From patchwork Thu May 18 22:25:41 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Daniel Jurgens X-Patchwork-Id: 9735331 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id B530A601A1 for ; Thu, 18 May 2017 22:27:08 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 9F56E288B2 for ; Thu, 18 May 2017 22:27:08 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 94375288BE; Thu, 18 May 2017 22:27:08 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-1.9 required=2.0 tests=BAYES_00, RCVD_IN_DNSWL_NONE, UNPARSEABLE_RELAY autolearn=ham version=3.3.1 Received: from emsm-gh1-uea10.nsa.gov (smtp.nsa.gov [8.44.101.8]) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id 76917288B2 for ; Thu, 18 May 2017 22:27:07 +0000 (UTC) X-IronPort-AV: E=Sophos;i="5.38,360,1491264000"; d="scan'208";a="7229031" IronPort-PHdr: =?us-ascii?q?9a23=3Av7BfkRV2hlqPJKdowBrDAuniJ3vV8LGtZVwlr6E/?= =?us-ascii?q?grcLSJyIuqrYYhWCuqdThVPEFb/W9+hDw7KP9fuxBipaud3Y6jgrS99lb1c9k8?= =?us-ascii?q?IYnggtUoauKHbQC7rUVRE8B9lIT1R//nu2YgB/Ecf6YEDO8DXptWZBUhrwOhBo?= =?us-ascii?q?KevrB4Xck9q41/yo+53Ufg5EmCexbal8IRiyrwjdrNcajZdtJqos1BfCv2dFdf?= =?us-ascii?q?lRyW50P1yYggzy5t23/J5t8iRQv+wu+stdWqjkfKo2UKJVAi0+P286+MPkux/D?= =?us-ascii?q?TRCS5nQHSWUZjgBIAwne4x7kWJr6rzb3ufB82CmeOs32UKw0VDG/5KplVBPklC?= =?us-ascii?q?EKPCM3/2HNjsx7kbxVrhSvqRdix4LYeZyZOOZ7cq7bYNgUR3dOXtxJWiJBHI2y?= =?us-ascii?q?coUBAekGM+laoYn9v1kDoQawCAayH+Pi0SNEimPs0KEmyektDR3K0Qo9FNwOqn?= =?us-ascii?q?TUq9D1Ob8cX++vyqnD0DHNb+5M2Tfy9ofIdAshquyLUL1ta8XRz0gvGB3BjlWS?= =?us-ascii?q?soHlOi2a1uAJs2eB6epgUu2uh3Q7pAF2pzii38EhgZTHiIISz1DL7yR5wIAtKN?= =?us-ascii?q?2jVEF0e9ikHIFUty6BMYZ9X8AsQ3lwtSonxbALtoS3cSgXxJg92RLSZOKLf5KV?= =?us-ascii?q?7h77SeqcJTl1iGhqdb+9nRq+7Emtx+3mWsWpzlpHqixImcTWuH8XzRzc8M2HR+?= =?us-ascii?q?N4/kemxDmAyRje6vpBIUAojarbLIMhwqIompoTr0vDGij2lV3qjKCMbEUk+/Wo?= =?us-ascii?q?6//9brX6pp6TK490igbkPqQohsO/Gvg3PhILX2ia/eSwzLzj/UvnT7VWlvA6j6?= =?us-ascii?q?bUvZ/AKckbu6K1GRFZ34k95xqlEjuqyNEYkmMGLFJBdhKHlY/pO1TWLfDjE/i/?= =?us-ascii?q?h1WskDF2x/HJJ7HuGZLNLmXFkLj9Y7l98FVRyBYzzN9D55JUDasNIPToWkDrrt?= =?us-ascii?q?DYARg5MxKsz+b9FNp9zp8eWX6IAqKBMqPStlmI6fgzI+mMfoAVvi3wK/oi5/7o?= =?us-ascii?q?iH82g0QdfbW30psNc3C0BPNmI1+WYXD0mNcODX8KvhYiTOztkFCCUzxTaGyuUK?= =?us-ascii?q?I//TE7D4SmDYbdRo22jryB2Dq7H5JNaWBbDFCMDWroe5+DW/cWZyKYOtVhnSAc?= =?us-ascii?q?Vbi9V48h0gmjtQH7y7pjK+rb5DcYuInt1Ndr+uLTkgsy+iZsD8SH1GGNTX97kX?= =?us-ascii?q?8URzMs26B/u0N9wE+Z0adkm/xYCcBT5/RRXwgnKZHcyut6C9buWg7cZdqJVkip?= =?us-ascii?q?Qs+nATAwSdIxxcUCY0BjFNW+lhrDxTalA6cJl7yXA5w56r/T32TrKMZn0HvJyK?= =?us-ascii?q?4hj1w6TcRVLm2mmrRz9w7NCI7Vi0+ZjbqldbwA3C7R82eO1WqPvUBfUA52SqjF?= =?us-ascii?q?WHQfalLXrdT//E/CSaWhCa4kMgtA186NNLFGatv3glVaXP3jIsjRY3qtm2esAh?= =?us-ascii?q?aF3q2DbJLwdGUH3SXdE1MJkxgJ8nacNAg+HT+ho2bEAzNyC13jeUTs8fNxqHmj?= =?us-ascii?q?VE870xmKb1F917qy4hMVi+acROkV3r0YuSchsC55HFOl39LXEtaAvARgfL5Gbd?= =?us-ascii?q?M6+ldH2nrTtxZhMZy4M6Bimlkefhx0v0z01BV3DZhAnNMprHwwzwpyLr+Y3ElG?= =?us-ascii?q?dzOC0pD6IqfXJXXq/BCzd67W3UnT38yL9acV6fQ3tU/jsRqzGUU+9nVryd5V02?= =?us-ascii?q?GT5p/SFgodTYrxUlor9xh9v7zaeSc955nT1X13Lam5qSTC29QuBOorzxavZdFf?= =?us-ascii?q?PLmCFADsD80QH9KuJ/Aym1i1chIEO/hf9aAuMMOia/uJxrSrPP17kTK4k2tH+p?= =?us-ascii?q?ty0l+J9yZmTe7IxZkFyemC3gSbTzf8kEuhssfvlIBYeD4dA2u/xjLgBINKeqJy?= =?us-ascii?q?eoMLBnu0LM2s2tVynZjtVGBE9FS7HVMJxNepeQaOb1z6xQBQ00UXoXijmSSm1D?= =?us-ascii?q?x5iCsmobSF3CzJ2ejicwAHOmFTTml4kVjsOZS0j8wdXEWwcQgplQeq5Vr9x6hB?= =?us-ascii?q?vqhwM2nTQUBOfyj5NGxiVqqwtryYbM5V75MkqyJXUP6zYVqCUL7yvwMa0z//H2?= =?us-ascii?q?tZ3D07czCquo7lnxBjk2KSMnJzrHvfecFtyhbS/8fcReZQ3joARSl3lSLXCkK6?= =?us-ascii?q?P9a34dWej43DvfymV2K9Sp1TdjHmzZmHtCu/4W1lHwe/kOy0mtzpCgU6yjL72M?= =?us-ascii?q?VxVSnSqxb8eIbr3bygMe17ZkloGEP8681iF4FmiIQwmZUQ1WIAiZmP5nUHlmPz?= =?us-ascii?q?Mclc2aL4d3cNQCIHw9jS4Af5wkFjKGyGx57hXHWH3sRhf8W6Yn8R2i8l7MBFFq?= =?us-ascii?q?GU7KdfkCt2vFW4qxnRYf5jkTcB0/cu72Qag+4Rsgo30iqdGqwSHVVfPSH0iRSI?= =?us-ascii?q?6c2xob5JZGapbLew1FBynda/A7GeugtcQmr2eo8+HS9s6cVyKErM32fu6oHgY9?= =?us-ascii?q?TfcdMTtgGUkhvZgehaMpQxmuANhSp9NmL3pWclxPIjjRxywZG6u5CKK31386Kk?= =?us-ascii?q?Bh5XKCX1aNkV+jHxk6lehN2b3520Hpp/ADULR4HkTemvEDIPr/ToKxiBEDM7qn?= =?us-ascii?q?eBFrrQAxWT6EF4oHLTC5qrLW2YJGEFzdV+QxmQPEJfjxoSXDUmmZ45ExunxML/?= =?us-ascii?q?f0hk4TAR/ET3qgNWyuJvNRnwTHvQpBuyZjczUpifIwJc7hte6EfNLcye8uVzEj?= =?us-ascii?q?ld/pK7qAyNLnKUZxhUDW4TQEOJHFbjMaey5dnb7+eXHPK+IOXUbbWIt+NeS++C?= =?us-ascii?q?xYiz3Yt+4zaMKsKPM2F4D/Eh1EtPR3V5FN7dmzUISy0ajDjCYNKepBum/S13tM?= =?us-ascii?q?+/+uzxWA3z/YuPF6dSMdJ39hC4m6eMKfOfhD1jJjZeypMMwmTIxaMF01EOjiFi?= =?us-ascii?q?bT6tEa4PtSTVVqLfhrdXDwIHayN0LMZI6bg80RNVOc7Dkd712L94juQuC1dZW1?= =?us-ascii?q?zhm8epatYMI26hNVPIHkKLOK6BJT3RzMH9ebm8RqFIjOVIqx2wvi6WE1f9MTuY?= =?us-ascii?q?iTbpURGvMf1LjCyAPRxRpp+yfQh3BWjkVtLmZQWxMMVrgj0u3b00mnTKOHYBPj?= =?us-ascii?q?hnbUxCtLKQ7TlCjfVhAGFB9WBqLeqZmyaD9ebUMJIWseZtAitujeJW+Wg6y7xW?= =?us-ascii?q?7CBEQ/x5gi3SocByo1u+iOmA1iJnUAZSqjZMnI+Lpl9tObvD+ZlPR3nE5wkA7X?= =?us-ascii?q?6KBBQUvdRlBcPgu7tKxtjJiq3zNC9I88jI8ssEG8jUNMWHPWI6PhroFz7UCw0F?= =?us-ascii?q?QCW2Om7BnENdkeud9nuPopg9sJjsl4IESqVHW1wtCvMaFkNlEcQYL5d4RDwkj6?= =?us-ascii?q?CUgdUP5XqmshbRQsBasYrGVvKWGvrvLzmYgaNDZxsSzrPyNZ4TOZHj20x+dll6?= =?us-ascii?q?m5zHG1bXXdBIuCFhdAg0oURT/3h4VWIzwUXlZR2u4HIICfG0mRs2hRdkbuQ26D?= =?us-ascii?q?fg+VE3KUTWpCEoikk+hc3lgSyNcD72NKqwXoFXCy7quEUqN5P7RAh1bQOskkx4?= =?us-ascii?q?KDfER7VRj75+emxxjg/Tp4dPE+ZGTaJYeB8Q2e2XZ/Iw3FRatCqo30tH6PDGCZ?= =?us-ascii?q?tljwsqbYSjr3Rb2wJgbd45P6rQK7RVzlJInKKBojeo1vwtwA8ZP0sN6n2deDUW?= =?us-ascii?q?t0MSLLkpOyqo8/d35gyDgTtMZW8MV/QyovJw6Ew8O/6MzyT+3L5fMkqxLfCQL7?= =?us-ascii?q?uFu2jcks6FWk4/1kQOl0lD4Ld5z8Mjc0uPWk810rSRDRMJOdDFKQFPYMpY7GLT?= =?us-ascii?q?cjqWseXR3ZJ1OJ2wGf3yQu+QtaYbn1mkER0zEIQW9MQBGZet0FrGIsj7Mb4F0x?= =?us-ascii?q?Qt5BjrJVmfCvRGZg6Lmi8do86j1J93wZVdJjYFDGV5NiW3/KjYpgkrgfqER9o2?= =?us-ascii?q?bXEaXpYeOnIxQs26lDZTv25cAzmvzuIZ1A+C4ifnpivOCDn8btxjZOqbZB53FN?= =?us-ascii?q?62/jA//LSshl7M7pXSPWf6Osp+utXX8+MVu46HC+9ITbl6q0rcmJNYRnywXG7J?= =?us-ascii?q?Dd61J4P9a4YrbdzsFnm2SFq/hCwpT83pJtaiMrCIgR30RYZTqISbwDEjNcq6Fj?= =?us-ascii?q?ECGxdxp/oO6799ZQwDeZU0egTktwIgOKyjOA2YyMmhQ36xKTtKSPlS1f+1Z7hW?= =?us-ascii?q?zyUwcOC10H4gT5E8z+mw904CXooHgQrfxfm5YYlSSCbzGmFHdwXJuyU5i3BrNv?= =?us-ascii?q?wuzecn3BPIrV4cPiiQe+N3bmxJpMszCk6MIXpoEGo4XEWTjZDD4wK22LAS5SRd?= =?us-ascii?q?lc5O0eJZqHj+ooPfYDW0VayktJXVsi4gbdw4rK10KoHsP9WJu4jfnjPFSpncqA?= =?us-ascii?q?qFUDS1F/BCgNhfPDpYQOVUmWEiIcEGo4xB6UstWcc+ILxPDLIsqKizZzR5FyAf?= =?us-ascii?q?0SgXWpic0zwFh+ezx6HVlgyMcJg4NhwLrolCiMMHUyFqeiMeuLOjV4LOmm+eV2?= =?us-ascii?q?cEPRwe7QtJ5AMPjINweP7q4JbQRp9W1zFWu+50UjfMFpRw7Vv0UHuWgV/jR/i6?= =?us-ascii?q?j+ypxxhdzOzy3dkfWR5/D0ddx+JXlksnKLF3N6cQsZTQsj+Nb0/6unziyPe+Ll?= =?us-ascii?q?lL1cLUb0H4DJbCtWfkXCwQ42EbRY9OyHHaFJQdiQl5Zb0qpFpSPo+pZFzy5zs+?= =?us-ascii?q?x4RmB7O4T9ykx045rXYaQCenC8BOC/t7sFLRQjFlYIumqJTkO5VTXm9f44eRq1?= =?us-ascii?q?FHn0VxKyS504ZTK9lR4j4QWzhCuTSdvN2uSMJd3c95EZoMLclju3fnGKJJI5+R?= =?us-ascii?q?o2Uotbzpz3/W4TE8sFOhyzW0FK60VeVZ/3cRGg8xPWSRtlEvD/cw8mfV6l3NvU?= =?us-ascii?q?p08P1dBriTlkhxoTF9H55IBjZV1XCqMVVzTH9as+pEMqTZacpcTOcuZRW3IRwx?= =?us-ascii?q?CeYm31CV/UFzhXr5fytytg5B9iDBQwU0UDIajq3rmTIAtsGtISUaRI5QbTU9cy?= =?us-ascii?q?fFLBqWmSBNsxZFcU5qX40WD81Y9L4FxYtU5tTNSUKyJiEfRhBiMRg40fVHn05Z?= =?us-ascii?q?rEqYYTzdDRavdfvXsB13etmeodW0I/vn5wdIlJnnsPwm+KoeXXGmnxOiQczGpY?= =?us-ascii?q?/mqtKKrleOdLv/M+CkenDBQiTDgQyyiLs5AZTH5DTcMA1eK5Zm03UkeoThBXTN?= =?us-ascii?q?PRtYO6IRP1BbWrxiadVavuBaYNdpeLwX9qBwBhKIXA/vFZerrPlBMFbcWyrSID?= =?us-ascii?q?mG8uOiv43f97rdRvb8ZsaU3XbIX7p3Potm6Tn8A7rqyZRe+lbs1fhw6kN3UkPG?= =?us-ascii?q?MyecrNT7OgwE+s+idlf4vpIzGTPaGpBwkGDixktYbcoYXzWq8IgEyJNe8HvwVf?= =?us-ascii?q?h43Vbtv+JP7LRk9I0346xzyciuO6fSKPNasUt5DRiIHAlq8Y8tAGdnTWBLfuAR?= =?us-ascii?q?MOvRfbgejc32qeD4DbYX6BqO++xdc9THOVrMmsyiCjGYVRxEnRsOqT8AIQuazP?= =?us-ascii?q?6Jgah0SdyqpeLhwEIi/0C+LgIazLBq/YqE+LCHpOnZbxvLyrgLR7blS9jvrrs2?= =?us-ascii?q?vUOS/vokmKQIemNrfw2tCPIdWdIFxmf80aAqyjohE8XHH7/7+f5DUXc5kijhm5?= =?us-ascii?q?B7EVUWAOkbHaGX/YREg2c3h/DZNsAMcq9cgGqPEgSkErAaw36x9ySXOHVlgg3J?= =?us-ascii?q?0xzoR2Oz7UP5rSh8QSTW1NfviEtVVr6wBUdJRCqkIkp4vTyAPQbys9r3o6s15l?= =?us-ascii?q?ksMmP4rNKNiHehOLRPEsLjPtOcJTc7pEkLjJwxQdyiwpsbFsa8INgP9nF+cvre?= =?us-ascii?q?5Hmxny9HvahHm5LU4tuJ9fXPAXmgk6qapq2JxDBDz3g1vUoy6t6+Of7T4N2KWe?= =?us-ascii?q?6n134LTyd4uQvOQQK6qqDBo1ATI0yL31/BmJYWMdFBwXk4ykbm6fAhQNIy8QVT?= =?us-ascii?q?DYPAaO0CpD/tIjv0wFCfY90tWimYzTRXAkr/EUNkF6gkxGLwoMXJmG/R+1wpXI?= =?us-ascii?q?Z/bVDoiAdsD4omNUIi9kQYzjAEEQgXZhCRFKuoClj9LYsYSUgDbgyK06O7eqcs?= =?us-ascii?q?00x82LGv5O7PbexkHaUNK/JdgxWSk1hcB50Zr7cRQK9me19a7q7YvBLuC4/9X/?= =?us-ascii?q?jpjXAwL+G6QthG8cAFsHsv+h6/SAC86Zhf77YahpeIdrRHYZTVp8Bz8UNn5T8J?= =?us-ascii?q?dixQjxlylAu5XvoApO//4tjavp2o6vytVKo3ROUY6QI0B2JggJv0mlwjpsvX1+?= =?us-ascii?q?hEQI3PlYv/6BxNI2KNuIvCzxl8M/QBK4axc7Zm6XoKPDURJ3MBPdqXd/kz+TRt?= =?us-ascii?q?Py/J51xfGM8MY80XPNbVkwBOlkLpQK1T9tbcGlKABId8bdoo4HTryDA16pY8Vu?= =?us-ascii?q?fg6COoKpDf9V5NIuhDgD9qlN3cuOgf2eDSBzQP4XmFdxh1xTuPy5aTBPb24eWM?= =?us-ascii?q?z9bUW1QdHiEoV4ddJTyC+RGoR+eukJXmTBmU68/pj54kckKfWGCxlrwfsqlQCe?= =?us-ascii?q?5Aljn73j9GG4/phfKaqcaj5XBLuV1AFIZz6RzFF7tFPpVnJxv3ismrSlJ7Bivl?= =?us-ascii?q?d8HebgAut/aOxucQ/+V+MFPzZYocIhIC17L65mRaQxBrSL73pFmZW/weZMdoSf?= =?us-ascii?q?PDtHBV6plgJ7UJPFeDuJzgti1Ip0wuAA81dL8wqSRXdkbSkw1OQKb4oaMOhAQa?= =?us-ascii?q?X954v09MBG2xNXkx5zrCT6tVireeBOYS8jWJQawES19oPT9mQxOpxJVufKOknf?= =?us-ascii?q?JAsmNGmCNxuuQl0zxiRBuhpCLtpqMN2TQ7+LG7tTUMomJFTuSAkyjSDVVM0fUK?= =?us-ascii?q?gb0aC3n89Vy2eGMDY5fq4Ll7OcTg8pEs43UhYRo5eS0LRuCgCzztgKOJBYyPq8?= =?us-ascii?q?hQhBmXuMXBdbWzNzQdNqwhyRL/QHhwygrekwhm8GsFRjWt99ElK5+7Ock72iqk?= =?us-ascii?q?A27be0gQ4qlRqsv+qUYLTPcqaVNm2Ghj3cyHRioDRcPRH2Y1ihMpaX5DcJJF6B?= =?us-ascii?q?8VC7MkgjCWsala5gsUeivbEpy5+onMmsfFwXs9Tddqx2LOoa2FgpIq0GF7lN5v?= =?us-ascii?q?6y6OuWgSd/bGXMN2BXjzzIhfw/TkZ/qxquAHVJdmyLO5Xf8eM8mj/HC72IlrWk?= =?us-ascii?q?C5xbQRAV65PPUFxrjFTyevUXeYVviTc2iQgzY5NVb/5RypLl00a8dKqFQwMunY?= =?us-ascii?q?iZ5fkA3hV617RiOKqV/d0mMjLfsQdxgqt4e/ZwwKUOkRavCHKucwxv0+FEABb2?= =?us-ascii?q?TNHStxF++2rUCtk5ZmNHl65kX6e+vt+Bj8MNSOAhkEDZLarplp9PyiQWKBPWVv?= =?us-ascii?q?zAd8PUlz8+ffGU88tupbc5aWhtjfmch00fQCd/d2Ki09u9gTmo155YmTyseKfg?= =?us-ascii?q?nbzozuKtHNvviYH/rfwlwkem5EVroZYBv16JshM984Wr3TGL5ZsgoGBag+XpMt?= =?us-ascii?q?LWDx9Lt7LAlraA7eeKy0gtX2puKMfpZVqWfW7kgxLCjApRIO0fm0TQ1nb5CwmX?= =?us-ascii?q?r+OpcwRihOr9d1EBtpAJNPG98crwqgG5OUn6W7hMGq9kNiv+8Fq7HwCuzL1Nul?= =?us-ascii?q?w4VxRYZV6lKRMDbXGqZrnlxvjv6ujffYzpnxFcTidMsAVOh6RG7Fd7DHEpy7Kj?= =?us-ascii?q?KPIcL8Z1VG/qWd0L1jVBWRYzr1X62ctC2rLP9k+1k0ypRkfOrPyzwg96rb18X2?= =?us-ascii?q?Z2FaoCejsHGIOJxQ4lzWBezRQQhURuSd8Gl/BqAXbpX79P0IMdM8xNiT+BRz7D?= =?us-ascii?q?tY3MuCOaihoVfG2lhnepLDMEvpxyE5VJEPIBulLUQsgW7ZqnLaAXlHMMikKM9t?= =?us-ascii?q?j8iRDhzs4UlxhG4sanRGGmryStebIXIb1N6mZA2W6AJLCM4On+ytdk47sa29Uv?= =?us-ascii?q?JlOohDmeW2tLUHlstpKy7PRMhGJS3QKqF5PiZJBOXVuFcoegIEs6QyWootfpeB?= =?us-ascii?q?O0QLMEOBySPp0QvCylf4d8ey26mVOioW6WtIz7bE0ThKugm4tu2UjdHjUbDDcZ?= =?us-ascii?q?H2R+TeMSQ/WTGGXjQyFkCp9U2ju/oes/qSOX0frUwMYiKOFA4TobhirdfKAWDI?= =?us-ascii?q?g+1jfYMFhPSBViDuTC13jrEyBidWtUyWRfoMCxXWZWf7gGVAoAyiOuNM/XX9Yr?= =?us-ascii?q?2aw6pVXPYWApFNcv2CWNbYf+pRJzI2mTUYIuq8eMfcr7kh2FLSUWQZC7XI9EGZ?= =?us-ascii?q?TEOOWfycyTfrUpkUsoU3oSco5MzfnjV2E6XJOLafoSSi8oimgyaE6qXiUTw2bk?= =?us-ascii?q?g0hv8SKHWQyxlHbmcfApcav1++bLSHYhNg3XRhq/901BIKY0wnXnRo03BSnt64?= =?us-ascii?q?F8ldQFgTnCWlR/hQPwM/Ny854ULful66WtcHo82GAjYG+w=3D=3D?= X-IPAS-Result: =?us-ascii?q?A2F9AgCcHh5Z/wHyM5BcGwEBAQMBAQEJAQEBFgEBAQMBAQE?= =?us-ascii?q?JAQEBgwEpgW6OeJB7cpcPJYJNiShXAQEBAQEBAQECAQJoKIIzJIJCBgECJFUDC?= =?us-ascii?q?QEBFwgpCAMBUxkFFog5gU8EsGs6JgKLJIg9gmeLCQWJP4dpWItFTopRiEyCAok?= =?us-ascii?q?XDIZHlEZYgQpPIRWEeQFAAxyBZnOIMgEBAQ?= Received: from unknown (HELO tarius.tycho.ncsc.mil) ([144.51.242.1]) by emsm-gh1-uea10.nsa.gov with ESMTP; 18 May 2017 22:27:05 +0000 Received: from prometheus.infosec.tycho.ncsc.mil (prometheus [192.168.25.40]) by tarius.tycho.ncsc.mil (8.14.4/8.14.4) with ESMTP id v4IMR4PI024404; Thu, 18 May 2017 18:27:05 -0400 Received: from tarius.tycho.ncsc.mil (tarius.infosec.tycho.ncsc.mil [144.51.242.1]) by prometheus.infosec.tycho.ncsc.mil (8.15.2/8.15.2) with ESMTP id v4IMQ3kE076185 for ; Thu, 18 May 2017 18:26:03 -0400 Received: from goalie.tycho.ncsc.mil (goalie [144.51.242.250]) by tarius.tycho.ncsc.mil (8.14.4/8.14.4) with ESMTP id v4IMQ2uB024119 for ; Thu, 18 May 2017 18:26:02 -0400 X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: A1CyAwDZHh5Z/4GlL8FcHAEBBAEBCgEBgyyCF454kHtylxMcglKDNgKGRwECAQEBAQECayiFGQYnUhAYCDFXGRuIOYFTsG46ixoBMYg9gmeLCQWJP4dpWItFTopRiEyCAokjhkeURleBCk8hFYU6AxyBZj02iDIBAQE X-IPAS-Result: A1CyAwDZHh5Z/4GlL8FcHAEBBAEBCgEBgyyCF454kHtylxMcglKDNgKGRwECAQEBAQECayiFGQYnUhAYCDFXGRuIOYFTsG46ixoBMYg9gmeLCQWJP4dpWItFTopRiEyCAokjhkeURleBCk8hFYU6AxyBZj02iDIBAQE X-IronPort-AV: E=Sophos;i="5.38,360,1491278400"; d="scan'208";a="6058443" Received: from emsm-gh1-uea10.corp.nsa.gov (HELO emsm-gh1-uea10.nsa.gov) ([10.208.41.36]) by goalie.tycho.ncsc.mil with ESMTP; 18 May 2017 18:26:01 -0400 IronPort-PHdr: =?us-ascii?q?9a23=3A/6UX4hNfE4rOjHa/L2wl6mtUPXoX/o7sNwtQ0KIM?= =?us-ascii?q?zox0Lfn9rarrMEGX3/hxlliBBdydsKMbzbCO+Pm6EUU7or+5+EgYd5JNUxJXwe?= =?us-ascii?q?43pCcHRPC/NEvgMfTxZDY7FskRHHVs/nW8LFQHUJ2mPw6arXK99yMdFQviPgRp?= =?us-ascii?q?OOv1BpTSj8Oq3Oyu5pHfeQtFiT6/bL9oMhm6sQrdutQIjYB/Nqs/1xzFr2dSde?= =?us-ascii?q?9L321oP1WTnxj95se04pFu9jlbtuwi+cBdT6j0Zrw0QrNEAjsoNWA1/9DrugLY?= =?us-ascii?q?TQST/HscU34ZnQRODgPY8Rz1RJbxsi/9tupgxCmXOND9QL4oVTi+6apgVQTlgz?= =?us-ascii?q?kbOTEn7G7Xi9RwjKNFrxKnuxx/2JPfbIWMOPZjYq/RYdYWSGxcVchTSiNBGJux?= =?us-ascii?q?YYsRAeQcM+hWrI7zqFkArRalGQWgGPnixiNSi3PqwaE31fkqHwHc3AwnGtIDqH?= =?us-ascii?q?rao8/zNKwPVe610bPIzTrdYPNQwjf29Y/FfQ07rvGKXLJ/b87RyUs0GgPAkFqQ?= =?us-ascii?q?rYjlMCmT1uQKvGmX9fZvVeWqi2M+rQx6vzahxsApiobTh4IVzEjJ9T5lz4kvI9?= =?us-ascii?q?20Ukp7bsWiHZBNtC+aL5N7Tt4mTmxmoio3xb8LtYSmcCULyJkr3QPTZ+KDfoWO?= =?us-ascii?q?/xntTvyeIS1ii3JgYL+/hwi98UynyuDkU8m7zlJKri5fndnKsXAM2Abf5dSASv?= =?us-ascii?q?dn/0eh3S6D1wHV6u5aPUA5jbfXJpovz7IqmZces17PEjL3lUj2lqOaa1so9+yw?= =?us-ascii?q?5+TieLrmp5ucN4FuigH5N6QjgtGwDv4+MggPQWeb/ea82abm/ULnRLVKiuc5kq?= =?us-ascii?q?/esJHVP8gUuqm5AwpN3oY59xm/Fyum0MgfnXQfN1JKZhaHj4nvO1HTL/H1Fuu/?= =?us-ascii?q?glSwnzdrwPDKJLvhAo7XIXTZn7fheqh9uAZgz18owNRe4Y9EIq0QK/L0HEnqvZ?= =?us-ascii?q?rXCQFqHRazxrPLAdM19J4EVm+JGefNPKrUsFKM5MoqLu2IbYkSqHD2LP1ztK2m?= =?us-ascii?q?tmMwhVJIJfrh5pAQcn3tW60+e0g=3D?= X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: =?us-ascii?q?A0HpAgCcHh5Z/4GlL8FcHAEBBAEBCgEBF?= =?us-ascii?q?wEBBAEBCgEBgwGCF454kHtylxMcglKDNgKGRwEBAQEBAQEBAgECaCiCMyQBgkE?= =?us-ascii?q?GJ1IQGAgxVxkbiDmBU7BrOosaATGIPYJniwkFiT+HaViLRU6KUYhMggKJI4ZHl?= =?us-ascii?q?EZYgQpPIRWFOgMcgWY9NogyAQEB?= X-IPAS-Result: =?us-ascii?q?A0HpAgCcHh5Z/4GlL8FcHAEBBAEBCgEBFwEBBAEBCgEBgwG?= =?us-ascii?q?CF454kHtylxMcglKDNgKGRwEBAQEBAQEBAgECaCiCMyQBgkEGJ1IQGAgxVxkbi?= =?us-ascii?q?DmBU7BrOosaATGIPYJniwkFiT+HaViLRU6KUYhMggKJI4ZHlEZYgQpPIRWFOgM?= =?us-ascii?q?cgWY9NogyAQEB?= X-IronPort-AV: E=Sophos;i="5.38,360,1491264000"; d="scan'208";a="7228978" X-IronPort-Outbreak-Status: No, level 0, Unknown - Unknown Received: from mail-il-dmz.mellanox.com (HELO mellanox.co.il) ([193.47.165.129]) by emsm-gh1-uea10.nsa.gov with ESMTP; 18 May 2017 22:26:00 +0000 Received: from Internal Mail-Server by MTLPINE1 (envelope-from danielj@mellanox.com) with ESMTPS (AES256-SHA encrypted); 19 May 2017 01:25:59 +0300 Received: from x-vnc01.mtx.labs.mlnx. (x-vnc01.mtx.labs.mlnx [10.12.150.16]) by labmailer.mlnx (8.13.8/8.13.8) with ESMTP id v4IMPsGZ013313; Fri, 19 May 2017 01:25:58 +0300 From: Dan Jurgens To: selinux@tycho.nsa.gov Subject: [PATCH v2 1/9] checkpolicy: Add support for ibpkeycon labels Date: Fri, 19 May 2017 01:25:41 +0300 Message-Id: <1495146349-75366-2-git-send-email-danielj@mellanox.com> X-Mailer: git-send-email 1.7.1 In-Reply-To: <1495146349-75366-1-git-send-email-danielj@mellanox.com> References: <1495146349-75366-1-git-send-email-danielj@mellanox.com> X-BeenThere: selinux@tycho.nsa.gov X-Mailman-Version: 2.1.20 Precedence: list List-Id: "Security-Enhanced Linux \(SELinux\) mailing list" List-Post: List-Help: Errors-To: selinux-bounces@tycho.nsa.gov Sender: "Selinux" X-Virus-Scanned: ClamAV using ClamSMTP From: Daniel Jurgens Add checkpolicy support for scanning and parsing ibpkeycon labels. Also create a new ocontext for Infiniband Pkeys and define a new policydb version for infiniband support. Signed-off-by: Daniel Jurgens --- v1: Stephen Smalley: - Always use s6_addr instead of s6_addr32. - Add comment about POLICYDB_VERSION_INFINIBAND being linux specific. v2: Stephen Smalley: - Store subnet_prefix as 8 bytes. --- checkpolicy/policy_define.c | 107 +++++++++++++++++++++++++++++ checkpolicy/policy_define.h | 1 + checkpolicy/policy_parse.y | 15 +++- checkpolicy/policy_scan.l | 3 + libsepol/include/sepol/policydb/policydb.h | 30 +++++--- 5 files changed, 144 insertions(+), 12 deletions(-) diff --git a/checkpolicy/policy_define.c b/checkpolicy/policy_define.c index 8fab214b..e73ec8f7 100644 --- a/checkpolicy/policy_define.c +++ b/checkpolicy/policy_define.c @@ -20,6 +20,7 @@ * Copyright (C) 2004-2005 Trusted Computer Solutions, Inc. * Copyright (C) 2003 - 2008 Tresys Technology, LLC * Copyright (C) 2007 Red Hat Inc. + * Copyright (C) 2017 Mellanox Techonologies Inc. * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation, version 2. @@ -5057,6 +5058,112 @@ int define_port_context(unsigned int low, unsigned int high) return -1; } +int define_ibpkey_context(unsigned int low, unsigned int high) +{ + ocontext_t *newc, *c, *l, *head; + struct in6_addr subnet_prefix; + char *id; + int rc = 0; + + if (policydbp->target_platform != SEPOL_TARGET_SELINUX) { + yyerror("ibpkeycon not supported for target"); + return -1; + } + + if (pass == 1) { + id = (char *)queue_remove(id_queue); + free(id); + parse_security_context(NULL); + return 0; + } + + newc = malloc(sizeof(*newc)); + if (!newc) { + yyerror("out of memory"); + return -1; + } + memset(newc, 0, sizeof(*newc)); + + id = queue_remove(id_queue); + if (!id) { + yyerror("failed to read the subnet prefix"); + rc = -1; + goto out; + } + + rc = inet_pton(AF_INET6, id, &subnet_prefix); + free(id); + if (rc < 1) { + yyerror("failed to parse the subnet prefix"); + if (rc == 0) + rc = -1; + goto out; + } + + if (subnet_prefix.s6_addr[2] || subnet_prefix.s6_addr[3]) { + yyerror("subnet prefix should be 0's in the low order 64 bits."); + rc = -1; + goto out; + } + + if (low > 0xffff || high > 0xffff) { + yyerror("pkey value too large, pkeys are 16 bits."); + rc = -1; + goto out; + } + + memcpy(&newc->u.ibpkey.subnet_prefix, &subnet_prefix.s6_addr[0], + sizeof(newc->u.ibpkey.subnet_prefix)); + + newc->u.ibpkey.low_pkey = low; + newc->u.ibpkey.high_pkey = high; + + if (low > high) { + yyerror2("low pkey %d exceeds high pkey %d", low, high); + rc = -1; + goto out; + } + + rc = parse_security_context(&newc->context[0]); + if (rc) + goto out; + + /* Preserve the matching order specified in the configuration. */ + head = policydbp->ocontexts[OCON_IBPKEY]; + for (l = NULL, c = head; c; l = c, c = c->next) { + unsigned int low2, high2; + + low2 = c->u.ibpkey.low_pkey; + high2 = c->u.ibpkey.high_pkey; + + if (low == low2 && high == high2 && + c->u.ibpkey.subnet_prefix == newc->u.ibpkey.subnet_prefix) { + yyerror2("duplicate ibpkeycon entry for %d-%d ", + low, high); + rc = -1; + goto out; + } + if (low2 <= low && high2 >= high && + c->u.ibpkey.subnet_prefix == newc->u.ibpkey.subnet_prefix) { + yyerror2("ibpkeycon entry for %d-%d hidden by earlier entry for %d-%d", + low, high, low2, high2); + rc = -1; + goto out; + } + } + + if (l) + l->next = newc; + else + policydbp->ocontexts[OCON_IBPKEY] = newc; + + return 0; + +out: + free(newc); + return rc; +} + int define_netif_context(void) { ocontext_t *newc, *c, *head; diff --git a/checkpolicy/policy_define.h b/checkpolicy/policy_define.h index 9f4b6d0d..75e3683b 100644 --- a/checkpolicy/policy_define.h +++ b/checkpolicy/policy_define.h @@ -43,6 +43,7 @@ int define_level(void); int define_netif_context(void); int define_permissive(void); int define_polcap(void); +int define_ibpkey_context(unsigned int low, unsigned int high); int define_port_context(unsigned int low, unsigned int high); int define_pirq_context(unsigned int pirq); int define_iomem_context(uint64_t low, uint64_t high); diff --git a/checkpolicy/policy_parse.y b/checkpolicy/policy_parse.y index 1ac1c96b..35b433bd 100644 --- a/checkpolicy/policy_parse.y +++ b/checkpolicy/policy_parse.y @@ -21,6 +21,7 @@ * Copyright (C) 2004-2005 Trusted Computer Solutions, Inc. * Copyright (C) 2003 - 2008 Tresys Technology, LLC * Copyright (C) 2007 Red Hat Inc. + * Copyright (C) 2017 Mellanox Technologies Inc. * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation, version 2. @@ -135,6 +136,7 @@ typedef int (* require_func_t)(int pass); %token TARGET %token SAMEUSER %token FSCON PORTCON NETIFCON NODECON +%token IBPKEYCON %token PIRQCON IOMEMCON IOPORTCON PCIDEVICECON DEVICETREECON %token FSUSEXATTR FSUSETASK FSUSETRANS %token GENFSCON @@ -170,7 +172,7 @@ base_policy : { if (define_policy(pass, 0) == -1) return -1; } opt_default_rules opt_mls te_rbac users opt_constraints { if (pass == 1) { if (policydb_index_bools(policydbp)) return -1;} else if (pass == 2) { if (policydb_index_others(NULL, policydbp, 0)) return -1;}} - initial_sid_contexts opt_fs_contexts opt_fs_uses opt_genfs_contexts net_contexts opt_dev_contexts + initial_sid_contexts opt_fs_contexts opt_fs_uses opt_genfs_contexts net_contexts opt_dev_contexts opt_ibpkey_contexts ; classes : class_def | classes class_def @@ -713,6 +715,17 @@ port_context_def : PORTCON identifier number security_context_def | PORTCON identifier number '-' number security_context_def {if (define_port_context($3,$5)) return -1;} ; +opt_ibpkey_contexts : ibpkey_contexts + | + ; +ibpkey_contexts : ibpkey_context_def + | ibpkey_contexts ibpkey_context_def + ; +ibpkey_context_def : IBPKEYCON ipv6_addr number security_context_def + {if (define_ibpkey_context($3,$3)) return -1;} + | IBPKEYCON ipv6_addr number '-' number security_context_def + {if (define_ibpkey_context($3,$5)) return -1;} + ; opt_netif_contexts : netif_contexts | ; diff --git a/checkpolicy/policy_scan.l b/checkpolicy/policy_scan.l index 028bd25e..f742939a 100644 --- a/checkpolicy/policy_scan.l +++ b/checkpolicy/policy_scan.l @@ -12,6 +12,7 @@ * Added support for binary policy modules * * Copyright (C) 2003-5 Tresys Technology, LLC + * Copyright (C) 2017 Mellanox Technologies Inc. * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation, version 2. @@ -183,6 +184,8 @@ INCOMP | incomp { return(INCOMP);} fscon | FSCON { return(FSCON);} +ibpkeycon | +IBPKEYCON { return(IBPKEYCON);} portcon | PORTCON { return(PORTCON);} netifcon | diff --git a/libsepol/include/sepol/policydb/policydb.h b/libsepol/include/sepol/policydb/policydb.h index 99e49902..d06d2153 100644 --- a/libsepol/include/sepol/policydb/policydb.h +++ b/libsepol/include/sepol/policydb/policydb.h @@ -24,6 +24,7 @@ * Copyright (C) 2004-2005 Trusted Computer Solutions, Inc. * Copyright (C) 2003 - 2004 Tresys Technology, LLC * Copyright (C) 2003 - 2004 Red Hat, Inc. + * Copyright (C) 2017 Mellanox Techonolgies Inc. * * This library is free software; you can redistribute it and/or * modify it under the terms of the GNU Lesser General Public @@ -358,6 +359,11 @@ typedef struct ocontext { uint32_t low_ioport; uint32_t high_ioport; } ioport; + struct { + uint64_t subnet_prefix; + uint16_t low_pkey; + uint16_t high_pkey; + } ibpkey; } u; union { uint32_t sclass; /* security class for genfs */ @@ -386,14 +392,14 @@ typedef struct genfs { #define SYM_NUM 8 /* object context array indices */ -#define OCON_ISID 0 /* initial SIDs */ -#define OCON_FS 1 /* unlabeled file systems */ -#define OCON_PORT 2 /* TCP and UDP port numbers */ -#define OCON_NETIF 3 /* network interfaces */ -#define OCON_NODE 4 /* nodes */ -#define OCON_FSUSE 5 /* fs_use */ -#define OCON_NODE6 6 /* IPv6 nodes */ -#define OCON_GENFS 7 /* needed for ocontext_supported */ +#define OCON_ISID 0 /* initial SIDs */ +#define OCON_FS 1 /* unlabeled file systems */ +#define OCON_PORT 2 /* TCP and UDP port numbers */ +#define OCON_NETIF 3 /* network interfaces */ +#define OCON_NODE 4 /* nodes */ +#define OCON_FSUSE 5 /* fs_use */ +#define OCON_NODE6 6 /* IPv6 nodes */ +#define OCON_IBPKEY 7 /* Infiniband PKEY */ /* object context array indices for Xen */ #define OCON_XEN_ISID 0 /* initial SIDs */ @@ -404,7 +410,7 @@ typedef struct genfs { #define OCON_XEN_DEVICETREE 5 /* device tree node */ /* OCON_NUM needs to be the largest index in any platform's ocontext array */ -#define OCON_NUM 7 +#define OCON_NUM 8 /* section: module information */ @@ -726,10 +732,11 @@ extern int policydb_set_target_platform(policydb_t *p, int platform); #define POLICYDB_VERSION_CONSTRAINT_NAMES 29 #define POLICYDB_VERSION_XEN_DEVICETREE 30 /* Xen-specific */ #define POLICYDB_VERSION_XPERMS_IOCTL 30 /* Linux-specific */ +#define POLICYDB_VERSION_INFINIBAND 31 /* Linux-specific */ /* Range of policy versions we understand*/ #define POLICYDB_VERSION_MIN POLICYDB_VERSION_BASE -#define POLICYDB_VERSION_MAX POLICYDB_VERSION_XPERMS_IOCTL +#define POLICYDB_VERSION_MAX POLICYDB_VERSION_INFINIBAND /* Module versions and specific changes*/ #define MOD_POLICYDB_VERSION_BASE 4 @@ -749,9 +756,10 @@ extern int policydb_set_target_platform(policydb_t *p, int platform); #define MOD_POLICYDB_VERSION_DEFAULT_TYPE 16 #define MOD_POLICYDB_VERSION_CONSTRAINT_NAMES 17 #define MOD_POLICYDB_VERSION_XPERMS_IOCTL 18 +#define MOD_POLICYDB_VERSION_INFINIBAND 19 #define MOD_POLICYDB_VERSION_MIN MOD_POLICYDB_VERSION_BASE -#define MOD_POLICYDB_VERSION_MAX MOD_POLICYDB_VERSION_XPERMS_IOCTL +#define MOD_POLICYDB_VERSION_MAX MOD_POLICYDB_VERSION_INFINIBAND #define POLICYDB_CONFIG_MLS 1