===== xen/Makefile 1.86 vs edited =====
--- 1.86/xen/Makefile	2005-06-22 23:18:11 +09:00
+++ edited/xen/Makefile	2005-06-25 08:13:17 +09:00
@@ -54,20 +54,35 @@
 
 $(TARGET): delete-unfresh-files
 	$(MAKE) include/xen/compile.h
+	$(MAKE) include/xen/acm_policy.h
 	[ -e include/asm ] || ln -sf asm-$(TARGET_ARCH) include/asm
 	$(MAKE) -C arch/$(TARGET_ARCH) asm-offsets.s
 	$(MAKE) include/asm-$(TARGET_ARCH)/asm-offsets.h
 	$(MAKE) -C common
 	$(MAKE) -C drivers
-ifdef ACM_USE_SECURITY_POLICY
+ifneq ($(ACM_USE_SECURITY_POLICY),ACM_NULL_POLICY)
 	$(MAKE) -C acm
 endif
 	$(MAKE) -C arch/$(TARGET_ARCH)
 
 # drivers/char/console.o may contain static banner/compile info. Blow it away.
 delete-unfresh-files:
-	rm -f include/xen/banner.h include/xen/compile.h drivers/char/console.o
+	rm -f include/xen/banner.h include/xen/compile.h include/xen/acm_policy.h drivers/char/console.o
 	$(MAKE) -C arch/$(TARGET_ARCH) delete-unfresh-files
+
+# acm_policy.h contains security policy for Xen
+include/xen/acm_policy.h:
+	@(set -e; \
+	  echo "/*"; \
+	  echo " * DO NOT MODIFY."; \
+	  echo " *"; \
+	  echo " * This file was auto-generated by xen/Makefile $<"; \
+	  echo " *"; \
+	  echo " */"; \
+	  echo ""; \
+	  echo "#ifndef ACM_USE_SECURITY_POLICY"; \
+	  echo "#define ACM_USE_SECURITY_POLICY $(ACM_USE_SECURITY_POLICY)"; \
+	  echo "#endif") >$@
 
 # compile.h contains dynamic build info. Rebuilt on every 'make' invocation.
 include/xen/compile.h: LANG=C
===== xen/Rules.mk 1.45 vs edited =====
--- 1.45/xen/Rules.mk	2005-06-22 23:18:11 +09:00
+++ edited/xen/Rules.mk	2005-06-25 08:13:17 +09:00
@@ -1,4 +1,3 @@
-
 verbose     ?= n
 debug       ?= n
 perfc       ?= n
@@ -8,6 +7,14 @@
 domu_debug  ?= n
 crash_debug ?= n
 
+# ACM_USE_SECURITY_POLICY is set to security policy of Xen
+# Supported models are:
+#	ACM_NULL_POLICY (ACM will not be built with this policy)
+#	ACM_CHINESE_WALL_POLICY
+#	ACM_SIMPLE_TYPE_ENFORCEMENT_POLICY
+#	ACM_CHINESE_WALL_AND_SIMPLE_TYPE_ENFORCEMENT_POLICY
+ACM_USE_SECURITY_POLICY ?= ACM_NULL_POLICY
+
 include $(BASEDIR)/../Config.mk
 
 # Set ARCH/SUBARCH appropriately.
@@ -35,8 +42,8 @@
 ALL_OBJS := $(BASEDIR)/common/common.o
 ALL_OBJS += $(BASEDIR)/drivers/char/driver.o
 ALL_OBJS += $(BASEDIR)/drivers/acpi/driver.o
-ifdef ACM_USE_SECURITY_POLICY
-ALL_OBJS += $(BASEDIR)/acm/acm.o
+ifneq ($(ACM_USE_SECURITY_POLICY),ACM_NULL_POLICY)
+	ALL_OBJS += $(BASEDIR)/acm/acm.o
 endif
 ALL_OBJS += $(BASEDIR)/arch/$(TARGET_ARCH)/arch.o
 
===== xen/include/public/acm.h 1.1 vs edited =====
--- 1.1/xen/include/public/acm.h	2005-06-21 07:28:06 +09:00
+++ edited/xen/include/public/acm.h	2005-06-25 08:13:17 +09:00
@@ -22,11 +22,12 @@
  * todo: move from static policy choice to compile option.
  */
 
-#ifndef _XEN_PUBLIC_SHYPE_H
-#define _XEN_PUBLIC_SHYPE_H
+#ifndef _XEN_PUBLIC_ACM_H
+#define _XEN_PUBLIC_ACM_H
 
 #include "xen.h"
 #include "sched_ctl.h"
+#include "xen/acm_policy.h"
 
 /* if ACM_DEBUG defined, all hooks should
  * print a short trace message (comment it out
@@ -70,10 +71,6 @@
 	(X == ACM_SIMPLE_TYPE_ENFORCEMENT_POLICY) ? "SIMPLE TYPE ENFORCEMENT policy" : \
 	(X == ACM_CHINESE_WALL_AND_SIMPLE_TYPE_ENFORCEMENT_POLICY) ? "CHINESE WALL AND SIMPLE TYPE ENFORCEMENT policy" : \
 	"UNDEFINED policy"
-
-#ifndef ACM_USE_SECURITY_POLICY
-#define ACM_USE_SECURITY_POLICY ACM_NULL_POLICY
-#endif
 
 /* defines a ssid reference used by xen */
 typedef u32 ssidref_t;