From 9de675c1b3966a9decd5f79f2e861f22b491dbf8 Mon Sep 17 00:00:00 2001
From: "kfraser@localhost.localdomain" <kfraser@localhost.localdomain>
Date: Fri, 13 Jul 2007 13:42:41 +0100
Subject: [PATCH] [Build] Remove ACM option for NULL and STE+CHWALL policy
 Signed-off-by: Stefan Berger <stefanb@us.ibm.com>

---
 Config.mk                  |  8 --------
 xen/Makefile               | 16 ----------------
 xen/include/acm/acm_core.h |  4 +++-
 3 files changed, 3 insertions(+), 25 deletions(-)

diff --git a/Config.mk b/Config.mk
index 4e2977a626..529d9f0e21 100644
--- a/Config.mk
+++ b/Config.mk
@@ -81,14 +81,6 @@ CFLAGS += $(foreach i, $(EXTRA_INCLUDES), -I$(i))
 #        n - Do not build the Xen ACM framework
 ACM_SECURITY ?= n
 
-# If ACM_SECURITY = y and no boot policy file is installed,
-# then the ACM defaults to the security policy set by
-# ACM_DEFAULT_SECURITY_POLICY
-# Supported models are:
-#	ACM_NULL_POLICY
-#	ACM_CHINESE_WALL_AND_SIMPLE_TYPE_ENFORCEMENT_POLICY
-ACM_DEFAULT_SECURITY_POLICY ?= ACM_NULL_POLICY
-
 # Optional components
 XENSTAT_XENTOP     ?= y
 VTPM_TOOLS         ?= n
diff --git a/xen/Makefile b/xen/Makefile
index ae2a41408c..1c701060d9 100644
--- a/xen/Makefile
+++ b/xen/Makefile
@@ -59,7 +59,6 @@ _clean: delete-unfresh-files
 	$(MAKE) -f $(BASEDIR)/Rules.mk -C arch/$(TARGET_ARCH) clean
 	rm -f include/asm *.o $(TARGET)* *~ core
 	rm -f include/asm-*/asm-offsets.h
-	rm -f include/xen/acm_policy.h
 
 .PHONY: _distclean
 _distclean: clean
@@ -72,7 +71,6 @@ $(TARGET).gz: $(TARGET)
 $(TARGET): delete-unfresh-files build-headers
 	$(MAKE) -C tools
 	$(MAKE) -f $(BASEDIR)/Rules.mk include/xen/compile.h
-	$(MAKE) -f $(BASEDIR)/Rules.mk include/xen/acm_policy.h
 	[ -e include/asm ] || ln -sf asm-$(TARGET_ARCH) include/asm
 	$(MAKE) -f $(BASEDIR)/Rules.mk -C include
 	$(MAKE) -f $(BASEDIR)/Rules.mk -C arch/$(TARGET_ARCH) asm-offsets.s
@@ -87,20 +85,6 @@ delete-unfresh-files:
 		rm -f include/xen/compile.h; \
 	fi
 
-# acm_policy.h contains security policy for Xen
-include/xen/acm_policy.h:
-	@(set -e; \
-	  echo "/*"; \
-	  echo " * DO NOT MODIFY."; \
-	  echo " *"; \
-	  echo " * This file was auto-generated by xen/Makefile $<"; \
-	  echo " *"; \
-	  echo " */"; \
-	  echo ""; \
-	  echo "#ifndef ACM_DEFAULT_SECURITY_POLICY"; \
-	  echo "#define ACM_DEFAULT_SECURITY_POLICY $(ACM_DEFAULT_SECURITY_POLICY)"; \
-	  echo "#endif") >$@
-
 # compile.h contains dynamic build info. Rebuilt on every 'make' invocation.
 include/xen/compile.h: include/xen/compile.h.in
 	@sed -e 's/@@date@@/$(shell LC_ALL=C date)/g' \
diff --git a/xen/include/acm/acm_core.h b/xen/include/acm/acm_core.h
index bb650e3da2..0045a1bca0 100644
--- a/xen/include/acm/acm_core.h
+++ b/xen/include/acm/acm_core.h
@@ -22,10 +22,12 @@
 #include <xen/spinlock.h>
 #include <xen/list.h>
 #include <public/acm.h>
-#include <xen/acm_policy.h>
 #include <public/acm_ops.h>
 #include <acm/acm_endian.h>
 
+#define ACM_DEFAULT_SECURITY_POLICY \
+        ACM_CHINESE_WALL_AND_SIMPLE_TYPE_ENFORCEMENT_POLICY
+
 /* Xen-internal representation of the binary policy */
 struct acm_binary_policy {
     char *policy_reference_name;
-- 
2.30.2