABLE>'
-			print '    </TD>'
-			print '  </TR>'
-
-	print '</TABLE>'
-
-def sendPLObjHtml( ):
-
-	# Resources...
-	print '<TABLE class="full">'
-	print '  <COLGROUP>'
-	print '    <COL width="60%">'
-	print '    <COL width="20%">'
-	print '    <COL width="20%">'
-	print '  </COLGROUP>'
-
-	print '  <TR>'
-	print '    <TD align="center" colspan="3" class="heading">Resources</TD>'
-	print '  </TR>'
-	print '  <TR>'
-	print '    <TD colspan="2">'
-	#sendHtmlFormVar( formVmNames, 'class="full" size="4" multiple"' )
-	print '    </TD>'
-	print '    <TD>'
-	#sendHtmlFormVar( formVmDel, 'class="full"' )
-	print '    </TD>'
-	print '  </TR>'
-	print '  <TR>'
-	print '    <TD colspan="2">'
-	#sendHtmlFormVar( formVmName, 'class="full"' )
-	print '    </TD>'
-	print '    <TD>'
-	#sendHtmlFormVar( formVmAdd, 'class="full"' )
-	print '    </TD>'
-	print '  </TR>'
-	print '</TABLE>'
-
-def checkXmlData( ):
-	global xmlIncomplete
-
-	# Validate the Policy Label Header requirements
-	if ( len( formPolicyLabelName[1] ) == 0 ) or \
-	   ( len( formPolicyLabelDate[1] ) == 0 ) or \
-	   ( len( formPolicyUrl[1] ) == 0 ) or \
-	   ( len( formPolicyRef[1] ) == 0 ):
-			msg = ''
-			msg = msg + 'The XML policy label schema requires that the Policy '
-			msg = msg + 'Labeling Information Name, Date, Policy URL and '
-			msg = msg + 'Policy Reference fields all have values.'
-			formatXmlGenError( msg )
-
-def sendXmlHeaders( ):
-	# HTML headers
-	print 'Content-Type: text/xml'
-	print 'Content-Disposition: attachment; filename=security_label_template.xml'
-	print
-
-def sendPolicyLabelXml( ):
-	print '<?xml version="1.0"?>'
-
-	print '<SecurityLabelTemplate xmlns="http://www.ibm.com"'
-	print '                       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"'
-	print '                       xsi:schemaLocation="http://www.ibm.com security_policy.xsd">'
-
-	# Policy Labeling header
-	sendPLHeaderXml( )
-
-	# Policy Labels (subjects and objects)
-	sendPLSubXml( )
-	#sendPLObjXml( )
-
-	print '</SecurityLabelTemplate>'
-
-def sendPLHeaderXml( ):
-	global formPolicyLabelName, formPolicyLabelDate
-	global formPolicyUrl, formPolicyRef
-
-	# Policy Labeling header definition
-	print '<LabelHeader>'
-	print '  <Name>' + formPolicyLabelName[1] + '</Name>'
-	print '  <Date>' + formPolicyLabelDate[1] + '</Date>'
-	print '  <PolicyName>'
-	print '    <Url>' + formPolicyUrl[1] + '</Url>'
-	print '    <Reference>' + formPolicyRef[1] + '</Reference>'
-	print '  </PolicyName>'
-	print '</LabelHeader>'
-
-def sendPLSubXml( ):
-	global formVmNames, allVmChWs, allVmStes
-
-	# Virtual machines...
-	if len( formVmNames[1] ) == 0:
-		return
-
-	print '<SubjectLabels bootstrap="' + formVmNameDom0[1] + '">'
-	for vmName in formVmNames[1]:
-		print '  <VirtualMachineLabel>'
-		print '    <Name>' + vmName + '</Name>'
-		formVar = allVmStes[vmName]
-		if len( formVar[1] ) > 0:
-			print '    <SimpleTypeEnforcementTypes>'
-			for ste in formVar[1]:
-				print '      <Type>' + ste + '</Type>'
-			print '    </SimpleTypeEnforcementTypes>'
-
-		formVar = allVmChWs[vmName]
-		if len( formVar[1] ) > 0:
-			print '    <ChineseWallTypes>'
-			for chw in formVar[1]:
-				print '      <Type>' + chw + '</Type>'
-			print '    </ChineseWallTypes>'
-
-		print '  </VirtualMachineLabel>'
-
-	print '</SubjectLabels>'
-
-
-# Set up initial HTML variables
-headTitle = 'Xen Policy Labeling Generation'
-
-# Form variables
-#   The format of these variables is as follows:
-#   [ p0, p1, p2, p3, p4, p5 ]
-#     p0 = input type
-#     p1 = the current value of the variable
-#     p2 = the hidden input name attribute
-#     p3 = the name attribute
-#     p4 = the value attribute
-#     p5 = text to associate with the tag
-formPolicyLabelName   = [ 'text',
-			'',
-			'h_policyLabelName',
-			'i_policyLabelName',
-			'',
-			'',
-			]
-formPolicyLabelDate   = [ 'text',
-			getCurrentTime( ),
-			'h_policyLabelDate',
-			'i_policyLabelDate',
-			'',
-			'',
-			]
-formPolicyUrl         = [ 'text',
-			'',
-			'h_policyUrl',
-			'i_policyUrl',
-			'',
-			'',
-			]
-formPolicyRef         = [ 'text',
-			'',
-			'h_policyRef',
-			'i_policyRef',
-			'',
-			'',
-			]
-formPolicyLabelUpdate = [ 'button',
-			'',
-			'',
-			'i_PolicyLabelUpdate',
-			'Update',
-			'',
-		    ]
-
-formVmNames       = [ '',
-			[],
-			'h_vmNames',
-			'',
-			'',
-			'',
-		    ]
-formVmDel         = [ 'button',
-			'',
-			'',
-			'i_vmDel',
-			'Delete',
-			'',
-		    ]
-formVmName        = [ 'text',
-			'',
-			'',
-			'i_vmName',
-			'',
-			'',
-		    ]
-formVmAdd         = [ 'button',
-			'',
-			'',
-			'i_vmAdd',
-			'New',
-			'',
-		    ]
-
-formVmNameDom0    = [ '',
-			'',
-			'h_vmDom0',
-			'',
-			'',
-			'',
-		    ]
-
-formXmlGen        = [ 'button',
-			'',
-			'',
-			'i_xmlGen',
-			'Generate XML',
-			'',
-		    ]
-
-formDefaultButton = [ 'button',
-			'',
-			'',
-			'i_defaultButton',
-			'.',
-			'',
-		    ]
-
-formSteTypes      = [ '',
-                        [],
-			'h_steTypes',
-			'',
-			'',
-			'',
-		    ]
-formChWallTypes   = [ '',
-                        [],
-			'h_chwallTypes',
-			'',
-			'',
-			'',
-		    ]
-
-# This is a set of templates used for each virtual machine
-#   Each virtual machine is initially assigned these templates,
-#   then each form attribute value is changed to append
-#   "_virtual-machine-name" for uniqueness.
-templateVmDel     = [ 'button',
-			'',
-			'',
-			'i_vmDel',
-			'Delete',
-			'',
-		    ]
-templateVmDom0    = [ 'button',
-			'',
-			'',
-			'i_vmDom0',
-			'SetDom0',
-			'',
-		    ]
-allVmDel          = {};
-allVmDom0         = {};
-
-templateVmChWs    = [ 'list',
-			[],
-			'h_vmChWs',
-			'i_vmChWs',
-			'',
-			'',
-		    ]
-templateVmChWDel  = [ 'button',
-			'',
-			'',
-			'i_vmChWDel',
-			'Delete',
-			'',
-		    ]
-templateVmChW     = [ 'list',
-			[],
-			'',
-			'i_vmChW',
-			'',
-			'',
-		    ]
-templateVmChWAdd  = [ 'button',
-			'',
-			'',
-			'i_vmChWAdd',
-			'Add',
-			'',
-		    ]
-allVmChWs         = {};
-allVmChWDel       = {};
-allVmChW          = {};
-allVmChWAdd       = {};
-
-templateVmStes    = [ 'list',
-			[],
-			'h_vmStes',
-			'i_vmStes',
-			'',
-			'',
-		    ]
-templateVmSteDel  = [ 'button',
-			'',
-			'',
-			'i_vmSteDel',
-			'Delete',
-			'',
-		    ]
-templateVmSte     = [ 'list',
-			[],
-			'',
-			'i_vmSte',
-			'',
-			'',
-		    ]
-templateVmSteAdd  = [ 'button',
-			'',
-			'',
-			'i_vmSteAdd',
-			'Add',
-			'',
-		    ]
-allVmStes         = {};
-allVmSteDel       = {};
-allVmSte          = {};
-allVmSteAdd       = {};
-
-# A list of all form variables used for saving info across requests
-formVariables     = [ formPolicyLabelName,
-			formPolicyLabelDate,
-			formPolicyUrl,
-			formPolicyRef,
-			formVmNames,
-			formVmNameDom0,
-			formSteTypes,
-			formChWallTypes,
-		    ]
-
-policyXml         = ''
-policyLabelXml    = ''
-xmlError          = 0
-xmlIncomplete     = 0
-xmlMessages       = []
-
-
-# Extract any form data
-formData = cgi.FieldStorage( )
-
-# Process the form
-getSavedData( )
-processRequest( )
-
-if formData.has_key( formXmlGen[3] ):
-	# Generate and send the XML file
-	checkXmlData( )
-
-	if xmlIncomplete == 0:
-		sendXmlHeaders( )
-		sendPolicyLabelXml( )
-
-if (not formData.has_key( formXmlGen[3] )) or (xmlIncomplete == 1 ):
-	# Send HTML to continue processing the form
-	sendHtmlHeaders( )
-	sendPolicyLabelHtml( )
diff --git a/tools/security/python/xensec_gen/index.html b/tools/security/python/xensec_gen/index.html
index a9fbd75163..8c541e1dd2 100644
--- a/tools/security/python/xensec_gen/index.html
+++ b/tools/security/python/xensec_gen/index.html
@@ -1,7 +1,7 @@
 <!--
  The Initial Developer of the Original Code is International
  Business Machines Corporation. Portions created by IBM
- Corporation are Copyright (C) 2005 International Business
+ Corporation are Copyright (C) 2005, 2006 International Business
  Machines Corporation. All Rights Reserved.
  -->
 
@@ -10,7 +10,7 @@
 <HTML>
   <HEAD>
     <META name="author" content="Tom Lendacky">
-    <META name="copyright" content="Copyright (C) 2005 International Business Machines Corporation. All rights reserved">
+    <META name="copyright" content="Copyright (C) 2005, 2006 International Business Machines Corporation. All rights reserved">
 
     <STYLE type="text/css">
       <!--
@@ -67,60 +67,6 @@
       </TR>
     </TABLE>
     </FORM>
-
-    <FORM action="/cgi-bin/policylabel.cgi" method="post" enctype="multipart/form-data">
-    <TABLE class="xen">
-      <COLGROUP>
-        <COL width="25%">
-        <COL width="20%">
-        <COL width="55%">
-      </COLGROUP>
-
-      <TR>
-        <TD valign="top" class="heading">
-          Security Policy Labeling
-        </TD>
-        <TD valign="top" colspan="2">
-          To generate or edit the Xen Security Policy Labeling you <B>must</B>
-          specify the name of
-          an existing Xen Security Policy file in the
-          <B>"Policy File"</B> entry field.<BR>
-          To generate new Xen Security Policy Labeling leave the
-          <B>"Policy Labeling File"</B> entry field
-          empty and click the "Create" button.<BR>
-          To modify existing Xen Security Policy Labeling enter the
-          file name containing the labeling in the
-          <B>"Policy Labeling File"</B> entry field
-          and click the "Create" button.<HR>
-        </TD>
-      </TR>
-      <TR>
-        <TD></TD>
-        <TD>
-          Policy File:
-        </TD>
-        <TD>
-          <INPUT type="file" size="50" name="i_policy">
-        </TD>
-      </TR>
-      <TR>
-        <TD></TD>
-        <TD>
-          Policy Labeling File:
-        </TD>
-        <TD>
-          <INPUT type="file" size="50" name="i_policyLabel">
-        </TD>
-      </TR>
-      <TR>
-        <TD></TD>
-        <TD valign="top">
-          <INPUT type="submit" name="i_policyLabelCreate" value="Create">
-        </TD>
-        <TD></TD>
-      </TR>
-    </TABLE>
-    </FORM>
   </CENTER>
   </BODY>
 </HTML>
diff --git a/tools/security/python/xensec_tools/acm_getdecision b/tools/security/python/xensec_tools/acm_getdecision
new file mode 100644
index 0000000000..ec554405ab
--- /dev/null
+++ b/tools/security/python/xensec_tools/acm_getdecision
@@ -0,0 +1,55 @@
+#!/usr/bin/env python
+#  -*- mode: python; -*-
+import sys
+import traceback
+import getopt
+
+# add fallback path for non-native python path installs if needed
+sys.path.insert(-1, '/usr/lib/python')
+sys.path.insert(-1, '/usr/lib64/python')
+
+from xen.util.security import ACMError, err, get_decision, active_policy
+
+def usage():
+    print "Usage: acm_getdecision -i domainid --label labelname"
+    print "  Test program illustrating the retrieval of"
+    print "  access control decisions from Xen. At this time,"
+    print "  only sharing (STE) policy decisions are supported."
+    print "  Arguments are two paramters in any combination:"
+    print "\t -i domain_id or --domid domain_id"
+    print "\t -l labelname or --label labelname"
+    print "  Return value:"
+    print "\t PERMITTED if access is permitted"
+    print "\t DENIED if access is denied"
+    print "\t ACMError -- e.g., unknown label or domain id"
+    err("Usage")
+
+try:
+
+    if len(sys.argv) != 5:
+        usage()
+
+    decision_args = []
+
+    for idx in range(1, len(sys.argv), 2):
+        if sys.argv[idx] in ['-i', '--domid']:
+            decision_args.append(['domid', sys.argv[idx+1]])
+        elif sys.argv[idx] in ['-l', '--label']:
+            decision_args.append(['access_control',
+                                  ['policy', active_policy],
+                                  ['label', sys.argv[idx+1]]
+                                  ])
+        else:
+            print "unknown argument %s" % sys.argv[idx]
+            usage()
+
+    if len(decision_args) != 2:
+        print "too many arguments"
+        usage()
+
+    print get_decision(decision_args[0], decision_args[1])
+
+except ACMError:
+	pass
+except:
+    traceback.print_exc(limit=1)
diff --git a/tools/security/python/xensec_tools/acm_getlabel b/tools/security/python/xensec_tools/acm_getlabel
new file mode 100644
index 0000000000..63137a9993
--- /dev/null
+++ b/tools/security/python/xensec_tools/acm_getlabel
@@ -0,0 +1,48 @@
+#!/usr/bin/env python
+#  -*- mode: python; -*-
+import sys
+import traceback
+import getopt
+
+# add fallback path for non-native python path installs if needed
+sys.path.insert(-1, '/usr/lib/python')
+sys.path.insert(-1, '/usr/lib64/python')
+
+from xen.util.security import ACMError, err, get_ssid
+
+# getopt.gnu_getopt is better, but only exists in Python 2.3+.  Use
+# getopt.getopt if gnu_getopt is not available.  This will mean that options
+# may only be specified before positional arguments.
+if not hasattr(getopt, 'gnu_getopt'):
+    getopt.gnu_getopt = getopt.getopt
+
+def usage():
+    print "Usage: acm_getlabel -i domainid"
+    print "  Test program illustrating the retrieval of"
+    print "  label information (for domains) from Xen."
+    print "  Argument is one paramter describing the domain"
+    print "  for which the label is retrieved."
+    print "\t -i domain_id or --domid=domain_id"
+    print "  Return value:"
+    print "\t none -- Error (e.g., unknown ssidref, label, or domain id)"
+    print "\t (labelname, policyname, ssidref)"
+    err("Usage")
+
+try:
+    domid = None
+    (options, params) = getopt.gnu_getopt(sys.argv[1:], ':i:', ['domid='])
+    for (k, v) in options:
+        if k in ['-i', '--domid']:
+            if not domid:
+                domid = v
+            else:
+                usage()
+    if not domid:
+        usage()
+
+    print get_ssid(domid)
+
+except ACMError:
+    pass
+except:
+    traceback.print_exc(limit=1)
diff --git a/tools/security/readme.txt b/tools/security/readme.txt
index 688d640b0c..9d8e18a4ec 100644
--- a/tools/security/readme.txt
+++ b/tools/security/readme.txt
@@ -10,20 +10,25 @@
 # the access control policy and tools in Xen.
 ##
 
-1. policy.txt:
+1. 'xm' man page
+
+   describes the commands related to Xen management, including the
+   commands to manage security policies and labels. Read the access
+   control subcommand section of the xm manual first. If it is not
+   built by default, check install.txt.
+
+2. policy.txt:
 
    describes the general reasoning and examples for access
    control policies in Xen
 
 
-2. install.txt
+3. install.txt
 
    describes the activation of the access control framework
    in Xen
 
-3. example.txt
+4. example.txt
 
    describes the available tools for managing security policies
    in Xen and the tools to label domains
-
-
diff --git a/tools/security/secpol_tool.c b/tools/security/secpol_tool.c
index dd25563586..883a38ed1e 100644
--- a/tools/security/secpol_tool.c
+++ b/tools/security/secpol_tool.c
@@ -48,9 +48,7 @@ void usage(char *progname)
            "ACTION is one of:\n"
            "\t getpolicy\n"
            "\t dumpstats\n"
-           "\t loadpolicy <binary policy file>\n"
-           "\t getssid -d <domainid> [-f]\n"
-           "\t getssid -s <ssidref> [-f]\n", progname);
+           "\t loadpolicy <binary policy file>\n", progname);
     exit(-1);
 }
 
@@ -68,7 +66,7 @@ static inline int do_xen_hypercall(int xc_handle,
                         (unsigned long) hypercall);
 }
 
-static inline int do_acm_op(int xc_handle, struct acm_op * op)
+static inline int do_acm_op(int xc_handle, struct acm_op *op)
 {
     int ret = -1;
     privcmd_hypercall_t hypercall;
@@ -78,15 +76,13 @@ static inline int do_acm_op(int xc_handle, struct acm_op * op)
     hypercall.op = __HYPERVISOR_acm_op;
     hypercall.arg[0] = (unsigned long) op;
 
-    if (mlock(op, sizeof(*op)) != 0)
-    {
+    if (mlock(op, sizeof(*op)) != 0) {
         PERROR("Could not lock memory for Xen policy hypercall");
         goto out1;
     }
 
-    if ((ret = do_xen_hypercall(xc_handle, &hypercall)) < 0)
-    {
-        printf( "ACM operation failed: errno=%d\n", errno );
+    if ((ret = do_xen_hypercall(xc_handle, &hypercall)) < 0) {
+        printf("ACM operation failed: errno=%d\n", errno);
         if (errno == EACCES)
             fprintf(stderr, "ACM operation failed -- need to"
                     " rebuild the user-space tool set?\n");
@@ -108,8 +104,7 @@ void acm_dump_chinesewall_buffer(void *buf, int buflen)
     int i, j;
 
 
-    if (htonl(cwbuf->policy_code) != ACM_CHINESE_WALL_POLICY)
-    {
+    if (htonl(cwbuf->policy_code) != ACM_CHINESE_WALL_POLICY) {
         printf("CHINESE WALL POLICY CODE not found ERROR!!\n");
         return;
     }
@@ -129,8 +124,7 @@ void acm_dump_chinesewall_buffer(void *buf, int buflen)
     printf("\nSSID To CHWALL-Type matrix:\n");
 
     ssids = (domaintype_t *) (buf + ntohl(cwbuf->chwall_ssid_offset));
-    for (i = 0; i < ntohl(cwbuf->chwall_max_ssidrefs); i++)
-    {
+    for (i = 0; i < ntohl(cwbuf->chwall_max_ssidrefs); i++) {
         printf("\n   ssidref%2x:  ", i);
         for (j = 0; j < ntohl(cwbuf->chwall_max_types); j++)
             printf("%02x ",
@@ -139,8 +133,7 @@ void acm_dump_chinesewall_buffer(void *buf, int buflen)
     printf("\n\nConfict Sets:\n");
     conflicts =
         (domaintype_t *) (buf + ntohl(cwbuf->chwall_conflict_sets_offset));
-    for (i = 0; i < ntohl(cwbuf->chwall_max_conflictsets); i++)
-    {
+    for (i = 0; i < ntohl(cwbuf->chwall_max_conflictsets); i++) {
         printf("\n   c-set%2x:    ", i);
         for (j = 0; j < ntohl(cwbuf->chwall_max_types); j++)
             printf("%02x ",
@@ -150,13 +143,11 @@ void acm_dump_chinesewall_buffer(void *buf, int buflen)
     printf("\n");
 
     printf("\nRunning\nTypes:         ");
-    if (ntohl(cwbuf->chwall_running_types_offset))
-    {
+    if (ntohl(cwbuf->chwall_running_types_offset)) {
         running_types =
             (domaintype_t *) (buf +
                               ntohl(cwbuf->chwall_running_types_offset));
-        for (i = 0; i < ntohl(cwbuf->chwall_max_types); i++)
-        {
+        for (i = 0; i < ntohl(cwbuf->chwall_max_types); i++) {
             printf("%02x ", ntohs(running_types[i]));
         }
         printf("\n");
@@ -164,13 +155,12 @@ void acm_dump_chinesewall_buffer(void *buf, int buflen)
         printf("Not Reported!\n");
     }
     printf("\nConflict\nAggregate Set: ");
-    if (ntohl(cwbuf->chwall_conflict_aggregate_offset))
-    {
+    if (ntohl(cwbuf->chwall_conflict_aggregate_offset)) {
         conflict_aggregate =
             (domaintype_t *) (buf +
-                              ntohl(cwbuf->chwall_conflict_aggregate_offset));
-        for (i = 0; i < ntohl(cwbuf->chwall_max_types); i++)
-        {
+                              ntohl(cwbuf->
+                                    chwall_conflict_aggregate_offset));
+        for (i = 0; i < ntohl(cwbuf->chwall_max_types); i++) {
             printf("%02x ", ntohs(conflict_aggregate[i]));
         }
         printf("\n\n");
@@ -201,11 +191,11 @@ void acm_dump_ste_buffer(void *buf, int buflen)
     printf("\nSSID To STE-Type matrix:\n");
 
     ssids = (domaintype_t *) (buf + ntohl(stebuf->ste_ssid_offset));
-    for (i = 0; i < ntohl(stebuf->ste_max_ssidrefs); i++)
-    {
+    for (i = 0; i < ntohl(stebuf->ste_max_ssidrefs); i++) {
         printf("\n   ssidref%2x: ", i);
         for (j = 0; j < ntohl(stebuf->ste_max_types); j++)
-            printf("%02x ", ntohs(ssids[i * ntohl(stebuf->ste_max_types) + j]));
+            printf("%02x ",
+                   ntohs(ssids[i * ntohl(stebuf->ste_max_types) + j]));
     }
     printf("\n\n");
 }
@@ -213,9 +203,12 @@ void acm_dump_ste_buffer(void *buf, int buflen)
 void acm_dump_policy_buffer(void *buf, int buflen)
 {
     struct acm_policy_buffer *pol = (struct acm_policy_buffer *) buf;
-
+    char *policy_reference_name =
+        (buf + ntohl(pol->policy_reference_offset) +
+         sizeof(struct acm_policy_reference_buffer));
     printf("\nPolicy dump:\n");
     printf("============\n");
+    printf("POLICY REFERENCE = %s.\n", policy_reference_name);
     printf("PolicyVer = %x.\n", ntohl(pol->policy_version));
     printf("Magic     = %x.\n", ntohl(pol->magic));
     printf("Len       = %x.\n", ntohl(pol->len));
@@ -227,8 +220,7 @@ void acm_dump_policy_buffer(void *buf, int buflen)
            ACM_POLICY_NAME(ntohl(pol->secondary_policy_code)),
            ntohl(pol->secondary_policy_code),
            ntohl(pol->secondary_buffer_offset));
-    switch (ntohl(pol->primary_policy_code))
-    {
+    switch (ntohl(pol->primary_policy_code)) {
     case ACM_CHINESE_WALL_POLICY:
         acm_dump_chinesewall_buffer(buf +
                                     ntohl(pol->primary_buffer_offset),
@@ -250,8 +242,7 @@ void acm_dump_policy_buffer(void *buf, int buflen)
         printf("UNKNOWN POLICY!\n");
     }
 
-    switch (ntohl(pol->secondary_policy_code))
-    {
+    switch (ntohl(pol->secondary_policy_code)) {
     case ACM_CHINESE_WALL_POLICY:
         acm_dump_chinesewall_buffer(buf +
                                     ntohl(pol->secondary_buffer_offset),
@@ -303,26 +294,22 @@ int acm_domain_loadpolicy(int xc_handle, const char *filename)
     off_t len;
     uint8_t *buffer;
 
-    if ((ret = stat(filename, &mystat)))
-    {
+    if ((ret = stat(filename, &mystat))) {
         printf("File %s not found.\n", filename);
         goto out;
     }
 
     len = mystat.st_size;
-    if ((buffer = malloc(len)) == NULL)
-    {
+    if ((buffer = malloc(len)) == NULL) {
         ret = -ENOMEM;
         goto out;
     }
-    if ((fd = open(filename, O_RDONLY)) <= 0)
-    {
+    if ((fd = open(filename, O_RDONLY)) <= 0) {
         ret = -ENOENT;
         printf("File %s not found.\n", filename);
         goto free_out;
     }
-    if (len == read(fd, buffer, len))
-    {
+    if (len == read(fd, buffer, len)) {
         struct acm_op op;
         /* dump it and then push it down into xen/acm */
         acm_dump_policy_buffer(buffer, len);
@@ -334,7 +321,7 @@ int acm_domain_loadpolicy(int xc_handle, const char *filename)
 
         if (ret)
             printf
-                ("ERROR setting policy. Try 'xm dmesg' to see details.\n");
+                ("ERROR setting policy.\n");
         else
             printf("Successfully changed policy.\n");
 
@@ -382,9 +369,9 @@ int acm_domain_dumpstats(int xc_handle)
     op.u.dumpstats.pullcache_size = sizeof(stats_buffer);
     ret = do_acm_op(xc_handle, &op);
 
-    if (ret < 0)
-    {
-        printf("ERROR dumping policy stats. Try 'xm dmesg' to see details.\n");
+    if (ret < 0) {
+        printf
+            ("ERROR dumping policy stats. Try 'xm dmesg' to see details.\n");
         return ret;
     }
     stats = (struct acm_stats_buffer *) stats_buffer;
@@ -394,8 +381,7 @@ int acm_domain_dumpstats(int xc_handle)
     printf("Magic     = %x.\n", ntohl(stats->magic));
     printf("Len       = %x.\n", ntohl(stats->len));
 
-    switch (ntohl(stats->primary_policy_code))
-    {
+    switch (ntohl(stats->primary_policy_code)) {
     case ACM_NULL_POLICY:
         printf("NULL Policy: No statistics apply.\n");
         break;
@@ -414,8 +400,7 @@ int acm_domain_dumpstats(int xc_handle)
         printf("UNKNOWN PRIMARY POLICY ERROR!\n");
     }
 
-    switch (ntohl(stats->secondary_policy_code))
-    {
+    switch (ntohl(stats->secondary_policy_code)) {
     case ACM_NULL_POLICY:
         printf("NULL Policy: No statistics apply.\n");
         break;
@@ -435,119 +420,6 @@ int acm_domain_dumpstats(int xc_handle)
     }
     return ret;
 }
-/************************ get ssidref & types ******************************/
-/*
- * the ssid (types) can be looked up either by domain id or by ssidref
- */
-int acm_domain_getssid(int xc_handle, int argc, char * const argv[])
-{
-    /* this includes header and a set of types */
-    #define MAX_SSIDBUFFER  2000
-    int ret, i;
-    struct acm_op op;
-    struct acm_ssid_buffer *hdr;
-    unsigned char *buf;
-	int nice_print = 1;
-
-    op.cmd = ACM_GETSSID;
-    op.interface_version = ACM_INTERFACE_VERSION;
-	op.u.getssid.get_ssid_by = UNSET;
-	/* arguments
-	   -d ... domain id to look up
-	   -s ... ssidref number to look up
-	   -f ... formatted print (scripts depend on this format)
-	*/
-	while (1)
-    {
-		int c = getopt(argc, argv, "d:s:f");
-		if (c == -1)
-			break;
-		if (c == 'd')
-        {
-			if (op.u.getssid.get_ssid_by != UNSET)
-				usage(argv[0]);
-			op.u.getssid.get_ssid_by = DOMAINID;
-			op.u.getssid.id.domainid = strtoul(optarg, NULL, 0);
-		}
-		else if (c== 's')
-        {
-			if (op.u.getssid.get_ssid_by != UNSET)
-				usage(argv[0]);
-			op.u.getssid.get_ssid_by = SSIDREF;
-			op.u.getssid.id.ssidref = strtoul(optarg, NULL, 0);
-		}
-		else if (c== 'f')
-		{
-			nice_print = 0;
-		}
-		else
-			usage(argv[0]);
-	}
-	if (op.u.getssid.get_ssid_by == UNSET)
-		usage(argv[0]);
-
-	buf = malloc(MAX_SSIDBUFFER);
-    if (!buf)
-        return -ENOMEM;
-
-    /* dump it and then push it down into xen/acm */
-    op.u.getssid.ssidbuf = buf;   /* out */
-    op.u.getssid.ssidbuf_size = MAX_SSIDBUFFER;
-    ret = do_acm_op(xc_handle, &op);
-
-    if (ret)
-    {
-        printf("ERROR getting ssidref. Try 'xm dmesg' to see details.\n");
-        goto out;
-    }
-    hdr = (struct acm_ssid_buffer *)buf;
-    if (hdr->len > MAX_SSIDBUFFER)
-    {
-        printf("ERROR: Buffer length inconsistent (ret=%d, hdr->len=%d)!\n",
-               ret, hdr->len);
-            return -EIO;
-    }
-	if (nice_print)
-    {
-		printf("SSID: ssidref = 0x%08x \n", hdr->ssidref);
-		printf("      P: %s, max_types = %d\n",
-			   ACM_POLICY_NAME(hdr->primary_policy_code), hdr->primary_max_types);
-		printf("	  Types: ");
-		for (i=0; i< hdr->primary_max_types; i++)
-			if (buf[hdr->primary_types_offset + i])
-				printf("%02x ", i);
-			else
-				printf("-- ");
-		printf("\n");
-
-		printf("      S: %s, max_types = %d\n",
-			   ACM_POLICY_NAME(hdr->secondary_policy_code), hdr->secondary_max_types);
-		printf("	  Types: ");
-		for (i=0; i< hdr->secondary_max_types; i++)
-			if (buf[hdr->secondary_types_offset + i])
-				printf("%02x ", i);
-			else
-				printf("-- ");
-		printf("\n");
-	}
-	else
-    {
-		/* formatted print for use with scripts (.sh)
-		 *  update scripts when updating here (usually
-		 *  used in combination with -d to determine a
-		 *  running domain's label
-		 */
-		printf("SSID: ssidref = 0x%08x \n", hdr->ssidref);
-	}
-
-    /* return ste ssidref */
-    if (hdr->primary_policy_code == ACM_SIMPLE_TYPE_ENFORCEMENT_POLICY)
-        ret = (hdr->ssidref) & 0xffff;
-    else if (hdr->secondary_policy_code == ACM_SIMPLE_TYPE_ENFORCEMENT_POLICY)
-        ret = (hdr->ssidref) >> 16;
- out:
-    return ret;
-}
 
 /***************************** main **************************************/
 
@@ -559,8 +431,7 @@ int main(int argc, char **argv)
     if (argc < 2)
         usage(argv[0]);
 
-    if ((acm_cmd_fd = open("/proc/xen/privcmd", O_RDONLY)) <= 0)
-    {
+    if ((acm_cmd_fd = open("/proc/xen/privcmd", O_RDONLY)) <= 0) {
         printf("ERROR: Could not open xen privcmd device!\n");
         exit(-1);
     }
@@ -577,8 +448,6 @@ int main(int argc, char **argv)
         if (argc != 2)
             usage(argv[0]);
         ret = acm_domain_dumpstats(acm_cmd_fd);
-    } else if (!strcmp(argv[1], "getssid")) {
-        ret = acm_domain_getssid(acm_cmd_fd, argc, argv);
     } else
         usage(argv[0]);
 
diff --git a/tools/security/secpol_xml2bin.c b/tools/security/secpol_xml2bin.c
index cfa3e8c1e3..61cb869359 100644
--- a/tools/security/secpol_xml2bin.c
+++ b/tools/security/secpol_xml2bin.c
@@ -101,22 +101,30 @@ int have_chwall = 0;
 
 /* input/output file names */
 char *policy_filename = NULL,
-    *label_filename = NULL,
-    *binary_filename = NULL, *mapping_filename = NULL,
-    *schema_filename = NULL;
+    *binary_filename = NULL,
+    *mapping_filename = NULL, *schema_filename = NULL;
+
+char *policy_reference_name = NULL;
+
+void walk_labels(xmlNode * start, xmlDocPtr doc, unsigned long state);
 
 void usage(char *prg)
 {
     printf("Usage: %s [OPTIONS] POLICYNAME\n", prg);
-    printf("POLICYNAME is the directory name within the policy directory\n");
-    printf("that contains the policy files.  The default policy directory\n");
-    printf("is '%s' (see the '-d' option below to change it)\n", POLICY_DIR);
-    printf("The policy files contained in the POLICYNAME directory must be named:\n");
+    printf
+        ("POLICYNAME is the directory name within the policy directory\n");
+    printf
+        ("that contains the policy files.  The default policy directory\n");
+    printf("is '%s' (see the '-d' option below to change it)\n",
+           POLICY_DIR);
+    printf
+        ("The policy files contained in the POLICYNAME directory must be named:\n");
     printf("\tPOLICYNAME-security_policy.xml\n");
     printf("\tPOLICYNAME-security_label_template.xml\n\n");
     printf("OPTIONS:\n");
     printf("\t-d POLICYDIR\n");
-    printf("\t\tUse POLICYDIR as the policy directory. This directory must contain\n");
+    printf
+        ("\t\tUse POLICYDIR as the policy directory. This directory must contain\n");
     printf("\t\tthe policy schema file 'security_policy.xsd'\n");
     exit(EXIT_FAILURE);
 }
@@ -147,8 +155,7 @@ struct type_entry *lookup(struct tailhead *head, char *name)
 int add_entry(struct tailhead *head, char *name, type_t mapping)
 {
     struct type_entry *e;
-    if (lookup(head, name))
-    {
+    if (lookup(head, name)) {
         printf("Error: Type >%s< defined more than once.\n", name);
         return -EFAULT;         /* already in the list */
     }
@@ -204,16 +211,14 @@ int register_type(xmlNode * cur_node, xmlDocPtr doc, unsigned long state)
 
 
     text = xmlNodeListGetString(doc, cur_node->xmlChildrenNode, 1);
-    if (!text)
-    {
+    if (!text) {
         printf("Error reading type name!\n");
         return -EFAULT;
     }
 
     switch (state) {
     case XML2BIN_stetype_S:
-        if (add_entry(&ste_head, (char *) text, max_ste_types))
-        {
+        if (add_entry(&ste_head, (char *) text, max_ste_types)) {
             xmlFree(text);
             return -EFAULT;
         }
@@ -221,8 +226,7 @@ int register_type(xmlNode * cur_node, xmlDocPtr doc, unsigned long state)
         break;
 
     case XML2BIN_chwalltype_S:
-        if (add_entry(&chwall_head, (char *) text, max_chwall_types))
-        {
+        if (add_entry(&chwall_head, (char *) text, max_chwall_types)) {
             xmlFree(text);
             return -EFAULT;
         }
@@ -232,16 +236,15 @@ int register_type(xmlNode * cur_node, xmlDocPtr doc, unsigned long state)
     case XML2BIN_conflictsettype_S:
         /* a) search the type in the chwall_type list */
         e = lookup(&chwall_head, (char *) text);
-        if (e == NULL)
-        {
+        if (e == NULL) {
             printf("CS type >%s< not a CHWALL type.\n", text);
             xmlFree(text);
             return -EFAULT;
         }
         /* b) add type entry to the current cs set */
-        if (current_conflictset_p->row[e->mapping])
-        {
-            printf("ERROR: Double entry of type >%s< in conflict set %d.\n",
+        if (current_conflictset_p->row[e->mapping]) {
+            printf
+                ("ERROR: Double entry of type >%s< in conflict set %d.\n",
                  text, current_conflictset_p->num);
             xmlFree(text);
             return -EFAULT;
@@ -262,16 +265,15 @@ void set_component_type(xmlNode * cur_node, enum policycomponent pc)
 {
     xmlChar *order;
 
-    if ((order = xmlGetProp(cur_node, (xmlChar *) PRIMARY_COMPONENT_ATTR_NAME))) {
-        if (strcmp((char *) order, PRIMARY_COMPONENT))
-        {
+    if ((order =
+         xmlGetProp(cur_node, (xmlChar *) PRIMARY_COMPONENT_ATTR_NAME))) {
+        if (strcmp((char *) order, PRIMARY_COMPONENT)) {
             printf("ERROR: Illegal attribut value >order=%s<.\n",
                    (char *) order);
             xmlFree(order);
             exit(EXIT_FAILURE);
         }
-        if (primary != NULLPOLICY)
-        {
+        if (primary != NULLPOLICY) {
             printf("ERROR: Primary Policy Component set twice!\n");
             exit(EXIT_FAILURE);
         }
@@ -285,10 +287,8 @@ void walk_policy(xmlNode * start, xmlDocPtr doc, unsigned long state)
     xmlNode *cur_node = NULL;
     int code;
 
-    for (cur_node = start; cur_node; cur_node = cur_node->next)
-    {
-        if ((code = totoken((char *) cur_node->name)) < 0)
-        {
+    for (cur_node = start; cur_node; cur_node = cur_node->next) {
+        if ((code = totoken((char *) cur_node->name)) < 0) {
             printf("Unknown token: >%s<. Aborting.\n", cur_node->name);
             exit(EXIT_FAILURE);
         }
@@ -297,13 +297,32 @@ void walk_policy(xmlNode * start, xmlDocPtr doc, unsigned long state)
         case XML2BIN_STETYPES:
         case XML2BIN_CHWALLTYPES:
         case XML2BIN_CONFLICTSETS:
+        case XML2BIN_POLICYHEADER:
             walk_policy(cur_node->children, doc, state | (1 << code));
             break;
 
+        case XML2BIN_POLICYNAME:       /* get policy reference name .... */
+            if (state != XML2BIN_PN_S) {
+                printf("ERROR: >Url< >%s< out of context.\n",
+                       (char *) xmlNodeListGetString(doc,
+                                                     cur_node->
+                                                     xmlChildrenNode, 1));
+                exit(EXIT_FAILURE);
+            }
+            policy_reference_name = (char *)
+                xmlNodeListGetString(doc, cur_node->xmlChildrenNode, 1);
+            if (!policy_reference_name) {
+                printf("ERROR: empty >policy reference name (Url)<!\n");
+                exit(EXIT_FAILURE);
+            } else
+                printf("Policy Reference name (Url): %s\n",
+                       policy_reference_name);
+            break;
+
         case XML2BIN_STE:
-            if (WRITTEN_AGAINST_ACM_STE_VERSION != ACM_STE_VERSION)
-            {
-                printf("ERROR: This program was written against another STE version.\n");
+            if (WRITTEN_AGAINST_ACM_STE_VERSION != ACM_STE_VERSION) {
+                printf
+                    ("ERROR: This program was written against another STE version.\n");
                 exit(EXIT_FAILURE);
             }
             have_ste = 1;
@@ -312,9 +331,9 @@ void walk_policy(xmlNode * start, xmlDocPtr doc, unsigned long state)
             break;
 
         case XML2BIN_CHWALL:
-            if (WRITTEN_AGAINST_ACM_CHWALL_VERSION != ACM_CHWALL_VERSION)
-            {
-                printf("ERROR: This program was written against another CHWALL version.\n");
+            if (WRITTEN_AGAINST_ACM_CHWALL_VERSION != ACM_CHWALL_VERSION) {
+                printf
+                    ("ERROR: This program was written against another CHWALL version.\n");
                 exit(EXIT_FAILURE);
             }
             have_chwall = 1;
@@ -328,8 +347,7 @@ void walk_policy(xmlNode * start, xmlDocPtr doc, unsigned long state)
             if (!current_conflictset_name)
                 current_conflictset_name = "";
 
-            if (init_next_conflictset())
-            {
+            if (init_next_conflictset()) {
                 printf
                     ("ERROR: creating new conflictset structure failed.\n");
                 exit(EXIT_FAILURE);
@@ -343,14 +361,18 @@ void walk_policy(xmlNode * start, xmlDocPtr doc, unsigned long state)
             /* type leaf */
             break;
 
+        case XML2BIN_LABELTEMPLATE:    /* handle in second pass */
         case XML2BIN_TEXT:
         case XML2BIN_COMMENT:
-        case XML2BIN_POLICYHEADER:
+        case XML2BIN_DATE:
+        case XML2BIN_REFERENCE:
+        case XML2BIN_NSURL:    /* for future use: where to find global label / type name mappings */
+        case XML2BIN_URL:      /* for future use: where to find policy */
             /* leaf - nothing to do */
             break;
 
         default:
-            printf("Unkonwn token Error (%d)\n", code);
+            printf("Unkonwn token Error (%d) in Policy\n", code);
             exit(EXIT_FAILURE);
         }
 
@@ -358,21 +380,21 @@ void walk_policy(xmlNode * start, xmlDocPtr doc, unsigned long state)
     return;
 }
 
-int create_type_mapping(xmlDocPtr doc)
+void init_type_mapping(void)
 {
-    xmlNode *root_element = xmlDocGetRootElement(doc);
-    struct type_entry *te;
-    struct ssid_entry *se;
-    int i;
-
     printf("Creating ssid mappings ...\n");
 
     /* initialize the ste and chwall type lists */
     TAILQ_INIT(&ste_head);
     TAILQ_INIT(&chwall_head);
     TAILQ_INIT(&conflictsets_head);
+}
 
-    walk_policy(root_element, doc, XML2BIN_NULL);
+void post_type_mapping(void)
+{
+    struct type_entry *te;
+    struct ssid_entry *se;
+    int i;
 
     /* determine primary/secondary policy component orders */
     if ((primary == NULLPOLICY) && have_chwall)
@@ -400,19 +422,17 @@ int create_type_mapping(xmlDocPtr doc)
     }
 
     if (!DEBUG)
-        return 0;
+        return;
 
     /* print queues */
-    if (have_ste)
-    {
+    if (have_ste) {
         printf("STE-Type queue (%s):\n",
                (primary == STE) ? "PRIMARY" : "SECONDARY");
         for (te = ste_head.tqh_first; te != NULL;
              te = te->entries.tqe_next)
             printf("name=%22s, map=%x\n", te->name, te->mapping);
     }
-    if (have_chwall)
-    {
+    if (have_chwall) {
         printf("CHWALL-Type queue (%s):\n",
                (primary == CHWALL) ? "PRIMARY" : "SECONDARY");
         for (te = chwall_head.tqh_first; te != NULL;
@@ -421,8 +441,7 @@ int create_type_mapping(xmlDocPtr doc)
 
         printf("Conflictset queue (max=%d):\n", max_conflictsets);
         for (se = conflictsets_head.tqh_first; se != NULL;
-             se = se->entries.tqe_next)
-        {
+             se = se->entries.tqe_next) {
             printf("conflictset name >%s<\n",
                    se->name ? se->name : "NONAME");
             for (i = 0; i < max_chwall_types; i++)
@@ -431,7 +450,6 @@ int create_type_mapping(xmlDocPtr doc)
             printf("\n");
         }
     }
-    return 0;
 }
 
 
@@ -554,8 +572,7 @@ int add_type(xmlNode * cur_node, xmlDocPtr doc, unsigned long state)
     struct type_entry *e;
 
     text = xmlNodeListGetString(doc, cur_node->xmlChildrenNode, 1);
-    if (!text)
-    {
+    if (!text) {
         printf("Error reading type name!\n");
         return -EFAULT;
     }
@@ -564,8 +581,7 @@ int add_type(xmlNode * cur_node, xmlDocPtr doc, unsigned long state)
     case XML2BIN_VM_STE_S:
     case XML2BIN_RES_STE_S:
         /* lookup the type mapping and include the type mapping into the array */
-        if (!(e = lookup(&ste_head, (char *) text)))
-        {
+        if (!(e = lookup(&ste_head, (char *) text))) {
             printf("ERROR: unknown VM STE type >%s<.\n", text);
             exit(EXIT_FAILURE);
         }
@@ -577,8 +593,7 @@ int add_type(xmlNode * cur_node, xmlDocPtr doc, unsigned long state)
 
     case XML2BIN_VM_CHWALL_S:
         /* lookup the type mapping and include the type mapping into the array */
-        if (!(e = lookup(&chwall_head, (char *) text)))
-        {
+        if (!(e = lookup(&chwall_head, (char *) text))) {
             printf("ERROR: unknown VM CHWALL type >%s<.\n", text);
             exit(EXIT_FAILURE);
         }
@@ -602,8 +617,9 @@ void set_bootstrap_label(xmlNode * cur_node)
 {
     xmlChar *order;
 
-    if ((order = xmlGetProp(cur_node, (xmlChar *) BOOTSTRAP_LABEL_ATTR_NAME)))
-        bootstrap_label = (char *)order;
+    if ((order =
+         xmlGetProp(cur_node, (xmlChar *) BOOTSTRAP_LABEL_ATTR_NAME)))
+        bootstrap_label = (char *) order;
     else {
         printf("ERROR: No bootstrap label defined!\n");
         exit(EXIT_FAILURE);
@@ -615,45 +631,40 @@ void walk_labels(xmlNode * start, xmlDocPtr doc, unsigned long state)
     xmlNode *cur_node = NULL;
     int code;
 
-    for (cur_node = start; cur_node; cur_node = cur_node->next)
-    {
-        if ((code = totoken((char *) cur_node->name)) < 0)
-        {
+    for (cur_node = start; cur_node; cur_node = cur_node->next) {
+        if ((code = totoken((char *) cur_node->name)) < 0) {
             printf("Unkonwn token: >%s<. Aborting.\n", cur_node->name);
             exit(EXIT_FAILURE);
         }
         switch (code) {         /* adjust state to new state */
-
         case XML2BIN_SUBJECTS:
             set_bootstrap_label(cur_node);
             /* fall through */
+        case XML2BIN_SECPOL:
+        case XML2BIN_LABELTEMPLATE:
         case XML2BIN_VM:
         case XML2BIN_RES:
-        case XML2BIN_SECTEMPLATE:
         case XML2BIN_OBJECTS:
             walk_labels(cur_node->children, doc, state | (1 << code));
             break;
 
         case XML2BIN_STETYPES:
             /* create new ssid entry to use and point current to it */
-            if (init_next_ste_ssid(state))
-            {
+            if (init_next_ste_ssid(state)) {
                 printf("ERROR: creating new ste ssid structure failed.\n");
                 exit(EXIT_FAILURE);
             }
             walk_labels(cur_node->children, doc, state | (1 << code));
-
             break;
 
         case XML2BIN_CHWALLTYPES:
             /* create new ssid entry to use and point current to it */
-            if (init_next_chwall_ssid(state))
-            {
-                printf("ERROR: creating new chwall ssid structure failed.\n");
+            if (init_next_chwall_ssid(state)) {
+                printf
+                    ("ERROR: creating new chwall ssid structure failed.\n");
                 exit(EXIT_FAILURE);
             }
             walk_labels(cur_node->children, doc, state | (1 << code));
-
             break;
 
         case XML2BIN_TYPE:
@@ -663,115 +674,66 @@ void walk_labels(xmlNode * start, xmlDocPtr doc, unsigned long state)
             break;
 
         case XML2BIN_NAME:
-            if ((state != XML2BIN_VM_S) && (state != XML2BIN_RES_S))
-            {
-                printf("ERROR: >name< out of VM/RES context.\n");
-                exit(EXIT_FAILURE);
-            }
-            current_ssid_name = (char *)
-                xmlNodeListGetString(doc, cur_node->xmlChildrenNode, 1);
-
-            if (!current_ssid_name)
-            {
-                printf("ERROR: empty >name<!\n");
+            if ((state == XML2BIN_VM_S) || (state == XML2BIN_RES_S)) {
+                current_ssid_name = (char *)
+                    xmlNodeListGetString(doc, cur_node->xmlChildrenNode,
+                                         1);
+                if (!current_ssid_name) {
+                    printf("ERROR: empty >vm/res name<!\n");
+                    exit(EXIT_FAILURE);
+                }
+            } else {
+                printf
+                    ("ERROR: >name< >%s< out of context (state = 0x%lx.\n",
+                     (char *) xmlNodeListGetString(doc,
+                                                   cur_node->
+                                                   xmlChildrenNode, 1),
+                     state);
                 exit(EXIT_FAILURE);
             }
             break;
 
         case XML2BIN_TEXT:
         case XML2BIN_COMMENT:
-        case XML2BIN_LABELHEADER:
+        case XML2BIN_POLICYHEADER:
+        case XML2BIN_STE:
+        case XML2BIN_CHWALL:
             break;
 
         default:
-            printf("Unkonwn token Error (%d)\n", code);
+            printf("Unkonwn token Error (%d) in Label Template\n", code);
             exit(EXIT_FAILURE);
         }
-
     }
     return;
 }
 
-/* this function walks through a ssid queue
- * and transforms double entries into references
- * of the first definition (we need to keep the
- * entry to map labels but we don't want double
- * ssids in the binary policy
- */
-void
-remove_doubles(struct tailhead_ssid *head,
-                        u_int32_t max_types, u_int32_t * max_ssids)
-{
-    struct ssid_entry *np, *ni;
-
-    /* walk once through the list */
-    for (np = head->tqh_first; np != NULL; np = np->entries.tqe_next)
-    {
-        /* now search from the start until np for the same entry */
-        for (ni = head->tqh_first; ni != np; ni = ni->entries.tqe_next)
-        {
-            if (ni->is_ref)
-                continue;
-            if (memcmp(np->row, ni->row, max_types))
-                continue;
-            /* found one, set np reference to ni */
-            np->is_ref = 1;
-            np->num = ni->num;
-            (*max_ssids)--;
-        }
-    }
-
-    /* now minimize the ssid numbers used (doubles introduce holes) */
-    (*max_ssids) = 0; /* reset */
-
-    for (np = head->tqh_first; np != NULL; np = np->entries.tqe_next)
-    {
-        if (np->is_ref)
-            continue;
-
-        if (np->num != (*max_ssids)) {
-                /* first reset all later references to the new max_ssid */
-                for (ni = np->entries.tqe_next; ni != NULL; ni = ni->entries.tqe_next)
-                {
-                    if (ni->num == np->num)
-                        ni->num = (*max_ssids);
-                }
-                /* now reset num */
-                np->num = (*max_ssids)++;
-        }
-        else
-            (*max_ssids)++;
-    }
-}
-
 /*
  * will go away as soon as we have non-static bootstrap ssidref for dom0
  */
 void fixup_bootstrap_label(struct tailhead_ssid *head,
-                         u_int32_t max_types, u_int32_t * max_ssids)
+                           u_int32_t max_types, u_int32_t * max_ssids)
 {
     struct ssid_entry *np;
     int i;
 
     /* should not happen if xml / xsd checks work */
-    if (!bootstrap_label)
-    {
+    if (!bootstrap_label) {
         printf("ERROR: No bootstrap label defined.\n");
         exit(EXIT_FAILURE);
     }
 
     /* search bootstrap_label */
-    for (np = head->tqh_first; np != NULL; np = np->entries.tqe_next)
-    {
-        if (!strcmp(np->name, bootstrap_label))
-        {
+    for (np = head->tqh_first; np != NULL; np = np->entries.tqe_next) {
+        if (!strcmp(np->name, bootstrap_label)) {
             break;
         }
     }
 
     if (!np) {
         /* bootstrap label not found */
-        printf("ERROR: Bootstrap label >%s< not found.\n", bootstrap_label);
+        printf("ERROR: Bootstrap label >%s< not found.\n",
+               bootstrap_label);
         exit(EXIT_FAILURE);
     }
 
@@ -781,16 +743,14 @@ void fixup_bootstrap_label(struct tailhead_ssid *head,
     TAILQ_INSERT_AFTER(head, head->tqh_first, np, entries);
 
     /* renumber the ssids (we could also just switch places with 1st element) */
-    for (np = head->tqh_first, i=0; np != NULL; np = np->entries.tqe_next, i++)
-        np->num   = i;
+    for (np = head->tqh_first, i = 0; np != NULL;
+         np = np->entries.tqe_next, i++)
+        np->num = i;
 
 }
 
-int create_ssid_mapping(xmlDocPtr doc)
+void init_label_mapping(void)
 {
-    xmlNode *root_element = xmlDocGetRootElement(doc);
-    struct ssid_entry *np;
-    int i;
 
     printf("Creating label mappings ...\n");
     /* initialize the ste and chwall type lists */
@@ -798,14 +758,16 @@ int create_ssid_mapping(xmlDocPtr doc)
     TAILQ_INIT(&ste_ssid_head);
 
     /* init with default ssids */
-    if (init_ssid_queues())
-    {
+    if (init_ssid_queues()) {
         printf("ERROR adding default ssids.\n");
         exit(EXIT_FAILURE);
     }
+}
 
-    /* now walk the template DOM tree and fill in ssids */
-    walk_labels(root_element, doc, XML2BIN_NULL);
+void post_label_mapping(void)
+{
+    struct ssid_entry *np;
+    int i;
 
     /*
      * now sort bootstrap label to the head of the list
@@ -814,30 +776,20 @@ int create_ssid_mapping(xmlDocPtr doc)
      */
     if (have_chwall)
         fixup_bootstrap_label(&chwall_ssid_head, max_chwall_types,
-                                &max_chwall_ssids);
+                              &max_chwall_ssids);
     if (have_ste)
         fixup_bootstrap_label(&ste_ssid_head, max_ste_types,
-                                &max_ste_ssids);
-
-    /* remove any double entries (insert reference instead) */
-    if (have_chwall)
-        remove_doubles(&chwall_ssid_head, max_chwall_types,
-                       &max_chwall_ssids);
-    if (have_ste)
-        remove_doubles(&ste_ssid_head, max_ste_types,
-                       &max_ste_ssids);
+                              &max_ste_ssids);
 
     if (!DEBUG)
-        return 0;
+        return;
 
     /* print queues */
-    if (have_chwall)
-    {
+    if (have_chwall) {
         printf("CHWALL SSID queue (max ssidrefs=%d):\n", max_chwall_ssids);
         np = NULL;
         for (np = chwall_ssid_head.tqh_first; np != NULL;
-             np = np->entries.tqe_next)
-        {
+             np = np->entries.tqe_next) {
             printf("SSID #%02u (Label=%s)\n", np->num, np->name);
             if (np->is_ref)
                 printf("REFERENCE");
@@ -848,13 +800,11 @@ int create_ssid_mapping(xmlDocPtr doc)
             printf("\n\n");
         }
     }
-    if (have_ste)
-    {
+    if (have_ste) {
         printf("STE SSID queue (max ssidrefs=%d):\n", max_ste_ssids);
         np = NULL;
         for (np = ste_ssid_head.tqh_first; np != NULL;
-             np = np->entries.tqe_next)
-        {
+             np = np->entries.tqe_next) {
             printf("SSID #%02u (Label=%s)\n", np->num, np->name);
             if (np->is_ref)
                 printf("REFERENCE");
@@ -865,7 +815,19 @@ int create_ssid_mapping(xmlDocPtr doc)
             printf("\n\n");
         }
     }
-    return 0;
+}
+
+void create_mappings(xmlDocPtr doc)
+{
+    xmlNode *doc_root_node = xmlDocGetRootElement(doc);
+
+    /* walk the XML policy tree and fill in types and labels */
+    init_type_mapping();
+    walk_policy(doc_root_node, doc, XML2BIN_NULL);      /* first pass: types */
+    post_type_mapping();
+    init_label_mapping();
+    walk_labels(doc_root_node, doc, XML2BIN_NULL);      /* second pass: labels */
+    post_label_mapping();
 }
 
 /***************** writing the binary policy *********************/
@@ -888,19 +850,16 @@ int write_mapping(char *filename)
     if ((file = fopen(filename, "w")) == NULL)
         return -EIO;
 
+    fprintf(file, "POLICYREFERENCENAME    %s\n", policy_reference_name);
     fprintf(file, "MAGIC                  %08x\n", ACM_MAGIC);
-    fprintf(file, "POLICY                 %s\n",
-            basename(policy_filename));
-    fprintf(file, "BINARY                 %s\n",
-            basename(binary_filename));
-    if (have_chwall)
-    {
+    fprintf(file, "POLICY FILE            %s\n", policy_filename);
+    fprintf(file, "BINARY FILE            %s\n", binary_filename);
+    if (have_chwall) {
         fprintf(file, "MAX-CHWALL-TYPES       %08x\n", max_chwall_types);
         fprintf(file, "MAX-CHWALL-SSIDS       %08x\n", max_chwall_ssids);
         fprintf(file, "MAX-CHWALL-LABELS      %08x\n", max_chwall_labels);
     }
-    if (have_ste)
-    {
+    if (have_ste) {
         fprintf(file, "MAX-STE-TYPES          %08x\n", max_ste_types);
         fprintf(file, "MAX-STE-SSIDS          %08x\n", max_ste_ssids);
         fprintf(file, "MAX-STE-LABELS         %08x\n", max_ste_labels);
@@ -939,11 +898,9 @@ int write_mapping(char *filename)
     fprintf(file, "\n");
 
     /* first labels to ssid mappings */
-    if (have_chwall)
-    {
+    if (have_chwall) {
         for (e = chwall_ssid_head.tqh_first; e != NULL;
-             e = e->entries.tqe_next)
-        {
+             e = e->entries.tqe_next) {
             fprintf(file, "LABEL->SSID %s CHWALL %-25s %8x\n",
                     (e->type ==
                      VM) ? "VM " : ((e->type == RES) ? "RES" : "ANY"),
@@ -951,11 +908,9 @@ int write_mapping(char *filename)
         }
         fprintf(file, "\n");
     }
-    if (have_ste)
-    {
+    if (have_ste) {
         for (e = ste_ssid_head.tqh_first; e != NULL;
-             e = e->entries.tqe_next)
-        {
+             e = e->entries.tqe_next) {
             fprintf(file, "LABEL->SSID %s STE    %-25s %8x\n",
                     (e->type ==
                      VM) ? "VM " : ((e->type == RES) ? "RES" : "ANY"),
@@ -965,11 +920,9 @@ int write_mapping(char *filename)
     }
 
     /* second ssid to type mappings */
-    if (have_chwall)
-    {
+    if (have_chwall) {
         for (e = chwall_ssid_head.tqh_first; e != NULL;
-             e = e->entries.tqe_next)
-        {
+             e = e->entries.tqe_next) {
             if (e->is_ref)
                 continue;
 
@@ -985,8 +938,7 @@ int write_mapping(char *filename)
     }
     if (have_ste) {
         for (e = ste_ssid_head.tqh_first; e != NULL;
-             e = e->entries.tqe_next)
-        {
+             e = e->entries.tqe_next) {
             if (e->is_ref)
                 continue;
 
@@ -1001,18 +953,15 @@ int write_mapping(char *filename)
         fprintf(file, "\n");
     }
     /* third type mappings */
-    if (have_chwall)
-    {
-        for (t = chwall_head.tqh_first; t != NULL; t = t->entries.tqe_next)
-        {
+    if (have_chwall) {
+        for (t = chwall_head.tqh_first; t != NULL; t = t->entries.tqe_next) {
             fprintf(file, "TYPE CHWALL            %-25s %8x\n",
                     t->name, t->mapping);
         }
         fprintf(file, "\n");
     }
     if (have_ste) {
-        for (t = ste_head.tqh_first; t != NULL; t = t->entries.tqe_next)
-        {
+        for (t = ste_head.tqh_first; t != NULL; t = t->entries.tqe_next) {
             fprintf(file, "TYPE STE               %-25s %8x\n",
                     t->name, t->mapping);
         }
@@ -1022,6 +971,38 @@ int write_mapping(char *filename)
     return 0;
 }
 
+
+unsigned char *write_policy_reference_binary(u_int32_t * len_pr)
+{
+    unsigned char *buf, *ptr;
+    struct acm_policy_reference_buffer *pr_header;
+    u_int32_t len;
+
+    if (policy_reference_name == NULL) {
+        printf("ERROR: No policy reference name found.\n");
+        exit(EXIT_FAILURE);
+    }
+    len = (sizeof(struct acm_policy_reference_buffer) +
+           strlen(policy_reference_name) + 1);
+    buf = malloc(len);
+    ptr = buf;
+
+    if (!buf) {
+        printf
+            ("ERROR: out of memory allocating label reference buffer.\n");
+        exit(EXIT_FAILURE);
+    }
+    pr_header = (struct acm_policy_reference_buffer *) buf;
+    pr_header->len =
+        htonl(strlen(policy_reference_name) + 1 /* strend \'0' */ );
+    ptr += sizeof(struct acm_policy_reference_buffer);
+    strcpy((char *) ptr, policy_reference_name);
+
+    (*len_pr) = len;
+    return buf;
+}
+
+
 unsigned char *write_chwall_binary(u_int32_t * len_chwall)
 {
     unsigned char *buf, *ptr;
@@ -1040,8 +1021,7 @@ unsigned char *write_chwall_binary(u_int32_t * len_chwall)
     buf = malloc(len);
     ptr = buf;
 
-    if (!buf)
-    {
+    if (!buf) {
         printf("ERROR: out of memory allocating chwall buffer.\n");
         exit(EXIT_FAILURE);
     }
@@ -1058,14 +1038,13 @@ unsigned char *write_chwall_binary(u_int32_t * len_chwall)
     chwall_header->chwall_conflict_sets_offset =
         htonl(ntohl(chwall_header->chwall_ssid_offset) +
               sizeof(domaintype_t) * max_chwall_ssids * max_chwall_types);
-    chwall_header->chwall_running_types_offset = 0;     /* not set, only retrieved */
-    chwall_header->chwall_conflict_aggregate_offset = 0;        /* not set, only retrieved */
+    chwall_header->chwall_running_types_offset = 0;
+    chwall_header->chwall_conflict_aggregate_offset = 0;
     ptr += sizeof(struct acm_chwall_policy_buffer);
 
     /* types */
     for (e = chwall_ssid_head.tqh_first; e != NULL;
-         e = e->entries.tqe_next)
-    {
+         e = e->entries.tqe_next) {
         if (e->is_ref)
             continue;
 
@@ -1077,16 +1056,14 @@ unsigned char *write_chwall_binary(u_int32_t * len_chwall)
 
     /* conflictsets */
     for (e = conflictsets_head.tqh_first; e != NULL;
-         e = e->entries.tqe_next)
-    {
+         e = e->entries.tqe_next) {
         for (i = 0; i < max_chwall_types; i++)
             ((type_t *) ptr)[i] = htons((type_t) e->row[i]);
 
         ptr += sizeof(type_t) * max_chwall_types;
     }
 
-    if ((ptr - buf) != len)
-    {
+    if ((ptr - buf) != len) {
         printf("ERROR: wrong lengths in %s.\n", __func__);
         exit(EXIT_FAILURE);
     }
@@ -1112,8 +1089,7 @@ unsigned char *write_ste_binary(u_int32_t * len_ste)
     buf = malloc(len);
     ptr = buf;
 
-    if (!buf)
-    {
+    if (!buf) {
         printf("ERROR: out of memory allocating chwall buffer.\n");
         exit(EXIT_FAILURE);
     }
@@ -1130,8 +1106,7 @@ unsigned char *write_ste_binary(u_int32_t * len_ste)
     ptr += sizeof(struct acm_ste_policy_buffer);
 
     /* types */
-    for (e = ste_ssid_head.tqh_first; e != NULL; e = e->entries.tqe_next)
-    {
+    for (e = ste_ssid_head.tqh_first; e != NULL; e = e->entries.tqe_next) {
         if (e->is_ref)
             continue;
 
@@ -1141,8 +1116,7 @@ unsigned char *write_ste_binary(u_int32_t * len_ste)
         ptr += sizeof(type_t) * max_ste_types;
     }
 
-    if ((ptr - buf) != len)
-    {
+    if ((ptr - buf) != len) {
         printf("ERROR: wrong lengths in %s.\n", __func__);
         exit(EXIT_FAILURE);
     }
@@ -1153,16 +1127,21 @@ unsigned char *write_ste_binary(u_int32_t * len_ste)
 int write_binary(char *filename)
 {
     struct acm_policy_buffer header;
-    unsigned char *ste_buffer = NULL, *chwall_buffer = NULL;
+    unsigned char *ste_buffer = NULL, *chwall_buffer =
+        NULL, *policy_reference_buffer = NULL;
     u_int32_t len;
-    int fd;
+    int fd, ret = 0;
 
-    u_int32_t len_ste = 0, len_chwall = 0;      /* length of policy components */
+    u_int32_t len_ste = 0, len_chwall = 0, len_pr = 0;  /* length of policy components */
 
     /* open binary file */
-    if ((fd = open(filename, O_WRONLY | O_CREAT | O_TRUNC, S_IRUSR | S_IWUSR)) <= 0)
-        return -EIO;
-
+    if ((fd =
+         open(filename, O_WRONLY | O_CREAT | O_TRUNC,
+              S_IRUSR | S_IWUSR)) <= 0) {
+        ret = -EIO;
+        goto out1;
+    }
+    policy_reference_buffer = write_policy_reference_binary(&len_pr);
     ste_buffer = write_ste_binary(&len_ste);
     chwall_buffer = write_chwall_binary(&len_chwall);
 
@@ -1175,24 +1154,26 @@ int write_binary(char *filename)
         len += len_chwall;
     if (have_ste)
         len += len_ste;
+    len += len_pr;              /* policy reference is mandatory */
     header.len = htonl(len);
 
-    header.primary_buffer_offset = htonl(sizeof(struct acm_policy_buffer));
-    if (primary == CHWALL)
-    {
+    header.policy_reference_offset =
+        htonl(sizeof(struct acm_policy_buffer));
+
+    header.primary_buffer_offset =
+        htonl(sizeof(struct acm_policy_buffer) + len_pr);
+    if (primary == CHWALL) {
         header.primary_policy_code = htonl(ACM_CHINESE_WALL_POLICY);
         header.secondary_buffer_offset =
-            htonl((sizeof(struct acm_policy_buffer)) + len_chwall);
-    }
-    else if (primary == STE)
-    {
+            htonl((sizeof(struct acm_policy_buffer)) + len_pr +
+                  len_chwall);
+    } else if (primary == STE) {
         header.primary_policy_code =
             htonl(ACM_SIMPLE_TYPE_ENFORCEMENT_POLICY);
         header.secondary_buffer_offset =
-            htonl((sizeof(struct acm_policy_buffer)) + len_ste);
-    }
-    else
-    {
+            htonl((sizeof(struct acm_policy_buffer)) + len_pr +
+                  len_ste);
+    } else {
         /* null policy */
         header.primary_policy_code = htonl(ACM_NULL_POLICY);
         header.secondary_buffer_offset =
@@ -1208,36 +1189,52 @@ int write_binary(char *filename)
         header.secondary_policy_code = htonl(ACM_NULL_POLICY);
 
     if (write(fd, (void *) &header, sizeof(struct acm_policy_buffer))
-        != sizeof(struct acm_policy_buffer))
-        return -EIO;
+        != sizeof(struct acm_policy_buffer)) {
+        ret = -EIO;
+        goto out1;
+    }
 
-    /* write primary policy component */
-    if (primary == CHWALL)
-    {
-        if (write(fd, chwall_buffer, len_chwall) != len_chwall)
-            return -EIO;
+    /* write label reference name */
+    if (write(fd, policy_reference_buffer, len_pr) != len_pr) {
+        ret = -EIO;
+        goto out1;
     }
-    else if (primary == STE)
-    {
-        if (write(fd, ste_buffer, len_ste) != len_ste)
-            return -EIO;
-    } else
-        ;                     /* NULL POLICY has no policy data */
+    /* write primary policy component */
+    if (primary == CHWALL) {
+        if (write(fd, chwall_buffer, len_chwall) != len_chwall) {
+            ret = -EIO;
+            goto out1;
+        }
+    } else if (primary == STE) {
+        if (write(fd, ste_buffer, len_ste) != len_ste) {
+            ret = -EIO;
+            goto out1;
+        }
+    } else;                     /* NULL POLICY has no policy data */
 
     /* write secondary policy component */
-    if (secondary == CHWALL)
-    {
-        if (write(fd, chwall_buffer, len_chwall) != len_chwall)
-            return -EIO;
-    }
-    else if (secondary == STE)
-    {
-        if (write(fd, ste_buffer, len_ste) != len_ste)
-            return -EIO;
+    if (secondary == CHWALL) {
+        if (write(fd, chwall_buffer, len_chwall) != len_chwall) {
+            ret = -EIO;
+            goto out1;
+        }
+    } else if (secondary == STE) {
+        if (write(fd, ste_buffer, len_ste) != len_ste) {
+            ret = -EIO;
+            goto out1;
+        }
     } else;                     /* NULL POLICY has no policy data */
 
+  out1:
+    /* cleanup */
+    if (policy_reference_buffer)
+        free(policy_reference_buffer);
+    if (chwall_buffer)
+        free(chwall_buffer);
+    if (ste_buffer)
+        free(ste_buffer);
     close(fd);
-    return 0;
+    return ret;
 }
 
 int is_valid(xmlDocPtr doc)
@@ -1253,18 +1250,15 @@ int is_valid(xmlDocPtr doc)
 
 #ifdef VALIDATE_SCHEMA
     /* only tested to be available from libxml2-2.6.20 upwards */
-    if ((err = xmlSchemaIsValid(schemavalid_ctxt)) != 1)
-    {
+    if ((err = xmlSchemaIsValid(schemavalid_ctxt)) != 1) {
         printf("ERROR: Invalid schema file %s (err=%d)\n",
                schema_filename, err);
         err = -EIO;
         goto out;
-    }
-    else
+    } else
         printf("XML Schema %s valid.\n", schema_filename);
 #endif
-    if ((err = xmlSchemaValidateDoc(schemavalid_ctxt, doc)))
-    {
+    if ((err = xmlSchemaValidateDoc(schemavalid_ctxt, doc))) {
         err = -EIO;
         goto out;
     }
@@ -1277,10 +1271,9 @@ int is_valid(xmlDocPtr doc)
 
 int main(int argc, char **argv)
 {
-    xmlDocPtr labeldoc = NULL;
     xmlDocPtr policydoc = NULL;
 
-    int err = EXIT_SUCCESS;
+    int err = EXIT_FAILURE;
 
     char *file_prefix;
     int prefix_len;
@@ -1288,16 +1281,18 @@ int main(int argc, char **argv)
     int opt_char;
     char *policy_dir = POLICY_DIR;
 
-    if (ACM_POLICY_VERSION != WRITTEN_AGAINST_ACM_POLICY_VERSION)
-    {
-        printf("ERROR: This program was written against an older ACM version.\n");
+    if (ACM_POLICY_VERSION != WRITTEN_AGAINST_ACM_POLICY_VERSION) {
+        printf
+            ("ERROR: This program was written against an older ACM version.\n");
+        printf("ERROR: ACM_POLICY_VERSION=%d, WRITTEN AGAINST= %d.\n",
+               ACM_POLICY_VERSION, WRITTEN_AGAINST_ACM_POLICY_VERSION);
         exit(EXIT_FAILURE);
     }
 
     while ((opt_char = getopt(argc, argv, "d:")) != -1) {
         switch (opt_char) {
         case 'd':
-            policy_dir = malloc(strlen(optarg) + 2); // null terminator and possibly "/"
+            policy_dir = malloc(strlen(optarg) + 2);    /* null terminator and possibly "/" */
             if (!policy_dir) {
                 printf("ERROR allocating directory name memory.\n");
                 exit(EXIT_FAILURE);
@@ -1315,20 +1310,21 @@ int main(int argc, char **argv)
     if ((argc - optind) != 1)
         usage(basename(argv[0]));
 
-    prefix_len = strlen(policy_dir) +
-        strlen(argv[optind]) + 1 /* "/" */  +
-        strlen(argv[optind]) + 1 /* null terminator */ ;
+    printf("arg=%s\n", argv[optind]);
+
+    prefix_len =
+        strlen(policy_dir) + strlen(argv[optind]) +
+        1 /* null terminator */ ;
 
     file_prefix = malloc(prefix_len);
     policy_filename = malloc(prefix_len + strlen(POLICY_EXTENSION));
-    label_filename = malloc(prefix_len + strlen(LABEL_EXTENSION));
     binary_filename = malloc(prefix_len + strlen(BINARY_EXTENSION));
     mapping_filename = malloc(prefix_len + strlen(MAPPING_EXTENSION));
-    schema_filename = malloc(strlen(policy_dir) + strlen(SCHEMA_FILENAME) + 1);
+    schema_filename =
+        malloc(strlen(policy_dir) + strlen(SCHEMA_FILENAME) + 1);
 
-    if (!file_prefix || !policy_filename || !label_filename ||
-        !binary_filename || !mapping_filename || !schema_filename)
-    {
+    if (!file_prefix || !policy_filename ||
+        !binary_filename || !mapping_filename || !schema_filename) {
         printf("ERROR allocating file name memory.\n");
         goto out2;
     }
@@ -1336,85 +1332,56 @@ int main(int argc, char **argv)
     /* create input/output filenames out of prefix */
     strcpy(file_prefix, policy_dir);
     strcat(file_prefix, argv[optind]);
-    strcat(file_prefix, "/");
-    strcat(file_prefix, argv[optind]);
 
     strcpy(policy_filename, file_prefix);
-    strcpy(label_filename, file_prefix);
     strcpy(binary_filename, file_prefix);
     strcpy(mapping_filename, file_prefix);
 
     strcat(policy_filename, POLICY_EXTENSION);
-    strcat(label_filename, LABEL_EXTENSION);
     strcat(binary_filename, BINARY_EXTENSION);
     strcat(mapping_filename, MAPPING_EXTENSION);
 
     strcpy(schema_filename, policy_dir);
     strcat(schema_filename, SCHEMA_FILENAME);
 
-    labeldoc = xmlParseFile(label_filename);
-
-    if (labeldoc == NULL)
-    {
-        printf("Error: could not parse file %s.\n", argv[optind]);
-        goto out2;
-    }
-
-    printf("Validating label file %s...\n", label_filename);
-    if (!is_valid(labeldoc))
-    {
-        printf("ERROR: Failed schema-validation for file %s (err=%d)\n",
-               label_filename, err);
-        goto out1;
-    }
-
     policydoc = xmlParseFile(policy_filename);
 
-    if (policydoc == NULL)
-    {
+    if (policydoc == NULL) {
         printf("Error: could not parse file %s.\n", argv[optind]);
-        goto out1;
+        goto out;
     }
 
     printf("Validating policy file %s...\n", policy_filename);
 
-    if (!is_valid(policydoc))
-    {
+    if (!is_valid(policydoc)) {
         printf("ERROR: Failed schema-validation for file %s (err=%d)\n",
                policy_filename, err);
         goto out;
     }
 
-    /* Init queues and parse policy */
-    create_type_mapping(policydoc);
-
-    /* create ssids */
-    create_ssid_mapping(labeldoc);
+    /* create mappings */
+    create_mappings(policydoc);
 
     /* write label mapping file */
-    if (write_mapping(mapping_filename))
-    {
+    if (write_mapping(mapping_filename)) {
         printf("ERROR: writing mapping file %s.\n", mapping_filename);
         goto out;
     }
 
     /* write binary file */
-    if (write_binary(binary_filename))
-    {
+    if (write_binary(binary_filename)) {
         printf("ERROR: writing binary file %s.\n", binary_filename);
         goto out;
     }
-
+    err = EXIT_SUCCESS;
     /* write stats */
-    if (have_chwall)
-    {
+    if (have_chwall) {
         printf("Max chwall labels:  %u\n", max_chwall_labels);
         printf("Max chwall-types:   %u\n", max_chwall_types);
         printf("Max chwall-ssids:   %u\n", max_chwall_ssids);
     }
 
-    if (have_ste)
-    {
+    if (have_ste) {
         printf("Max ste labels:     %u\n", max_ste_labels);
         printf("Max ste-types:      %u\n", max_ste_types);
         printf("Max ste-ssids:      %u\n", max_ste_ssids);
@@ -1422,10 +1389,17 @@ int main(int argc, char **argv)
     /* cleanup */
   out:
     xmlFreeDoc(policydoc);
-  out1:
-    xmlFreeDoc(labeldoc);
   out2:
     xmlCleanupParser();
     return err;
 }
 
+/*
+ * Local variables:
+ * mode: C
+ * c-set-style: "BSD"
+ * c-basic-offset: 4
+ * tab-width: 4
+ * indent-tabs-mode: nil
+ * End:
+ */
diff --git a/tools/security/secpol_xml2bin.h b/tools/security/secpol_xml2bin.h
index 2ac2330e25..cb4e9023dc 100644
--- a/tools/security/secpol_xml2bin.h
+++ b/tools/security/secpol_xml2bin.h
@@ -12,37 +12,41 @@
  * License.
  *
  */
-#define POLICY_DIR          "/etc/xen/acm-security/policies/"
-#define POLICY_EXTENSION    "-security_policy.xml"
-#define LABEL_EXTENSION     "-security_label_template.xml"
-#define BINARY_EXTENSION    ".bin"
-#define MAPPING_EXTENSION   ".map"
-#define PRIMARY_COMPONENT_ATTR_NAME "order"
-#define BOOTSTRAP_LABEL_ATTR_NAME   "bootstrap"
-#define PRIMARY_COMPONENT   "PrimaryPolicyComponent"
-#define SCHEMA_FILENAME     "security_policy.xsd"
+#define POLICY_DIR          			"/etc/xen/acm-security/policies/"
+#define POLICY_EXTENSION    			"-security_policy.xml"
+#define BINARY_EXTENSION    			".bin"
+#define MAPPING_EXTENSION   			".map"
+#define PRIMARY_COMPONENT_ATTR_NAME 	"order"
+#define BOOTSTRAP_LABEL_ATTR_NAME   	"bootstrap"
+#define PRIMARY_COMPONENT   			"PrimaryPolicyComponent"
+#define SCHEMA_FILENAME     			"security_policy.xsd"
 
 /* basic states (used as 1 << X) */
-#define XML2BIN_SECPOL		    0   /* policy tokens */
-#define XML2BIN_STE		        1
+#define ENDOFLIST_POS           22  /* ADAPT!! this position will be NULL; stay below 32 (bit) */
+#define XML2BIN_SECPOL          0   /* policy tokens */
+#define XML2BIN_STE             1
 #define XML2BIN_CHWALL          2
-#define XML2BIN_CONFLICTSETS   	3
-#define XML2BIN_CSTYPE	    	4
-
-#define XML2BIN_SECTEMPLATE	    5   /* label tokens */
-#define XML2BIN_POLICYHEADER   	6
-#define XML2BIN_LABELHEADER     7
-#define XML2BIN_SUBJECTS        8
-#define XML2BIN_OBJECTS  	    9
-#define XML2BIN_VM      	    10
-#define XML2BIN_RES          	11
-
-#define XML2BIN_STETYPES	    12  /* shared tokens */
-#define XML2BIN_CHWALLTYPES	    13
-#define XML2BIN_TYPE		    14
-#define XML2BIN_NAME            15
-#define XML2BIN_TEXT		    16
-#define XML2BIN_COMMENT	    	17
+#define XML2BIN_CONFLICTSETS    3
+#define XML2BIN_CSTYPE          4
+#define XML2BIN_POLICYHEADER    5
+#define XML2BIN_NSURL           6
+#define XML2BIN_POLICYNAME      7
+#define XML2BIN_URL             8
+#define XML2BIN_REFERENCE       9
+#define XML2BIN_DATE            10
+
+#define XML2BIN_LABELTEMPLATE   11  /* label tokens */
+#define XML2BIN_SUBJECTS        12
+#define XML2BIN_OBJECTS         13
+#define XML2BIN_VM              14
+#define XML2BIN_RES             15
+#define XML2BIN_NAME            16
+
+#define XML2BIN_STETYPES        17  /* shared tokens */
+#define XML2BIN_CHWALLTYPES     18
+#define XML2BIN_TYPE            19
+#define XML2BIN_TEXT            20
+#define XML2BIN_COMMENT         21
 
 /* type "data type" (currently 16bit) */
 typedef u_int16_t type_t;
@@ -51,27 +55,34 @@ typedef u_int16_t type_t;
  * state constants and token positions must be  *
  * in sync for correct state recognition        */
 
-char *token[20] =                       /* parser triggers */
+char *token[32] =                       /* parser triggers */
 {
-    [0] = "SecurityPolicyDefinition",   /* policy xml */
-    [1] = "SimpleTypeEnforcement",
-    [2] = "ChineseWall",
-    [3] = "ConflictSets",
-    [4] = "Conflict",                   /* label-template xml */
-    [5] = "SecurityLabelTemplate",
-    [6] = "PolicyHeader",
-    [7] = "LabelHeader",
-    [8] = "SubjectLabels",
-    [9] = "ObjectLabels",
-    [10] = "VirtualMachineLabel",
-    [11] = "ResourceLabel",
-    [12] = "SimpleTypeEnforcementTypes",                  /* common tags */
-    [13] = "ChineseWallTypes",
-    [14] = "Type",
-    [15] = "Name",
-    [16] = "text",
-    [17] = "comment",
-    [18] = NULL,
+    [XML2BIN_SECPOL]        = "SecurityPolicyDefinition", /* policy xml */
+    [XML2BIN_STE]           = "SimpleTypeEnforcement",
+    [XML2BIN_CHWALL]        = "ChineseWall",
+    [XML2BIN_CONFLICTSETS]  = "ConflictSets",
+    [XML2BIN_CSTYPE]        = "Conflict",
+    [XML2BIN_POLICYHEADER]  = "PolicyHeader",
+    [XML2BIN_NSURL]         = "NameSpaceUrl",
+    [XML2BIN_POLICYNAME]    = "PolicyName",
+    [XML2BIN_URL]           = "PolicyUrl",
+    [XML2BIN_REFERENCE]     = "Reference",
+    [XML2BIN_DATE]          = "Date",
+
+    [XML2BIN_LABELTEMPLATE] = "SecurityLabelTemplate", /* label-template xml */
+    [XML2BIN_SUBJECTS]      = "SubjectLabels",
+    [XML2BIN_OBJECTS]       = "ObjectLabels",
+    [XML2BIN_VM]            = "VirtualMachineLabel",
+    [XML2BIN_RES]           = "ResourceLabel",
+    [XML2BIN_NAME]          = "Name",
+
+    [XML2BIN_STETYPES]      = "SimpleTypeEnforcementTypes", /* common tags */
+    [XML2BIN_CHWALLTYPES]   = "ChineseWallTypes",
+    [XML2BIN_TYPE]          = "Type",
+	[XML2BIN_TEXT]          = "text",
+    [XML2BIN_COMMENT]       = "comment",
+    [ENDOFLIST_POS]         = NULL  /* End of LIST, adapt ENDOFLIST_POS
+                                       when adding entries */
 };
 
 /* important combined states */
@@ -82,47 +93,53 @@ char *token[20] =                       /* parser triggers */
 /* e.g., here we are in a <secpol,ste,stetypes> environment,  *
  * so when finding a type element, we know where to put it    */
 #define XML2BIN_stetype_S ((1 << XML2BIN_SECPOL) | \
-				 (1 << XML2BIN_STE) | 	 \
-				 (1 << XML2BIN_STETYPES))
+                 (1 << XML2BIN_STE) | \
+                 (1 << XML2BIN_STETYPES))
 
 #define XML2BIN_chwalltype_S ((1 << XML2BIN_SECPOL) | \
-				 (1 << XML2BIN_CHWALL) | \
-				 (1 << XML2BIN_CHWALLTYPES))
+                 (1 << XML2BIN_CHWALL) | \
+                 (1 << XML2BIN_CHWALLTYPES))
 
 #define XML2BIN_conflictset_S ((1 << XML2BIN_SECPOL) | \
-				 (1 << XML2BIN_CHWALL) | \
-				 (1 << XML2BIN_CONFLICTSETS))
+                 (1 << XML2BIN_CHWALL) | \
+                 (1 << XML2BIN_CONFLICTSETS))
 
 #define XML2BIN_conflictsettype_S ((1 << XML2BIN_SECPOL) | \
-				 (1 << XML2BIN_CHWALL) | \
-				 (1 << XML2BIN_CONFLICTSETS) | \
-				 (1 << XML2BIN_CSTYPE))
+                 (1 << XML2BIN_CHWALL) | \
+                 (1 << XML2BIN_CONFLICTSETS) | \
+                 (1 << XML2BIN_CSTYPE))
 
+#define XML2BIN_PN_S ((1 << XML2BIN_SECPOL) | \
+                 (1 << XML2BIN_POLICYHEADER))
 
 /* label xml states */
-#define XML2BIN_VM_S ((1 << XML2BIN_SECTEMPLATE) | \
-                      (1 << XML2BIN_SUBJECTS) |    \
-                      (1 << XML2BIN_VM))
-
-#define XML2BIN_RES_S ((1 << XML2BIN_SECTEMPLATE) | \
-                       (1 << XML2BIN_OBJECTS) |     \
-                       (1 << XML2BIN_RES))
-
-#define XML2BIN_VM_STE_S ((1 << XML2BIN_SECTEMPLATE) | \
-                        (1 << XML2BIN_SUBJECTS) | \
-                        (1 << XML2BIN_VM) | \
-                        (1 << XML2BIN_STETYPES))
-
-#define XML2BIN_VM_CHWALL_S ((1 << XML2BIN_SECTEMPLATE) | \
-                           (1 << XML2BIN_SUBJECTS) | \
-                           (1 << XML2BIN_VM) | \
-                           (1 << XML2BIN_CHWALLTYPES))
-
-#define XML2BIN_RES_STE_S ((1 << XML2BIN_SECTEMPLATE) | \
-                         (1 << XML2BIN_OBJECTS) | \
-                         (1 << XML2BIN_RES) | \
-                         (1 << XML2BIN_STETYPES))
-
+#define XML2BIN_VM_S ((1 << XML2BIN_SECPOL) | \
+                 (1 << XML2BIN_LABELTEMPLATE) |	\
+                 (1 << XML2BIN_SUBJECTS) | \
+                 (1 << XML2BIN_VM))
+
+#define XML2BIN_RES_S ((1 << XML2BIN_SECPOL) | \
+                 (1 << XML2BIN_LABELTEMPLATE) |	\
+                 (1 << XML2BIN_OBJECTS) | \
+                 (1 << XML2BIN_RES))
+
+#define XML2BIN_VM_STE_S ((1 << XML2BIN_SECPOL) | \
+                 (1 << XML2BIN_LABELTEMPLATE) |	\
+                 (1 << XML2BIN_SUBJECTS) | \
+                 (1 << XML2BIN_VM) | \
+                 (1 << XML2BIN_STETYPES))
+
+#define XML2BIN_VM_CHWALL_S ((1 << XML2BIN_SECPOL) | \
+                 (1 << XML2BIN_LABELTEMPLATE) | \
+                 (1 << XML2BIN_SUBJECTS) | \
+                 (1 << XML2BIN_VM) | \
+                 (1 << XML2BIN_CHWALLTYPES))
+
+#define XML2BIN_RES_STE_S ((1 << XML2BIN_SECPOL) | \
+                 (1 << XML2BIN_LABELTEMPLATE) | \
+                 (1 << XML2BIN_OBJECTS) | \
+                 (1 << XML2BIN_RES) | \
+                 (1 << XML2BIN_STETYPES))
 
 
 /* check versions of headers against which the
@@ -130,7 +147,7 @@ char *token[20] =                       /* parser triggers */
  */
 
 /* protects from unnoticed changes in struct acm_policy_buffer */
-#define WRITTEN_AGAINST_ACM_POLICY_VERSION  1
+#define WRITTEN_AGAINST_ACM_POLICY_VERSION  2
 
 /* protects from unnoticed changes in struct acm_chwall_policy_buffer */
 #define WRITTEN_AGAINST_ACM_CHWALL_VERSION  1
diff --git a/tools/security/setlabel.sh b/tools/security/setlabel.sh
deleted file mode 100644
index cb82a21320..0000000000
--- a/tools/security/setlabel.sh
+++ /dev/null
@@ -1,106 +0,0 @@
-#!/bin/sh
-# *
-# * setlabel
-# *
-# * Copyright (C) 2005 IBM Corporation
-# *
-# * Authors:
-# * Stefan Berger <stefanb@us.ibm.com>
-# *
-# * This program is free software; you can redistribute it and/or
-# * modify it under the terms of the GNU General Public License as
-# * published by the Free Software Foundation, version 2 of the
-# * License.
-# *
-# * 'setlabel' labels virtual machine (domain) configuration files with
-# * security identifiers that can be enforced in Xen.
-# *
-# * 'setlabel -?' shows the usage of the program
-# *
-# * 'setlabel -l vmconfig-file' lists all available labels (only VM
-# *            labels are used right now)
-# *
-# * 'setlabel vmconfig-file security-label map-file' inserts the 'ssidref'
-# *                       that corresponds to the security-label under the
-# *                       current policy (if policy changes, 'label'
-# *                       must be re-run over the configuration files;
-# *                       map-file is created during policy translation and
-# *                       is found in the policy's directory
-#
-
-if [ -z "$runbash" ]; then
-	runbash="1"
-	export runbash
-	exec sh -c "bash $0 $*"
-fi
-
-export PATH=$PATH:.
-dir=`dirname $0`
-source $dir/labelfuncs.sh
-
-usage ()
-{
-	prg=`basename $0`
-echo "Use this tool to put the ssidref corresponding to a label of a policy into
-the VM configuration file, or use it to display all labels of a policy.
-
-Usage: $prg [-r] <vmfile> <label> [<policy name> [<policy dir>]] or
-       $prg -l [<policy name> [<policy dir>]]
-
--r          : to relabel a file without being prompted
--l          : to show the valid labels in a map file
-vmfile      : XEN vm configuration file; give complete path
-label       : the label to map to an ssidref
-policy name : the name of the policy, i.e. 'chwall'
-              If the policy name is omitted, it is attempted
-              to find the current policy's name in grub.conf.
-policy dir  : the directory where the <policy name> policy is located
-              The default location is '/etc/xen/acm-security/policies'
-"
-}
-
-if [ "$1" == "-r" ]; then
-	mode="relabel"
-	shift
-elif [ "$1" == "-l" ]; then
-	mode="show"
-	shift
-elif [ "$1" == "-h" ]; then
-	mode="usage"
-fi
-
-if [ "$mode" == "usage" ]; then
-	usage
-elif [ "$mode" == "show" ]; then
-	setPolicyVars $1 $2
-	ret=$?
-	if [ $ret -eq 0 ]; then
-		echo "Error when trying to find policy-related information."
-		exit -1
-	fi
-	findMapFile $policy $policydir
-	ret=$?
-	if [ $ret -eq 0 ]; then
-		echo "Could not find map file for policy '$policy'."
-		exit -1
-	fi
-	showLabels $mapfile
-else
-	if [ "$2" == "" ]; then
-		usage
-		exit -1
-	fi
-	setPolicyVars $3 $4
-	ret=$?
-	if [ $ret -eq 0 ]; then
-		echo "Error when trying to find policy-related information."
-		exit -1
-	fi
-	findMapFile $policy $policydir
-	ret=$?
-	if [ $ret -eq 0 ]; then
-		echo "Could not find map file for policy '$policy'."
-		exit -1
-	fi
-	relabel $1 $2 $mapfile $mode
-fi
diff --git a/tools/security/updategrub.sh b/tools/security/updategrub.sh
deleted file mode 100644
index 643c45021a..0000000000
--- a/tools/security/updategrub.sh
+++ /dev/null
@@ -1,90 +0,0 @@
-#!/bin/sh
-# *
-# * updategrub
-# *
-# * Copyright (C) 2005 IBM Corporation
-# *
-# * Authors:
-# * Stefan Berger <stefanb@us.ibm.com>
-# *
-# * This program is free software; you can redistribute it and/or
-# * modify it under the terms of the GNU General Public License as
-# * published by the Free Software Foundation, version 2 of the
-# * License.
-# *
-# *
-#
-
-if [ -z "$runbash" ]; then
-	runbash="1"
-	export runbash
-	exec sh -c "bash $0 $*"
-	exit
-fi
-
-dir=`dirname $0`
-source $dir/labelfuncs.sh
-
-acmroot=$ACM_DEFAULT_ROOT
-
-
-# Show usage of this program
-usage ()
-{
-	prg=`basename $0`
-echo "Use this tool to add the binary policy to the Xen grub entry and
-have Xen automatically enforce the policy when starting.
-
-Usage: $prg [-d <policies root>] <policy name> [<kernel version>]
-
-<policies root>  : The directory where the policies directory is located in;
-                   default is $acmroot
-<policy name>    : The name of the policy, i.e. xen_null
-<kernel version> : The version of the kernel to apply the policy
-                   against, i.e. 2.6.12.6-xen0
-                   If not specified, a kernel version ending with '-xen0'
-                   will be searched for in '/lib/modules'
-"
-}
-
-
-
-if [ "$1" == "-h" ]; then
-	usage
-	exit 0
-elif [ "$1" == "-d" ]; then
-	shift
-	acmroot=$1
-	shift
-fi
-
-if [ "$1" == "" ]; then
-	echo "Error: Not enough command line parameters."
-	echo ""
-	usage
-	exit -1
-fi
-
-
-policy=$1
-policyfile=$policy.bin
-
-getLinuxVersion $2
-
-findGrubConf
-ret=$?
-if [ $ret -eq 0 ]; then
-	echo "Could not find grub.conf."
-	exit -1
-elif [ $ret -eq 2 ]; then
-	echo "Need to have write-access to $grubconf. Exiting."
-	exit -1
-fi
-
-cpBootPolicy /boot $acmroot $policy
-ret=$?
-if [ $ret -ne 1 ]; then
-	echo "Error copying or generating the binary policy."
-	exit -1
-fi
-updateGrub $grubconf $policyfile $linux
diff --git a/tools/xm-test/README b/tools/xm-test/README
index 61023f4d7b..62897748d8 100644
--- a/tools/xm-test/README
+++ b/tools/xm-test/README
@@ -212,6 +212,24 @@ use it with relatively few problems.
 Known Issues
 ============
 
+If you create a domain with a small amount of memory, under 32MBs, you
+may run into out of memory situations for the domain. There's no way
+to know the amount of memory needed by the kernel and modules used. Xm-test
+uses 64MBs as default and that should work. If there are out of memory
+issues, the default can be changed. Edit xm-test/lib/XmTestLib/XenDomain.py
+and change ParavirtDefaults and HVMDefaults "memory".
+
+There are two tests that work with small memory, 15_create_smallmem_pos.py 
+and 16_create_smallmem_neg.py. The first makes sure the default 32 MBs 
+limit works. The second checks a low memory fail situation. These tests
+are located in the xm-test/tests/create directory and can be easily edited
+to change the MEM value they should test. If the 32MBs test fails, the
+failure should be reported to the Xen xen-devel mailing list. The Xen
+tools use 32MBs as a lower acceptable limit for domain creation. The Xen
+mailing lists are located here:
+
+http://lists.xensource.com/
+
 
 Reporting Bugs
 ==============
diff --git a/tools/xm-test/lib/XmTestLib/Console.py b/tools/xm-test/lib/XmTestLib/Console.py
index 33455ef047..695106be60 100755
--- a/tools/xm-test/lib/XmTestLib/Console.py
+++ b/tools/xm-test/lib/XmTestLib/Console.py
@@ -46,7 +46,7 @@ class ConsoleError(Exception):
 
 class XmConsole:
 
-    def __init__(self, domain, historyLimit=256, historySaveAll=True, historySaveCmds=False):
+    def __init__(self, domain, historyLimit=256, historySaveAll=True, historySaveCmds=False, cLimit=131072):
         """
         Parameters:
           historyLimit:     specifies how many lines of history are maintained
@@ -65,7 +65,7 @@ class XmConsole:
         self.historySaveAll   = historySaveAll
         self.historySaveCmds  = historySaveCmds
         self.debugMe          = False
-        self.limit            = None
+        self.limit            = cLimit
 
         consoleCmd = ["/usr/sbin/xm", "xm", "console", domain]
 
diff --git a/tools/xm-test/lib/XmTestLib/XenDomain.py b/tools/xm-test/lib/XmTestLib/XenDomain.py
index ac11ba9a6b..1779d459ae 100644
--- a/tools/xm-test/lib/XmTestLib/XenDomain.py
+++ b/tools/xm-test/lib/XmTestLib/XenDomain.py
@@ -252,7 +252,7 @@ class XmTestDomain(XenDomain):
             waitForBoot()
 
     def minSafeMem(self):
-        return 16
+        return 32
 
 if __name__ == "__main__":
 
diff --git a/tools/xm-test/tests/create/15_create_smallmem_pos.py b/tools/xm-test/tests/create/15_create_smallmem_pos.py
index ed8c24d4ef..2658cf379d 100644
--- a/tools/xm-test/tests/create/15_create_smallmem_pos.py
+++ b/tools/xm-test/tests/create/15_create_smallmem_pos.py
@@ -5,7 +5,8 @@
 
 from XmTestLib import *
 
-MEM = 16
+# 32MBs is the default lower limit for creating domains, it should work
+MEM = 32
 
 domain = XmTestDomain(extraConfig={"memory": MEM,
                                    "extra" :"mem=%iM" % MEM})
@@ -17,7 +18,6 @@ except DomainError, e:
 
 try:
     console = XmConsole(domain.getName())
-    console.setLimit(65536)
     console.sendInput("input")
     console.runCmd("ls")
 except ConsoleError, e:
diff --git a/tools/xm-test/tests/create/16_create_smallmem_neg.py b/tools/xm-test/tests/create/16_create_smallmem_neg.py
new file mode 100644
index 0000000000..589208580c
--- /dev/null
+++ b/tools/xm-test/tests/create/16_create_smallmem_neg.py
@@ -0,0 +1,32 @@
+#!/usr/bin/python
+
+# Copyright (C) International Business Machines Corp., 2005
+# Author: Dan Smith <danms@us.ibm.com>
+
+from XmTestLib import *
+
+# This is under the default lower limit of 32 and we expect this test
+# to fail. 16MBs isn't enough for the -xen kernel.
+MEM = 16
+
+domain = XmTestDomain(extraConfig={"memory": MEM,
+                                   "extra" :"mem=%iM" % MEM})
+
+try:
+    domain.start()
+except DomainError, e:
+    FAIL("Unable to start a domain with %i MB" % MEM)
+
+try:
+    console = XmConsole(domain.getName())
+    console.sendInput("input")
+    console.runCmd("ls")
+except ConsoleError, e:
+    if e.reason == RUNAWAY:
+        print "Domain with %i MB has runaway console as expected" % MEM
+    else:
+        print "Starting a domain with %i MB failed as expected" % MEM
+else:
+    FAIL("Starting a console with %i MB passed, expected test to fail" % MEM)
+
+domain.destroy()
diff --git a/tools/xm-test/tests/create/Makefile.am b/tools/xm-test/tests/create/Makefile.am
index bd64f5529c..6dcd6a0d64 100644
--- a/tools/xm-test/tests/create/Makefile.am
+++ b/tools/xm-test/tests/create/Makefile.am
@@ -13,7 +13,8 @@ TESTS = 01_create_basic_pos.test \
 	12_create_concurrent_stress_pos.test \
 	13_create_multinic_pos.test \
 	14_create_blockroot_pos.test \
-	15_create_smallmem_pos.test
+	15_create_smallmem_pos.test \
+	16_create_smallmem_neg.test
 
 EXTRA_DIST = $(TESTS)
 
diff --git a/tools/xm-test/tests/vtpm/04_vtpm-loc_migr.py b/tools/xm-test/tests/vtpm/04_vtpm-loc_migr.py
new file mode 100644
index 0000000000..33ef06bf30
--- /dev/null
+++ b/tools/xm-test/tests/vtpm/04_vtpm-loc_migr.py
@@ -0,0 +1,99 @@
+#!/usr/bin/python
+
+# Copyright (C) International Business Machines Corp., 2006
+# Author: Stefan Berger <stefanb@us.ibm.com>
+
+# Positive Test: create domain with virtual TPM attached at build time,
+#                check list of pcrs; locally migrate the domain and
+#                check list of pcrs again
+
+from XmTestLib import *
+from vtpm_utils import *
+import commands
+import os
+import os.path
+
+config = {"vtpm":"instance=1,backend=0"}
+domain = XmTestDomain(extraConfig=config)
+
+try:
+    domain.start()
+except DomainError, e:
+    if verbose:
+        print e.extra
+    vtpm_cleanup(domain.getName())
+    FAIL("Unable to create domain")
+
+domName = domain.getName()
+
+try:
+    console = XmConsole(domain.getName())
+except ConsoleError, e:
+    vtpm_cleanup(domName)
+    FAIL(str(e))
+
+try:
+    console.sendInput("input")
+except ConsoleError, e:
+    saveLog(console.getHistory())
+    vtpm_cleanup(domName)
+    FAIL(str(e))
+
+try:
+    run = console.runCmd("cat /sys/devices/platform/tpm_vtpm/pcrs")
+except ConsoleError, e:
+    saveLog(console.getHistory())
+    vtpm_cleanup(domName)
+    FAIL(str(e))
+
+if re.search("No such file",run["output"]):
+    vtpm_cleanup(domName)
+    FAIL("TPM frontend support not compiled into (domU?) kernel")
+
+console.closeConsole()
+
+old_domid = domid(domName)
+
+try:
+    status, ouptut = traceCommand("xm migrate -l %s localhost" %
+                                  domName,
+                                  timeout=90)
+except TimeoutError, e:
+    saveLog(console.getHistory())
+    vtpm_cleanup(domName)
+    FAIL(str(e))
+
+if status != 0:
+    saveLog(console.getHistory())
+    vtpm_cleanup(domName)
+    FAIL("xm migrate did not succeed. External device migration activated?")
+
+
+domName = domain.getName()
+new_domid = domid(domName)
+
+if (old_domid == new_domid):
+    vtpm_cleanup(domName)
+    FAIL("xm migrate failed, domain id is still %s" % old_domid)
+
+try:
+    console = XmConsole(domain.getName())
+except ConsoleError, e:
+    vtpm_cleanup(domName)
+    FAIL(str(e))
+
+try:
+    run = console.runCmd("cat /sys/devices/platform/tpm_vtpm/pcrs")
+except ConsoleError, e:
+    saveLog(console.getHistory())
+    vtpm_cleanup(domName)
+    FAIL(str(e))
+
+console.closeConsole()
+
+domain.stop()
+
+vtpm_cleanup(domName)
+
+if not re.search("PCR-00:",run["output"]):
+	FAIL("Virtual TPM is not working correctly on /dev/vtpm on backend side")
diff --git a/tools/xm-test/tests/vtpm/Makefile.am b/tools/xm-test/tests/vtpm/Makefile.am
index 3e11292827..ec3f775452 100644
--- a/tools/xm-test/tests/vtpm/Makefile.am
+++ b/tools/xm-test/tests/vtpm/Makefile.am
@@ -2,7 +2,8 @@ SUBDIRS =
 
 TESTS = 01_vtpm-list_pos.test \
         02_vtpm-cat_pcrs.test \
-        03_vtpm-susp_res.test
+        03_vtpm-susp_res.test \
+        04_vtpm-loc_migr.test
 
 XFAIL_TESTS =
 
diff --git a/xen/Makefile b/xen/Makefile
index 18e651ad89..a349fd43de 100644
--- a/xen/Makefile
+++ b/xen/Makefile
@@ -13,12 +13,8 @@ default: build
 .PHONY: dist
 dist: install
 
-.PHONY: debug
-debug:
-	objdump -D -S $(TARGET)-syms > $(TARGET).s
-
 .PHONY: build install clean cscope TAGS tags
-build install clean cscope TAGS tags::
+build install debug clean cscope TAGS tags::
 	make -f Rules.mk _$@
 
 .PHONY: _build
@@ -38,6 +34,10 @@ _install: $(TARGET).gz
 	$(INSTALL_DATA) include/public/io/*.h $(DESTDIR)/usr/include/xen/io
 	$(INSTALL_DATA) include/public/COPYING $(DESTDIR)/usr/include/xen
 
+.PHONY: _debug
+_debug:
+	objdump -D -S $(TARGET)-syms > $(TARGET).s
+
 .PHONY: _clean
 _clean: delete-unfresh-files
 	$(MAKE) -C tools clean
diff --git a/xen/acm/acm_core.c b/xen/acm/acm_core.c
index 2e85abf38d..28afa50afc 100644
--- a/xen/acm/acm_core.c
+++ b/xen/acm/acm_core.c
@@ -70,17 +70,46 @@ acm_set_endian(void)
     u32 test = 1;
     if (*((u8 *)&test) == 1)
     {
-        printk("ACM module running in LITTLE ENDIAN.\n");
+        printkd("ACM module running in LITTLE ENDIAN.\n");
         little_endian = 1;
     }
     else
     {
-        printk("ACM module running in BIG ENDIAN.\n");
+        printkd("ACM module running in BIG ENDIAN.\n");
         little_endian = 0;
     }
 }
 
 int
+acm_set_policy_reference(u8 * buf, u32 buf_size)
+{
+    struct acm_policy_reference_buffer *pr = (struct acm_policy_reference_buffer *)buf;
+    acm_bin_pol.policy_reference_name = (char *)xmalloc_array(u8, ntohl(pr->len));
+
+    if (!acm_bin_pol.policy_reference_name)
+        return -ENOMEM;
+
+    strcpy(acm_bin_pol.policy_reference_name, (char *)(buf + sizeof(struct acm_policy_reference_buffer)));
+    printk("%s: Activating policy %s\n", __func__, acm_bin_pol.policy_reference_name);
+    return 0;
+}
+
+int
+acm_dump_policy_reference(u8 *buf, u32 buf_size)
+{
+    struct acm_policy_reference_buffer *pr_buf = (struct acm_policy_reference_buffer *)buf;
+    int ret = sizeof(struct acm_policy_reference_buffer) + strlen(acm_bin_pol.policy_reference_name) + 1;
+
+    if (buf_size < ret)
+        return -EINVAL;
+
+    pr_buf->len = htonl(strlen(acm_bin_pol.policy_reference_name) + 1); /* including stringend '\0' */
+    strcpy((char *)(buf + sizeof(struct acm_policy_reference_buffer)),
+           acm_bin_pol.policy_reference_name);
+    return ret;
+}
+
+int
 acm_init_binary_policy(u32 policy_code)
 {
     int ret = ACM_OK;
@@ -198,7 +227,7 @@ acm_setup(unsigned int *initrdidx,
                                 0);
             if (rc == ACM_OK)
             {
-                printf("Policy len  0x%lx, start at %p.\n",_policy_len,_policy_start);
+                printkd("Policy len  0x%lx, start at %p.\n",_policy_len,_policy_start);
                 if (i == 1)
                 {
                     if (mbi->mods_count > 2)
@@ -218,6 +247,8 @@ acm_setup(unsigned int *initrdidx,
             else
             {
                 printk("Invalid policy. %d.th module line.\n", i+1);
+                /* load default policy later */
+                acm_active_security_policy = ACM_POLICY_UNDEFINED;
             }
         } /* end if a binary policy definition, i.e., (ntohl(pol->magic) == ACM_MAGIC ) */
     }
@@ -239,10 +270,8 @@ acm_init(unsigned int *initrdidx,
 
     if (acm_active_security_policy != ACM_POLICY_UNDEFINED)
     {
-        printk("%s: Boot-Policy. Enforcing %s: Primary %s, Secondary %s.\n", __func__,
-               ACM_POLICY_NAME(acm_active_security_policy),
-               ACM_POLICY_NAME(acm_bin_pol.primary_policy_code),
-               ACM_POLICY_NAME(acm_bin_pol.secondary_policy_code));
+        printk("%s: Enforcing %s boot policy.\n", __func__,
+               ACM_POLICY_NAME(acm_active_security_policy));
         goto out;
     }
     /* else continue with the minimal hardcoded default startup policy */
@@ -254,6 +283,10 @@ acm_init(unsigned int *initrdidx,
         goto out;
     }
     acm_active_security_policy = ACM_DEFAULT_SECURITY_POLICY;
+    if (acm_active_security_policy != ACM_NULL_POLICY)
+        acm_bin_pol.policy_reference_name = "DEFAULT";
+    else
+        acm_bin_pol.policy_reference_name = "NULL";
 
  out:
     if (ret != ACM_OK)
@@ -314,7 +347,7 @@ acm_init_domain_ssid(domid_t id, ssidref_t ssidref)
         put_domain(subj);
         return ACM_INIT_SSID_ERROR;
     }
-    printk("%s: assigned domain %x the ssidref=%x.\n",
+    printkd("%s: assigned domain %x the ssidref=%x.\n",
            __func__, id, ssid->ssidref);
     put_domain(subj);
     return ACM_OK;
diff --git a/xen/acm/acm_policy.c b/xen/acm/acm_policy.c
index a581f7d723..a8bd36efc0 100644
--- a/xen/acm/acm_policy.c
+++ b/xen/acm/acm_policy.c
@@ -85,13 +85,19 @@ acm_set_policy(void *buf, u32 buf_size, int isuserbuffer)
     /* get bin_policy lock and rewrite policy (release old one) */
     write_lock(&acm_bin_pol_rwlock);
 
-    /* 3. set primary policy data */
+    /* 3. set label reference name */
+    if (acm_set_policy_reference(buf + ntohl(pol->policy_reference_offset),
+                                 ntohl(pol->primary_buffer_offset) -
+                                 ntohl(pol->policy_reference_offset)))
+        goto error_lock_free;
+
+    /* 4. set primary policy data */
     if (acm_primary_ops->set_binary_policy(buf + ntohl(pol->primary_buffer_offset),
                                            ntohl(pol->secondary_buffer_offset) -
                                            ntohl(pol->primary_buffer_offset)))
         goto error_lock_free;
 
-    /* 4. set secondary policy data */
+    /* 5. set secondary policy data */
     if (acm_secondary_ops->set_binary_policy(buf + ntohl(pol->secondary_buffer_offset),
                                              ntohl(pol->len) - 
                                              ntohl(pol->secondary_buffer_offset)))
@@ -130,9 +136,18 @@ acm_get_policy(void *buf, u32 buf_size)
     bin_pol->secondary_policy_code = htonl(acm_bin_pol.secondary_policy_code);
 
     bin_pol->len = htonl(sizeof(struct acm_policy_buffer));
+    bin_pol->policy_reference_offset = htonl(ntohl(bin_pol->len));
     bin_pol->primary_buffer_offset = htonl(ntohl(bin_pol->len));
     bin_pol->secondary_buffer_offset = htonl(ntohl(bin_pol->len));
      
+    ret = acm_dump_policy_reference(policy_buffer + ntohl(bin_pol->policy_reference_offset),
+                                    buf_size - ntohl(bin_pol->policy_reference_offset));
+    if (ret < 0)
+        goto error_free_unlock;
+
+    bin_pol->len = htonl(ntohl(bin_pol->len) + ret);
+    bin_pol->primary_buffer_offset = htonl(ntohl(bin_pol->len));
+
     ret = acm_primary_ops->dump_binary_policy (policy_buffer + ntohl(bin_pol->primary_buffer_offset),
                                                buf_size - ntohl(bin_pol->primary_buffer_offset));
     if (ret < 0)
@@ -227,6 +242,14 @@ acm_get_ssid(ssidref_t ssidref, u8 *buf, u16 buf_size)
     acm_ssid->ssidref = ssidref;
     acm_ssid->primary_policy_code = acm_bin_pol.primary_policy_code;
     acm_ssid->secondary_policy_code = acm_bin_pol.secondary_policy_code;
+
+    acm_ssid->policy_reference_offset = acm_ssid->len;
+    ret = acm_dump_policy_reference(ssid_buffer + acm_ssid->policy_reference_offset,
+                                    buf_size - acm_ssid->policy_reference_offset);
+    if (ret < 0)
+        goto error_free_unlock;
+
+    acm_ssid->len += ret;
     acm_ssid->primary_types_offset = acm_ssid->len;
 
     /* ret >= 0 --> ret == max_types */
diff --git a/xen/arch/x86/boot/x86_64.S b/xen/arch/x86/boot/x86_64.S
index ffcd144811..a7d0310b31 100644
--- a/xen/arch/x86/boot/x86_64.S
+++ b/xen/arch/x86/boot/x86_64.S
@@ -252,10 +252,10 @@ ENTRY(idle_pg_table_4)
 ENTRY(idle_pg_table_l3)
         .quad idle_pg_table_l2 - __PAGE_OFFSET + 7
 
-/* Initial PDE -- level-2 page table. Maps first 64MB physical memory. */
+/* Initial PDE -- level-2 page table. Maps first 1GB physical memory. */
         .org 0x4000
 ENTRY(idle_pg_table_l2)
-        .macro identmap from=0, count=32
+        .macro identmap from=0, count=512
         .if \count-1
         identmap "(\from+0)","(\count/2)"
         identmap "(\from+(0x200000*(\count/2)))","(\count/2)"
diff --git a/xen/arch/x86/cpu/common.c b/xen/arch/x86/cpu/common.c
index cfcae8cb85..63237c82f4 100644
--- a/xen/arch/x86/cpu/common.c
+++ b/xen/arch/x86/cpu/common.c
@@ -575,6 +575,8 @@ void __devinit cpu_init(void)
 #if defined(CONFIG_X86_32)
 	t->ss0  = __HYPERVISOR_DS;
 	t->esp0 = get_stack_bottom();
+	if ( supervisor_mode_kernel && cpu_has_sep )
+		wrmsr(MSR_IA32_SYSENTER_ESP, &t->esp1, 0);
 #elif defined(CONFIG_X86_64)
 	/* Bottom-of-stack must be 16-byte aligned! */
 	BUG_ON((get_stack_bottom() & 15) != 0);
diff --git a/xen/arch/x86/dom0_ops.c b/xen/arch/x86/dom0_ops.c
index ab76b4e9f5..8c9ad34a37 100644
--- a/xen/arch/x86/dom0_ops.c
+++ b/xen/arch/x86/dom0_ops.c
@@ -379,13 +379,24 @@ long arch_do_dom0_op(struct dom0_op *op, GUEST_HANDLE(dom0_op_t) u_dom0_op)
     case DOM0_PLATFORM_QUIRK:
     {
         extern int opt_noirqbalance;
-        switch ( op->u.platform_quirk.quirk_id )
+        int quirk_id = op->u.platform_quirk.quirk_id;
+        switch ( quirk_id )
         {
         case QUIRK_NOIRQBALANCING:
             printk("Platform quirk -- Disabling IRQ balancing/affinity.\n");
             opt_noirqbalance = 1;
             setup_ioapic_dest();
             break;
+        case QUIRK_IOAPIC_BAD_REGSEL:
+        case QUIRK_IOAPIC_GOOD_REGSEL:
+#ifndef sis_apic_bug
+            sis_apic_bug = (quirk_id == QUIRK_IOAPIC_BAD_REGSEL);
+            DPRINTK("Domain 0 says that IO-APIC REGSEL is %s\n",
+                    sis_apic_bug ? "bad" : "good");
+#else
+            BUG_ON(sis_apic_bug != (quirk_id == QUIRK_IOAPIC_BAD_REGSEL));
+#endif
+            break;
         default:
             ret = -EINVAL;
             break;
diff --git a/xen/arch/x86/domain.c b/xen/arch/x86/domain.c
index a657fba2eb..e590abf347 100644
--- a/xen/arch/x86/domain.c
+++ b/xen/arch/x86/domain.c
@@ -21,6 +21,12 @@
 #include <xen/softirq.h>
 #include <xen/grant_table.h>
 #include <xen/iocap.h>
+#include <xen/kernel.h>
+#include <xen/multicall.h>
+#include <xen/irq.h>
+#include <xen/event.h>
+#include <xen/console.h>
+#include <xen/percpu.h>
 #include <asm/regs.h>
 #include <asm/mc146818rtc.h>
 #include <asm/system.h>
@@ -30,22 +36,12 @@
 #include <asm/i387.h>
 #include <asm/mpspec.h>
 #include <asm/ldt.h>
-#include <xen/irq.h>
-#include <xen/event.h>
 #include <asm/shadow.h>
-#include <xen/console.h>
-#include <xen/elf.h>
 #include <asm/hvm/hvm.h>
 #include <asm/hvm/support.h>
 #include <asm/msr.h>
-#include <xen/kernel.h>
-#include <xen/multicall.h>
 
-struct percpu_ctxt {
-    struct vcpu *curr_vcpu;
-    unsigned int dirty_segment_mask;
-} __cacheline_aligned;
-static struct percpu_ctxt percpu_ctxt[NR_CPUS];
+DEFINE_PER_CPU(struct vcpu *, curr_vcpu);
 
 static void paravirt_ctxt_switch_from(struct vcpu *v);
 static void paravirt_ctxt_switch_to(struct vcpu *v);
@@ -123,11 +119,6 @@ void dump_pageframe_info(struct domain *d)
     }
 }
 
-void set_current_execstate(struct vcpu *v)
-{
-    percpu_ctxt[smp_processor_id()].curr_vcpu = v;
-}
-
 struct vcpu *alloc_vcpu_struct(struct domain *d, unsigned int vcpu_id)
 {
     struct vcpu *v;
@@ -459,6 +450,7 @@ void new_thread(struct vcpu *d,
  * allowing load_segments() to avoid some expensive segment loads and
  * MSR writes.
  */
+static DEFINE_PER_CPU(unsigned int, dirty_segment_mask);
 #define DIRTY_DS           0x01
 #define DIRTY_ES           0x02
 #define DIRTY_FS           0x04
@@ -473,8 +465,8 @@ static void load_segments(struct vcpu *n)
     unsigned int dirty_segment_mask, cpu = smp_processor_id();
 
     /* Load and clear the dirty segment mask. */
-    dirty_segment_mask = percpu_ctxt[cpu].dirty_segment_mask;
-    percpu_ctxt[cpu].dirty_segment_mask = 0;
+    dirty_segment_mask = per_cpu(dirty_segment_mask, cpu);
+    per_cpu(dirty_segment_mask, cpu) = 0;
 
     /* Either selector != 0 ==> reload. */
     if ( unlikely((dirty_segment_mask & DIRTY_DS) | nctxt->user_regs.ds) )
@@ -601,7 +593,7 @@ static void save_segments(struct vcpu *v)
         dirty_segment_mask |= DIRTY_GS_BASE_USER;
     }
 
-    percpu_ctxt[smp_processor_id()].dirty_segment_mask = dirty_segment_mask;
+    this_cpu(dirty_segment_mask) = dirty_segment_mask;
 }
 
 #define switch_kernel_stack(v) ((void)0)
@@ -638,7 +630,7 @@ static void __context_switch(void)
 {
     struct cpu_user_regs *stack_regs = guest_cpu_user_regs();
     unsigned int          cpu = smp_processor_id();
-    struct vcpu          *p = percpu_ctxt[cpu].curr_vcpu;
+    struct vcpu          *p = per_cpu(curr_vcpu, cpu);
     struct vcpu          *n = current;
 
     ASSERT(p != n);
@@ -692,7 +684,7 @@ static void __context_switch(void)
         cpu_clear(cpu, p->domain->domain_dirty_cpumask);
     cpu_clear(cpu, p->vcpu_dirty_cpumask);
 
-    percpu_ctxt[cpu].curr_vcpu = n;
+    per_cpu(curr_vcpu, cpu) = n;
 }
 
 
@@ -716,7 +708,7 @@ void context_switch(struct vcpu *prev, struct vcpu *next)
 
     set_current(next);
 
-    if ( (percpu_ctxt[cpu].curr_vcpu == next) || is_idle_vcpu(next) )
+    if ( (per_cpu(curr_vcpu, cpu) == next) || is_idle_vcpu(next) )
     {
         local_irq_enable();
     }
@@ -758,7 +750,7 @@ int __sync_lazy_execstate(void)
 
     local_irq_save(flags);
 
-    switch_required = (percpu_ctxt[smp_processor_id()].curr_vcpu != current);
+    switch_required = (this_cpu(curr_vcpu) != current);
 
     if ( switch_required )
         __context_switch();
diff --git a/xen/arch/x86/domain_build.c b/xen/arch/x86/domain_build.c
index 599753a613..6b38f6f052 100644
--- a/xen/arch/x86/domain_build.c
+++ b/xen/arch/x86/domain_build.c
@@ -443,7 +443,7 @@ int construct_dom0(struct domain *d,
     v->arch.guest_table = mk_pagetable((unsigned long)l3start);
 #else
     l2start = l2tab = (l2_pgentry_t *)mpt_alloc; mpt_alloc += PAGE_SIZE;
-    memcpy(l2tab, &idle_pg_table[0], PAGE_SIZE);
+    memcpy(l2tab, idle_pg_table, PAGE_SIZE);
     l2tab[LINEAR_PT_VIRT_START >> L2_PAGETABLE_SHIFT] =
         l2e_from_paddr((unsigned long)l2start, __PAGE_HYPERVISOR);
     v->arch.guest_table = mk_pagetable((unsigned long)l2start);
@@ -569,7 +569,7 @@ int construct_dom0(struct domain *d,
     /* WARNING: The new domain must have its 'processor' field filled in! */
     maddr_to_page(mpt_alloc)->u.inuse.type_info = PGT_l4_page_table;
     l4start = l4tab = __va(mpt_alloc); mpt_alloc += PAGE_SIZE;
-    memcpy(l4tab, &idle_pg_table[0], PAGE_SIZE);
+    memcpy(l4tab, idle_pg_table, PAGE_SIZE);
     l4tab[l4_table_offset(LINEAR_PT_VIRT_START)] =
         l4e_from_paddr(__pa(l4start), __PAGE_HYPERVISOR);
     l4tab[l4_table_offset(PERDOMAIN_VIRT_START)] =
diff --git a/xen/arch/x86/genapic/probe.c b/xen/arch/x86/genapic/probe.c
index 4b1d375b1d..30d89c27fe 100644
--- a/xen/arch/x86/genapic/probe.c
+++ b/xen/arch/x86/genapic/probe.c
@@ -81,9 +81,11 @@ int __init mps_oem_check(struct mp_config_table *mpc, char *oem, char *productid
 	int i;
 	for (i = 0; apic_probe[i]; ++i) { 
 		if (apic_probe[i]->mps_oem_check(mpc,oem,productid)) { 
-			genapic = apic_probe[i];
-			printk(KERN_INFO "Switched to APIC driver `%s'.\n", 
-			       genapic->name);
+			if (!cmdline_apic) {
+				genapic = apic_probe[i];
+				printk(KERN_INFO "Switched to APIC driver `%s'.\n", 
+				       genapic->name);
+			}
 			return 1;
 		} 
 	} 
@@ -95,9 +97,11 @@ int __init acpi_madt_oem_check(char *oem_id, char *oem_table_id)
 	int i;
 	for (i = 0; apic_probe[i]; ++i) { 
 		if (apic_probe[i]->acpi_madt_oem_check(oem_id, oem_table_id)) { 
-			genapic = apic_probe[i];
-			printk(KERN_INFO "Switched to APIC driver `%s'.\n", 
-			       genapic->name);
+			if (!cmdline_apic) {
+				genapic = apic_probe[i];
+				printk(KERN_INFO "Switched to APIC driver `%s'.\n", 
+				       genapic->name);
+			}
 			return 1;
 		} 
 	} 
diff --git a/xen/arch/x86/hvm/Makefile b/xen/arch/x86/hvm/Makefile
index 7cde715116..bc2cc1bf18 100644
--- a/xen/arch/x86/hvm/Makefile
+++ b/xen/arch/x86/hvm/Makefile
@@ -2,6 +2,7 @@ subdir-y += svm
 subdir-y += vmx
 
 obj-y += hvm.o
+obj-y += i8254.o
 obj-y += i8259.o
 obj-y += intercept.o
 obj-y += io.o
diff --git a/xen/arch/x86/hvm/hvm.c b/xen/arch/x86/hvm/hvm.c
index c3f3318d40..a15765be9b 100644
--- a/xen/arch/x86/hvm/hvm.c
+++ b/xen/arch/x86/hvm/hvm.c
@@ -203,6 +203,8 @@ void hvm_setup_platform(struct domain* d)
         spin_lock_init(&d->arch.hvm_domain.round_robin_lock);
         hvm_vioapic_init(d);
     }
+
+    pit_init(&platform->vpit, current);
 }
 
 void pic_irq_request(void *data, int level)
diff --git a/xen/arch/x86/hvm/i8254.c b/xen/arch/x86/hvm/i8254.c
new file mode 100644
index 0000000000..e01748aeb3
--- /dev/null
+++ b/xen/arch/x86/hvm/i8254.c
@@ -0,0 +1,595 @@
+/*
+ * QEMU 8253/8254 interval timer emulation
+ * 
+ * Copyright (c) 2003-2004 Fabrice Bellard
+ * Copyright (c) 2006 Intel Corperation
+ * 
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+ * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+/* Edwin Zhai <edwin.zhai@intel.com>
+ * Ported to xen:
+ * use actimer for intr generation;
+ * move speaker io access to hypervisor;
+ * use new method for counter/intrs calculation
+ */
+
+#include <xen/config.h>
+#include <xen/types.h>
+#include <xen/mm.h>
+#include <xen/xmalloc.h>
+#include <xen/lib.h>
+#include <xen/errno.h>
+#include <xen/sched.h>
+#include <asm/hvm/hvm.h>
+#include <asm/hvm/io.h>
+#include <asm/hvm/support.h>
+#include <asm/hvm/vpit.h>
+#include <asm/current.h>
+
+/*#define DEBUG_PIT*/
+
+#define RW_STATE_LSB 1
+#define RW_STATE_MSB 2
+#define RW_STATE_WORD0 3
+#define RW_STATE_WORD1 4
+
+#ifndef NSEC_PER_SEC
+#define NSEC_PER_SEC (1000000000ULL)
+#endif
+
+#ifndef TIMER_SLOP 
+#define TIMER_SLOP (50*1000) /* ns */
+#endif
+
+static void pit_irq_timer_update(PITChannelState *s, s64 current_time);
+
+s_time_t hvm_get_clock(void)
+{
+    /* TODO: add pause/unpause support */
+    return NOW();
+}
+
+static int pit_get_count(PITChannelState *s)
+{
+    u64 d;
+    u64 counter;
+
+    d = hvm_get_clock() - s->count_load_time;
+    switch(s->mode) {
+    case 0:
+    case 1:
+    case 4:
+    case 5:
+        counter = (s->period - d) & 0xffff;
+        break;
+    case 3:
+        /* XXX: may be incorrect for odd counts */
+        counter = s->period - ((2 * d) % s->period);
+        break;
+    default:
+        /* mod 2 counter handle */
+        d = hvm_get_clock() - s->hvm_time->count_point;
+        d += s->hvm_time->count_advance;
+        counter = s->period - (d % s->period);
+        break;
+    }
+    /* change from ns to pit counter */
+    counter = DIV_ROUND( (counter * PIT_FREQ), NSEC_PER_SEC);
+    return counter;
+}
+
+/* get pit output bit */
+static int pit_get_out1(PITChannelState *s, s64 current_time)
+{
+    u64 d;
+    int out;
+
+    d = current_time - s->count_load_time;
+    switch(s->mode) {
+    default:
+    case 0:
+        out = (d >= s->period);
+        break;
+    case 1:
+        out = (d < s->period);
+        break;
+    case 2:
+        /* mod2 out is no meaning, since intr are generated in background */
+        if ((d % s->period) == 0 && d != 0)
+            out = 1;
+        else
+            out = 0;
+        break;
+    case 3:
+        out = (d % s->period) < ((s->period + 1) >> 1);
+        break;
+    case 4:
+    case 5:
+        out = (d == s->period);
+        break;
+    }
+    return out;
+}
+
+int pit_get_out(hvm_virpit *pit, int channel, s64 current_time)
+{
+    PITChannelState *s = &pit->channels[channel];
+    return pit_get_out1(s, current_time);
+}
+
+static __inline__ s64 missed_ticks(PITChannelState *s, s64 current_time)
+{
+    struct hvm_time_info *hvm_time = s->hvm_time;
+    struct domain *d = (void *) s - 
+        offsetof(struct domain, arch.hvm_domain.vpit.channels[0]);
+
+    /* ticks from current time(expected time) to NOW */ 
+    int missed_ticks;
+    /* current_time is expected time for next intr, check if it's true
+     * (actimer has a TIMER_SLOP in advance)
+     */
+    s64 missed_time = hvm_get_clock() + TIMER_SLOP - current_time;
+
+    if (missed_time >= 0) {
+        missed_ticks = missed_time/(s_time_t)s->period + 1;
+        if (test_bit(_DOMF_debugging, &d->domain_flags)) {
+            hvm_time->pending_intr_nr++;
+        } else {
+            hvm_time->pending_intr_nr += missed_ticks;
+        }
+        s->next_transition_time = current_time + (missed_ticks ) * s->period;
+    }
+
+    return s->next_transition_time;
+}
+
+/* only rearm the actimer when return value > 0
+ *  -2: init state
+ *  -1: the mode has expired
+ *   0: current VCPU is not running
+ *  >0: the next fired time
+ */
+s64 pit_get_next_transition_time(PITChannelState *s, 
+                                            s64 current_time)
+{
+    s64 d, next_time, base;
+    int period2;
+    struct hvm_time_info *hvm_time = s->hvm_time;
+
+    d = current_time - s->count_load_time;
+    switch(s->mode) {
+    default:
+    case 0:
+    case 1:
+        if (d < s->period)
+            next_time = s->period;
+        else
+            return -1;
+        break;
+    case 2:
+        next_time = missed_ticks(s, current_time);
+        if ( !test_bit(_VCPUF_running, &(hvm_time->vcpu->vcpu_flags)) )
+            return 0;
+        break;
+    case 3:
+        base = (d / s->period) * s->period;
+        period2 = ((s->period + 1) >> 1);
+        if ((d - base) < period2) 
+            next_time = base + period2;
+        else
+            next_time = base + s->period;
+        break;
+    case 4:
+    case 5:
+        if (d < s->period)
+            next_time = s->period;
+        else if (d == s->period)
+            next_time = s->period + 1;
+        else
+            return -1;
+        break;
+    case 0xff:
+        return -2;      /* for init state */ 
+        break;
+    }
+    /* XXX: better solution: use a clock at PIT_FREQ Hz */
+    if (next_time <= current_time){
+#ifdef DEBUG_PIT
+        printk("HVM_PIT:next_time <= current_time. next=0x%llx, current=0x%llx!\n",next_time, current_time);
+#endif
+        next_time = current_time + 1;
+    }
+    return next_time;
+}
+
+/* val must be 0 or 1 */
+void pit_set_gate(hvm_virpit *pit, int channel, int val)
+{
+    PITChannelState *s = &pit->channels[channel];
+
+    switch(s->mode) {
+    default:
+    case 0:
+    case 4:
+        /* XXX: just disable/enable counting */
+        break;
+    case 1:
+    case 5:
+        if (s->gate < val) {
+            /* restart counting on rising edge */
+            s->count_load_time = hvm_get_clock();
+            pit_irq_timer_update(s, s->count_load_time);
+        }
+        break;
+    case 2:
+    case 3:
+        if (s->gate < val) {
+            /* restart counting on rising edge */
+            s->count_load_time = hvm_get_clock();
+            pit_irq_timer_update(s, s->count_load_time);
+        }
+        /* XXX: disable/enable counting */
+        break;
+    }
+    s->gate = val;
+}
+
+int pit_get_gate(hvm_virpit *pit, int channel)
+{
+    PITChannelState *s = &pit->channels[channel];
+    return s->gate;
+}
+
+static inline void pit_load_count(PITChannelState *s, int val)
+{
+    if (val == 0)
+        val = 0x10000;
+
+    s->count_load_time = hvm_get_clock();
+    s->count = val;
+    s->period = DIV_ROUND(((s->count) * NSEC_PER_SEC), PIT_FREQ);
+
+#ifdef DEBUG_PIT
+    printk("HVM_PIT: pit-load-counter, count=0x%x,period=0x%u us,mode=%d, load_time=%lld\n",
+            val,
+            s->period / 1000,
+            s->mode,
+            s->count_load_time);
+#endif
+
+    if (s->mode == HVM_PIT_ACCEL_MODE) {
+        if (!s->hvm_time) {
+            printk("HVM_PIT:guest should only set mod 2 on channel 0!\n");
+            return;
+        }
+        s->hvm_time->period_cycles = (u64)s->period * cpu_khz / 1000000L;
+        s->hvm_time->first_injected = 0;
+
+        if (s->period < 900000) { /* < 0.9 ms */
+            printk("HVM_PIT: guest programmed too small an count: %x\n",
+                    s->count);
+            s->period = 1000000;
+        }
+    }
+        
+    pit_irq_timer_update(s, s->count_load_time);
+}
+
+/* if already latched, do not latch again */
+static void pit_latch_count(PITChannelState *s)
+{
+    if (!s->count_latched) {
+        s->latched_count = pit_get_count(s);
+        s->count_latched = s->rw_mode;
+    }
+}
+
+static void pit_ioport_write(void *opaque, u32 addr, u32 val)
+{
+    hvm_virpit *pit = opaque;
+    int channel, access;
+    PITChannelState *s;
+    val &= 0xff;
+
+    addr &= 3;
+    if (addr == 3) {
+        channel = val >> 6;
+        if (channel == 3) {
+            /* read back command */
+            for(channel = 0; channel < 3; channel++) {
+                s = &pit->channels[channel];
+                if (val & (2 << channel)) {
+                    if (!(val & 0x20)) {
+                        pit_latch_count(s);
+                    }
+                    if (!(val & 0x10) && !s->status_latched) {
+                        /* status latch */
+                        /* XXX: add BCD and null count */
+                        s->status =  (pit_get_out1(s, hvm_get_clock()) << 7) |
+                            (s->rw_mode << 4) |
+                            (s->mode << 1) |
+                            s->bcd;
+                        s->status_latched = 1;
+                    }
+                }
+            }
+        } else {
+            s = &pit->channels[channel];
+            access = (val >> 4) & 3;
+            if (access == 0) {
+                pit_latch_count(s);
+            } else {
+                s->rw_mode = access;
+                s->read_state = access;
+                s->write_state = access;
+
+                s->mode = (val >> 1) & 7;
+                s->bcd = val & 1;
+                /* XXX: update irq timer ? */
+            }
+        }
+    } else {
+        s = &pit->channels[addr];
+        switch(s->write_state) {
+        default:
+        case RW_STATE_LSB:
+            pit_load_count(s, val);
+            break;
+        case RW_STATE_MSB:
+            pit_load_count(s, val << 8);
+            break;
+        case RW_STATE_WORD0:
+            s->write_latch = val;
+            s->write_state = RW_STATE_WORD1;
+            break;
+        case RW_STATE_WORD1:
+            pit_load_count(s, s->write_latch | (val << 8));
+            s->write_state = RW_STATE_WORD0;
+            break;
+        }
+    }
+}
+
+static u32 pit_ioport_read(void *opaque, u32 addr)
+{
+    hvm_virpit *pit = opaque;
+    int ret, count;
+    PITChannelState *s;
+    
+    addr &= 3;
+    s = &pit->channels[addr];
+    if (s->status_latched) {
+        s->status_latched = 0;
+        ret = s->status;
+    } else if (s->count_latched) {
+        switch(s->count_latched) {
+        default:
+        case RW_STATE_LSB:
+            ret = s->latched_count & 0xff;
+            s->count_latched = 0;
+            break;
+        case RW_STATE_MSB:
+            ret = s->latched_count >> 8;
+            s->count_latched = 0;
+            break;
+        case RW_STATE_WORD0:
+            ret = s->latched_count & 0xff;
+            s->count_latched = RW_STATE_MSB;
+            break;
+        }
+    } else {
+        switch(s->read_state) {
+        default:
+        case RW_STATE_LSB:
+            count = pit_get_count(s);
+            ret = count & 0xff;
+            break;
+        case RW_STATE_MSB:
+            count = pit_get_count(s);
+            ret = (count >> 8) & 0xff;
+            break;
+        case RW_STATE_WORD0:
+            count = pit_get_count(s);
+            ret = count & 0xff;
+            s->read_state = RW_STATE_WORD1;
+            break;
+        case RW_STATE_WORD1:
+            count = pit_get_count(s);
+            ret = (count >> 8) & 0xff;
+            s->read_state = RW_STATE_WORD0;
+            break;
+        }
+    }
+    return ret;
+}
+
+static void pit_irq_timer_update(PITChannelState *s, s64 current_time)
+{
+    s64 expire_time;
+    int irq_level;
+    struct vcpu *v = current;
+    struct hvm_virpic *pic= &v->domain->arch.hvm_domain.vpic;
+
+    if (!s->hvm_time || s->mode == 0xff)
+        return;
+
+    expire_time = pit_get_next_transition_time(s, current_time);
+    /* not generate intr by direct pic_set_irq in mod 2
+     * XXX:mod 3 should be same as mod 2
+     */
+    if (s->mode != HVM_PIT_ACCEL_MODE) {
+        irq_level = pit_get_out1(s, current_time);
+        pic_set_irq(pic, s->irq, irq_level);
+        s->next_transition_time = expire_time;
+#ifdef DEBUG_PIT
+        printk("HVM_PIT:irq_level=%d next_delay=%l ns\n",
+                irq_level, 
+                (expire_time - current_time));
+#endif
+    }
+
+    if (expire_time > 0)
+        set_timer(&(s->hvm_time->pit_timer), s->next_transition_time);
+
+}
+
+static void pit_irq_timer(void *data)
+{
+    PITChannelState *s = data;
+
+    pit_irq_timer_update(s, s->next_transition_time);
+}
+
+static void pit_reset(void *opaque)
+{
+    hvm_virpit *pit = opaque;
+    PITChannelState *s;
+    int i;
+
+    for(i = 0;i < 3; i++) {
+        s = &pit->channels[i];
+        s->mode = 0xff; /* the init mode */
+        s->gate = (i != 2);
+        pit_load_count(s, 0);
+    }
+}
+
+/* hvm_io_assist light-weight version, specific to PIT DM */ 
+static void resume_pit_io(ioreq_t *p)
+{
+    struct cpu_user_regs *regs = guest_cpu_user_regs();
+    unsigned long old_eax = regs->eax;
+    p->state = STATE_INVALID;
+
+    switch(p->size) {
+    case 1:
+        regs->eax = (old_eax & 0xffffff00) | (p->u.data & 0xff);
+        break;
+    case 2:
+        regs->eax = (old_eax & 0xffff0000) | (p->u.data & 0xffff);
+        break;
+    case 4:
+        regs->eax = (p->u.data & 0xffffffff);
+        break;
+    default:
+        BUG();
+    }
+}
+
+/* the intercept action for PIT DM retval:0--not handled; 1--handled */  
+int handle_pit_io(ioreq_t *p)
+{
+    struct vcpu *v = current;
+    struct hvm_virpit *vpit = &(v->domain->arch.hvm_domain.vpit);
+
+    if (p->size != 1 ||
+        p->pdata_valid ||
+        p->type != IOREQ_TYPE_PIO){
+        printk("HVM_PIT:wrong PIT IO!\n");
+        return 1;
+    }
+    
+    if (p->dir == 0) {/* write */
+        pit_ioport_write(vpit, p->addr, p->u.data);
+    } else if (p->dir == 1) { /* read */
+        p->u.data = pit_ioport_read(vpit, p->addr);
+        resume_pit_io(p);
+    }
+
+    /* always return 1, since PIT sit in HV now */
+    return 1;
+}
+
+static void speaker_ioport_write(void *opaque, uint32_t addr, uint32_t val)
+{
+    hvm_virpit *pit = opaque;
+    val &= 0xff;
+    pit->speaker_data_on = (val >> 1) & 1;
+    pit_set_gate(pit, 2, val & 1);
+}
+
+static uint32_t speaker_ioport_read(void *opaque, uint32_t addr)
+{
+    int out;
+    hvm_virpit *pit = opaque;
+    out = pit_get_out(pit, 2, hvm_get_clock());
+    pit->dummy_refresh_clock ^= 1;
+
+    return (pit->speaker_data_on << 1) | pit_get_gate(pit, 2) | (out << 5) |
+      (pit->dummy_refresh_clock << 4);
+}
+
+int handle_speaker_io(ioreq_t *p)
+{
+    struct vcpu *v = current;
+    struct hvm_virpit *vpit = &(v->domain->arch.hvm_domain.vpit);
+
+    if (p->size != 1 ||
+        p->pdata_valid ||
+        p->type != IOREQ_TYPE_PIO){
+        printk("HVM_SPEAKER:wrong SPEAKER IO!\n");
+        return 1;
+    }
+    
+    if (p->dir == 0) {/* write */
+        speaker_ioport_write(vpit, p->addr, p->u.data);
+    } else if (p->dir == 1) {/* read */
+        p->u.data = speaker_ioport_read(vpit, p->addr);
+        resume_pit_io(p);
+    }
+
+    return 1;
+}
+
+/* pick up missed timer ticks at deactive time */
+void pickup_deactive_ticks(struct hvm_virpit *vpit)
+{
+    s64 next_time;
+    PITChannelState *s = &(vpit->channels[0]);
+    if ( !active_timer(&(vpit->time_info.pit_timer)) ) {
+        next_time = pit_get_next_transition_time(s, s->next_transition_time); 
+        if (next_time >= 0)
+            set_timer(&(s->hvm_time->pit_timer), s->next_transition_time);
+    }
+}
+
+void pit_init(struct hvm_virpit *pit, struct vcpu *v)
+{
+    PITChannelState *s;
+    struct hvm_time_info *hvm_time;
+
+    s = &pit->channels[0];
+    /* the timer 0 is connected to an IRQ */
+    s->irq = 0;
+    /* channel 0 need access the related time info for intr injection */
+    hvm_time = s->hvm_time = &pit->time_info;
+    hvm_time->vcpu = v;
+
+    init_timer(&(hvm_time->pit_timer), pit_irq_timer, s, v->processor);
+
+    register_portio_handler(PIT_BASE, 4, handle_pit_io);
+
+    /* register the speaker port */
+    register_portio_handler(0x61, 1, handle_speaker_io);
+
+    pit_reset(pit);
+
+    return;
+
+}
diff --git a/xen/arch/x86/hvm/intercept.c b/xen/arch/x86/hvm/intercept.c
index d3883d7347..a84c5fe63b 100644
--- a/xen/arch/x86/hvm/intercept.c
+++ b/xen/arch/x86/hvm/intercept.c
@@ -206,139 +206,6 @@ int register_io_handler(unsigned long addr, unsigned long size,
     return 1;
 }
 
-static void pit_cal_count(struct hvm_virpit *vpit)
-{
-    u64 nsec_delta = (unsigned int)((NOW() - vpit->count_point));
-
-    nsec_delta += vpit->count_advance;
-    if (nsec_delta > vpit->period)
-        HVM_DBG_LOG(DBG_LEVEL_1,
-	            "HVM_PIT: long time has passed from last injection!");
-
-    if(vpit->init_val == 0)
-    {
-        printk("PIT init value == 0!\n");
-        domain_crash_synchronous();
-    }
-
-    vpit->count = vpit->init_val
-                  - ((nsec_delta * PIT_FREQ / 1000000000ULL) % vpit->init_val);
-}
-
-static void pit_latch_io(struct hvm_virpit *vpit)
-{
-    pit_cal_count(vpit);
-
-    switch(vpit->read_state) {
-    case MSByte:
-        vpit->count_MSB_latched=1;
-        break;
-    case LSByte:
-        vpit->count_LSB_latched=1;
-        break;
-    case LSByte_multiple:
-        vpit->count_LSB_latched=1;
-        vpit->count_MSB_latched=1;
-        break;
-    case MSByte_multiple:
-        HVM_DBG_LOG(DBG_LEVEL_1,
-	            "HVM_PIT: latch PIT counter before MSB_multiple!");
-        vpit->read_state=LSByte_multiple;
-        vpit->count_LSB_latched=1;
-        vpit->count_MSB_latched=1;
-        break;
-    default:
-        domain_crash_synchronous();
-    }
-}
-
-static int pit_read_io(struct hvm_virpit *vpit)
-{
-    if(vpit->count_LSB_latched) {
-        /* Read Least Significant Byte */
-        if(vpit->read_state==LSByte_multiple) {
-            vpit->read_state=MSByte_multiple;
-        }
-        vpit->count_LSB_latched=0;
-        return (vpit->count & 0xFF);
-    } else if(vpit->count_MSB_latched) {
-        /* Read Most Significant Byte */
-        if(vpit->read_state==MSByte_multiple) {
-            vpit->read_state=LSByte_multiple;
-        }
-        vpit->count_MSB_latched=0;
-        return ((vpit->count>>8) & 0xFF);
-    } else {
-        /* Unlatched Count Read */
-        HVM_DBG_LOG(DBG_LEVEL_1, "HVM_PIT: unlatched read");
-        pit_cal_count(vpit);
-        if(!(vpit->read_state & 0x1)) {
-            /* Read Least Significant Byte */
-            if(vpit->read_state==LSByte_multiple) {
-                vpit->read_state=MSByte_multiple;
-            }
-            return (vpit->count & 0xFF);
-        } else {
-            /* Read Most Significant Byte */
-            if(vpit->read_state==MSByte_multiple) {
-                vpit->read_state=LSByte_multiple;
-            }
-            return ((vpit->count>>8) & 0xFF);
-        }
-    }
-}
-
-/* hvm_io_assist light-weight version, specific to PIT DM */ 
-static void resume_pit_io(ioreq_t *p)
-{
-    struct cpu_user_regs *regs = guest_cpu_user_regs();
-    unsigned long old_eax = regs->eax;
-    p->state = STATE_INVALID;
-
-    switch(p->size) {
-    case 1:
-        regs->eax = (old_eax & 0xffffff00) | (p->u.data & 0xff);
-        break;
-    case 2:
-        regs->eax = (old_eax & 0xffff0000) | (p->u.data & 0xffff);
-        break;
-    case 4:
-        regs->eax = (p->u.data & 0xffffffff);
-        break;
-    default:
-        BUG();
-    }
-}
-
-/* the intercept action for PIT DM retval:0--not handled; 1--handled */
-int intercept_pit_io(ioreq_t *p)
-{
-    struct vcpu *v = current;
-    struct hvm_virpit *vpit = &(v->domain->arch.hvm_domain.vpit);
-
-    if (p->size != 1 ||
-        p->pdata_valid ||
-        p->type != IOREQ_TYPE_PIO)
-        return 0;
-    
-    if (p->addr == PIT_MODE &&
-        p->dir == 0 &&    /* write */
-        ((p->u.data >> 4) & 0x3) == 0 && /* latch command */
-        ((p->u.data >> 6) & 0x3) == (vpit->channel)) {/* right channel */
-        pit_latch_io(vpit);
-        return 1;
-    }
-
-    if (p->addr == (PIT_CH0 + vpit->channel) &&
-        p->dir == 1) { /* read */
-        p->u.data = pit_read_io(vpit);
-        resume_pit_io(p);
-        return 1;
-    }
-
-    return 0;
-}
-
 /* hooks function for the HLT instruction emulation wakeup */
 void hlt_timer_fn(void *data)
 {
@@ -347,109 +214,6 @@ void hlt_timer_fn(void *data)
     evtchn_set_pending(v, iopacket_port(v));
 }
 
-static __inline__ void missed_ticks(struct hvm_virpit*vpit)
-{
-    int missed_ticks;
-
-    missed_ticks = (NOW() - vpit->scheduled)/(s_time_t) vpit->period;
-    if ( missed_ticks++ >= 0 ) {
-        vpit->pending_intr_nr += missed_ticks;
-        vpit->scheduled += missed_ticks * vpit->period;
-    }
-}
-
-/* hooks function for the PIT when the guest is active */
-static void pit_timer_fn(void *data)
-{
-    struct vcpu *v = data;
-    struct hvm_virpit *vpit = &(v->domain->arch.hvm_domain.vpit);
-
-    /* pick up missed timer tick */
-    missed_ticks(vpit);
-    if ( test_bit(_VCPUF_running, &v->vcpu_flags) ) {
-        set_timer(&vpit->pit_timer, vpit->scheduled);
-    }
-}
-
-/* pick up missed timer ticks at deactive time */
-void pickup_deactive_ticks(struct hvm_virpit *vpit)
-{
-    if ( !active_timer(&(vpit->pit_timer)) ) {
-        missed_ticks(vpit);
-        set_timer(&vpit->pit_timer, vpit->scheduled);
-    }
-}
-
-/* Only some PIT operations such as load init counter need a hypervisor hook.
- * leave all other operations in user space DM
- */
-void hvm_hooks_assist(struct vcpu *v)
-{
-    vcpu_iodata_t *vio = get_vio(v->domain, v->vcpu_id);
-    ioreq_t *p = &vio->vp_ioreq;
-    struct hvm_virpit *vpit = &(v->domain->arch.hvm_domain.vpit);
-    int rw_mode, reinit = 0;
-
-    /* load init count*/
-    if (p->state == STATE_IORESP_HOOK) {
-        /* set up actimer, handle re-init */
-        if ( active_timer(&(vpit->pit_timer)) ) {
-            HVM_DBG_LOG(DBG_LEVEL_1, "HVM_PIT: guest reset PIT with channel %lx!\n", (unsigned long) ((p->u.data >> 24) & 0x3) );
-            stop_timer(&(vpit->pit_timer));
-            reinit = 1;
- 
-        }
-        else {
-            init_timer(&vpit->pit_timer, pit_timer_fn, v, v->processor);
-        }
-
-        /* init count for this channel */
-        vpit->init_val = (p->u.data & 0xFFFF) ;
-        /* frequency(ns) of pit */
-        vpit->period = DIV_ROUND(((vpit->init_val) * 1000000000ULL), PIT_FREQ);
-        HVM_DBG_LOG(DBG_LEVEL_1,"HVM_PIT: guest set init pit freq:%u ns, initval:0x%x\n", vpit->period, vpit->init_val);
-        if (vpit->period < 900000) { /* < 0.9 ms */
-            printk("HVM_PIT: guest programmed too small an init_val: %x\n",
-                   vpit->init_val);
-            vpit->period = 1000000;
-        }
-         vpit->period_cycles = (u64)vpit->period * cpu_khz / 1000000L;
-         printk("HVM_PIT: guest freq in cycles=%lld\n",(long long)vpit->period_cycles);
-
-        vpit->channel = ((p->u.data >> 24) & 0x3);
-        vpit->first_injected = 0;
-
-        vpit->count_LSB_latched = 0;
-        vpit->count_MSB_latched = 0;
-
-        rw_mode = ((p->u.data >> 26) & 0x3);
-        switch(rw_mode) {
-        case 0x1:
-            vpit->read_state=LSByte;
-            break;
-        case 0x2:
-            vpit->read_state=MSByte;
-            break;
-        case 0x3:
-            vpit->read_state=LSByte_multiple;
-            break;
-        default:
-            printk("HVM_PIT:wrong PIT rw_mode!\n");
-            break;
-        }
-
-        vpit->scheduled = NOW() + vpit->period;
-        set_timer(&vpit->pit_timer, vpit->scheduled);
-
-        /*restore the state*/
-        p->state = STATE_IORESP_READY;
-
-        /* register handler to intercept the PIT io when vm_exit */
-        if (!reinit) {
-            register_portio_handler(0x40, 4, intercept_pit_io); 
-        }
-    }
-}
 
 /*
  * Local variables:
diff --git a/xen/arch/x86/hvm/io.c b/xen/arch/x86/hvm/io.c
index a6cde8ee26..29ac6ec842 100644
--- a/xen/arch/x86/hvm/io.c
+++ b/xen/arch/x86/hvm/io.c
@@ -674,8 +674,6 @@ void hvm_io_assist(struct vcpu *v)
     }
 
     p = &vio->vp_ioreq;
-    if (p->state == STATE_IORESP_HOOK)
-        hvm_hooks_assist(v);
 
     /* clear IO wait HVM flag */
     if (test_bit(ARCH_HVM_IO_WAIT, &v->arch.hvm_vcpu.ioflags)) {
diff --git a/xen/arch/x86/hvm/svm/intr.c b/xen/arch/x86/hvm/svm/intr.c
index 4926ecafab..95d3303581 100644
--- a/xen/arch/x86/hvm/svm/intr.c
+++ b/xen/arch/x86/hvm/svm/intr.c
@@ -46,44 +46,43 @@
 
 u64 svm_get_guest_time(struct vcpu *v)
 {
-    struct hvm_virpit *vpit = &(v->domain->arch.hvm_domain.vpit);
+    struct hvm_time_info *time_info = &(v->domain->arch.hvm_domain.vpit.time_info);
     u64    host_tsc;
     
     rdtscll(host_tsc);
-    return host_tsc + vpit->cache_tsc_offset;
+    return host_tsc + time_info->cache_tsc_offset;
 }
 
 void svm_set_guest_time(struct vcpu *v, u64 gtime)
 {
-    struct hvm_virpit *vpit = &(v->domain->arch.hvm_domain.vpit);
+    struct hvm_time_info *time_info = &(v->domain->arch.hvm_domain.vpit.time_info);
     u64    host_tsc;
    
     rdtscll(host_tsc);
     
-    vpit->cache_tsc_offset = gtime - host_tsc;
-    v->arch.hvm_svm.vmcb->tsc_offset = vpit->cache_tsc_offset;
+    time_info->cache_tsc_offset = gtime - host_tsc;
+    v->arch.hvm_svm.vmcb->tsc_offset = time_info->cache_tsc_offset;
 }
 
 static inline void
 interrupt_post_injection(struct vcpu * v, int vector, int type)
 {
     struct hvm_virpit *vpit = &(v->domain->arch.hvm_domain.vpit);
+    struct hvm_time_info *time_info = &vpit->time_info;
 
     if ( is_pit_irq(v, vector, type) ) {
-        if ( !vpit->first_injected ) {
-            vpit->pending_intr_nr = 0;
-            vpit->last_pit_gtime = svm_get_guest_time(v);
-            vpit->scheduled = NOW() + vpit->period;
-            set_timer(&vpit->pit_timer, vpit->scheduled);
-            vpit->first_injected = 1;
+        if ( !time_info->first_injected ) {
+            time_info->pending_intr_nr = 0;
+            time_info->last_pit_gtime = svm_get_guest_time(v);
+            time_info->first_injected = 1;
         } else {
-            vpit->pending_intr_nr--;
+            time_info->pending_intr_nr--;
         }
-        vpit->count_advance = 0;
-        vpit->count_point = NOW();
+        time_info->count_advance = 0;
+        time_info->count_point = NOW();
 
-        vpit->last_pit_gtime += vpit->period_cycles;
-        svm_set_guest_time(v, vpit->last_pit_gtime);
+        time_info->last_pit_gtime += time_info->period_cycles;
+        svm_set_guest_time(v, time_info->last_pit_gtime);
     }
 
     switch(type)
@@ -123,6 +122,7 @@ asmlinkage void svm_intr_assist(void)
     struct vmcb_struct *vmcb = v->arch.hvm_svm.vmcb;
     struct hvm_domain *plat=&v->domain->arch.hvm_domain; 
     struct hvm_virpit *vpit = &plat->vpit;
+    struct hvm_time_info *time_info = &vpit->time_info;
     struct hvm_virpic *pic= &plat->vpic;
     int intr_type = VLAPIC_DELIV_MODE_EXT;
     int intr_vector = -1;
@@ -185,7 +185,7 @@ asmlinkage void svm_intr_assist(void)
       if ( cpu_has_pending_irq(v) ) {
            intr_vector = cpu_get_interrupt(v, &intr_type);
       }
-      else  if ( (v->vcpu_id == 0) && vpit->pending_intr_nr ) {
+      else  if ( (v->vcpu_id == 0) && time_info->pending_intr_nr ) {
           pic_set_irq(pic, 0, 0);
           pic_set_irq(pic, 0, 1);
           intr_vector = cpu_get_interrupt(v, &intr_type);
@@ -201,7 +201,7 @@ asmlinkage void svm_intr_assist(void)
             /* Re-injecting a PIT interruptt? */
             if (re_injecting && 
                 is_pit_irq(v, intr_vector, intr_type)) {
-                    ++vpit->pending_intr_nr;
+                    ++time_info->pending_intr_nr;
             }
             /* let's inject this interrupt */
             TRACE_3D(TRC_VMX_INT, v->domain->domain_id, intr_vector, 0);
diff --git a/xen/arch/x86/hvm/svm/svm.c b/xen/arch/x86/hvm/svm/svm.c
index 0cf9701949..dae853c968 100644
--- a/xen/arch/x86/hvm/svm/svm.c
+++ b/xen/arch/x86/hvm/svm/svm.c
@@ -675,12 +675,12 @@ static void arch_svm_do_launch(struct vcpu *v)
 
 static void svm_freeze_time(struct vcpu *v)
 {
-    struct hvm_virpit *vpit = &v->domain->arch.hvm_domain.vpit;
+    struct hvm_time_info *time_info = &v->domain->arch.hvm_domain.vpit.time_info;
     
-    if ( vpit->first_injected && !v->domain->arch.hvm_domain.guest_time ) {
+    if ( time_info->first_injected && !v->domain->arch.hvm_domain.guest_time ) {
         v->domain->arch.hvm_domain.guest_time = svm_get_guest_time(v);
-        vpit->count_advance += (NOW() - vpit->count_point);
-        stop_timer(&(vpit->pit_timer));
+        time_info->count_advance += (NOW() - time_info->count_point);
+        stop_timer(&(time_info->pit_timer));
     }
 }
 
@@ -750,7 +750,7 @@ static void svm_relinquish_guest_resources(struct domain *d)
         }
     }
 
-    kill_timer(&d->arch.hvm_domain.vpit.pit_timer);
+    kill_timer(&d->arch.hvm_domain.vpit.time_info.pit_timer);
 
     if ( d->arch.hvm_domain.shared_page_va )
         unmap_domain_page_global(
@@ -780,10 +780,10 @@ void arch_svm_do_resume(struct vcpu *v)
 
 void svm_migrate_timers(struct vcpu *v)
 {
-    struct hvm_virpit *vpit = &(v->domain->arch.hvm_domain.vpit);
+    struct hvm_time_info *time_info = &v->domain->arch.hvm_domain.vpit.time_info;
 
-    migrate_timer( &vpit->pit_timer, v->processor );
-    migrate_timer( &v->arch.hvm_svm.hlt_timer, v->processor );
+    migrate_timer(&time_info->pit_timer, v->processor);
+    migrate_timer(&v->arch.hvm_svm.hlt_timer, v->processor);
     if ( hvm_apic_support(v->domain) && VLAPIC( v ))
         migrate_timer( &(VLAPIC(v)->vlapic_timer ), v->processor );
 }
@@ -931,7 +931,13 @@ static void svm_vmexit_do_cpuid(struct vmcb_struct *vmcb, unsigned long input,
     {
         if ( !hvm_apic_support(v->domain) ||
                 !vlapic_global_enabled((VLAPIC(v))) )
+        {
             clear_bit(X86_FEATURE_APIC, &edx);
+            /* Since the apic is disabled, avoid any confusion about SMP cpus being available */
+            clear_bit(X86_FEATURE_HT, &edx);  /* clear the hyperthread bit */
+            ebx &= 0xFF00FFFF;  /* set the logical processor count to 1 */
+            ebx |= 0x00010000;
+        }
 	    
 #if CONFIG_PAGING_LEVELS < 3
         clear_bit(X86_FEATURE_NX, &edx);
@@ -1843,11 +1849,11 @@ static inline void svm_do_msr_access(struct vcpu *v, struct cpu_user_regs *regs)
         switch (regs->ecx) {
         case MSR_IA32_TIME_STAMP_COUNTER:
         {
-            struct hvm_virpit *vpit;
+            struct hvm_time_info *time_info;
 
             rdtscll(msr_content);
-            vpit = &(v->domain->arch.hvm_domain.vpit);
-            msr_content += vpit->cache_tsc_offset;
+            time_info = &v->domain->arch.hvm_domain.vpit.time_info;
+            msr_content += time_info->cache_tsc_offset;
             break;
         }
         case MSR_IA32_SYSENTER_CS:
diff --git a/xen/arch/x86/hvm/svm/vmcb.c b/xen/arch/x86/hvm/svm/vmcb.c
index c76dda5fe0..c88c3158fa 100644
--- a/xen/arch/x86/hvm/svm/vmcb.c
+++ b/xen/arch/x86/hvm/svm/vmcb.c
@@ -478,14 +478,15 @@ void svm_do_resume(struct vcpu *v)
 {
     struct domain *d = v->domain;
     struct hvm_virpit *vpit = &d->arch.hvm_domain.vpit;
+    struct hvm_time_info *time_info = &vpit->time_info;
 
     svm_stts(v);
     
     /* pick up the elapsed PIT ticks and re-enable pit_timer */
-    if ( vpit->first_injected ) {
+    if ( time_info->first_injected ) {
         if ( v->domain->arch.hvm_domain.guest_time ) {
             svm_set_guest_time(v, v->domain->arch.hvm_domain.guest_time);
-            vpit->count_point = NOW();
+            time_info->count_point = NOW();
             v->domain->arch.hvm_domain.guest_time = 0;
         }
         pickup_deactive_ticks(vpit);
diff --git a/xen/arch/x86/hvm/vmx/io.c b/xen/arch/x86/hvm/vmx/io.c
index d9d65b1a0c..9835445d61 100644
--- a/xen/arch/x86/hvm/vmx/io.c
+++ b/xen/arch/x86/hvm/vmx/io.c
@@ -51,44 +51,43 @@ void __set_tsc_offset(u64  offset)
 
 u64 get_guest_time(struct vcpu *v)
 {
-    struct hvm_virpit *vpit = &(v->domain->arch.hvm_domain.vpit);
+    struct hvm_time_info *time_info = &(v->domain->arch.hvm_domain.vpit.time_info);
     u64    host_tsc;
     
     rdtscll(host_tsc);
-    return host_tsc + vpit->cache_tsc_offset;
+    return host_tsc + time_info->cache_tsc_offset;
 }
 
 void set_guest_time(struct vcpu *v, u64 gtime)
 {
-    struct hvm_virpit *vpit = &(v->domain->arch.hvm_domain.vpit);
+    struct hvm_time_info *time_info = &(v->domain->arch.hvm_domain.vpit.time_info);
     u64    host_tsc;
    
     rdtscll(host_tsc);
     
-    vpit->cache_tsc_offset = gtime - host_tsc;
-    __set_tsc_offset(vpit->cache_tsc_offset);
+    time_info->cache_tsc_offset = gtime - host_tsc;
+    __set_tsc_offset(time_info->cache_tsc_offset);
 }
 
 static inline void
 interrupt_post_injection(struct vcpu * v, int vector, int type)
 {
     struct hvm_virpit *vpit = &(v->domain->arch.hvm_domain.vpit);
+    struct hvm_time_info *time_info = &vpit->time_info;
 
     if ( is_pit_irq(v, vector, type) ) {
-        if ( !vpit->first_injected ) {
-            vpit->pending_intr_nr = 0;
-            vpit->last_pit_gtime = get_guest_time(v);
-            vpit->scheduled = NOW() + vpit->period;
-            set_timer(&vpit->pit_timer, vpit->scheduled);
-            vpit->first_injected = 1;
+        if ( !time_info->first_injected ) {
+            time_info->pending_intr_nr = 0;
+            time_info->last_pit_gtime = get_guest_time(v);
+            time_info->first_injected = 1;
         } else {
-            vpit->pending_intr_nr--;
+            time_info->pending_intr_nr--;
         }
-        vpit->count_advance = 0;
-        vpit->count_point = NOW();
+        time_info->count_advance = 0;
+        time_info->count_point = NOW();
 
-        vpit->last_pit_gtime += vpit->period_cycles;
-        set_guest_time(v, vpit->last_pit_gtime);
+        time_info->last_pit_gtime += time_info->period_cycles;
+        set_guest_time(v, time_info->last_pit_gtime);
     }
 
     switch(type)
@@ -152,19 +151,43 @@ asmlinkage void vmx_intr_assist(void)
     unsigned long eflags;
     struct vcpu *v = current;
     struct hvm_domain *plat=&v->domain->arch.hvm_domain;
-    struct hvm_virpit *vpit = &plat->vpit;
+    struct hvm_time_info *time_info = &plat->vpit.time_info;
     struct hvm_virpic *pic= &plat->vpic;
+    unsigned int idtv_info_field;
+    unsigned long inst_len;
+    int    has_ext_irq;
 
     if ( v->vcpu_id == 0 )
         hvm_pic_assist(v);
 
-    if ( (v->vcpu_id == 0) && vpit->pending_intr_nr ) {
+    if ( (v->vcpu_id == 0) && time_info->pending_intr_nr ) {
         pic_set_irq(pic, 0, 0);
         pic_set_irq(pic, 0, 1);
     }
 
-    if ( !cpu_has_pending_irq(v) ) return;
+    has_ext_irq = cpu_has_pending_irq(v);
+    __vmread(IDT_VECTORING_INFO_FIELD, &idtv_info_field);
+    if (idtv_info_field & INTR_INFO_VALID_MASK) {
+        __vmwrite(VM_ENTRY_INTR_INFO_FIELD, idtv_info_field);
+
+        __vmread(VM_EXIT_INSTRUCTION_LEN, &inst_len);
+        if (inst_len >= 1 && inst_len <= 15)
+            __vmwrite(VM_ENTRY_INSTRUCTION_LEN, inst_len);
+
+        if (idtv_info_field & 0x800) { /* valid error code */
+            unsigned long error_code;
+            __vmread(IDT_VECTORING_ERROR_CODE, &error_code);
+            __vmwrite(VM_ENTRY_EXCEPTION_ERROR_CODE, error_code);
+        }
+        if ( has_ext_irq )
+            enable_irq_window(v);
+
+        HVM_DBG_LOG(DBG_LEVEL_1, "idtv_info_field=%x", idtv_info_field);
+
+        return;
+    }
 
+    if ( !has_ext_irq ) return;
     if ( is_interruptibility_state() ) {    /* pre-cleared for emulated instruction */
         enable_irq_window(v);
         HVM_DBG_LOG(DBG_LEVEL_1, "interruptibility");
@@ -203,13 +226,14 @@ void vmx_do_resume(struct vcpu *v)
 {
     struct domain *d = v->domain;
     struct hvm_virpit *vpit = &v->domain->arch.hvm_domain.vpit;
+    struct hvm_time_info *time_info = &vpit->time_info;
 
     vmx_stts();
 
     /* pick up the elapsed PIT ticks and re-enable pit_timer */
-    if ( vpit->first_injected ) {
+    if ( time_info->first_injected ) {
         if ( v->domain->arch.hvm_domain.guest_time ) {
-            vpit->count_point = NOW();
+            time_info->count_point = NOW();
             set_guest_time(v, v->domain->arch.hvm_domain.guest_time);
             v->domain->arch.hvm_domain.guest_time = 0;
         }
diff --git a/xen/arch/x86/hvm/vmx/vmx.c b/xen/arch/x86/hvm/vmx/vmx.c
index bfa00d6798..86e3d9c763 100644
--- a/xen/arch/x86/hvm/vmx/vmx.c
+++ b/xen/arch/x86/hvm/vmx/vmx.c
@@ -102,7 +102,7 @@ static void vmx_relinquish_guest_resources(struct domain *d)
         }
     }
 
-    kill_timer(&d->arch.hvm_domain.vpit.pit_timer);
+    kill_timer(&d->arch.hvm_domain.vpit.time_info.pit_timer);
 
     if ( d->arch.hvm_domain.shared_page_va )
         unmap_domain_page_global(
@@ -358,12 +358,12 @@ static inline int long_mode_do_msr_write(struct cpu_user_regs *regs)
 
 static void vmx_freeze_time(struct vcpu *v)
 {
-    struct hvm_virpit *vpit = &v->domain->arch.hvm_domain.vpit;
+    struct hvm_time_info *time_info = &(v->domain->arch.hvm_domain.vpit.time_info);
     
-    if ( vpit->first_injected && !v->domain->arch.hvm_domain.guest_time ) {
+    if ( time_info->first_injected && !v->domain->arch.hvm_domain.guest_time ) {
         v->domain->arch.hvm_domain.guest_time = get_guest_time(v);
-        vpit->count_advance += (NOW() - vpit->count_point);
-        stop_timer(&(vpit->pit_timer));
+        time_info->count_advance += (NOW() - time_info->count_point);
+        stop_timer(&(time_info->pit_timer));
     }
 }
 
@@ -393,9 +393,9 @@ int vmx_initialize_guest_resources(struct vcpu *v)
 
 void vmx_migrate_timers(struct vcpu *v)
 {
-    struct hvm_virpit *vpit = &(v->domain->arch.hvm_domain.vpit);
+    struct hvm_time_info *time_info = &v->domain->arch.hvm_domain.vpit.time_info;
 
-    migrate_timer(&vpit->pit_timer, v->processor);
+    migrate_timer(&time_info->pit_timer, v->processor);
     migrate_timer(&v->arch.hvm_vmx.hlt_timer, v->processor);
     if ( hvm_apic_support(v->domain) && VLAPIC(v))
         migrate_timer(&(VLAPIC(v)->vlapic_timer), v->processor);
@@ -828,9 +828,16 @@ static void vmx_vmexit_do_cpuid(struct cpu_user_regs *regs)
 
     if ( input == 1 )
     {
-        if ( hvm_apic_support(v->domain) &&
+        if ( !hvm_apic_support(v->domain) ||
              !vlapic_global_enabled((VLAPIC(v))) )
+        {
             clear_bit(X86_FEATURE_APIC, &edx);
+            /* Since the apic is disabled, avoid any confusion about SMP cpus being available */
+            clear_bit(X86_FEATURE_HT, &edx);  /* clear the hyperthread bit */
+            ebx &= 0xFF00FFFF;  /* set the logical processor count to 1 */
+            ebx |= 0x00010000;
+        }
+
 
 #if CONFIG_PAGING_LEVELS < 3
         clear_bit(X86_FEATURE_PAE, &edx);
@@ -1836,11 +1843,11 @@ static inline void vmx_do_msr_read(struct cpu_user_regs *regs)
     switch (regs->ecx) {
     case MSR_IA32_TIME_STAMP_COUNTER:
     {
-        struct hvm_virpit *vpit;
+        struct hvm_time_info *time_info;
 
         rdtscll(msr_content);
-        vpit = &(v->domain->arch.hvm_domain.vpit);
-        msr_content += vpit->cache_tsc_offset;
+        time_info = &(v->domain->arch.hvm_domain.vpit.time_info);
+        msr_content += time_info->cache_tsc_offset;
         break;
     }
     case MSR_IA32_SYSENTER_CS:
@@ -2039,7 +2046,7 @@ void restore_cpu_user_regs(struct cpu_user_regs *regs)
 
 asmlinkage void vmx_vmexit_handler(struct cpu_user_regs regs)
 {
-    unsigned int exit_reason, idtv_info_field;
+    unsigned int exit_reason;
     unsigned long exit_qualification, eip, inst_len = 0;
     struct vcpu *v = current;
     int error;
@@ -2049,23 +2056,6 @@ asmlinkage void vmx_vmexit_handler(struct cpu_user_regs regs)
 
     perfc_incra(vmexits, exit_reason);
 
-    __vmread(IDT_VECTORING_INFO_FIELD, &idtv_info_field);
-    if (idtv_info_field & INTR_INFO_VALID_MASK) {
-        __vmwrite(VM_ENTRY_INTR_INFO_FIELD, idtv_info_field);
-
-        __vmread(VM_EXIT_INSTRUCTION_LEN, &inst_len);
-        if (inst_len >= 1 && inst_len <= 15)
-            __vmwrite(VM_ENTRY_INSTRUCTION_LEN, inst_len);
-
-        if (idtv_info_field & 0x800) { /* valid error code */
-            unsigned long error_code;
-            __vmread(IDT_VECTORING_ERROR_CODE, &error_code);
-            __vmwrite(VM_ENTRY_EXCEPTION_ERROR_CODE, error_code);
-        }
-
-        HVM_DBG_LOG(DBG_LEVEL_1, "idtv_info_field=%x", idtv_info_field);
-    }
-
     /* don't bother H/W interrutps */
     if (exit_reason != EXIT_REASON_EXTERNAL_INTERRUPT &&
         exit_reason != EXIT_REASON_VMCALL &&
diff --git a/xen/arch/x86/io_apic.c b/xen/arch/x86/io_apic.c
index 4b7b1c5126..a9eb5a8884 100644
--- a/xen/arch/x86/io_apic.c
+++ b/xen/arch/x86/io_apic.c
@@ -48,9 +48,18 @@ atomic_t irq_mis_count;
 static struct { int pin, apic; } ioapic_i8259 = { -1, -1 };
 
 static DEFINE_SPINLOCK(ioapic_lock);
+static DEFINE_SPINLOCK(vector_lock);
 
 int skip_ioapic_setup;
 
+#ifndef sis_apic_bug
+/*
+ * Is the SiS APIC rmw bug present?
+ * -1 = don't know, 0 = no, 1 = yes
+ */
+int sis_apic_bug = -1;
+#endif
+
 /*
  * # of IRQ routing registers
  */
@@ -661,11 +670,17 @@ u8 irq_vector[NR_IRQ_VECTORS] __read_mostly;
 
 int assign_irq_vector(int irq)
 {
-    static int current_vector = FIRST_DYNAMIC_VECTOR, offset = 0;
+    static unsigned current_vector = FIRST_DYNAMIC_VECTOR, offset = 0;
+    unsigned vector;
 
     BUG_ON(irq >= NR_IRQ_VECTORS);
-    if (irq != AUTO_ASSIGN && IO_APIC_VECTOR(irq) > 0)
+    spin_lock(&vector_lock);
+
+    if (irq != AUTO_ASSIGN && IO_APIC_VECTOR(irq) > 0) {
+        spin_unlock(&vector_lock);
         return IO_APIC_VECTOR(irq);
+    }
+
 next:
     current_vector += 8;
 
@@ -679,16 +694,21 @@ next:
 
     if (current_vector > LAST_DYNAMIC_VECTOR) {
         offset++;
-        if (!(offset%8))
+        if (!(offset%8)) {
+            spin_unlock(&vector_lock);
             return -ENOSPC;
+        }
         current_vector = FIRST_DYNAMIC_VECTOR + offset;
     }
 
-    vector_irq[current_vector] = irq;
+    vector = current_vector;
+    vector_irq[vector] = irq;
     if (irq != AUTO_ASSIGN)
-        IO_APIC_VECTOR(irq) = current_vector;
+        IO_APIC_VECTOR(irq) = vector;
+
+    spin_unlock(&vector_lock);
 
-    return current_vector;
+    return vector;
 }
 
 static struct hw_interrupt_type ioapic_level_type;
diff --git a/xen/arch/x86/irq.c b/xen/arch/x86/irq.c
index 3b665838be..41bfb98e7e 100644
--- a/xen/arch/x86/irq.c
+++ b/xen/arch/x86/irq.c
@@ -198,7 +198,7 @@ static void __do_IRQ_guest(int vector)
     {
         d = action->guest[i];
         if ( (action->ack_type != ACKTYPE_NONE) &&
-             !test_and_set_bit(irq, &d->pirq_mask) )
+             !test_and_set_bit(irq, d->pirq_mask) )
             action->in_flight++;
         send_guest_pirq(d, irq);
     }
@@ -235,7 +235,7 @@ static void __set_eoi_ready(irq_desc_t *desc)
 
     if ( !(desc->status & IRQ_GUEST) ||
          (action->in_flight != 0) ||
-         !test_and_clear_bit(cpu, &action->cpu_eoi_map) )
+         !cpu_test_and_clear(cpu, action->cpu_eoi_map) )
         return;
 
     sp = pending_eoi_sp(cpu);
@@ -285,7 +285,7 @@ static void flush_all_pending_eoi(void *unused)
         ASSERT(action->ack_type == ACKTYPE_EOI);
         ASSERT(desc->status & IRQ_GUEST);
         for ( i = 0; i < action->nr_guests; i++ )
-            clear_bit(vector_to_irq(vector), &action->guest[i]->pirq_mask);
+            clear_bit(vector_to_irq(vector), action->guest[i]->pirq_mask);
         action->in_flight = 0;
         spin_unlock(&desc->lock);
     }
@@ -310,8 +310,8 @@ int pirq_guest_unmask(struct domain *d)
 
         spin_lock_irq(&desc->lock);
 
-        if ( !test_bit(d->pirq_to_evtchn[pirq], &s->evtchn_mask[0]) &&
-             test_and_clear_bit(pirq, &d->pirq_mask) )
+        if ( !test_bit(d->pirq_to_evtchn[pirq], s->evtchn_mask) &&
+             test_and_clear_bit(pirq, d->pirq_mask) )
         {
             ASSERT(action->ack_type != ACKTYPE_NONE);
             if ( --action->in_flight == 0 )
@@ -322,7 +322,7 @@ int pirq_guest_unmask(struct domain *d)
             }
         }
 
-        if ( __test_and_clear_bit(cpu, &cpu_eoi_map) )
+        if ( cpu_test_and_clear(cpu, cpu_eoi_map) )
         {
             __set_eoi_ready(desc);
             spin_unlock(&desc->lock);
@@ -493,13 +493,13 @@ int pirq_guest_unbind(struct domain *d, int irq)
     switch ( action->ack_type )
     {
     case ACKTYPE_UNMASK:
-        if ( test_and_clear_bit(irq, &d->pirq_mask) &&
+        if ( test_and_clear_bit(irq, d->pirq_mask) &&
              (--action->in_flight == 0) )
             desc->handler->end(vector);
         break;
     case ACKTYPE_EOI:
         /* NB. If #guests == 0 then we clear the eoi_map later on. */
-        if ( test_and_clear_bit(irq, &d->pirq_mask) &&
+        if ( test_and_clear_bit(irq, d->pirq_mask) &&
              (--action->in_flight == 0) &&
              (action->nr_guests != 0) )
         {
@@ -511,7 +511,7 @@ int pirq_guest_unbind(struct domain *d, int irq)
         break;
     }
 
-    BUG_ON(test_bit(irq, &d->pirq_mask));
+    BUG_ON(test_bit(irq, d->pirq_mask));
 
     if ( action->nr_guests != 0 )
         goto out;
@@ -587,16 +587,16 @@ static void dump_irqs(unsigned char key)
                 printk("%u(%c%c%c%c)",
                        d->domain_id,
                        (test_bit(d->pirq_to_evtchn[irq],
-                                 &d->shared_info->evtchn_pending[0]) ?
+                                 d->shared_info->evtchn_pending) ?
                         'P' : '-'),
                        (test_bit(d->pirq_to_evtchn[irq]/BITS_PER_LONG,
                                  &d->shared_info->vcpu_info[0].
                                  evtchn_pending_sel) ?
                         'S' : '-'),
                        (test_bit(d->pirq_to_evtchn[irq],
-                                 &d->shared_info->evtchn_mask[0]) ?
+                                 d->shared_info->evtchn_mask) ?
                         'M' : '-'),
-                       (test_bit(irq, &d->pirq_mask) ?
+                       (test_bit(irq, d->pirq_mask) ?
                         'M' : '-'));
                 if ( i != action->nr_guests )
                     printk(",");
diff --git a/xen/arch/x86/oprofile/nmi_int.c b/xen/arch/x86/oprofile/nmi_int.c
index 3978428a32..deba70965c 100644
--- a/xen/arch/x86/oprofile/nmi_int.c
+++ b/xen/arch/x86/oprofile/nmi_int.c
@@ -15,8 +15,8 @@
 #include <xen/types.h>
 #include <xen/errno.h>
 #include <xen/init.h>
+#include <xen/nmi.h>
 #include <public/xen.h>
-#include <asm/nmi.h>
 #include <asm/msr.h>
 #include <asm/apic.h>
 #include <asm/regs.h>
diff --git a/xen/arch/x86/oprofile/xenoprof.c b/xen/arch/x86/oprofile/xenoprof.c
index ecd9abd2cf..f2070da55b 100644
--- a/xen/arch/x86/oprofile/xenoprof.c
+++ b/xen/arch/x86/oprofile/xenoprof.c
@@ -4,6 +4,7 @@
  *            (email: xenoprof@groups.hp.com)
  */
 
+#include <xen/guest_access.h>
 #include <xen/sched.h>
 #include <public/xenoprof.h>
 
@@ -12,7 +13,7 @@
 /* Limit amount of pages used for shared buffer (per domain) */
 #define MAX_OPROF_SHARED_PAGES 32
 
-int active_domains[MAX_OPROF_DOMAINS];
+domid_t active_domains[MAX_OPROF_DOMAINS];
 int active_ready[MAX_OPROF_DOMAINS];
 unsigned int adomains;
 unsigned int activated;
@@ -84,7 +85,8 @@ static void xenoprof_reset_buf(struct domain *d)
 
 int active_index(struct domain *d)
 {
-    int i, id = d->domain_id;
+    int i;
+    domid_t id = d->domain_id;
 
     for ( i = 0; i < adomains; i++ )
         if ( active_domains[i] == id )
@@ -137,13 +139,11 @@ int reset_active(struct domain *d)
     return 0;
 }
 
-int set_active_domains(int num)
+int reset_active_list(void)
 {
-    int primary;
     int i;
     struct domain *d;
 
-    /* Reset any existing active domains from previous runs. */
     for ( i = 0; i < adomains; i++ )
     {
         if ( active_ready[i] )
@@ -157,24 +157,20 @@ int set_active_domains(int num)
         }
     }
 
-    adomains = num;
+    adomains = 0;
+    activated = 0;
 
-    /* Add primary profiler to list of active domains if not there yet */
-    primary = active_index(primary_profiler);
-    if ( primary == -1 )
-    {
-        /* Return if there is no space left on list. */
-        if ( num >= MAX_OPROF_DOMAINS )
-            return -E2BIG;
-        active_domains[num] = primary_profiler->domain_id;
-        num++;
-    }
+    return 0;
+}
 
-    adomains = num;
-    activated = 0;
+int add_active_list (domid_t domid)
+{
+    if ( adomains >= MAX_OPROF_DOMAINS )
+        return -E2BIG;
 
-    for ( i = 0; i < adomains; i++ )
-        active_ready[i] = 0;
+    active_domains[adomains] = domid;
+    active_ready[adomains] = 0;
+    adomains++;
 
     return 0;
 }
@@ -353,26 +349,31 @@ void free_xenoprof_pages(struct domain *d)
     d->xenoprof = NULL;
 }
 
-int xenoprof_init(int max_samples, xenoprof_init_result_t *init_result)
+int xenoprof_op_init(GUEST_HANDLE(void) arg)
 {
-    xenoprof_init_result_t result;
+    struct xenoprof_init xenoprof_init;
     int is_primary, num_events;
     struct domain *d = current->domain;
     int ret;
 
-    ret = nmi_init(&num_events, &is_primary, result.cpu_type);
-    if ( is_primary )
-        primary_profiler = current->domain;
+    if ( copy_from_guest(&xenoprof_init, arg, 1) )
+        return -EFAULT;
 
+    ret = nmi_init(&num_events, 
+                   &is_primary, 
+                   xenoprof_init.cpu_type);
     if ( ret < 0 )
         goto err;
 
+    if ( is_primary )
+        primary_profiler = current->domain;
+
     /*
      * We allocate xenoprof struct and buffers only at first time xenoprof_init
      * is called. Memory is then kept until domain is destroyed.
      */
     if ( (d->xenoprof == NULL) &&
-         ((ret = alloc_xenoprof_struct(d, max_samples)) < 0) )
+         ((ret = alloc_xenoprof_struct(d, xenoprof_init.max_samples)) < 0) )
         goto err;
 
     xenoprof_reset_buf(d);
@@ -381,13 +382,13 @@ int xenoprof_init(int max_samples, xenoprof_init_result_t *init_result)
     d->xenoprof->domain_ready = 0;
     d->xenoprof->is_primary = is_primary;
 
-    result.is_primary = is_primary;
-    result.num_events = num_events;
-    result.nbuf = d->xenoprof->nbuf;
-    result.bufsize = d->xenoprof->bufsize;
-    result.buf_maddr = __pa(d->xenoprof->rawbuf);
+    xenoprof_init.is_primary = is_primary;
+    xenoprof_init.num_events = num_events;
+    xenoprof_init.nbuf = d->xenoprof->nbuf;
+    xenoprof_init.bufsize = d->xenoprof->bufsize;
+    xenoprof_init.buf_maddr = __pa(d->xenoprof->rawbuf);
 
-    if ( copy_to_user((void *)init_result, (void *)&result, sizeof(result)) )
+    if ( copy_to_guest(arg, &xenoprof_init, 1) )
     {
         ret = -EFAULT;
         goto err;
@@ -409,7 +410,7 @@ int xenoprof_init(int max_samples, xenoprof_init_result_t *init_result)
                    || (op == XENOPROF_release_counters) \
                    || (op == XENOPROF_shutdown))
 
-int do_xenoprof_op(int op, unsigned long arg1, unsigned long arg2)
+int do_xenoprof_op(int op, GUEST_HANDLE(void) arg)
 {
     int ret = 0;
 
@@ -423,20 +424,24 @@ int do_xenoprof_op(int op, unsigned long arg1, unsigned long arg2)
     switch ( op )
     {
     case XENOPROF_init:
-        ret = xenoprof_init((int)arg1, (xenoprof_init_result_t *)arg2);
+        ret = xenoprof_op_init(arg);
         break;
 
+    case XENOPROF_reset_active_list:
+    {
+        ret = reset_active_list();
+        break;
+    }
     case XENOPROF_set_active:
+    {
+        domid_t domid;
         if ( xenoprof_state != XENOPROF_IDLE )
             return -EPERM;
-        if ( arg2 > MAX_OPROF_DOMAINS )
-            return -E2BIG;
-        if ( copy_from_user((void *)&active_domains, 
-                            (void *)arg1, arg2*sizeof(int)) )
+        if ( copy_from_guest(&domid, arg, 1) )
             return -EFAULT;
-        ret = set_active_domains(arg2);
+        ret = add_active_list(domid);
         break;
-
+    }
     case XENOPROF_reserve_counters:
         if ( xenoprof_state != XENOPROF_IDLE )
             return -EPERM;
@@ -445,15 +450,34 @@ int do_xenoprof_op(int op, unsigned long arg1, unsigned long arg2)
             xenoprof_state = XENOPROF_COUNTERS_RESERVED;
         break;
 
-    case XENOPROF_setup_events:
+    case XENOPROF_counter:
+    {
+        struct xenoprof_counter counter;
         if ( xenoprof_state != XENOPROF_COUNTERS_RESERVED )
             return -EPERM;
         if ( adomains == 0 )
-            set_active_domains(0);
+            return -EPERM;
 
-        if ( copy_from_user((void *)&counter_config, (void *)arg1, 
-                            arg2 * sizeof(struct op_counter_config)) )
+        if ( copy_from_guest(&counter, arg, 1) )
             return -EFAULT;
+
+        if ( counter.ind > OP_MAX_COUNTER )
+            return -E2BIG;
+
+        counter_config[counter.ind].count     = (unsigned long) counter.count;
+        counter_config[counter.ind].enabled   = (unsigned long) counter.enabled;
+        counter_config[counter.ind].event     = (unsigned long) counter.event;
+        counter_config[counter.ind].kernel    = (unsigned long) counter.kernel;
+        counter_config[counter.ind].user      = (unsigned long) counter.user;
+        counter_config[counter.ind].unit_mask = (unsigned long) counter.unit_mask;
+
+        ret = 0;
+        break;
+    }
+
+    case XENOPROF_setup_events:
+        if ( xenoprof_state != XENOPROF_COUNTERS_RESERVED )
+            return -EPERM;
         ret = nmi_setup_events();
         if ( !ret )
             xenoprof_state = XENOPROF_READY;
@@ -526,3 +550,13 @@ int do_xenoprof_op(int op, unsigned long arg1, unsigned long arg2)
 
     return ret;
 }
+
+/*
+ * Local variables:
+ * mode: C
+ * c-set-style: "BSD"
+ * c-basic-offset: 4
+ * tab-width: 4
+ * indent-tabs-mode: nil
+ * End:
+ */
diff --git a/xen/arch/x86/setup.c b/xen/arch/x86/setup.c
index 88e667b1ec..494c13b6d1 100644
--- a/xen/arch/x86/setup.c
+++ b/xen/arch/x86/setup.c
@@ -14,6 +14,7 @@
 #include <xen/domain_page.h>
 #include <xen/compile.h>
 #include <xen/gdbstub.h>
+#include <xen/percpu.h>
 #include <public/version.h>
 #include <asm/bitops.h>
 #include <asm/smp.h>
@@ -159,9 +160,41 @@ void discard_initial_images(void)
     init_domheap_pages(initial_images_start, initial_images_end);
 }
 
+extern char __per_cpu_start[], __per_cpu_data_end[], __per_cpu_end[];
+
+static void percpu_init_areas(void)
+{
+    unsigned int i, data_size = __per_cpu_data_end - __per_cpu_start;
+
+    BUG_ON(data_size > PERCPU_SIZE);
+
+    for ( i = 1; i < NR_CPUS; i++ )
+        memcpy(__per_cpu_start + (i << PERCPU_SHIFT),
+               __per_cpu_start,
+               data_size);
+}
+
+static void percpu_free_unused_areas(void)
+{
+    unsigned int i, first_unused;
+
+    /* Find first unused CPU number. */
+    for ( i = 0; i < NR_CPUS; i++ )
+        if ( !cpu_online(i) )
+            break;
+    first_unused = i;
+
+    /* Check that there are no holes in cpu_online_map. */
+    for ( ; i < NR_CPUS; i++ )
+        BUG_ON(cpu_online(i));
+
+    init_xenheap_pages(__pa(__per_cpu_start) + (first_unused << PERCPU_SHIFT),
+                       __pa(__per_cpu_end));
+}
+
 void __init __start_xen(multiboot_info_t *mbi)
 {
-    char *cmdline;
+    char __cmdline[] = "", *cmdline = __cmdline;
     struct domain *idle_domain;
     unsigned long _initrd_start = 0, _initrd_len = 0;
     unsigned int initrdidx = 1;
@@ -177,7 +210,8 @@ void __init __start_xen(multiboot_info_t *mbi)
 
     /* Parse the command-line options. */
     if ( (mbi->flags & MBI_CMDLINE) && (mbi->cmdline != 0) )
-        cmdline_parse(__va(mbi->cmdline));
+        cmdline = __va(mbi->cmdline);
+    cmdline_parse(cmdline);
 
     set_current((struct vcpu *)0xfffff000); /* debug sanity */
     set_processor_id(0); /* needed early, for smp_processor_id() */
@@ -195,6 +229,8 @@ void __init __start_xen(multiboot_info_t *mbi)
 
     init_console();
 
+    printf("Command line: %s\n", cmdline);
+
     /* Check that we have at least one Multiboot module. */
     if ( !(mbi->flags & MBI_MODULES) || (mbi->mods_count == 0) )
     {
@@ -209,6 +245,8 @@ void __init __start_xen(multiboot_info_t *mbi)
         EARLY_FAIL();
     }
 
+    percpu_init_areas();
+
     xenheap_phys_end = opt_xenheap_megabytes << 20;
 
     if ( mbi->flags & MBI_MEMMAP )
@@ -321,7 +359,7 @@ void __init __start_xen(multiboot_info_t *mbi)
 #if defined (CONFIG_X86_64)
         /*
          * x86/64 maps all registered RAM. Points to note:
-         *  1. The initial pagetable already maps low 64MB, so skip that.
+         *  1. The initial pagetable already maps low 1GB, so skip that.
          *  2. We must map *only* RAM areas, taking care to avoid I/O holes.
          *     Failure to do this can cause coherency problems and deadlocks
          *     due to cache-attribute mismatches (e.g., AMD/AGP Linux bug).
@@ -329,13 +367,14 @@ void __init __start_xen(multiboot_info_t *mbi)
         {
             /* Calculate page-frame range, discarding partial frames. */
             unsigned long start, end;
+            unsigned long init_mapped = 1UL << (30 - PAGE_SHIFT); /* 1GB */
             start = PFN_UP(e820.map[i].addr);
             end   = PFN_DOWN(e820.map[i].addr + e820.map[i].size);
-            /* Clip the range to above 64MB. */
-            if ( end < (64UL << (20-PAGE_SHIFT)) )
+            /* Clip the range to exclude what the bootstrapper initialised. */
+            if ( end < init_mapped )
                 continue;
-            if ( start < (64UL << (20-PAGE_SHIFT)) )
-                start = 64UL << (20-PAGE_SHIFT);
+            if ( start < init_mapped )
+                start = init_mapped;
             /* Request the mapping. */
             map_pages_to_xen(
                 PAGE_OFFSET + (start << PAGE_SHIFT),
@@ -404,7 +443,7 @@ void __init __start_xen(multiboot_info_t *mbi)
     BUG_ON(idle_domain == NULL);
 
     set_current(idle_domain->vcpu[0]);
-    set_current_execstate(idle_domain->vcpu[0]);
+    this_cpu(curr_vcpu) = idle_domain->vcpu[0];
     idle_vcpu[0] = current;
 
     paging_init();
@@ -481,6 +520,8 @@ void __init __start_xen(multiboot_info_t *mbi)
     printk("Brought up %ld CPUs\n", (long)num_online_cpus());
     smp_cpus_done(max_cpus);
 
+    percpu_free_unused_areas();
+
     initialise_gdb(); /* could be moved earlier */
 
     do_initcalls();
@@ -593,7 +634,7 @@ void arch_get_xen_caps(xen_capabilities_info_t info)
     if ( hvm_enabled )
     {
         p += sprintf(p, "hvm-%d.%d-x86_32 ", XEN_VERSION, XEN_SUBVERSION);
-        //p += sprintf(p, "hvm-%d.%d-x86_32p ", XEN_VERSION, XEN_SUBVERSION);
+        p += sprintf(p, "hvm-%d.%d-x86_32p ", XEN_VERSION, XEN_SUBVERSION);
         p += sprintf(p, "hvm-%d.%d-x86_64 ", XEN_VERSION, XEN_SUBVERSION);
     }
 
diff --git a/xen/arch/x86/shadow_public.c b/xen/arch/x86/shadow_public.c
index cb864f9510..23c489ac47 100644
--- a/xen/arch/x86/shadow_public.c
+++ b/xen/arch/x86/shadow_public.c
@@ -108,7 +108,7 @@ int shadow_set_guest_paging_levels(struct domain *d, int levels)
      * Need to wait for VCPU0 to complete the on-going shadow ops.
      */
 
-    if ( v->vcpu_id )
+    if ( v->domain == d && v->vcpu_id )
         return 1;
 
     shadow_lock(d);
@@ -327,7 +327,7 @@ static void alloc_monitor_pagetable(struct vcpu *v)
 
     mmfn = page_to_mfn(mmfn_info);
     mpl4e = (l4_pgentry_t *) map_domain_page_global(mmfn);
-    memcpy(mpl4e, &idle_pg_table[0], PAGE_SIZE);
+    memcpy(mpl4e, idle_pg_table, PAGE_SIZE);
     mpl4e[l4_table_offset(PERDOMAIN_VIRT_START)] =
         l4e_from_paddr(__pa(d->arch.mm_perdomain_l3), __PAGE_HYPERVISOR);
 
diff --git a/xen/arch/x86/smpboot.c b/xen/arch/x86/smpboot.c
index 81faef1f2a..d199041d30 100644
--- a/xen/arch/x86/smpboot.c
+++ b/xen/arch/x86/smpboot.c
@@ -531,7 +531,7 @@ void __devinit start_secondary(void *unused)
 
 	set_processor_id(cpu);
 	set_current(idle_vcpu[cpu]);
-	set_current_execstate(idle_vcpu[cpu]);
+        this_cpu(curr_vcpu) = idle_vcpu[cpu];
 
 	percpu_traps_init();
 
diff --git a/xen/arch/x86/traps.c b/xen/arch/x86/traps.c
index 72272f30ca..6b256e3877 100644
--- a/xen/arch/x86/traps.c
+++ b/xen/arch/x86/traps.c
@@ -43,6 +43,7 @@
 #include <xen/domain_page.h>
 #include <xen/symbols.h>
 #include <xen/iocap.h>
+#include <xen/nmi.h>
 #include <asm/shadow.h>
 #include <asm/system.h>
 #include <asm/io.h>
@@ -56,7 +57,6 @@
 #include <asm/debugger.h>
 #include <asm/msr.h>
 #include <asm/x86_emulate.h>
-#include <asm/nmi.h>
 
 /*
  * opt_nmi: one of 'ignore', 'dom0', or 'fatal'.
@@ -425,7 +425,8 @@ static int emulate_forced_invalid_op(struct cpu_user_regs *regs)
         clear_bit(X86_FEATURE_DE,  &d);
         clear_bit(X86_FEATURE_PSE, &d);
         clear_bit(X86_FEATURE_PGE, &d);
-        clear_bit(X86_FEATURE_SEP, &d);
+        if ( !supervisor_mode_kernel )
+            clear_bit(X86_FEATURE_SEP, &d);
         if ( !IS_PRIV(current->domain) )
             clear_bit(X86_FEATURE_MTRR, &d);
     }
diff --git a/xen/arch/x86/x86_32/entry.S b/xen/arch/x86/x86_32/entry.S
index 79689d65be..1c1cf83901 100644
--- a/xen/arch/x86/x86_32/entry.S
+++ b/xen/arch/x86/x86_32/entry.S
@@ -682,7 +682,7 @@ ENTRY(hypercall_args_table)
         .byte 2 /* do_nmi_op            */
         .byte 2 /* do_arch_sched_op     */
         .byte 2 /* do_callback_op       */  /* 30 */
-        .byte 3 /* do_xenoprof_op       */
+        .byte 2 /* do_xenoprof_op       */
         .rept NR_hypercalls-(.-hypercall_args_table)
         .byte 0 /* do_ni_hypercall      */
         .endr
diff --git a/xen/arch/x86/x86_32/traps.c b/xen/arch/x86/x86_32/traps.c
index 085c126153..cbd15f2801 100644
--- a/xen/arch/x86/x86_32/traps.c
+++ b/xen/arch/x86/x86_32/traps.c
@@ -10,6 +10,7 @@
 #include <xen/irq.h>
 #include <xen/symbols.h>
 #include <xen/reboot.h>
+#include <xen/nmi.h>
 #include <asm/current.h>
 #include <asm/flushtlb.h>
 #include <asm/hvm/hvm.h>
@@ -317,6 +318,16 @@ void init_int80_direct_trap(struct vcpu *v)
         set_int80_direct_trap(v);
 }
 
+#ifdef CONFIG_X86_SUPERVISOR_MODE_KERNEL
+static void do_update_sysenter(void *info)
+{
+    xen_callback_t *address = info;
+
+    wrmsr(MSR_IA32_SYSENTER_CS, address->cs, 0);
+    wrmsr(MSR_IA32_SYSENTER_EIP, address->eip, 0);
+}
+#endif
+
 static long register_guest_callback(struct callback_register *reg)
 {
     long ret = 0;
@@ -336,6 +347,19 @@ static long register_guest_callback(struct callback_register *reg)
         v->arch.guest_context.failsafe_callback_eip = reg->address.eip;
         break;
 
+#ifdef CONFIG_X86_SUPERVISOR_MODE_KERNEL
+    case CALLBACKTYPE_sysenter:
+        if ( ! cpu_has_sep )
+            ret = -EINVAL;
+        else if ( on_each_cpu(do_update_sysenter, &reg->address, 1, 1) != 0 )
+            ret = -EIO;
+        break;
+#endif
+
+    case CALLBACKTYPE_nmi:
+        ret = register_guest_nmi_callback(reg->address.eip);
+        break;
+
     default:
         ret = -EINVAL;
         break;
@@ -350,6 +374,10 @@ static long unregister_guest_callback(struct callback_unregister *unreg)
 
     switch ( unreg->type )
     {
+    case CALLBACKTYPE_nmi:
+        ret = unregister_guest_nmi_callback();
+        break;
+
     default:
         ret = -EINVAL;
         break;
diff --git a/xen/arch/x86/x86_32/xen.lds.S b/xen/arch/x86/x86_32/xen.lds.S
index fb76cbc73d..f58bd191f5 100644
--- a/xen/arch/x86/x86_32/xen.lds.S
+++ b/xen/arch/x86/x86_32/xen.lds.S
@@ -5,6 +5,7 @@
 
 #include <xen/config.h>
 #include <asm/page.h>
+#include <asm/percpu.h>
 #undef ENTRY
 #undef ALIGN
 
@@ -56,9 +57,16 @@ SECTIONS
   __initcall_start = .;
   .initcall.init : { *(.initcall.init) } :text
   __initcall_end = .;
-  . = ALIGN(STACK_SIZE);
+  . = ALIGN(PAGE_SIZE);
   __init_end = .;
 
+  __per_cpu_start = .;
+  .data.percpu : { *(.data.percpu) } :text
+  __per_cpu_data_end = .;
+  . = __per_cpu_start + (NR_CPUS << PERCPU_SHIFT);
+  . = ALIGN(STACK_SIZE);
+  __per_cpu_end = .;
+
   __bss_start = .;		/* BSS */
   .bss : {
 	*(.bss.stack_aligned)
diff --git a/xen/arch/x86/x86_64/entry.S b/xen/arch/x86/x86_64/entry.S
index 266c1c9971..9c27e2a595 100644
--- a/xen/arch/x86/x86_64/entry.S
+++ b/xen/arch/x86/x86_64/entry.S
@@ -590,7 +590,7 @@ ENTRY(hypercall_args_table)
         .byte 2 /* do_nmi_op            */
         .byte 2 /* do_arch_sched_op     */
         .byte 2 /* do_callback_op       */  /* 30 */
-        .byte 3 /* do_xenoprof_op       */
+        .byte 2 /* do_xenoprof_op       */
         .rept NR_hypercalls-(.-hypercall_args_table)
         .byte 0 /* do_ni_hypercall      */
         .endr
diff --git a/xen/arch/x86/x86_64/traps.c b/xen/arch/x86/x86_64/traps.c
index 4f5ff5ba11..62ac6fa1b5 100644
--- a/xen/arch/x86/x86_64/traps.c
+++ b/xen/arch/x86/x86_64/traps.c
@@ -11,6 +11,7 @@
 #include <xen/console.h>
 #include <xen/sched.h>
 #include <xen/reboot.h>
+#include <xen/nmi.h>
 #include <asm/current.h>
 #include <asm/flushtlb.h>
 #include <asm/msr.h>
@@ -339,6 +340,10 @@ static long register_guest_callback(struct callback_register *reg)
         v->arch.guest_context.syscall_callback_eip  = reg->address;
         break;
 
+    case CALLBACKTYPE_nmi:
+        ret = register_guest_nmi_callback(reg->address);
+        break;
+
     default:
         ret = -EINVAL;
         break;
@@ -353,6 +358,10 @@ static long unregister_guest_callback(struct callback_unregister *unreg)
 
     switch ( unreg->type )
     {
+    case CALLBACKTYPE_nmi:
+        ret = unregister_guest_nmi_callback();
+        break;
+
     default:
         ret = -EINVAL;
         break;
diff --git a/xen/arch/x86/x86_64/xen.lds.S b/xen/arch/x86/x86_64/xen.lds.S
index d8685201ab..92d395d5f9 100644
--- a/xen/arch/x86/x86_64/xen.lds.S
+++ b/xen/arch/x86/x86_64/xen.lds.S
@@ -3,6 +3,7 @@
 
 #include <xen/config.h>
 #include <asm/page.h>
+#include <asm/percpu.h>
 #undef ENTRY
 #undef ALIGN
 
@@ -54,9 +55,16 @@ SECTIONS
   __initcall_start = .;
   .initcall.init : { *(.initcall.init) } :text
   __initcall_end = .;
-  . = ALIGN(STACK_SIZE);
+  . = ALIGN(PAGE_SIZE);
   __init_end = .;
 
+  __per_cpu_start = .;
+  .data.percpu : { *(.data.percpu) } :text
+  __per_cpu_data_end = .;
+  . = __per_cpu_start + (NR_CPUS << PERCPU_SHIFT);
+  . = ALIGN(STACK_SIZE);
+  __per_cpu_end = .;
+
   __bss_start = .;		/* BSS */
   .bss : {
 	*(.bss.stack_aligned)
diff --git a/xen/common/event_channel.c b/xen/common/event_channel.c
index a217e1be8b..66ba992308 100644
--- a/xen/common/event_channel.c
+++ b/xen/common/event_channel.c
@@ -477,10 +477,10 @@ void evtchn_set_pending(struct vcpu *v, int port)
      * others may require explicit memory barriers.
      */
 
-    if ( test_and_set_bit(port, &s->evtchn_pending[0]) )
+    if ( test_and_set_bit(port, s->evtchn_pending) )
         return;
 
-    if ( !test_bit        (port, &s->evtchn_mask[0])    &&
+    if ( !test_bit        (port, s->evtchn_mask) &&
          !test_and_set_bit(port / BITS_PER_LONG,
                            &v->vcpu_info->evtchn_pending_sel) &&
          !test_and_set_bit(0, &v->vcpu_info->evtchn_upcall_pending) )
@@ -668,8 +668,8 @@ static long evtchn_unmask(evtchn_unmask_t *unmask)
      * These operations must happen in strict order. Based on
      * include/xen/event.h:evtchn_set_pending(). 
      */
-    if ( test_and_clear_bit(port, &s->evtchn_mask[0]) &&
-         test_bit          (port, &s->evtchn_pending[0]) &&
+    if ( test_and_clear_bit(port, s->evtchn_mask) &&
+         test_bit          (port, s->evtchn_pending) &&
          !test_and_set_bit (port / BITS_PER_LONG,
                             &v->vcpu_info->evtchn_pending_sel) &&
          !test_and_set_bit (0, &v->vcpu_info->evtchn_upcall_pending) )
diff --git a/xen/common/kernel.c b/xen/common/kernel.c
index a2a23fb70f..35fe07feb3 100644
--- a/xen/common/kernel.c
+++ b/xen/common/kernel.c
@@ -43,13 +43,19 @@ void cmdline_parse(char *cmdline)
         /* Grab the next whitespace-delimited option. */
         q = opt;
         while ( (*p != ' ') && (*p != '\0') )
-            *q++ = *p++;
+        {
+            if ( (q-opt) < (sizeof(opt)-1) ) /* avoid overflow */
+                *q++ = *p;
+            p++;
+        }
         *q = '\0';
 
         /* Search for value part of a key=value option. */
         optval = strchr(opt, '=');
         if ( optval != NULL )
-            *optval++ = '\0';
+            *optval++ = '\0'; /* nul-terminate the option value */
+        else
+            optval = q;       /* default option value is empty string */
 
         for ( param = &__setup_start; param <= &__setup_end; param++ )
         {
@@ -59,23 +65,18 @@ void cmdline_parse(char *cmdline)
             switch ( param->type )
             {
             case OPT_STR:
-                if ( optval != NULL )
-                {
-                    strncpy(param->var, optval, param->len);
-                    ((char *)param->var)[param->len-1] = '\0';
-                }
+                strncpy(param->var, optval, param->len);
+                ((char *)param->var)[param->len-1] = '\0';
                 break;
             case OPT_UINT:
-                if ( optval != NULL )
-                    *(unsigned int *)param->var =
-                        simple_strtol(optval, (char **)&optval, 0);
+                *(unsigned int *)param->var =
+                    simple_strtol(optval, (char **)&optval, 0);
                 break;
             case OPT_BOOL:
                 *(int *)param->var = 1;
                 break;
             case OPT_CUSTOM:
-                if ( optval != NULL )
-                    ((void (*)(char *))param->var)(optval);
+                ((void (*)(char *))param->var)(optval);
                 break;
             }
         }
@@ -213,37 +214,51 @@ long do_xen_version(int cmd, GUEST_HANDLE(void) arg)
     return -ENOSYS;
 }
 
-long do_nmi_op(unsigned int cmd, GUEST_HANDLE(void) arg)
+long register_guest_nmi_callback(unsigned long address)
 {
     struct vcpu *v = current;
     struct domain *d = current->domain;
+
+    if ( (d->domain_id != 0) || (v->vcpu_id != 0) )
+        return -EINVAL;
+
+    v->nmi_addr = address;
+#ifdef CONFIG_X86
+    /*
+     * If no handler was registered we can 'lose the NMI edge'. Re-assert it
+     * now.
+     */
+    if ( d->shared_info->arch.nmi_reason != 0 )
+        set_bit(_VCPUF_nmi_pending, &v->vcpu_flags);
+#endif
+
+    return 0;
+}
+
+long unregister_guest_nmi_callback(void)
+{
+    struct vcpu *v = current;
+
+    v->nmi_addr = 0;
+
+    return 0;
+}
+
+long do_nmi_op(unsigned int cmd, GUEST_HANDLE(void) arg)
+{
     struct xennmi_callback cb;
     long rc = 0;
 
     switch ( cmd )
     {
     case XENNMI_register_callback:
-        rc = -EINVAL;
-        if ( (d->domain_id != 0) || (v->vcpu_id != 0) )
-            break;
-
         rc = -EFAULT;
         if ( copy_from_guest(&cb, arg, 1) )
             break;
-
-        v->nmi_addr = cb.handler_address;
-#ifdef CONFIG_X86
-        /*
-         * If no handler was registered we can 'lose the NMI edge'. Re-assert 
-         * it now.
-         */
-        if ( d->shared_info->arch.nmi_reason != 0 )
-            set_bit(_VCPUF_nmi_pending, &v->vcpu_flags);
-#endif
-        rc = 0;
+        rc = register_guest_nmi_callback(cb.handler_address);
         break;
     case XENNMI_unregister_callback:
-        v->nmi_addr = 0;
+        rc = unregister_guest_nmi_callback();
         break;
     default:
         rc = -ENOSYS;
diff --git a/xen/common/keyhandler.c b/xen/common/keyhandler.c
index f881412ec7..a80de73840 100644
--- a/xen/common/keyhandler.c
+++ b/xen/common/keyhandler.c
@@ -157,9 +157,9 @@ static void dump_domains(unsigned char key)
             printk("    Notifying guest (virq %d, port %d, stat %d/%d/%d)\n",
                    VIRQ_DEBUG, v->virq_to_evtchn[VIRQ_DEBUG],
                    test_bit(v->virq_to_evtchn[VIRQ_DEBUG], 
-                            &d->shared_info->evtchn_pending[0]),
+                            d->shared_info->evtchn_pending),
                    test_bit(v->virq_to_evtchn[VIRQ_DEBUG], 
-                            &d->shared_info->evtchn_mask[0]),
+                            d->shared_info->evtchn_mask),
                    test_bit(v->virq_to_evtchn[VIRQ_DEBUG]/BITS_PER_LONG, 
                             &v->vcpu_info->evtchn_pending_sel));
             send_guest_vcpu_virq(v, VIRQ_DEBUG);
diff --git a/xen/common/schedule.c b/xen/common/schedule.c
index 5fe6cb4304..ef3e51a75e 100644
--- a/xen/common/schedule.c
+++ b/xen/common/schedule.c
@@ -42,7 +42,7 @@ string_param("sched", opt_sched);
 /* Various timer handlers. */
 static void s_timer_fn(void *unused);
 static void t_timer_fn(void *unused);
-static void dom_timer_fn(void *data);
+static void vcpu_timer_fn(void *data);
 static void poll_timer_fn(void *data);
 
 /* This is global for now so that private implementations can reach it */
@@ -167,7 +167,7 @@ struct vcpu *alloc_vcpu(
 void sched_add_domain(struct vcpu *v) 
 {
     /* Initialise the per-domain timers. */
-    init_timer(&v->timer, dom_timer_fn, v, v->processor);
+    init_timer(&v->timer, vcpu_timer_fn, v, v->processor);
     init_timer(&v->poll_timer, poll_timer_fn, v, v->processor);
 
     if ( is_idle_vcpu(v) )
@@ -642,12 +642,10 @@ static void t_timer_fn(void *unused)
     set_timer(&t_timer[cpu], NOW() + MILLISECS(10));
 }
 
-/* Domain timer function, sends a virtual timer interrupt to domain */
-static void dom_timer_fn(void *data)
+/* Per-VCPU timer function: sends a virtual timer interrupt. */
+static void vcpu_timer_fn(void *data)
 {
     struct vcpu *v = data;
-
-    update_vcpu_system_time(v);
     send_timer_event(v);
 }
 
diff --git a/xen/common/timer.c b/xen/common/timer.c
index e62a74ee23..10985fdd8b 100644
--- a/xen/common/timer.c
+++ b/xen/common/timer.c
@@ -251,12 +251,15 @@ void migrate_timer(struct timer *timer, unsigned int new_cpu)
     }
 
     if ( active_timer(timer) )
+    {
         __stop_timer(timer);
-
-    timer->cpu = new_cpu;
-
-    if ( likely(!timer->killed) )
+        timer->cpu = new_cpu;
         __add_timer(timer);
+    }
+    else
+    {
+        timer->cpu = new_cpu;
+    }
 
     spin_unlock(&timers[old_cpu].lock);
     spin_unlock_irqrestore(&timers[new_cpu].lock, flags);
diff --git a/xen/include/acm/acm_core.h b/xen/include/acm/acm_core.h
index 7733192ad3..262e4daae0 100644
--- a/xen/include/acm/acm_core.h
+++ b/xen/include/acm/acm_core.h
@@ -26,6 +26,7 @@
 
 /* Xen-internal representation of the binary policy */
 struct acm_binary_policy {
+    char *policy_reference_name;
     u16 primary_policy_code;
     u16 secondary_policy_code;
 };
@@ -124,7 +125,8 @@ int acm_get_policy(void *buf, u32 buf_size);
 int acm_dump_statistics(void *buf, u16 buf_size);
 int acm_get_ssid(ssidref_t ssidref, u8 *buf, u16 buf_size);
 int acm_get_decision(ssidref_t ssidref1, ssidref_t ssidref2, enum acm_hook_type hook);
-
+int acm_set_policy_reference(u8 * buf, u32 buf_size);
+int acm_dump_policy_reference(u8 *buf, u32 buf_size);
 #endif
 
 /*
diff --git a/xen/include/asm-x86/cpufeature.h b/xen/include/asm-x86/cpufeature.h
index 0a815ac6a7..a092a83ad5 100644
--- a/xen/include/asm-x86/cpufeature.h
+++ b/xen/include/asm-x86/cpufeature.h
@@ -104,6 +104,7 @@
 #define cpu_has_pae		boot_cpu_has(X86_FEATURE_PAE)
 #define cpu_has_pge		boot_cpu_has(X86_FEATURE_PGE)
 #define cpu_has_apic		boot_cpu_has(X86_FEATURE_APIC)
+#define cpu_has_sep		boot_cpu_has(X86_FEATURE_SEP)
 #define cpu_has_mtrr		boot_cpu_has(X86_FEATURE_MTRR)
 #define cpu_has_mmx		boot_cpu_has(X86_FEATURE_MMX)
 #define cpu_has_fxsr		boot_cpu_has(X86_FEATURE_FXSR)
@@ -125,6 +126,7 @@
 #define cpu_has_pae		1
 #define cpu_has_pge		1
 #define cpu_has_apic		boot_cpu_has(X86_FEATURE_APIC)
+#define cpu_has_sep		0
 #define cpu_has_mtrr		1
 #define cpu_has_mmx		1
 #define cpu_has_fxsr		1
diff --git a/xen/include/asm-x86/current.h b/xen/include/asm-x86/current.h
index 5803141f2a..9b0b6e5245 100644
--- a/xen/include/asm-x86/current.h
+++ b/xen/include/asm-x86/current.h
@@ -16,7 +16,7 @@ struct vcpu;
 struct cpu_info {
     struct cpu_user_regs guest_cpu_user_regs;
     unsigned int         processor_id;
-    struct vcpu  *current_ed;
+    struct vcpu         *current_vcpu;
 };
 
 static inline struct cpu_info *get_cpu_info(void)
@@ -29,12 +29,12 @@ static inline struct cpu_info *get_cpu_info(void)
     return cpu_info;
 }
 
-#define get_current()         (get_cpu_info()->current_ed)
-#define set_current(_ed)      (get_cpu_info()->current_ed = (_ed))
+#define get_current()         (get_cpu_info()->current_vcpu)
+#define set_current(vcpu)     (get_cpu_info()->current_vcpu = (vcpu))
 #define current               (get_current())
 
 #define get_processor_id()    (get_cpu_info()->processor_id)
-#define set_processor_id(_id) (get_cpu_info()->processor_id = (_id))
+#define set_processor_id(id)  (get_cpu_info()->processor_id = (id))
 
 #define guest_cpu_user_regs() (&get_cpu_info()->guest_cpu_user_regs)
 
@@ -51,8 +51,14 @@ static inline struct cpu_info *get_cpu_info(void)
         "mov %0,%%"__OP"sp; jmp "STR(__fn)      \
         : : "r" (guest_cpu_user_regs()) : "memory" )
 
-#define schedule_tail(_ed) (((_ed)->arch.schedule_tail)(_ed))
+#define schedule_tail(vcpu) (((vcpu)->arch.schedule_tail)(vcpu))
 
-extern void set_current_execstate(struct vcpu *v);
+#include <xen/percpu.h>
+/*
+ * Which VCPU's state is currently running on each CPU?
+ * This is not necesasrily the same as 'current' as a CPU may be
+ * executing a lazy state switch.
+ */
+DECLARE_PER_CPU(struct vcpu *, curr_vcpu);
 
 #endif /* __X86_CURRENT_H__ */
diff --git a/xen/include/asm-x86/hvm/svm/vmcb.h b/xen/include/asm-x86/hvm/svm/vmcb.h
index 246144190c..24f9322b88 100644
--- a/xen/include/asm-x86/hvm/svm/vmcb.h
+++ b/xen/include/asm-x86/hvm/svm/vmcb.h
@@ -473,10 +473,10 @@ enum {
 #define VMCB_EFLAGS_RESERVED_1          0x00000002 /* bitmap for 1 */
 
 /* These bits in the CR4 are owned by the host */
-#ifdef __i386__
-#define SVM_CR4_HOST_MASK (0)
-#else
+#if CONFIG_PAGING_LEVELS >= 3
 #define SVM_CR4_HOST_MASK (X86_CR4_PAE)
+#else
+#define SVM_CR4_HOST_MASK 0
 #endif
 
 
diff --git a/xen/include/asm-x86/hvm/vpit.h b/xen/include/asm-x86/hvm/vpit.h
index 848277cf73..6ee3e02bbb 100644
--- a/xen/include/asm-x86/hvm/vpit.h
+++ b/xen/include/asm-x86/hvm/vpit.h
@@ -30,47 +30,65 @@
 
 #define PIT_FREQ 1193181
 
-#define LSByte          0
-#define MSByte          1
-#define LSByte_multiple 2
-#define MSByte_multiple 3
+#define PIT_BASE 0x40
+#define HVM_PIT_ACCEL_MODE 2
 
-struct hvm_virpit {
-    /* for simulation of counter 0 in mode 2 */
+typedef struct PITChannelState {
+    int count; /* can be 65536 */
+    u16 latched_count;
+    u8 count_latched;
+    u8 status_latched;
+    u8 status;
+    u8 read_state;
+    u8 write_state;
+    u8 write_latch;
+    u8 rw_mode;
+    u8 mode;
+    u8 bcd; /* not supported */
+    u8 gate; /* timer start */
+    s64 count_load_time;
+    /* irq handling */
+    s64 next_transition_time;
+    int irq;
+    struct hvm_time_info *hvm_time;
+    u32 period; /* period(ns) based on count */
+} PITChannelState;
+
+struct hvm_time_info {
+    /* extra info for the mode 2 channel */
+    struct timer pit_timer;
+    struct vcpu *vcpu;          /* which vcpu the ac_timer bound to */
     u64 period_cycles;          /* pit frequency in cpu cycles */
     s_time_t count_advance;     /* accumulated count advance since last fire */
     s_time_t count_point;        /* last point accumulating count advance */
-    s_time_t scheduled;         /* scheduled timer interrupt */
-    struct timer pit_timer;     /* periodic timer for mode 2*/
-    unsigned int channel;       /* the pit channel, counter 0~2 */
     unsigned int pending_intr_nr; /* the couner for pending timer interrupts */
-    u32 period;                 /* pit frequency in ns */
     int first_injected;         /* flag to prevent shadow window */
     s64 cache_tsc_offset;       /* cache of VMCS TSC_OFFSET offset */
     u64 last_pit_gtime;         /* guest time when last pit is injected */
+};
 
-    /* virtual PIT state for handle related I/O */
-    int read_state;
-    int count_LSB_latched;
-    int count_MSB_latched;
+typedef struct hvm_virpit {
+    PITChannelState channels[3];
+    struct hvm_time_info time_info;
+    int speaker_data_on;
+    int dummy_refresh_clock;
+}hvm_virpit;
 
-    unsigned int count;  /* the 16 bit channel count */
-    unsigned int init_val; /* the init value for the counter */
-};
 
 static __inline__ s_time_t get_pit_scheduled(
     struct vcpu *v,
     struct hvm_virpit *vpit)
 {
+    struct PITChannelState *s = &(vpit->channels[0]);
     if ( is_irq_enabled(v, 0) ) {
-        return vpit->scheduled;
+        return s->next_transition_time;
     }
     else
         return -1;
 }
 
 /* to hook the ioreq packet to get the PIT initialization info */
-extern void hvm_hooks_assist(struct vcpu *v);
-void pickup_deactive_ticks(struct hvm_virpit *vpit);
+extern void pit_init(struct hvm_virpit *pit, struct vcpu *v);
+extern void pickup_deactive_ticks(struct hvm_virpit *vpit);
 
 #endif /* __ASM_X86_HVM_VPIT_H__ */
diff --git a/xen/include/asm-x86/io_apic.h b/xen/include/asm-x86/io_apic.h
index 4cacb8b419..47cd148e10 100644
--- a/xen/include/asm-x86/io_apic.h
+++ b/xen/include/asm-x86/io_apic.h
@@ -139,7 +139,11 @@ static inline void io_apic_write(unsigned int apic, unsigned int reg, unsigned i
  *
  * Older SiS APIC requires we rewrite the index regiser
  */
-#define sis_apic_bug 0 /* This may need propagating from domain0. */
+#ifdef __i386__
+extern int sis_apic_bug;
+#else
+#define sis_apic_bug 0
+#endif
 static inline void io_apic_modify(unsigned int apic, unsigned int reg, unsigned int value)
 {
 	if (sis_apic_bug)
diff --git a/xen/include/asm-x86/percpu.h b/xen/include/asm-x86/percpu.h
new file mode 100644
index 0000000000..d76206587f
--- /dev/null
+++ b/xen/include/asm-x86/percpu.h
@@ -0,0 +1,20 @@
+#ifndef __X86_PERCPU_H__
+#define __X86_PERCPU_H__
+
+#define PERCPU_SHIFT 12
+#define PERCPU_SIZE  (1UL << PERCPU_SHIFT)
+
+/* Separate out the type, so (int[3], foo) works. */
+#define DEFINE_PER_CPU(type, name)                      \
+    __attribute__((__section__(".data.percpu")))        \
+    __typeof__(type) per_cpu__##name
+
+/* var is in discarded region: offset to particular copy we want */
+#define per_cpu(var, cpu)  \
+    (*RELOC_HIDE(&per_cpu__##var, ((unsigned int)(cpu))<<PERCPU_SHIFT))
+#define __get_cpu_var(var) \
+    (per_cpu(var, smp_processor_id()))
+
+#define DECLARE_PER_CPU(type, name) extern __typeof__(type) per_cpu__##name
+
+#endif /* __X86_PERCPU_H__ */
diff --git a/xen/include/public/acm.h b/xen/include/public/acm.h
index a7a5a57a27..9fa503a406 100644
--- a/xen/include/public/acm.h
+++ b/xen/include/public/acm.h
@@ -51,17 +51,17 @@
 
 /* policy: */
 #define ACM_POLICY_NAME(X) \
- ((X) == (ACM_NULL_POLICY)) ? "NULL policy" :                        \
-    ((X) == (ACM_CHINESE_WALL_POLICY)) ? "CHINESE WALL policy" :        \
-    ((X) == (ACM_SIMPLE_TYPE_ENFORCEMENT_POLICY)) ? "SIMPLE TYPE ENFORCEMENT policy" : \
-    ((X) == (ACM_CHINESE_WALL_AND_SIMPLE_TYPE_ENFORCEMENT_POLICY)) ? "CHINESE WALL AND SIMPLE TYPE ENFORCEMENT policy" : \
-     "UNDEFINED policy"
+ ((X) == (ACM_NULL_POLICY)) ? "NULL" :                        \
+    ((X) == (ACM_CHINESE_WALL_POLICY)) ? "CHINESE WALL" :        \
+    ((X) == (ACM_SIMPLE_TYPE_ENFORCEMENT_POLICY)) ? "SIMPLE TYPE ENFORCEMENT" : \
+    ((X) == (ACM_CHINESE_WALL_AND_SIMPLE_TYPE_ENFORCEMENT_POLICY)) ? "CHINESE WALL AND SIMPLE TYPE ENFORCEMENT" : \
+     "UNDEFINED"
 
 /* the following policy versions must be increased
  * whenever the interpretation of the related
  * policy's data structure changes
  */
-#define ACM_POLICY_VERSION 1
+#define ACM_POLICY_VERSION 2
 #define ACM_CHWALL_VERSION 1
 #define ACM_STE_VERSION  1
 
@@ -113,12 +113,17 @@ struct acm_policy_buffer {
     uint32_t policy_version; /* ACM_POLICY_VERSION */
     uint32_t magic;
     uint32_t len;
+    uint32_t policy_reference_offset;
     uint32_t primary_policy_code;
     uint32_t primary_buffer_offset;
     uint32_t secondary_policy_code;
     uint32_t secondary_buffer_offset;
 };
 
+struct acm_policy_reference_buffer {
+    uint32_t len;
+};
+
 struct acm_chwall_policy_buffer {
     uint32_t policy_version; /* ACM_CHWALL_VERSION */
     uint32_t policy_code;
@@ -160,6 +165,7 @@ struct acm_ste_stats_buffer {
 struct acm_ssid_buffer {
     uint32_t len;
     ssidref_t ssidref;
+    uint32_t policy_reference_offset;
     uint32_t primary_policy_code;
     uint32_t primary_max_types;
     uint32_t primary_types_offset;
diff --git a/xen/include/public/acm_ops.h b/xen/include/public/acm_ops.h
index b4ce11f412..98cd7889b4 100644
--- a/xen/include/public/acm_ops.h
+++ b/xen/include/public/acm_ops.h
@@ -17,7 +17,7 @@
  * This makes sure that old versions of acm tools will stop working in a
  * well-defined way (rather than crashing the machine, for instance).
  */
-#define ACM_INTERFACE_VERSION   0xAAAA0005
+#define ACM_INTERFACE_VERSION   0xAAAA0006
 
 /************************************************************************/
 
diff --git a/xen/include/public/callback.h b/xen/include/public/callback.h
index 479333ddb8..820fffd78c 100644
--- a/xen/include/public/callback.h
+++ b/xen/include/public/callback.h
@@ -21,6 +21,12 @@
 #define CALLBACKTYPE_event                 0
 #define CALLBACKTYPE_failsafe              1
 #define CALLBACKTYPE_syscall               2 /* x86_64 only */
+/*
+ * sysenter is only available on x86_32 with the
+ * supervisor_mode_kernel option enabled.
+ */
+#define CALLBACKTYPE_sysenter              3
+#define CALLBACKTYPE_nmi                   4
 
 /*
  * Register a callback.
diff --git a/xen/include/public/dom0_ops.h b/xen/include/public/dom0_ops.h
index 497a1c58d6..345e9f91f4 100644
--- a/xen/include/public/dom0_ops.h
+++ b/xen/include/public/dom0_ops.h
@@ -404,7 +404,9 @@ typedef struct dom0_getdomaininfolist {
 DEFINE_GUEST_HANDLE(dom0_getdomaininfolist_t);
 
 #define DOM0_PLATFORM_QUIRK      39
-#define QUIRK_NOIRQBALANCING  1
+#define QUIRK_NOIRQBALANCING      1 /* Do not restrict IO-APIC RTE targets */
+#define QUIRK_IOAPIC_BAD_REGSEL   2 /* IO-APIC REGSEL forgets its value    */
+#define QUIRK_IOAPIC_GOOD_REGSEL  3 /* IO-APIC REGSEL behaves properly     */
 typedef struct dom0_platform_quirk {
     /* IN variables. */
     uint32_t quirk_id;
diff --git a/xen/include/public/xenoprof.h b/xen/include/public/xenoprof.h
index 134df887c4..0699834d5d 100644
--- a/xen/include/public/xenoprof.h
+++ b/xen/include/public/xenoprof.h
@@ -12,18 +12,22 @@
 #define __XEN_PUBLIC_XENOPROF_H__
 
 /*
- * Commands to HYPERVISOR_pmc_op().
+ * Commands to HYPERVISOR_xenoprof_op().
  */
-#define XENOPROF_init               0
-#define XENOPROF_set_active         1
-#define XENOPROF_reserve_counters   3
-#define XENOPROF_setup_events       4
-#define XENOPROF_enable_virq        5
-#define XENOPROF_start              6
-#define XENOPROF_stop               7
-#define XENOPROF_disable_virq       8
-#define XENOPROF_release_counters   9
-#define XENOPROF_shutdown          10
+#define XENOPROF_init                0
+#define XENOPROF_reset_active_list   1
+#define XENOPROF_reset_passive_list  2
+#define XENOPROF_set_active          3
+#define XENOPROF_set_passive         4
+#define XENOPROF_reserve_counters    5
+#define XENOPROF_counter             6
+#define XENOPROF_setup_events        7
+#define XENOPROF_enable_virq         8
+#define XENOPROF_start               9
+#define XENOPROF_stop               10
+#define XENOPROF_disable_virq       11
+#define XENOPROF_release_counters   12
+#define XENOPROF_shutdown           13
 
 #define MAX_OPROF_EVENTS    32
 #define MAX_OPROF_DOMAINS   25	
@@ -50,25 +54,29 @@ typedef struct xenoprof_buf {
 } xenoprof_buf_t;
 DEFINE_GUEST_HANDLE(xenoprof_buf_t);
 
-typedef struct xenoprof_init_result {
+typedef struct xenoprof_init {
+    int32_t  max_samples;
     int32_t  num_events;
     int32_t  is_primary;
     int32_t  nbuf;
     int32_t  bufsize;
     uint64_t buf_maddr;
     char cpu_type[XENOPROF_CPU_TYPE_SIZE];
-} xenoprof_init_result_t;
-DEFINE_GUEST_HANDLE(xenoprof_init_result_t);
+} xenoprof_init_t;
+DEFINE_GUEST_HANDLE(xenoprof_init_t);
+
+typedef struct xenoprof_counter {
+    uint32_t ind;
+    uint64_t count;
+    uint32_t enabled;
+    uint32_t event;
+    uint32_t hypervisor;
+    uint32_t kernel;
+    uint32_t user;
+    uint64_t unit_mask;
+} xenoprof_counter_t;
+DEFINE_GUEST_HANDLE(xenoprof_counter_t);
 
-typedef struct xenoprof_counter_config {
-    unsigned long count;
-    unsigned long enabled;
-    unsigned long event;
-    unsigned long kernel;
-    unsigned long user;
-    unsigned long unit_mask;
-} xenoprof_counter_config_t;
-DEFINE_GUEST_HANDLE(xenoprof_counter_config_t);
 
 #endif /* __XEN_PUBLIC_XENOPROF_H__ */
 
diff --git a/xen/include/xen/compiler.h b/xen/include/xen/compiler.h
index 29acdc59e8..d4e5a43b2e 100644
--- a/xen/include/xen/compiler.h
+++ b/xen/include/xen/compiler.h
@@ -25,4 +25,17 @@
 #define __must_check
 #endif
 
+/* This macro obfuscates arithmetic on a variable address so that gcc
+   shouldn't recognize the original var, and make assumptions about it */
+/*
+ * Versions of the ppc64 compiler before 4.1 had a bug where use of
+ * RELOC_HIDE could trash r30. The bug can be worked around by changing
+ * the inline assembly constraint from =g to =r, in this particular
+ * case either is valid.
+ */
+#define RELOC_HIDE(ptr, off)                    \
+  ({ unsigned long __ptr;                       \
+    __asm__ ("" : "=r"(__ptr) : "0"(ptr));      \
+    (typeof(ptr)) (__ptr + (off)); })
+
 #endif /* __LINUX_COMPILER_H */
diff --git a/xen/include/xen/cpumask.h b/xen/include/xen/cpumask.h
index f1e256b4c8..0188570955 100644
--- a/xen/include/xen/cpumask.h
+++ b/xen/include/xen/cpumask.h
@@ -113,6 +113,12 @@ static inline int __cpu_test_and_set(int cpu, cpumask_t *addr)
 	return test_and_set_bit(cpu, addr->bits);
 }
 
+#define cpu_test_and_clear(cpu, cpumask) __cpu_test_and_clear((cpu), &(cpumask))
+static inline int __cpu_test_and_clear(int cpu, cpumask_t *addr)
+{
+	return test_and_clear_bit(cpu, addr->bits);
+}
+
 #define cpus_and(dst, src1, src2) __cpus_and(&(dst), &(src1), &(src2), NR_CPUS)
 static inline void __cpus_and(cpumask_t *dstp, const cpumask_t *src1p,
 					const cpumask_t *src2p, int nbits)
diff --git a/xen/include/xen/nmi.h b/xen/include/xen/nmi.h
new file mode 100644
index 0000000000..a13e797273
--- /dev/null
+++ b/xen/include/xen/nmi.h
@@ -0,0 +1,29 @@
+/******************************************************************************
+ * nmi.h
+ *
+ * Register and unregister NMI callbacks.
+ *
+ * Copyright (c) 2006, Ian Campbell <ian.campbell@xensource.com>
+ */
+
+#ifndef __XEN_NMI_H__
+#define __XEN_NMI_H__
+
+#include <asm/nmi.h>
+
+/**
+ * register_guest_nmi_callback
+ *
+ * The default NMI handler passes the NMI to a guest callback. This
+ * function registers the address of that callback.
+ */
+extern long register_guest_nmi_callback(unsigned long address);
+
+/**
+ * unregister_guest_nmi_callback
+ *
+ * Unregister a guest NMI handler.
+ */
+extern long unregister_guest_nmi_callback(void);
+
+#endif /* __XEN_NMI_H__ */
diff --git a/xen/include/xen/percpu.h b/xen/include/xen/percpu.h
new file mode 100644
index 0000000000..88fba30e8a
--- /dev/null
+++ b/xen/include/xen/percpu.h
@@ -0,0 +1,15 @@
+#ifndef __XEN_PERCPU_H__
+#define __XEN_PERCPU_H__
+
+#include <xen/config.h>
+#include <xen/smp.h>
+#include <asm/percpu.h>
+
+/* Preferred on Xen. Also see arch-defined per_cpu(). */
+#define this_cpu(var)    __get_cpu_var(var)
+
+/* Linux compatibility. */
+#define get_cpu_var(var) this_cpu(var)
+#define put_cpu_var(var)
+
+#endif /* __XEN_PERCPU_H__ */