From patchwork Wed Jan 17 14:55:51 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Peter Enderborg X-Patchwork-Id: 10169613 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id CADC7603ED for ; Wed, 17 Jan 2018 15:39:48 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id B83CA28684 for ; Wed, 17 Jan 2018 15:39:48 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id AAC7728687; Wed, 17 Jan 2018 15:39:48 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-4.2 required=2.0 tests=BAYES_00, RCVD_IN_DNSWL_MED autolearn=ham version=3.3.1 Received: from upbd19pa07.eemsg.mail.mil (upbd19pa07.eemsg.mail.mil [214.24.27.82]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 4699428684 for ; Wed, 17 Jan 2018 15:39:45 +0000 (UTC) Received: from emsm-gh1-uea11.ncsc.mil ([214.29.60.3]) by upbd19pa07.eemsg.mail.mil with ESMTP/TLS/AES256-SHA; 17 Jan 2018 15:39:43 +0000 X-IronPort-AV: E=Sophos;i="5.46,372,1511827200"; d="scan'208";a="8204879" IronPort-PHdr: =?us-ascii?q?9a23=3AYBO/0BfdBqwEVyj1e9Ddh4LnlGMj4u6mDksu8pMi?= =?us-ascii?q?zoh2WeGdxcq6YRSN2/xhgRfzUJnB7Loc0qyK6/mmATRIyK3CmUhKSIZLWR4BhJ?= =?us-ascii?q?detC0bK+nBN3fGKuX3ZTcxBsVIWQwt1Xi6NU9IBJS2PAWK8TW94jEIBxrwKxd+?= =?us-ascii?q?KPjrFY7OlcS30P2594HObwlSizexfa5+IA+qoQnNq8IbnZZsJqEtxxXTv3BGYf?= =?us-ascii?q?5WxWRmJVKSmxbz+MK994N9/ipTpvws6ddOXb31cKokQ7NYCi8mM30u683wqRbD?= =?us-ascii?q?VwqP6WACXWgQjxFFHhLK7BD+Xpf2ryv6qu9w0zSUMMHqUbw5Xymp4rx1QxH0li?= =?us-ascii?q?gIKz858HnWisNuiqJbvAmhrAF7z4LNfY2ZKOZycqbbcNwUX2pBWttaWTJHDI2y?= =?us-ascii?q?coADC/MNMftEo4X4oVYFsBmwChS2BO73yjFGmHH406493esuDQ7I0xYvEc8WsH?= =?us-ascii?q?nWsdn4OrkdUfuuwanUzjjOde9a1C3h5IXKdB0qvPGCXah3ccrU0UQiEBvFgUuM?= =?us-ascii?q?qYP7JTOZzPoCs26G4OV+T+KgkGknqxt+ojW03ccsjY/Jh4IPxl/Y8iV5xZ84KN?= =?us-ascii?q?ulQ0B4ed6pCIZcui6VOodsQs4uXntktDg1x7EYo5K3YTAGxZolyhLFdvCKfYyF?= =?us-ascii?q?7gj+WOuRIDp0nmxpdba5ih2v60av0Pf8WdOx0FtSqypFlcTDuW4V2hzI78iHVu?= =?us-ascii?q?N9/kC82TaTzwzT6v9LIUQzlafDN54u2KQwlpsOsUTYBCP2hEX3g7OWdkUj4OSo?= =?us-ascii?q?7fjoYq76qZOGMo90iwX+Prwvmsy5H+s4LhADU3WU9OmzzrHu/VD1TK9UgvA5jK?= =?us-ascii?q?XVqo3WKdwepqGjAg9V1ogj6wy4DzejyNkYhmcILFZEeBKBkojoNEjCL+v/Dfei?= =?us-ascii?q?hVSjjClkx+vdM739ApTCMnjDkLD7cbZ78E5T0hA/zd9Y55JKEr0BOu78WlfttN?= =?us-ascii?q?zECR80Kw60w+HhCNpnyoMeWXiAAqmCPaPQtl+I4OcvLPOXZI8Jpjn9MeMl6+Tp?= =?us-ascii?q?jX8jll8XZbOp0ocPaHCkAvRmJF2UYXjugtgbDWgKvRE+TOvsiF2DTz5efHiyX6?= =?us-ascii?q?Yh5jA0E42mEIHDRpywgLCb2ye7BJJWbHhcCl+QCXfoa5mEW/AUZSKKPMBuiSIL?= =?us-ascii?q?Vb6gS4890hGjrw76xKR5IeXK4CEYsojj1Ndt7e3JiR4y7SB0D9ia02yVUm50mW?= =?us-ascii?q?UIRzkr069hpUx9y0yO3rJmjPxCEtxf/fRJUh01NZTE1ex1F8jyWh7dfteOUFup?= =?us-ascii?q?X8mmDisrTt8q39AOZEN9FMm4gRDYwyqmGbkVmKKXBJYs6KLTw2DxJ9phy3bBzK?= =?us-ascii?q?Qhjl8mQtdROm2imKF/8hbcB5LTk0SZjKuqcrwc0zDL9GeG12WOvUVYXxV3UaTK?= =?us-ascii?q?R3wfYVHWrdvh7EPYU7CuEagnMhdGycOaKqpLa9rpjVNdSffmPNTSemOxm2GqCR?= =?us-ascii?q?aO3LyMdonqe2QD3CrDEkQElR4c/WqePwgkGiihu37eDCBpFV/3bULs8O1+qHal?= =?us-ascii?q?QU8u1AyKYVNu2Key+h4Pn/OcU+kT3rUGuCg/tzp0AEyx39XMC9qPvwBhZrlTYc?= =?us-ascii?q?sh4Fdb0mLUrwJ9Poa6IKBkmlEech93sljr1xVvC4VMiNMqrX0xzAZoLqKYylxB?= =?us-ascii?q?fSuC3Z/sIr3XNnXy/Be3Zq7VwF7e09GW+roU5fQ7sVrjvwapFlc4/3VgydlV3G?= =?us-ascii?q?OW5o/WAwoKTZLxTkE3+gBgqL7HeCk95p3b1Wd3PKaurjDC3sglBOw/yhavZ91f?= =?us-ascii?q?Kr+LFBfuE80GAMijMPAllEKtbh0aJ+BS6K41P8S9evudxKGrPfhvnDS6jWRG+o?= =?us-ascii?q?9xyESM+DRgSuTQxZYK3+mY3hebVzf7lFqhqN34lp1faDEdG2q+xjLoBIhPaa1u?= =?us-ascii?q?ZYwLE3uhI9WrxtVigJ7gQ2VY9FC5B1MBw8+pZQGfb0f73Q1X20UXpGaomS2iwz?= =?us-ascii?q?xyjT4psrKV3DbSzOT6aBoHJmlLSXFsjFj2JYi0k84VXFKzbwUyihuq+1z6yLNG?= =?us-ascii?q?pKR6NWXTRl1IfyfuJWF4TqSwrqaCY9JI6J4wryVXUfizYUydSr7nuRcVzyPjH2?= =?us-ascii?q?xYxDA0bDyqvpT5nxpgh2KHK3Z/tn3Zedt/xR3H/tzTWeZR3iYaRCl/kTTXAlm8?= =?us-ascii?q?P8K1/dmNjJfMrOS+V2OnVp1Ofijm1piAtDO65W1sAB2wg+uzlsfhEQckzS/xz8?= =?us-ascii?q?NqWjnQrBbgfonr0Ly3MfhgfklsAF/z9dB6FZ15koo+n5wQwmUaiYmO/XYdlmfz?= =?us-ascii?q?K9pb07rkbHURXT4L38LV4A/91U1gMH2JwZn5W26ewsR/Ydm6eWUW1Twh78xQD6?= =?us-ascii?q?eU9rNElzNvolWktQLRfeR9njAFxPs28nEanuUJtxQ1ziqHBLASAVdXPTb3mhSV?= =?us-ascii?q?9NCxsr9XZH21fbir00p+gMqhA62crQFSX3b5YJgiEjFq4sV5Ll3MzGX56pv4d9?= =?us-ascii?q?nIcdITqhqUng/ej+hTNZ08jeQKhSx6NmL9p3ElzfA0jQB215GgoIeHM3lt/L6+?= =?us-ascii?q?AhNALj36fd4T+jX2gKlCn8aWw4CuEoxvGjoRWpvkV/WoECgdtf7/LQaBDCU8qm?= =?us-ascii?q?uHGbrYBQKf60dnr3bRHJ2wMnGXI3cZzdt8SxmBOExfgAcUXDAkkZIjEACl2tDh?= =?us-ascii?q?el9j5j8N/l74tgdMyuVwOhnxSGjfohuoajAxSJWEIhpZ8BxN50DPMcOE9uJzBS?= =?us-ascii?q?ZY/p+/owORNmyXfQNIDXsGWkacHVDsIqGu5cXc8+ifHue+NeHCYLuUpexbTfiI?= =?us-ascii?q?wZWv04t98jmWKsqPO2NuD/oh2kpMRXp5AdjWmy0TSywLkCLAd8CbpA2i9SJqtc?= =?us-ascii?q?Cw6vLrWB7o5YuUELZdK8lg+xWsjaeELe6Qiz5zKSxE2ZMU2X/I1L8f0UYUiyF0?= =?us-ascii?q?bTatCawAuDXDTKLRgK9XFAIbay1yNMtO9a082BVCOc/BhdPxzLJ4ieQ1C1hdX1?= =?us-ascii?q?z7hs6pfdAKI326NF7fH0mEL7OKJTnKw8HsfaO8UqdcjP5KuBKsozqbCFHsPjCC?= =?us-ascii?q?lznvShCuPvpBgz2bPRxEpYG9aQxhCGb5Q9L6cR27N9l3gScxwb0uiXPALXQcPi?= =?us-ascii?q?Rkc0NRsr2Q6jtVgvN+G2xF6npqM/KElj2D4ObGMJYWtuFnAiNul+JV+H460ada?= =?us-ascii?q?7DlYRPxpnyvftsVho1CpkumIzDpqSwdBpShQi4KKp0piP7/V9p5aWXbL5BgN93?= =?us-ascii?q?mfCwwWp9t5Dd3io7pfytfVm6LtNjhP6NXU/dMCCMjSLcKIKnshMR7yFz7TAwoJ?= =?us-ascii?q?VzmrNXvQh0ZFivGd6mWVroQmqpjrgJcOVrhbVFkvGvMADURkHcINIJFsUTM+lr?= =?us-ascii?q?6Uks0I6GGioxnWQcVVoorIVumOAfn1LjaWk6VEbQMSwbzkNYQTKpH720t6Z1l8?= =?us-ascii?q?govFAU7QUMtOoi1mdQ80vF9C8H5lTm0w2kLpcAWt72EPFfSshB45lhN+Yfgx9D?= =?us-ascii?q?fr+1o3PETFpDAun0Yrg9XqnTCRfSXqI6exR4FZFi30t0YpMpPhXQl0bRe+nUp6?= =?us-ascii?q?OzfYX7hRladvdXh3iA/AvptCAeNTQrdaYB8R2P6XfO4l3k5GqiW9wk9G6/DFBo?= =?us-ascii?q?V+mws3a56srm5A2gJ5YN4zO6PQOLJDzkJMiaKWoi+oyucxzRcaJ0YK6mOdZigI?= =?us-ascii?q?uU0PNrQ9KCqo+PFs5RaFmztZd2gGT+Aqre5y9kMhJ+SAyDrt06VdJUC1NuyfKb?= =?us-ascii?q?6ZumfbmMGURVMw018HmFNe/bhqy8sjdVSbV1w3xruLCxsJLdbCKR1Sb8dK6Xfc?= =?us-ascii?q?YSOOseLLwZJpIomwDf7oQvGUtKYVg0OkGwApE54K7ssfApmmyFvYItv/LL4Z1R?= =?us-ascii?q?Ut4xzmJEmEDPRMfxKLjDcHosGkwZBq3IlcJisSDn5nPSWx+LnXuhcggOCfU9cu?= =?us-ascii?q?fncaQowEO2osV82+mi5Wo2pPAyGy0uMZzgiC6Dn8qT7LATbnbtpsfvGUaQpiCN?= =?us-ascii?q?Gr4zk/9ba5iULP+JXEO276LchiusPI6e4CvJmIFfVUQKJnvEjBhYlXWWaqU3XV?= =?us-ascii?q?Ht6vJ5n8cY4sbcb7CnyiSFywlyo1T9vtPNaqNqWImwfoRYdIv4mb2zAjMdS9GC?= =?us-ascii?q?kHFRltve8O+KVyaBYfbJo8ZB7nqx4xN7ejIAuC1NWhXXqtIyNMT/ZD1eW6e6BX?= =?us-ascii?q?zy00Y+CmynsvVI01wvKr/k4KQJEKihDeyui5Z4lCTyf8Bnxddx/IpSojmGhrLv?= =?us-ascii?q?wyzfsnwBPUrVkcNCiGdPZzZ2xeuNEzHkifIWlsCmUiWV+Tk47D4g+q37Ad+ytd?= =?us-ascii?q?ntlU0e1ZsHjwpJDfejesVLatqZrLryoqdcImrLFpMYz/PsuGs4vTnzLFQJbMsg?= =?us-ascii?q?2FUSu6F/tAldhTOy9YQedHln87NsAcvopB80UxXN8kJ7NTEKksuqyqaT18AC4X?= =?us-ascii?q?1yAZTYCA0yIegue93bvamQydcZo4PxwCrJpChtwdUzNrbSMFvqOjUZvZl3OcQG?= =?us-ascii?q?gRPAgT9RhM5B4HloJoZuDl547IQ4VWyz9YpPJ0ViXLG4Jt91v8TWGWmkb3R+m7?= =?us-ascii?q?k+yuxgJS1/Ps0t8UWBJlDkhd3elWnFMyKL5rM6kQopLKsjiQeEzgpmLt1e2mKE?= =?us-ascii?q?NSycDPdl34DYvFtXbnXSEG/30bW5NPwmnFFZsOiwp5dLorpFJULYC6fUb+4icp?= =?us-ascii?q?x5h1E7m9Ts+n3VAlomgaRy2yCdpOF/lmsE7LWD1ie52rqI/qO49ITW9U5ZKQsE?= =?us-ascii?q?pWn1t1My6h15VcL99C4iQWUDhIuzWds8O4SNdf1s9uE58MPtB/tm//GKNDJpec?= =?us-ascii?q?uGA5taL0ynDH4TA8rEm1yyipF6++Ue1Z43UUGh81KGSGtkkvE+ws/3/O8l/Qr1?= =?us-ascii?q?90/v1UBryUgEptpzZ9G4xBCSxS1XC5NVhzSmdJs/lCIqTPb8NcW+UyZQOoOxEm?= =?us-ascii?q?DvEm0VCG8V12kHvkbSF/rRdV+yfYXwYoTyYVmavtlScYqs65JT8QU4hIYik5by?= =?us-ascii?q?fZNwKbnjhavAxBZE53W5AWGMpF9qof3YtT4MrNV1igJj0CXBN/KA00y/xfmlBf?= =?us-ascii?q?sE+AYyDSERKoderTsh1wZcqRtNWpLOjj8whaloPqq/s496IeR328hQKiX9ber5?= =?us-ascii?q?PmttKQskuCbqD4M/ezYXXZVjjDkQiwhas4D5nN5yXTLBBbJIdkxnU5epXhFGrL?= =?us-ascii?q?PQhcJ60BOUpbVKd6adFYreBGfcNkf7wJ+aB1DBKdWhzvAJCvrOVBLlvLQDTRNS?= =?us-ascii?q?GB8uihroLP8bzSU/Lva9eKx3nZX6J3JYt15iPjG7j0y4Ne/FT52ut1/ENgVVfG?= =?us-ascii?q?KzyBrMjmJg4T5smtbFHivpoyHTPSGphwjmHgxkRdd8oTXy2q8YgXyJJD53b2Uu?= =?us-ascii?q?J0yE/zsPdd97N884k4/6hpyduoJafVMflas1VoAh6aBgVw8ZUiHXZwSntNYuAL?= =?us-ascii?q?LvfRZqMZgdroq+/pC6wd8AeV9PBBadvbO0HBndGyCj6BSRxFmAcBrSAVLg6H2v?= =?us-ascii?q?GYhaB7UselqvL/2k435Fi+NBEGxqh35YiY4qqIuPPXbxzJwLgGW6jqQ9j+rrEy?= =?us-ascii?q?tEKS+/Ikjr8Oemp6YwG9FugSSNIdzH/6za821SIsD9/DH7X49f5FU3I0hTPgm5?= =?us-ascii?q?Z4H1kMG/MUG7SL/Z5EkWcjh+zZLMAWfbxemmaSDx6rDKUOyXmx6yuYOGNlmA3B?= =?us-ascii?q?0wnsQWOv61/7tSp4QSzKz9f/nUpaSKK6BUJTXyWzP093ri+PPQTvtNrtuqQ191?= =?us-ascii?q?s6Mmr6u9KRjGGhIq9YH9XjJNyAJik5vFYXjIY0RtGvwo0bF8SyL8oW8HFkdPTe?= =?us-ascii?q?83mrkyhDo6hZm4Xe/tuZ+vLNHXmvl6easamCxChEyngkulEy8tGgN/DU6NKQX/?= =?us-ascii?q?ulzH0RQDljuwTfQxG5sLvbr0obOUaTykfEhJQKPs1F3Xk/zkzp/+kjQMk99QpE?= =?us-ascii?q?FIbAZu8CpSjpNzvpxVaSeM44Vi6D3DRJBF31DEN4GK8m2G3qps7Jkm3Q+1IwTI?= =?us-ascii?q?lqa0PnnQB3D5k/KU818FgY2DYDHhQNaRGVC7GoH0flIZIfVUcdbRSH3b66ero4?= =?us-ascii?q?3EBo2rOg/vPTYvB8B6sDMfZdlA2OkEJYGp0Iq60eRqxze1tH+K7QvAjiBJDtX+?= =?us-ascii?q?L6mnooKf21Xsda/NgWt3Q4+AawWQag6ZdY4rYfiZCIarBLYZjWs8Bh9Edr/zgP?= =?us-ascii?q?eTJRgBJnlRO2TfgcpPz/4tjcqJeo5fihVKAxR+UQ8Bg4AH9+gIX0gFAip9HXyu?= =?us-ascii?q?hdR5bRiYvh6gBMI2SFtJzc0xZiNeoEM5irc6p493UbOygeIGoDPdyXa/Yg5C9t?= =?us-ascii?q?NC/c50dYDsMNYtMYO9HNmRtPh03sV7xS+dDXGliCC4d8b8oo9Xb4yCgp8ZsgVe?= =?us-ascii?q?bt8DC2KozE71FWJv9NkSpimtTDpOgT3PrTBzMa4XacaxdvxCON1YOBC/Hq/eWD?= =?us-ascii?q?0NvUTU8JHjYqU4dBIzqP4Q6nRu21lJXvSA+b9s/zgJYjdE2NR32xnaIFsr1PEe?= =?us-ascii?q?5BkSj7wDleFp7viPKRrtWs6XFbtltZH4Zv9RfFArlQPo1nORTkkcmmXkl8BjXl?= =?us-ascii?q?d8HSbRcuvPeWyfoN4+V5LEvyf4gbIggLy7ji83paUhNuSKLqvlaeRe8RZsVpSP?= =?us-ascii?q?3KrnBR8o9hJbUAPF6Dq5z2tDtIrk45ABMxYr8qsjNablXOnBFSW6vst74Ajgwc?= =?us-ascii?q?UNBntk9IHWK9I3k+5z3BVaRUkKadEvoV/SuPTqYWSUVnLjt+Qw+p2JVpY7apn/?= =?us-ascii?q?BHs2NeniN6pPgq0iBmSwWntC3ppqINxSgg96+iuDUGo3xFQf2Ukz3UBlVb0PQK?= =?us-ascii?q?kaAcBm7+6Vy9ZXkOd5fy4Lh7KsTj64Yh524zYRM9cC0aRe6gET3/j7uUAoyTt9?= =?us-ascii?q?JRnBuNuMTNbb+wKigfLbY9xgjgR3h61AjRghBo/HENQjq+8N8uPJ+9Nto9xiq0?= =?us-ascii?q?BWjbc04B7bhXv8v3qV4GV/A2aVdmwGV/zsiHWDMCS9HVF2YylAgkZn1OcIhf5h?= =?us-ascii?q?8CC6konjGIs7FI/g4KZDfUE5yl9ZfLkMbJ2Hk9SNJqyXzMpq2BmJwmynplm8l7?= =?us-ascii?q?7iSWonQda/TYU9NwAnj0zopex/T+Z++ssu8bVoRr07GhUP4eMsm552S6wpJqWl?= =?us-ascii?q?Wqxr4GBVq2LPcDxqvHUyeiUWCYXuCLfHaXkjYhNk79/wKoLkE2aMhWs089KPXN?= =?us-ascii?q?iYBGmw3nT7x0Wj2apUXHw2w7LeMaawU2tZ+jewwLSu4ReuedKfEqwP0/E1sMc2?= =?us-ascii?q?TJEDB3C+Cst16tm5J3O3J64UX1ee7t6BzpMMOOGhkYFo7Xtptx9uamSWKBOH9g?= =?us-ascii?q?yhpyMVJq9+feEVQ+qOtcc5eXndjNiNV3y+kFd+1iMScloN4chppj6ZWI0MeNaR?= =?us-ascii?q?zRzIz9JdLSoveDGPDf0kIqen1aUroefAP16IU6PsIjV73VA7RZoQwWBbImT5w5?= =?us-ascii?q?K2fx6KZ0IRtxcg7UY7S0mNPqpuOQZpZPoX/Z9FcwIznduxEZzfy0VwN7ZYiwh3?= =?us-ascii?q?ruOJAwWi5Br9p1Bxt9EotPHt8PogukDpOPhqG0lcWx+0J7uu8Nt6r8EPbK28ql?= =?us-ascii?q?39Y5Y58P3UWWOH70A65xjwwxlu2vht/Y24T1TMblfskJEuN8RziBIoTaE52/Jz?= =?us-ascii?q?TGAcf1f0pL4vbIy75iegmAbyD+GaydvWurM+sypQ0W0I1zNNLa1j02p+XWwNLo?= =?us-ascii?q?Znpzvi65rGWRMJJU4RrNH+OIG1p2QP+I6y5AGrcNbJC8oOUHNNE5htza5g5p9j?= =?us-ascii?q?VZ+MyfKqOlownH3UctMdr3JU3o1iJxe5QQLxm5KgN4jWbfq3nZA1xZI8ygIM9q?= =?us-ascii?q?kJCeCRm7owFdnnwiLkpMFmTvX9vZbWQf1s6wYxeG3BhGA9YKg6i8fktu8uXmUu?= =?us-ascii?q?RsO5NYic22pb4HlpBvMCiJS89EaWWYeLt3OCdBS/7Cr0UyYwIV9r0yVpoxaLCQ?= =?us-ascii?q?L04ddkSN0yX/yU3Fy0KiM5T40KePPTZT8Xhdyb/B+SZDqhP/uvuDhMDnFrfDY8?= =?us-ascii?q?eyFN/UPy1tczaeQz0oWRKs+FGrvNIesfaYKHtZqVcRNGbaXAcXvakqodXOA2v7?= =?us-ascii?q?kOl4ddgSnveYVivsDipim/x2TmxwuFqDTrIuXU+eT3blhHta8kT2PfJW8n/Nb7?= =?us-ascii?q?ScwrtTHecRB90fXOeeRo6MYf1CKi1umzMVNfy2eMfTh60+1EOORmwcRfqbvGaC?= =?us-ascii?q?RVKbF6TPjwngWp8Y6s1t43Il?= X-IPAS-Result: =?us-ascii?q?A2DnAADkbV9a/wHyM5BbGgEBAQEBAgEBAQEIAQEBAYM+A4F?= =?us-ascii?q?aJ4QTiiR0jW6ZMIILLYUjhGY/GAEBAQEBAQEBAQFqKII4JAGCTgIgBAUGAUYDA?= =?us-ascii?q?wkCHwUCGAoEAgIDAVkBEgWKLgMBpVmBbTolg3EBAYU0AQsmE3yFQoNAhl0Eggy?= =?us-ascii?q?CeoJlBYpXh1WRQJVGDZQRAkiYIx85gVBvgnyCVByBLAE7d4wcAQEB?= Received: from tarius.tycho.ncsc.mil ([144.51.242.1]) by emsm-gh1-uea11.NCSC.MIL with ESMTP; 17 Jan 2018 15:39:42 +0000 Received: from prometheus.infosec.tycho.ncsc.mil (prometheus [192.168.25.40]) by tarius.tycho.ncsc.mil (8.14.4/8.14.4) with ESMTP id w0HFdDVV009395; Wed, 17 Jan 2018 10:39:18 -0500 Received: from tarius.tycho.ncsc.mil (tarius.infosec.tycho.ncsc.mil [144.51.242.1]) by prometheus.infosec.tycho.ncsc.mil (8.15.2/8.15.2) with ESMTP id w0HEvhH1043212 for ; Wed, 17 Jan 2018 09:57:43 -0500 Received: from goalie.tycho.ncsc.mil (goalie [144.51.242.250]) by tarius.tycho.ncsc.mil (8.14.4/8.14.4) with ESMTP id w0HEvh5H013135; Wed, 17 Jan 2018 09:57:43 -0500 X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: =?us-ascii?q?A1CFAQD3Y19aWyMbGNZcGwEBAQEDAQEBC?= =?us-ascii?q?QEBAYM+A4FaJ4QTiiSOYpkwghYdhSiEZj8YAQEBAQEBAQEBBhoVhisEBU0wBQI?= =?us-ascii?q?YDgJFGgENBYo2AaVFgW06JYNxAQGFNAEBAQEBBQEBAQEBASITfIVCg0CGXQSCD?= =?us-ascii?q?IJ6gmUFileHVZFAlUYNlBNImCMfgglvgnyCVByBLAE7d4wcAQEB?= X-IPAS-Result: =?us-ascii?q?A1CFAQD3Y19aWyMbGNZcGwEBAQEDAQEBCQEBAYM+A4FaJ4Q?= =?us-ascii?q?TiiSOYpkwghYdhSiEZj8YAQEBAQEBAQEBBhoVhisEBU0wBQIYDgJFGgENBYo2A?= =?us-ascii?q?aVFgW06JYNxAQGFNAEBAQEBBQEBAQEBASITfIVCg0CGXQSCDIJ6gmUFileHVZF?= =?us-ascii?q?AlUYNlBNImCMfgglvgnyCVByBLAE7d4wcAQEB?= X-IronPort-AV: E=Sophos;i="5.46,372,1511845200"; d="scan'208";a="176053" Received: from emsm-gh1-uea10.ncsc.mil ([214.29.60.34]) by goalie.tycho.ncsc.mil with ESMTP; 17 Jan 2018 09:57:27 -0500 IronPort-PHdr: =?us-ascii?q?9a23=3AHLJRKhN4NpqZppnE0tMl6mtUPXoX/o7sNwtQ0KIM?= =?us-ascii?q?zox0K/77pMbcNUDSrc9gkEXOFd2Cra4c0ayO6eu8AiQp2tWoiDg6aptCVhsI24?= =?us-ascii?q?09vjcLJ4q7M3D9N+PgdCcgHc5PBxdP9nC/NlVJSo6lPwWB6nK94iQPFRrhKAF7?= =?us-ascii?q?Ovr6GpLIj8Swyuu+54Dfbx9HiTahf79+Ngm6oRveusQZj4ZpN7o8xAbOrnZUYe?= =?us-ascii?q?pd2HlmJUiUnxby58ew+IBs/iFNsP8/9MBOTLv3cb0gQbNXEDopPWY15Nb2tRbY?= =?us-ascii?q?VguA+mEcUmQNnRVWBQXO8Qz3UY3wsiv+sep9xTWaMMjrRr06RTiu86FmQwLzhS?= =?us-ascii?q?wZKzA27n3Yis1ojKJavh2hoQB/w5XJa42RLfZyY7/Rcc8fSWdHQ81fVTFOApmk?= =?us-ascii?q?YoUSD+QPI+hWoYr6qVQBsRSwChKhBP/2yjJSmnP7x7E23uYnHArb3AIgBdUOsH?= =?us-ascii?q?HModjyLKcdT/y1w7fSzTnZcfxW3yry55bSch86pvGMR71wfNHKyUkoEQPEjk+c?= =?us-ascii?q?ppDiPzOQz+kAtXWQ4el4Ve+3lWIrtg58riKxysojkIXFmIAYxkrK+Ch52Io4K9?= =?us-ascii?q?+1RFRmbdOqFJZcrTyWOot3T884XW1lvCA3waAct5GhZigF0pEnygbfa/OZd4iI?= =?us-ascii?q?5QruVPuJIThjmX1pZbayhw6o/kS81OHwTNe730hPripendnArHUN2AbS6siDUP?= =?us-ascii?q?d9+0ah2TKX2wDS7OFLP1w0mLLFJ5I8zbM8jIQfvEvZEiPomkj6lqGbe0U89uit?= =?us-ascii?q?8evnY7HmppGGN49zjwHzKr4gldKjAesmKAgCRWeV+eKh27L95032W7JKjuc5kq?= =?us-ascii?q?TCq5DaIsIbp66jDwBJ1YYj7g6zDy2639QAgXkHMFVFdQqcj4f0IFHDO+z4DPej?= =?us-ascii?q?jFSslzdn3fbGPqb7DZnXIXjDl6nhd65n60FA0Aoz0cxf55VMB7EaPv3zXk7xtN?= =?us-ascii?q?rFDh42KAG03+bmB8l91oMZQ26PBLSZP7nIvV+H4eIvPbrEWIhAgD/gL7AA4Pn0?= =?us-ascii?q?gDdtgVYAeYGx1IYTLXW/Ge5rZU6eZCyoyuwdHH8Kswx2d+njjFmPQHYHfHqpd7?= =?us-ascii?q?4t7TE8ToS9BMHMQZ77xPSsxiawVqVffGFdQgSBCX7ydp6sQ/4WaTmKJsZqn3oD?= =?us-ascii?q?T7f3D8cD3BSjr0ffzKB9L/Gcri8RsJ/4ktwz4urJjxAp3TtuBs+Z3ieGSGQi2i?= =?us-ascii?q?skTjk30aQ3g1FnxVqFyuAsj/VeFNFX5dtMXwM+PJjb36pxDNWkHkrtecqGAHKr?= =?us-ascii?q?TtuhGz15Gt41ztMAZFxxM8+vghDKw2yhBLpD0/TfH5Ew86TBz1DtNs19zDDAz6?= =?us-ascii?q?BngF44FI8HYWmngLNvshPeDJPTklmI0qOtebkY0QbT+2qZi2mDpkdVVEh3S6qT?= =?us-ascii?q?GThLYkrQsMS85U7YSbKqIaooPxEHysOYLKZOLNrzggMCDNblN9OWRmW1nW6qTU?= =?us-ascii?q?KNx7WDa6Lwdmkd1TmbA08BxURbqX+CLgF7Ciq/rmb2BTh1HBf3eUTu/OJi7nSh?= =?us-ascii?q?QRlwh0uxYldu2vKYslhdpfWYT+IVlPpQoyo7pDhcHF+528PQTdGHolwyUr9bZI?= =?us-ascii?q?Zp+Fpb2HifugpxM4aqKLptrkUZdRUxtETrgUYkQr5cmNQn+St5hDF5LriVhRYY?= =?us-ascii?q?L2uV?= X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: =?us-ascii?q?A0BqAQDRYl9aWyMbGNZcGwEBAQEDAQEBC?= =?us-ascii?q?QEBAYM+AyWBNSeEE4okjmKZMIIWHYUohGY/GAEBAQEBAQEBAQEFGhVegjgkAYJ?= =?us-ascii?q?wBAVNMAUCGA4CRRoBDQWKNgGlSoFtOiWDcQEBhTUBAQEBAQUBAQEBAQEiE3yFQ?= =?us-ascii?q?oNAhl0EggyCPQwxgmUFileHVZE+lUQNlBFImB0fgglvgnyCVByBLAE7d4trAQE?= =?us-ascii?q?B?= X-IPAS-Result: =?us-ascii?q?A0BqAQDRYl9aWyMbGNZcGwEBAQEDAQEBCQEBAYM+AyWBNSe?= =?us-ascii?q?EE4okjmKZMIIWHYUohGY/GAEBAQEBAQEBAQEFGhVegjgkAYJwBAVNMAUCGA4CR?= =?us-ascii?q?RoBDQWKNgGlSoFtOiWDcQEBhTUBAQEBAQUBAQEBAQEiE3yFQoNAhl0EggyCPQw?= =?us-ascii?q?xgmUFileHVZE+lUQNlBFImB0fgglvgnyCVByBLAE7d4trAQEB?= X-IronPort-AV: E=Sophos;i="5.46,372,1511827200"; d="scan'208";a="7699116" X-IronPort-Outbreak-Status: No, level 0, Unknown - Unknown Received: from upbd19pa02.eemsg.mail.mil ([214.24.27.35]) by EMSM-GH1-UEA10.NCSC.MIL with ESMTP; 17 Jan 2018 14:57:25 +0000 X-EEMSG-check-005: 0 X-EEMSG-check-006: 000-001;cfaf2639-de65-4503-bce4-c88d399c3416 Received: from localhost.localdomain (localhost [127.0.0.1]) by UPDCF3IC07.oob.disa.mil (Postfix) with SMTP id 3zM9DP0Jc5z21bx7; Wed, 17 Jan 2018 14:57:25 +0000 (UTC) Received: from UPBD19PA06.eemsg.mil (unknown [192.168.18.7]) by UPDCF3IC07.oob.disa.mil (Postfix) with ESMTP id 3zM9DN5KpJz21bx8; Wed, 17 Jan 2018 14:57:24 +0000 (UTC) Authentication-Results: upbd19pa06.eemsg.mail.mil; dkim=neutral (message not signed) header.i=none X-EEMSG-check-008: 290094619|UPBD19PA06_EEMSG_MP6.csd.disa.mil X-EEMSG-SBRS: 3.5 X-EEMSG-ORIG-IP: 37.139.156.29 X-EEMSG-check-002: true X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: A0BPAABFYF9ahx2ciyVbGgEBAQEBAgEBAQEIAQEBAYVChBOKJI5imTCCFh2FJAICCoRcPxgBAQEBAQEBAQETAQEBCA0JCCgvhU0EBU0wBQIYDgJfAQ0FijelQoFtOiWDcQEBhTUBAQEHAQEBASQJAQl8hUKDQIZdBIIMgnqCZQWKV4dVkT6VRA2UDwJImB0fgglvgnyCVBAMgSwBO0A3i2sBAQE X-IPAS-Result: A0BPAABFYF9ahx2ciyVbGgEBAQEBAgEBAQEIAQEBAYVChBOKJI5imTCCFh2FJAICCoRcPxgBAQEBAQEBAQETAQEBCA0JCCgvhU0EBU0wBQIYDgJfAQ0FijelQoFtOiWDcQEBhTUBAQEHAQEBASQJAQl8hUKDQIZdBIIMgnqCZQWKV4dVkT6VRA2UDwJImB0fgglvgnyCVBAMgSwBO0A3i2sBAQE Received: from seldsegrel01.sonyericsson.com ([37.139.156.29]) by upbd19pa06.eemsg.mail.mil with ESMTP; 17 Jan 2018 14:57:21 +0000 X-Authentication-Warning: seldlx23035.corpusers.net: 23059638 set sender to peter.enderborg@sony.com using -f X-EEMSG-check-009: 444-444 From: To: Paul Moore , Stephen Smalley , Eric Paris , James Morris , Daniel Jurgens , Doug Ledford , , , , Ingo Molnar , , "Serge E . Hallyn" Date: Wed, 17 Jan 2018 15:55:51 +0100 Message-ID: <20180117145551.4961-1-peter.enderborg@sony.com> X-Mailer: git-send-email 2.7.4 MIME-Version: 1.0 X-MIME-Autoconverted: from quoted-printable to 8bit by prometheus.infosec.tycho.ncsc.mil id w0HEvhH1043212 X-Mailman-Approved-At: Wed, 17 Jan 2018 10:39:10 -0500 Subject: [PATCH] selinux:Significant reduce of preempt_disable holds X-BeenThere: selinux@tycho.nsa.gov X-Mailman-Version: 2.1.21 Precedence: list List-Id: "Security-Enhanced Linux \(SELinux\) mailing list" List-Post: List-Help: Cc: Peter Enderborg Errors-To: selinux-bounces@tycho.nsa.gov Sender: "Selinux" X-Virus-Scanned: ClamAV using ClamSMTP From: Peter Enderborg Holding the preempt_disable is very bad for low latency tasks as audio and therefore we need to break out the rule-set dependent part from this disable. By using a rwsem instead of rwlock we have an efficient locking and less preemption interference. Selinux uses a lot of read_locks. This patch replaces the rwlock with rwsem/percpu_down_read() that does not hold preempt_disable. Intel Xeon W3520 2.67 Ghz running FC27 with 4.15.0-rc8git (+measurement) I get preempt_disable in worst case for 1.2ms in security_compute_av(). With the patch I get 960us as the longest security_compute_av() without preempt disabeld. It very much noise in the measurement but it is not likely a degrade. And the preempt_disable times is also very dependent on the selinux rule-set. In security_get_user_sids() we have two nested for-loops and the inner part calls sittab_context_to_sid() that calls sidtab_search_context() that has a for loop() over a while() where the loops is dependent on the rules. On the test system the average lookup time is 60us and does not change with the rwsem usage. Reported-by: Björn Davidsson Signed-off-by: Peter Enderborg --- security/selinux/ss/services.c | 134 ++++++++++++++++++++--------------------- 1 file changed, 67 insertions(+), 67 deletions(-) diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c index 33cfe5d..a3daaf2 100644 --- a/security/selinux/ss/services.c +++ b/security/selinux/ss/services.c @@ -87,7 +87,7 @@ int selinux_policycap_alwaysnetwork; int selinux_policycap_cgroupseclabel; int selinux_policycap_nnp_nosuid_transition; -static DEFINE_RWLOCK(policy_rwlock); +DEFINE_STATIC_PERCPU_RWSEM(policy_rwsem); static struct sidtab sidtab; struct policydb policydb; @@ -779,7 +779,7 @@ static int security_compute_validatetrans(u32 oldsid, u32 newsid, u32 tasksid, if (!ss_initialized) return 0; - read_lock(&policy_rwlock); + percpu_down_read(&policy_rwsem); if (!user) tclass = unmap_class(orig_tclass); @@ -833,7 +833,7 @@ static int security_compute_validatetrans(u32 oldsid, u32 newsid, u32 tasksid, } out: - read_unlock(&policy_rwlock); + percpu_up_read(&policy_rwsem); return rc; } @@ -867,7 +867,7 @@ int security_bounded_transition(u32 old_sid, u32 new_sid) int index; int rc; - read_lock(&policy_rwlock); + percpu_down_read(&policy_rwsem); rc = -EINVAL; old_context = sidtab_search(&sidtab, old_sid); @@ -929,7 +929,7 @@ int security_bounded_transition(u32 old_sid, u32 new_sid) kfree(old_name); } out: - read_unlock(&policy_rwlock); + percpu_up_read(&policy_rwsem); return rc; } @@ -1017,7 +1017,7 @@ void security_compute_xperms_decision(u32 ssid, memset(xpermd->auditallow->p, 0, sizeof(xpermd->auditallow->p)); memset(xpermd->dontaudit->p, 0, sizeof(xpermd->dontaudit->p)); - read_lock(&policy_rwlock); + percpu_down_read(&policy_rwsem); if (!ss_initialized) goto allow; @@ -1070,7 +1070,7 @@ void security_compute_xperms_decision(u32 ssid, } } out: - read_unlock(&policy_rwlock); + percpu_up_read(&policy_rwsem); return; allow: memset(xpermd->allowed->p, 0xff, sizeof(xpermd->allowed->p)); @@ -1097,7 +1097,7 @@ void security_compute_av(u32 ssid, u16 tclass; struct context *scontext = NULL, *tcontext = NULL; - read_lock(&policy_rwlock); + percpu_down_read(&policy_rwsem); avd_init(avd); xperms->len = 0; if (!ss_initialized) @@ -1130,7 +1130,7 @@ void security_compute_av(u32 ssid, context_struct_compute_av(scontext, tcontext, tclass, avd, xperms); map_decision(orig_tclass, avd, policydb.allow_unknown); out: - read_unlock(&policy_rwlock); + percpu_up_read(&policy_rwsem); return; allow: avd->allowed = 0xffffffff; @@ -1144,7 +1144,7 @@ void security_compute_av_user(u32 ssid, { struct context *scontext = NULL, *tcontext = NULL; - read_lock(&policy_rwlock); + percpu_down_read(&policy_rwsem); avd_init(avd); if (!ss_initialized) goto allow; @@ -1175,7 +1175,7 @@ void security_compute_av_user(u32 ssid, context_struct_compute_av(scontext, tcontext, tclass, avd, NULL); out: - read_unlock(&policy_rwlock); + percpu_up_read(&policy_rwsem); return; allow: avd->allowed = 0xffffffff; @@ -1277,7 +1277,7 @@ static int security_sid_to_context_core(u32 sid, char **scontext, rc = -EINVAL; goto out; } - read_lock(&policy_rwlock); + percpu_down_read(&policy_rwsem); if (force) context = sidtab_search_force(&sidtab, sid); else @@ -1290,7 +1290,7 @@ static int security_sid_to_context_core(u32 sid, char **scontext, } rc = context_struct_to_string(context, scontext, scontext_len); out_unlock: - read_unlock(&policy_rwlock); + percpu_up_read(&policy_rwsem); out: return rc; @@ -1442,7 +1442,7 @@ static int security_context_to_sid_core(const char *scontext, u32 scontext_len, goto out; } - read_lock(&policy_rwlock); + percpu_down_read(&policy_rwsem); rc = string_to_context_struct(&policydb, &sidtab, scontext2, scontext_len, &context, def_sid); if (rc == -EINVAL && force) { @@ -1454,7 +1454,7 @@ static int security_context_to_sid_core(const char *scontext, u32 scontext_len, rc = sidtab_context_to_sid(&sidtab, &context, sid); context_destroy(&context); out_unlock: - read_unlock(&policy_rwlock); + percpu_up_read(&policy_rwsem); out: kfree(scontext2); kfree(str); @@ -1604,7 +1604,7 @@ static int security_compute_sid(u32 ssid, context_init(&newcontext); - read_lock(&policy_rwlock); + percpu_down_read(&policy_rwsem); if (kern) { tclass = unmap_class(orig_tclass); @@ -1738,7 +1738,7 @@ static int security_compute_sid(u32 ssid, /* Obtain the sid for the context. */ rc = sidtab_context_to_sid(&sidtab, &newcontext, out_sid); out_unlock: - read_unlock(&policy_rwlock); + percpu_up_read(&policy_rwsem); context_destroy(&newcontext); out: return rc; @@ -2160,7 +2160,7 @@ int security_load_policy(void *data, size_t len) sidtab_set(&oldsidtab, &sidtab); /* Install the new policydb and SID table. */ - write_lock_irq(&policy_rwlock); + percpu_down_write(&policy_rwsem); memcpy(&policydb, newpolicydb, sizeof(policydb)); sidtab_set(&sidtab, &newsidtab); security_load_policycaps(); @@ -2168,7 +2168,7 @@ int security_load_policy(void *data, size_t len) current_mapping = map; current_mapping_size = map_size; seqno = ++latest_granting; - write_unlock_irq(&policy_rwlock); + percpu_up_write(&policy_rwsem); /* Free the old policydb and SID table. */ policydb_destroy(oldpolicydb); @@ -2198,9 +2198,9 @@ size_t security_policydb_len(void) { size_t len; - read_lock(&policy_rwlock); + percpu_down_read(&policy_rwsem); len = policydb.len; - read_unlock(&policy_rwlock); + percpu_up_read(&policy_rwsem); return len; } @@ -2216,7 +2216,7 @@ int security_port_sid(u8 protocol, u16 port, u32 *out_sid) struct ocontext *c; int rc = 0; - read_lock(&policy_rwlock); + percpu_down_read(&policy_rwsem); c = policydb.ocontexts[OCON_PORT]; while (c) { @@ -2241,7 +2241,7 @@ int security_port_sid(u8 protocol, u16 port, u32 *out_sid) } out: - read_unlock(&policy_rwlock); + percpu_up_read(&policy_rwsem); return rc; } @@ -2256,7 +2256,7 @@ int security_ib_pkey_sid(u64 subnet_prefix, u16 pkey_num, u32 *out_sid) struct ocontext *c; int rc = 0; - read_lock(&policy_rwlock); + percpu_down_read(&policy_rwsem); c = policydb.ocontexts[OCON_IBPKEY]; while (c) { @@ -2281,7 +2281,7 @@ int security_ib_pkey_sid(u64 subnet_prefix, u16 pkey_num, u32 *out_sid) *out_sid = SECINITSID_UNLABELED; out: - read_unlock(&policy_rwlock); + percpu_up_read(&policy_rwsem); return rc; } @@ -2296,7 +2296,7 @@ int security_ib_endport_sid(const char *dev_name, u8 port_num, u32 *out_sid) struct ocontext *c; int rc = 0; - read_lock(&policy_rwlock); + percpu_down_read(&policy_rwsem); c = policydb.ocontexts[OCON_IBENDPORT]; while (c) { @@ -2322,7 +2322,7 @@ int security_ib_endport_sid(const char *dev_name, u8 port_num, u32 *out_sid) *out_sid = SECINITSID_UNLABELED; out: - read_unlock(&policy_rwlock); + percpu_up_read(&policy_rwsem); return rc; } @@ -2336,7 +2336,7 @@ int security_netif_sid(char *name, u32 *if_sid) int rc = 0; struct ocontext *c; - read_lock(&policy_rwlock); + percpu_down_read(&policy_rwsem); c = policydb.ocontexts[OCON_NETIF]; while (c) { @@ -2363,7 +2363,7 @@ int security_netif_sid(char *name, u32 *if_sid) *if_sid = SECINITSID_NETIF; out: - read_unlock(&policy_rwlock); + percpu_up_read(&policy_rwsem); return rc; } @@ -2395,7 +2395,7 @@ int security_node_sid(u16 domain, int rc; struct ocontext *c; - read_lock(&policy_rwlock); + percpu_down_read(&policy_rwsem); switch (domain) { case AF_INET: { @@ -2450,7 +2450,7 @@ int security_node_sid(u16 domain, rc = 0; out: - read_unlock(&policy_rwlock); + percpu_up_read(&policy_rwsem); return rc; } @@ -2489,7 +2489,7 @@ int security_get_user_sids(u32 fromsid, if (!ss_initialized) goto out; - read_lock(&policy_rwlock); + percpu_down_read(&policy_rwsem); context_init(&usercon); @@ -2539,7 +2539,7 @@ int security_get_user_sids(u32 fromsid, } rc = 0; out_unlock: - read_unlock(&policy_rwlock); + percpu_up_read(&policy_rwsem); if (rc || !mynel) { kfree(mysids); goto out; @@ -2580,7 +2580,7 @@ int security_get_user_sids(u32 fromsid, * cannot support xattr or use a fixed labeling behavior like * transition SIDs or task SIDs. * - * The caller must acquire the policy_rwlock before calling this function. + * The caller must acquire the policy_rwsem before calling this function. */ static inline int __security_genfs_sid(const char *fstype, char *path, @@ -2639,7 +2639,7 @@ static inline int __security_genfs_sid(const char *fstype, * @sclass: file security class * @sid: SID for path * - * Acquire policy_rwlock before calling __security_genfs_sid() and release + * Acquire policy_rwsem before calling __security_genfs_sid() and release * it afterward. */ int security_genfs_sid(const char *fstype, @@ -2649,9 +2649,9 @@ int security_genfs_sid(const char *fstype, { int retval; - read_lock(&policy_rwlock); + percpu_down_read(&policy_rwsem); retval = __security_genfs_sid(fstype, path, orig_sclass, sid); - read_unlock(&policy_rwlock); + percpu_up_read(&policy_rwsem); return retval; } @@ -2666,7 +2666,7 @@ int security_fs_use(struct super_block *sb) struct superblock_security_struct *sbsec = sb->s_security; const char *fstype = sb->s_type->name; - read_lock(&policy_rwlock); + percpu_down_read(&policy_rwsem); c = policydb.ocontexts[OCON_FSUSE]; while (c) { @@ -2696,7 +2696,7 @@ int security_fs_use(struct super_block *sb) } out: - read_unlock(&policy_rwlock); + percpu_up_read(&policy_rwsem); return rc; } @@ -2704,7 +2704,7 @@ int security_get_bools(int *len, char ***names, int **values) { int i, rc; - read_lock(&policy_rwlock); + percpu_down_read(&policy_rwsem); *names = NULL; *values = NULL; @@ -2733,7 +2733,7 @@ int security_get_bools(int *len, char ***names, int **values) } rc = 0; out: - read_unlock(&policy_rwlock); + percpu_up_read(&policy_rwsem); return rc; err: if (*names) { @@ -2751,7 +2751,7 @@ int security_set_bools(int len, int *values) int lenp, seqno = 0; struct cond_node *cur; - write_lock_irq(&policy_rwlock); + percpu_down_write(&policy_rwsem); rc = -EFAULT; lenp = policydb.p_bools.nprim; @@ -2784,7 +2784,7 @@ int security_set_bools(int len, int *values) seqno = ++latest_granting; rc = 0; out: - write_unlock_irq(&policy_rwlock); + percpu_up_write(&policy_rwsem); if (!rc) { avc_ss_reset(seqno); selnl_notify_policyload(seqno); @@ -2799,7 +2799,7 @@ int security_get_bool_value(int index) int rc; int len; - read_lock(&policy_rwlock); + percpu_down_read(&policy_rwsem); rc = -EFAULT; len = policydb.p_bools.nprim; @@ -2808,7 +2808,7 @@ int security_get_bool_value(int index) rc = policydb.bool_val_to_struct[index]->state; out: - read_unlock(&policy_rwlock); + percpu_up_read(&policy_rwsem); return rc; } @@ -2864,7 +2864,7 @@ int security_sid_mls_copy(u32 sid, u32 mls_sid, u32 *new_sid) context_init(&newcon); - read_lock(&policy_rwlock); + percpu_down_read(&policy_rwsem); rc = -EINVAL; context1 = sidtab_search(&sidtab, sid); @@ -2906,7 +2906,7 @@ int security_sid_mls_copy(u32 sid, u32 mls_sid, u32 *new_sid) rc = sidtab_context_to_sid(&sidtab, &newcon, new_sid); out_unlock: - read_unlock(&policy_rwlock); + percpu_up_read(&policy_rwsem); context_destroy(&newcon); out: return rc; @@ -2963,7 +2963,7 @@ int security_net_peersid_resolve(u32 nlbl_sid, u32 nlbl_type, if (!policydb.mls_enabled) return 0; - read_lock(&policy_rwlock); + percpu_down_read(&policy_rwsem); rc = -EINVAL; nlbl_ctx = sidtab_search(&sidtab, nlbl_sid); @@ -2990,7 +2990,7 @@ int security_net_peersid_resolve(u32 nlbl_sid, u32 nlbl_type, * expressive */ *peer_sid = xfrm_sid; out: - read_unlock(&policy_rwlock); + percpu_up_read(&policy_rwsem); return rc; } @@ -3011,7 +3011,7 @@ int security_get_classes(char ***classes, int *nclasses) { int rc; - read_lock(&policy_rwlock); + percpu_down_read(&policy_rwsem); rc = -ENOMEM; *nclasses = policydb.p_classes.nprim; @@ -3029,7 +3029,7 @@ int security_get_classes(char ***classes, int *nclasses) } out: - read_unlock(&policy_rwlock); + percpu_up_read(&policy_rwsem); return rc; } @@ -3051,7 +3051,7 @@ int security_get_permissions(char *class, char ***perms, int *nperms) int rc, i; struct class_datum *match; - read_lock(&policy_rwlock); + percpu_down_read(&policy_rwsem); rc = -EINVAL; match = hashtab_search(policydb.p_classes.table, class); @@ -3080,11 +3080,11 @@ int security_get_permissions(char *class, char ***perms, int *nperms) goto err; out: - read_unlock(&policy_rwlock); + percpu_up_read(&policy_rwsem); return rc; err: - read_unlock(&policy_rwlock); + percpu_up_read(&policy_rwsem); for (i = 0; i < *nperms; i++) kfree((*perms)[i]); kfree(*perms); @@ -3115,9 +3115,9 @@ int security_policycap_supported(unsigned int req_cap) { int rc; - read_lock(&policy_rwlock); + percpu_down_read(&policy_rwsem); rc = ebitmap_get_bit(&policydb.policycaps, req_cap); - read_unlock(&policy_rwlock); + percpu_up_read(&policy_rwsem); return rc; } @@ -3181,7 +3181,7 @@ int selinux_audit_rule_init(u32 field, u32 op, char *rulestr, void **vrule) context_init(&tmprule->au_ctxt); - read_lock(&policy_rwlock); + percpu_down_read(&policy_rwsem); tmprule->au_seqno = latest_granting; @@ -3221,7 +3221,7 @@ int selinux_audit_rule_init(u32 field, u32 op, char *rulestr, void **vrule) } rc = 0; out: - read_unlock(&policy_rwlock); + percpu_up_read(&policy_rwsem); if (rc) { selinux_audit_rule_free(tmprule); @@ -3271,7 +3271,7 @@ int selinux_audit_rule_match(u32 sid, u32 field, u32 op, void *vrule, return -ENOENT; } - read_lock(&policy_rwlock); + percpu_down_read(&policy_rwsem); if (rule->au_seqno < latest_granting) { match = -ESTALE; @@ -3362,7 +3362,7 @@ int selinux_audit_rule_match(u32 sid, u32 field, u32 op, void *vrule, } out: - read_unlock(&policy_rwlock); + percpu_up_read(&policy_rwsem); return match; } @@ -3448,7 +3448,7 @@ int security_netlbl_secattr_to_sid(struct netlbl_lsm_secattr *secattr, return 0; } - read_lock(&policy_rwlock); + percpu_down_read(&policy_rwsem); if (secattr->flags & NETLBL_SECATTR_CACHE) *sid = *(u32 *)secattr->cache->data; @@ -3484,12 +3484,12 @@ int security_netlbl_secattr_to_sid(struct netlbl_lsm_secattr *secattr, } else *sid = SECSID_NULL; - read_unlock(&policy_rwlock); + percpu_up_read(&policy_rwsem); return 0; out_free: ebitmap_destroy(&ctx_new.range.level[0].cat); out: - read_unlock(&policy_rwlock); + percpu_up_read(&policy_rwsem); return rc; } @@ -3511,7 +3511,7 @@ int security_netlbl_sid_to_secattr(u32 sid, struct netlbl_lsm_secattr *secattr) if (!ss_initialized) return 0; - read_lock(&policy_rwlock); + percpu_down_read(&policy_rwsem); rc = -ENOENT; ctx = sidtab_search(&sidtab, sid); @@ -3529,7 +3529,7 @@ int security_netlbl_sid_to_secattr(u32 sid, struct netlbl_lsm_secattr *secattr) mls_export_netlbl_lvl(ctx, secattr); rc = mls_export_netlbl_cat(ctx, secattr); out: - read_unlock(&policy_rwlock); + percpu_up_read(&policy_rwsem); return rc; } #endif /* CONFIG_NETLABEL */ @@ -3557,9 +3557,9 @@ int security_read_policy(void **data, size_t *len) fp.data = *data; fp.len = *len; - read_lock(&policy_rwlock); + percpu_down_read(&policy_rwsem); rc = policydb_write(&policydb, &fp); - read_unlock(&policy_rwlock); + percpu_up_read(&policy_rwsem); if (rc) return rc;