From patchwork Fri Jan 26 14:32:39 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Peter Enderborg X-Patchwork-Id: 10186533 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id 510E9601D5 for ; Fri, 26 Jan 2018 16:23:01 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 415E82A1AB for ; Fri, 26 Jan 2018 16:23:01 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 35FB42A1B3; Fri, 26 Jan 2018 16:23:01 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-4.2 required=2.0 tests=BAYES_00, RCVD_IN_DNSWL_MED autolearn=ham version=3.3.1 Received: from UCOL19PA11.eemsg.mail.mil (ucol19pa11.eemsg.mail.mil [214.24.24.84]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id CBE3E2A1AB for ; Fri, 26 Jan 2018 16:22:59 +0000 (UTC) X-IronPort-AV: E=Sophos;i="5.46,417,1511827200"; d="scan'208";a="431668334" Received: from emsm-gh1-uea10.ncsc.mil ([214.29.60.2]) by UCOL19PA11.eemsg.mail.mil with ESMTP/TLS/AES256-SHA; 26 Jan 2018 16:22:56 +0000 X-IronPort-AV: E=Sophos;i="5.46,417,1511827200"; d="scan'208";a="8039287" IronPort-PHdr: =?us-ascii?q?9a23=3AU3cqFBewkzAVGY8yFAuLcHxclGMj4u6mDksu8pMi?= =?us-ascii?q?zoh2WeGdxcq6bRGN2/xhgRfzUJnB7Loc0qyK6/qmAzVLscvJ8ChbNsAUDlld0Y?= =?us-ascii?q?RetjdjKfbNMVf8Iv/uYn5yN+V5f3ghwUuGN1NIEt31fVzYry76xzcTHhLiKVg9?= =?us-ascii?q?fbytScbdgMutyu+95YDYbRlWizqhe7NyKwi9oRnMusUMjoZuNrg9xgHXrndVdO?= =?us-ascii?q?hbxmNlLk+Xkxrg+8u85pFu/zhNt/4768JMTaD2dLkkQLJFCzgrL3o779DxuxnZ?= =?us-ascii?q?SguP6HocUmEInRdNHgPI8hL0UIrvvyXjruZy1zWUMsPwTbAvRDSt9LxrRwPyiC?= =?us-ascii?q?cGLDE27mfagdFtga1BoRKhoxt/w5PIYIyQKfFzcL/Rcc8cSGFcRctaSTBPDZ2g?= =?us-ascii?q?YIsOF+oBPPhXr4/hp1sVsBCyARCgCP7zxjNUg3P726M10/4lEQrbwgIuGdwAu2?= =?us-ascii?q?nQoNnsKaseTeW5wa/VxjvBcvxWwy/w5ojWfB4vov+CWrB/ccTexkYzCg3Flled?= =?us-ascii?q?pZHrMjyLzeQAqHSb4/Z6WO6zkWMrtx19rz6yzckskInJgYcVx0jD+CVh3ok1Oc?= =?us-ascii?q?O3SFRhbdG6Fptfqj+VN5FtTcMlWWFotz03yqYBuZ69fCkG0ogoxxnaa/GedYWD?= =?us-ascii?q?/xHtVP6JLDtli39od6izihav/US61OHxWde43ExXoiZdnNTBtGoB2wHd58WDUP?= =?us-ascii?q?dx40es1DeV2wzN7uxJJ10/m7DBJJ472LEwk4IesUHEHiDrhkr7lLSWdkA4+uiw?= =?us-ascii?q?7OTnf6nmqoecN4BqjgH+NbwjmtClDuQiMwgOQnOb9f6g1Lzj4UL5QLJKgucwkq?= =?us-ascii?q?bFq5DVOd4Xpqu4Aw9Ryooj6hC/ACm60NkAgHUKI11IdAiHgoT0IV3CPv/1Aeml?= =?us-ascii?q?j1ixiDtrwurJPrzlApXDNHjDl7LhcK5m60FCzAozzNZf549bC70YO/3zXVLxtN?= =?us-ascii?q?rEARAnKAy52PrnCdVh2YMeXmKDGKmZMLjIvlOS6eIvJPeMaJcPuDnhM/gl++Lu?= =?us-ascii?q?jXghlF8feqmp24EYaGy4Hvt8JUWUenjsgtAHEWcPpAU+V/Dqh0OYUT5IfXqyWL?= =?us-ascii?q?g85j4jAoK8EYjDXpytgKCG3CqjHJ1WZHpJBUyPEXfzcIWEXfYMaDyJL89vljwE?= =?us-ascii?q?SLegRJQ81RGoqA/61qBrLu3O+i0XrZjjzsR65/XPlREu8jx5F9yd3H+WQG5qmG?= =?us-ascii?q?MIRiM23KdkrEx81FiMz7Z3j+ZfFdxJ6PNDSh06OoLEz+xmF9DyXRrMccqOSFag?= =?us-ascii?q?RNWpHC8+TtYww9IVeUlyBc+ijhfZ0yqtGb8VmKSBBIYo/aLEw3jxO8F9xm7b26?= =?us-ascii?q?k9lVYmWNBCOnGhhq566wfcHZXJk1mDm6asa6scwDbH9H2fwmqWoEFYTAlwXL3E?= =?us-ascii?q?XXAZekvZs9D56V3HT7CwFbQnKAtAxNWFKqtSdNLpi1BGS+3iONTaeG2xnGixCQ?= =?us-ascii?q?yPxrOWY4rgY38d0znFCEgYjwAT+m6LNAg/ByempWLTFzluFVb2b0Pt9+lysnW7?= =?us-ascii?q?QVUuzwGJbk1hyaS69gQThfOCV/MZxqgEtzs5qzVoAFa92MrbCtSBpwpleaVTf8?= =?us-ascii?q?k97UxJ1W3HqgN9OYagILp6hl4EdAR3vV3h2AlrColalsgqtnwqxhJoKa2EyFNB?= =?us-ascii?q?ay+Y3ZfoN73ZMGn95havZLLX2lHFy9uW/78P6PUhp1X4sgCpDVAu83J909lay3?= =?us-ascii?q?Gc/InFDBIOUZLtVUY67xt6qKvZYik6+oPZzn5sPrO3sj/FxtIlHuwlygyvf91H?= =?us-ascii?q?KqOLCBfyE9EGB8ipMOElgUWmbggFPO9M7q45JNmpeOeD2KKxO+Zghj2mh3xd4I?= =?us-ascii?q?9hykKM6zZ8SunQ0pkZ2f6Y2hWIVyzgjFahtcD6gptEai0THmWhzyjkGI9Rabdo?= =?us-ascii?q?cYYNF2iuP9W9xs9iiJ71R35Y6FmjCksc2MC0ZBWfdFP93Qhf1EgNp3yohze4xS?= =?us-ascii?q?Rukz41tqqfwDDOw+P6eRocNG5LXm5ijUzwIYWvlNAaWk+obgYslBS/40b23a5b?= =?us-ascii?q?q7pjL2PLW0dHYzD2L31+Uqu3rreDbdRA6Jc0sSpJSuS8ekuXSqDjrBsAyCzjAm?= =?us-ascii?q?5eyCo8dzGwtZXzhwZ6h36FLHZvsHrZftl9xQne5NPAWf5R2SAGSDNkhjnXAVi8?= =?us-ascii?q?Odap8M6Ql5fCtOCxTXihVppJfSns14OAuzOx5Xd2Dh2ng/CzhtrnHBA+0S/6zN?= =?us-ascii?q?lqSTzErA3ibYnv1qS6N/9nf0ZzCV/n88p6G4d+koosi5ELw3QagIua/WYfm2fp?= =?us-ascii?q?Ldpbwb7+bGYKRTMT2d7V5wzl2El9IXKT2435UXucz9B6Z9mnfmwWwTgx78dQCK?= =?us-ascii?q?eb9LZEhzd6okKkrQLNZvhwhjQdxuUo6H4BmOwJuxQiziOGArAUA0ZYITbglxOS?= =?us-ascii?q?79CxtK9XfnqgcaCs1EpimtCsFKmCrRtBWHb9ZJgiBTV/7sNjMF3Syn3+8ZzkeM?= =?us-ascii?q?LOYtIJrR2YiQzAj+9IKJIrivUFmyRnOWXnvX0q1eE3lxpu0o+mvIKfMWVi4Lq5?= =?us-ascii?q?AgJENj3yf84T5DftgrtFk8aI2YCgA5VhFi8NXJT2UfKiCCgSuuj/NwaSDD08rW?= =?us-ascii?q?+WGaLFEg+C7EdrtG7AE5G3N3CXPXUZw89tRB+HKExYmgAUUy0wnoQlGQCy2Mzh?= =?us-ascii?q?bEB56ygS5l/4rhtD1PllNxz4UmfRqgendCs0SISfLBpR6wFN+V3ZMcqA4eJvBy?= =?us-ascii?q?tY5IGurBSRKmyHYARFFW8JVVaCB1D/Obmu4MLN8+aGCeWjKPvOe6+BqfREV/eP?= =?us-ascii?q?x5KgzJdp/yqWOsWIJHliAOUx2lBfUnBhB8TZhzIPRjQNly7XYc+XvhK89Tdzrs?= =?us-ascii?q?C48PXmQxjg6peKC7dINtVv4R+2i7+ZN+GMnCZ5NSpY1pQUyH/G0rgQwkMdizp0?= =?us-ascii?q?eDmrDbQAsjXNQbnKlaBLCh4XcSRzNNFH76gkxAlCJdbbis/p1r5/lvM1DU1FWk?= =?us-ascii?q?b5msGxfsEKLWC9NEncBEaXOrSGJDvLzNvxYaygSL1fluFUuwe3uTaBHE/pJi6D?= =?us-ascii?q?mCXxVxCzLeFMizmWMwdFt426dhZtCHPjTM79ahGhK994kyE5zacvhnzUMW4cMD?= =?us-ascii?q?58c15Cr7CL8SxZgu9/G3Fa7nZ/I+iLgTqZ7/LfKpYQq/drBT50l+1C6nQg17RV?= =?us-ascii?q?9D1EROBymCbKqN5uolWmku2RxTp8SxdBsChEhJiMvUl4PqXZ7JZAU27e/B0R9W?= =?us-ascii?q?WQFwgKp9x9B9L0uqBQxd/PlKToJThf7d3b5socCNLSKM6dN3ohKxXpEibODAQZ?= =?us-ascii?q?VT6rKX3fh0tFnf6I+X2atIY6pYb3lZoJUr9USlo1FvYABURkGNwNO5B3Xzw+nb?= =?us-ascii?q?6cls4I6mK0rAPNS8VCopDHSvWSDO3zKDaeiLlIfQEIwbT5LIsNMI30wFZial5k?= =?us-ascii?q?k4TJAEffQddNoih9YQAuu0VN7GJyTmst1EL5cgmt+mMcFeaonh4qjQtzeeIt+y?= =?us-ascii?q?n27FczPVfKpywwkFItmdr/hzCRaz3xLKaqUYFQFSX0q1A7MonnTAZtcQ2ygUtk?= =?us-ascii?q?OS/eR71PlLtva3pkiBXAtptPAvNTVqxEYAUNyvGQafUoyU5cpTunxENd4+vKF4?= =?us-ascii?q?dinhMwcZGwt3JAxx5jbNktKKPNPqVJ0FlQib+VviKzzO8x2hUeJ0ED8WOJZiEH?= =?us-ascii?q?pFEINqMnJyq0/u1g8wqClCVfeGIUTfolvupq9l8hO+SH1y/g17lDKlqvOOyZLq?= =?us-ascii?q?KZvHPNlcGOQlMtzE8IkFNF/bdu28c5b0WUT1wvzKeWFxkRLsrNNwVVb8tU9HjO?= =?us-ascii?q?cieDqvnCwZVwP4qhDO/oVvOOuLwSgk26AAYjB54M4dgZHpmwzEHYKt/qI6MZxh?= =?us-ascii?q?Uo4wTrIkmFAOlSdRKVjjgHucC/zZ5w3YlbPD0dB3tyMTmv7LbNugAqmOaDXMsx?= =?us-ascii?q?YnoCQosEN3c2WMqmmy5Zv3VNFyS40uMZyQeY9DDwvCLQAyfgb9B7fvebeQtsCM?= =?us-ascii?q?2q+TU466W5k1rX8pTCKG7kLdtiv9/O6eUdp5aBEfxZVqJys0bGlIleXnCqXXPP?= =?us-ascii?q?HcSzJ5fud4kmdcb0BWqiUlyjlzI1SN/8M82zIaiOmgznX5tbsJeF0zA5Ls+yDC?= =?us-ascii?q?seGhdqq+EE/qJ8ahUJY4Anbh7wqwQ+K6u/LR+C0tWoQmaiNTtWT/5bzeWhf7JZ?= =?us-ascii?q?1jciYPWmxXUnVZw10+638UsRS54QlRHe2eyvZ49AXijvAnZdYRnApTIll2h9Me?= =?us-ascii?q?Y/2vswwBHSvlYAKD2EaOtpaGhAv9E9G1ySO2l2BXQkSF+cl4bD5RSs378K9StH?= =?us-ascii?q?g9lUyfFFsGT5vpLHejKjQrarqZLOvCc7cdgmubd+MZL9LcuCtZPemDPfTJ3Rsg?= =?us-ascii?q?2KUC66C/RalcJKICJdWvVIn38qOdAes4pb9UUxTts+J6BICKQ0qLGmcyZrDS4T?= =?us-ascii?q?zS8cVoOPxj8Cj/y927TEiBifbo4uMBsesJVNmtEdSTJ5YjsCpK+/UIXbj2qERX?= =?us-ascii?q?IRIAcQ8wtM+AMAlol/fu3+7ovHVplMxCJSo/JzTyvEC4Jo+0H9Sm6InVjyUO+h?= =?us-ascii?q?nPCx3QJO0PLs1cEWWAZ4CUhZ3elWjEUpKLZzK6kepYPKtziIdUThvG3z1OSmPl?= =?us-ascii?q?5RydbPd135CorFunDwUioG+X0bXYVP0m3QFYwOkwplb6YmvE9DIJq7ekb4/TAk?= =?us-ascii?q?xJ9kH7i5VcCq21YqtmwKRyG0HNpdE+tmqk7YWCV5Y5C3r5XoI4lSQmhV+JCGt1?= =?us-ascii?q?dVjEBtPDWjxZpaNc5N/iYGXCJTrjWFoNuyVMpD1Nd2D5AWONdwoXP9F75fNZeM?= =?us-ascii?q?vXI2oqTvxWHd+z8iqle23jKzG7W3T+hB5W0RBh0pJ3iCqkkoF+Ys8GDS/U7Wv1?= =?us-ascii?q?9p4ehbHaaAjV9toDljA59CHDBJ2m65L15rVnlJr/1aKLjJc8xbW/QyeQKgNAE/?= =?us-ascii?q?FfE820yE5l17nXD8YyNurARa4DzdUxMyVSYLnrfngScepd2/OT8GV5JIai0sYD?= =?us-ascii?q?zLKw2HhSxavgtTZk9xVp8FBdZF/q0U0pFP/sreU0qsLz8KXAB6PAIizfVfjVJD?= =?us-ascii?q?sFmfeS3FFwqna+vAsh1tcseNt8OpKPP5/BlZhY/5rO848LgMSGO8lQ2rX9/es5?= =?us-ascii?q?f2tseWuUuWaKf4L+q8bGfZTDjXkRC/n6orD4XR8ijINwpbNoN6xmY6bpjnFW7L?= =?us-ascii?q?Jw5JJ6YBK0pcT6B6Zs1MovpGaM98ZKYJ5ahtCwqbRhP1BoOgsuRJI03ORTTaMy?= =?us-ascii?q?WB6PawoZzS7bzaTejveNCMy2zAQ6JtMZdw8SP7FKvy0Y9C5kr23e9g9kZgRljC?= =?us-ascii?q?NyCOssjhJh8R68a4bUbiuIMmHS/NAJhsinXt3l9Pe9ARQyK07JQS0IlZ52roSe?= =?us-ascii?q?Jkzkjzt/Vf97t+5okt5LBp0sO0Kr3MKflBtE9nHxyUBhlr9poxAWhwXWZRYvQL?= =?us-ascii?q?JPfWZ6QZgtjkq/rrGKwP9B2V5+tZZMPFJ07bnMm/BCucSRtZkwgfsjMaMhGT1/?= =?us-ascii?q?iem69zU8qlo/b22l416VikMhEG1Kxt5ZuD+qeQq+/XchrRzbwAWqf0Q8P+takj?= =?us-ascii?q?tF2J6v0ljrEOfHZ5Ywq9EOgSTsQd3Hvvzbg2zSIwFMPOB7Dg+P9GV38imzLvhZ?= =?us-ascii?q?B8EEsMGvMVG7qL8p5SnmEmlOzFLtcWaLxNmn6TFR64Fb8P0Xir6y+MLWlkhBHO?= =?us-ascii?q?1gv8QWK17F/4ty93WzDMz8v5kkpISra3GVpSXzC3NkNitzOPJgXovsLtuasp9E?= =?us-ascii?q?E2LnDktNWVmWukP7NXGdH/JNOCLiQvoVIXjYc+Rtqx1oAHF9u9J80R8HJlbvfE?= =?us-ascii?q?7WOkjTNBqb9dh4XC+sGV5unXHX64gq2esLWNwTBVx2M2vV4h99+gMevO6MeSQ/?= =?us-ascii?q?Sy0GYRTTlwtBfdXxKvrbzbtV8UM1SR0EjXgIwKIs1Z3X4g20Hn5eksWsg8+xlF?= =?us-ascii?q?G4bbefwCuS78NyfuzVaYedI3WTGU0yFLEVLtDVl4BK881Xrrs8LIjnfR9UcnRo?= =?us-ascii?q?txd0z7nRx4FZg4KUY25VcLxSoMDBYCZgqGDLGyAkTlN5ELWVIEaRSd07iwYr03?= =?us-ascii?q?0lFrwrOz+O/TavRxB7IXOfZBkgGOnFZaGpUMsa0dWb58YEFS9KrWpgjkFojmUO?= =?us-ascii?q?PrlWIqOv2pXs9a8c4Yt3w44ga8XRag6olM76wdiJ+Wcq5Ie5/MvNpz701//z4A?= =?us-ascii?q?ajRNgARjjxO+Se0cq/rs4sLFv5q06uajT6ItR+QL9xcqB2RxlYbwgEs5rdHRye?= =?us-ascii?q?hcVpXfiZ7j/wBVP36KpIHa3gFzKeUQLYKrYLFg93IAKygFOX0OOduWa/8h4y5i?= =?us-ascii?q?KzjT40JNAtkMZNwCJsbNnx5bilHxUrFJ6sXbAkOYC5t0d80w6Wr3ySw68Zw4Uu?= =?us-ascii?q?n68z+6P5Hf71ZKP/NYlyVhj9fCqecawPbIDygX+3aZYQBvwiye05mNF+rw/eKU?= =?us-ascii?q?xdHbS1wGBTU2X55AKjSN/wKnR+y1lIjmUw6P5c/zhYgxdESOSXCrm6QFqKlMG/?= =?us-ascii?q?ZaiirnxjheCpz1h/WNvtqu72tXtltHHJxv4h3FHKVfI4h0OBX5lsmtXUh8BSr/?= =?us-ascii?q?ddrKdhovpuqZ3OMM7Ph/N0fkY48UPA4Ewarg6XVJVgtuVKL2vlGBUOIQettpUv?= =?us-ascii?q?XEo2tR6YJ9NqAPPV+dpIfwojdPslA2DxcjaKUsoTxCaknOgApVVr72uLEehAsc?= =?us-ascii?q?X9p5tFRCGG2qPmIx+SbHWb5TjKaPFPwf6i+TQbAWU0V0LiN+RAu42Jpqe7uuk/?= =?us-ascii?q?FIrGdGnidmrfgx1DxmQhq8tjH2q6ILxz0g5KmytC8dtnxdUuWejyDIBE1BzPQK?= =?us-ascii?q?jaYcE3Hi6Vi9YHkfcoT/+7xnJcX89Yk7/XszexIjfzcJXe64ESH/k7uIApCTsN?= =?us-ascii?q?JbnBONpMTObbqoICgON7Qy1RHjSGZ50gTEmhZn7ncLSC267NA4PIW9Jdolxi2w?= =?us-ascii?q?FGjedVYM4aBJsMzquF4JVuQ2alRhwGN93ciBXCENQtLAG3othAg+dWpEaI5D6Q?= =?us-ascii?q?MdF6QwmTmHoK9G/h0PbTfPFoSl/ZXQndvW2XYjUNhm3GXWpreKhpkyyn1qh8t0?= =?us-ascii?q?7jKSuHQVb+HYXdFjAnzy1odH1+PzfPSssuECSItj1ruhSvsCPde59WuxwpVqVV?= =?us-ascii?q?evxq4CEFqhLO8D2rDbXj+rSG2AQ+SLcnSDkCgiP0735BmoMkc3Z9lQo086KOvC?= =?us-ascii?q?iYZWlxf9XrNsWiWQuVjbwXQkMeMeaQ07o5+newgQQ+4Ke+icJPQhwOEkCFQScX?= =?us-ascii?q?DFBy12BPGqsVS1hoh0J21g4VnmYeTq6g3mNNqSGh8ZEY/Vt5Jx/f26RnmdOX97?= =?us-ascii?q?1xByPVN79+HYF1grse9caZmRl8DKh9tnye4Fa+ttMSolt94WgI1s9YmU0MaMcR?= =?us-ascii?q?HW1ZvyO9DVov6GDP3bzkQqfHxaU7UDbQPy/YU6McYzW6fPErtBoRQcGa86TYQj?= =?us-ascii?q?N2jr96F0Kxh8fxXMZLSynsnqpuWLZoZbp3/W8lI8NiHctAMfyvasVwx0c4iqh2?= =?us-ascii?q?nuIJA3Xj9BrdhtChx8HItVGsMAtBGqA5iOl6G+ldCx+ll2u+gQsar/EvrKzsi2?= =?us-ascii?q?351tX5hG4kyGJC3RBKdugkt5j+m/gezN0ofvBsP4eNMFVe97QmjfZr/AAIq/Nm?= =?us-ascii?q?HGBsWpQ0db9/a517VjX13FfCnkW4KevTCgcfBj5l82jId/ebyXhAcx4qnb1d26?= =?us-ascii?q?XGRSoiOuvDbdL5dExEDbDuzZGRRPQLyK93gzWeU6d4r/vN8HK905iIyR+wBp7S?= =?us-ascii?q?9qyMKfIrO5qkbH1wR8b52NaAPL0iM0QsEvJw6lMFBk1W3Qr3nGR3AaK8++M8h2?= =?us-ascii?q?qNGPBxfp6g96nmR7IiZtE2zpSNPZG3UB1M+4f0Xe+AtNDtsHncaydEo8v6u1Wa?= =?us-ascii?q?9jPZAT3a2Gs6gI2fJkJy/IXsQSay3UIbN4OSBdJv/CqFghflgPtL1jHs9hfpWK?= =?us-ascii?q?IUUaIG+c2Cjyyk3EykSyeNuyguLBdCIX9GhXiqnI2iVWphWo/POejtDnXZjHY5?= =?us-ascii?q?zsGv3fKiwoUnedXztkVQ79/VaipupBv/eCJ2obik4bbzjUCwMJoK1r69/KATmX?= =?us-ascii?q?0cxlc5pCofeeXSnqAHl9law9AQ5RuEyMSuZFHg7TOTup1GNYowXnKvJS8HbNZr?= =?us-ascii?q?mDz+9NQesUD4BQNPqDTI2cMbplKi0nm300cKD0X9TYq6c/mBqcVmYDHKTg9FSa?= =?us-ascii?q?SF+QBPebwmS4c58Sut1goic098iWkyl7Hr7COKyQjyWp9J/+hyGd776NHlIxal?= =?us-ascii?q?A41bpRSFKKxwNNfSRdUokY?= X-IPAS-Result: =?us-ascii?q?A2CKBABKVWta/wHyM5BcGwEBAQEDAQEBCQEBAYM/A4FaJ45?= =?us-ascii?q?1jXaCAplQLYdDVxUBAQEBAQEBAQIBaiiCOCQBgkcDAwECJAVNAwMJAQEfHwoIA?= =?us-ascii?q?wFTBgESBYowAwGyBjolg3EBAYY/AQsBJROEP4IVgz+GXQSHawEEimOHWZFXlVk?= =?us-ascii?q?NlCiZGzUjgVBwgnyCVRyBLAE7d44sAQEB?= Received: from tarius.tycho.ncsc.mil ([144.51.242.1]) by EMSM-GH1-UEA10.NCSC.MIL with ESMTP; 26 Jan 2018 16:22:54 +0000 Received: from prometheus.infosec.tycho.ncsc.mil (prometheus [192.168.25.40]) by tarius.tycho.ncsc.mil (8.14.4/8.14.4) with ESMTP id w0QGMQM6022734; Fri, 26 Jan 2018 11:22:33 -0500 Received: from tarius.tycho.ncsc.mil (tarius.infosec.tycho.ncsc.mil [144.51.242.1]) by prometheus.infosec.tycho.ncsc.mil (8.15.2/8.15.2) with ESMTP id w0QEX0PX037491 for ; Fri, 26 Jan 2018 09:33:00 -0500 Received: from goalie.tycho.ncsc.mil (goalie [144.51.242.250]) by tarius.tycho.ncsc.mil (8.14.4/8.14.4) with ESMTP id w0QEX0KO007055; Fri, 26 Jan 2018 09:33:00 -0500 X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: =?us-ascii?q?A1B7AABOO2tal3MbGNZdGwEBAQEDAQEBC?= =?us-ascii?q?QEBAYM/gV0njgGOa4ICl0SCF4VFAoIdVBgBAQEBAQEBAQITAQEBAQEIFgaFewM?= =?us-ascii?q?DJwVNECAfElcGAQ0FijgBsl46JYNxAQGGPwEBAQEBAQQBAQEBAQEBAQEfE4Q/g?= =?us-ascii?q?hWDP4ZdBIdrAQSKY4dZkVeVWQ2UKJkbH4IJcIJ8glUQDIEsATt3jiwBAQE?= X-IPAS-Result: =?us-ascii?q?A1B7AABOO2tal3MbGNZdGwEBAQEDAQEBCQEBAYM/gV0njgG?= =?us-ascii?q?Oa4ICl0SCF4VFAoIdVBgBAQEBAQEBAQITAQEBAQEIFgaFewMDJwVNECAfElcGA?= =?us-ascii?q?Q0FijgBsl46JYNxAQGGPwEBAQEBAQQBAQEBAQEBAQEfE4Q/ghWDP4ZdBIdrAQS?= =?us-ascii?q?KY4dZkVeVWQ2UKJkbH4IJcIJ8glUQDIEsATt3jiwBAQE?= X-IronPort-AV: E=Sophos;i="5.46,416,1511845200"; d="scan'208";a="184419" Received: from emsm-gh1-uea11.ncsc.mil ([214.29.60.35]) by goalie.tycho.ncsc.mil with ESMTP; 26 Jan 2018 09:32:59 -0500 IronPort-PHdr: =?us-ascii?q?9a23=3AsY6evB3p65mjDJp3smDT+DRfVm0co7zxezQtwd8Z?= =?us-ascii?q?sesUKvzxwZ3uMQTl6Ol3ixeRBMOHs6sC07KempujcFRI2YyGvnEGfc4EfD4+ou?= =?us-ascii?q?JSoTYdBtWYA1bwNv/gYn9yNs1DUFh44yPzahANS47xaFLIv3K98yMZFAnhOgpp?= =?us-ascii?q?POT1HZPZg9iq2+yo9JDffxhEiCChbb9uMR67sRjfus4KjIV4N60/0AHJonxGe+?= =?us-ascii?q?RXwWNnO1eelAvi68mz4ZBu7T1et+ou+MBcX6r6eb84TaFDAzQ9L281/szrugLd?= =?us-ascii?q?QgaJ+3ART38ZkhtMAwjC8RH6QpL8uTb0u+ZhxCWXO9D9QKsqUjq+8ahkVB7oiD?= =?us-ascii?q?8GNzEn9mHXltdwh79frB64uhBz35LYbISTOfFjfK3SYMkaSHJcUMhRSSJPDICy?= =?us-ascii?q?YYwNAOoPMulXs5Lwp0cSoRakGQWhHv/jxiNOi3Tr3aM6yeMhEQTe0QEnB9IBrm?= =?us-ascii?q?jUo8vvNKsIT++1yrTHwivZb/xN3jf98ofIfws6ofGLW7JxcdDdxlUoFwPAl1id?= =?us-ascii?q?r5HuMTCN1ukVrWSX8uVtWfixh2MosQ19vDqiyt0xhoXUho8Z0l7J+CdjzIooK9?= =?us-ascii?q?C1TFR3bcOkHZZRrS2WKY97T8U/SG9yoik60KcJuZujcSgK1psnwxnfZuSac4iQ?= =?us-ascii?q?+R3sSfudLDNghH1/Zb6yiQy+/la+xe35Tcm030xGri9fndnNsnABzRnT6smDSv?= =?us-ascii?q?dl/0eh3yiA1xzL5+1aPEw5mrDXJ4Auz7IqiJYes17PEjLrlEj2lKOWc18r+ums?= =?us-ascii?q?6+TpeLXmoZqcOpduhA7gLqQhhNa/Df43PAgIQmeU5/6826bk/U3jT7VHleY2kq?= =?us-ascii?q?7fsJHaP8gUuqm5AwpN3oY59xm/Fyum0MgfnXQfN1JKZQmHgpP1O1DOPP/4DfC/?= =?us-ascii?q?j06qkDdw3f/KJLLhApLTLnLbirfuYa5961JAyAo01d1f/IxbCrUAIPL1R0/wu8?= =?us-ascii?q?fVDgM5MgOow+bnD89x1oUFWW2VGKOZP6TSsUHbrt4odtGFeYtdnTH6MfVts+bn?= =?us-ascii?q?kHsRgVYAeeys2pwNZTazGfEwZw2ifXf0gtoHWVwPtw46Qf2i3EaOShZPdn2yWO?= =?us-ascii?q?Q6/Th9B4W4W8OLa5qsi/S51T26BdUCa3hPEFGXOW/hbYSfQ/MFYy/UJdVuxHhM?= =?us-ascii?q?d7GkRpRp8Ba0rg7hg+5lJ+/Z4Wsc85fkzsJ0/MXUjxg58TEyBMOYhSXFY2hyn2?= =?us-ascii?q?4MDx0rxq9yp1c1nluK16l1h/5wENFX4/pPVRd8PpnZmagyJ9fvVUrlc9uHT0yq?= =?us-ascii?q?CoGqBTw9QNUrz/cUbkp9EsnkhRfGiW7iV6QYk72NGYwc7rPX33+3Id10jXnByv?= =?us-ascii?q?9lxw0iQ81SJSi9i6Vi7QnPFsvMlEmEk6uCa6sRxmjO+X2FwG7Iu1tXBko4BaHE?= =?us-ascii?q?W20PI0jbt9L04mvcQLK0T7cqKA1MzYiFMKQcLpXIi1pBDNLkPNLXeSrlnma2Ch?= =?us-ascii?q?Gg3L6AbIP2PW4a2XOZQBwNlxsauHqLKwU6Li6luGubFCZpF1/kfwXr6+Yo7Dvx?= =?us-ascii?q?dUIuwAzCQgUnn5q8/hoEg7bUH+gexL0JkCcorzFlGhC22NeAWPSaoA80KL1Rfd?= =?us-ascii?q?4nplpB2W/DvQtnMbS7KKZzwFUZdlIk7AvVyxxrB9AYwoARp3QwwV83cPrA3Q?= =?us-ascii?q?=3D=3D?= X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: =?us-ascii?q?A0BhAADHOmtal3MbGNZdGwEBAQEDAQEBC?= =?us-ascii?q?QEBAYM/gV0njgGOa4ICl0SCF4VFAoIdVBgBAQEBAQEBAQIBEgEBAQEBCBYGV4I?= =?us-ascii?q?4JAGCRwMDJwVNECAfElcGAQ0FijgBsnQ6JYNxAQGGPwEBAQEBAQQBAQEBAQEBA?= =?us-ascii?q?QEfE4Q/ghWDP4ZdBIdrBYpjh1mRV5VZDZQomRsfgglwgnyCVRAMgSwBO3eOLAE?= =?us-ascii?q?BAQ?= X-IPAS-Result: =?us-ascii?q?A0BhAADHOmtal3MbGNZdGwEBAQEDAQEBCQEBAYM/gV0njgG?= =?us-ascii?q?Oa4ICl0SCF4VFAoIdVBgBAQEBAQEBAQIBEgEBAQEBCBYGV4I4JAGCRwMDJwVNE?= =?us-ascii?q?CAfElcGAQ0FijgBsnQ6JYNxAQGGPwEBAQEBAQQBAQEBAQEBAQEfE4Q/ghWDP4Z?= =?us-ascii?q?dBIdrBYpjh1mRV5VZDZQomRsfgglwgnyCVRAMgSwBO3eOLAEBAQ?= X-IronPort-AV: E=Sophos;i="5.46,416,1511827200"; d="scan'208";a="8596675" X-IronPort-Outbreak-Status: No, level 0, Unknown - Unknown Received: from upbd19pa13.eemsg.mail.mil ([214.24.27.115]) by emsm-gh1-uea11.NCSC.MIL with ESMTP; 26 Jan 2018 14:32:58 +0000 X-EEMSG-check-005: 0 X-EEMSG-check-006: 000-001;d5adf9a5-7a13-4466-9432-df44b54c8a59 Received: from localhost.localdomain (localhost [127.0.0.1]) by UPDCF3IC10.oob.disa.mil (Postfix) with SMTP id 3zShG157WSz4KSFw; Fri, 26 Jan 2018 14:32:57 +0000 (UTC) Received: from UPDC3CPA04.eemsg.mil (unknown [192.168.18.11]) by UPDCF3IC10.oob.disa.mil (Postfix) with ESMTP id 3zShG14DcPz4KSFp; Fri, 26 Jan 2018 14:32:57 +0000 (UTC) Authentication-Results: UPDC3CPA04.eemsg.mail.mil; dkim=neutral (message not signed) header.i=none X-EEMSG-check-008: 226640861|UPDC3CPA04_EEMSG_MP20.csd.disa.mil X-EEMSG-SBRS: 3.5 X-EEMSG-ORIG-IP: 37.139.156.29 X-EEMSG-check-002: true X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: A0DGAQDwOGtahx2ciyVdGwEBAQEDAQEBCQEBAYVDnGuCApdEgheFRQIIghVVFwEBAQEBAQEBAhMBAQEKCwkIKC+FJAMDJwVNECAfElcGAQ0Fijmybzolg3EBAYY+AQEBAQEFAQEBAQEBASEJAQmEP4IVgz+GXQSHawWKY4dZkVeVWQ2UKJkbIQGCBnCCfIJVEAyBLAE7QDeOLAEBAQ X-IPAS-Result: A0DGAQDwOGtahx2ciyVdGwEBAQEDAQEBCQEBAYVDnGuCApdEgheFRQIIghVVFwEBAQEBAQEBAhMBAQEKCwkIKC+FJAMDJwVNECAfElcGAQ0Fijmybzolg3EBAYY+AQEBAQEFAQEBAQEBASEJAQmEP4IVgz+GXQSHawWKY4dZkVeVWQ2UKJkbIQGCBnCCfIJVEAyBLAE7QDeOLAEBAQ Received: from seldsegrel01.sonyericsson.com ([37.139.156.29]) by UPDC3CPA04.eemsg.mail.mil with ESMTP; 26 Jan 2018 14:32:55 +0000 X-Authentication-Warning: seldlx23035.corpusers.net: 23059638 set sender to peter.enderborg@sony.com using -f X-EEMSG-check-009: 444-444 From: To: Paul Moore , Stephen Smalley , Eric Paris , James Morris , Daniel Jurgens , Doug Ledford , , , , Ingo Molnar , , "Serge E . Hallyn" Date: Fri, 26 Jan 2018 15:32:39 +0100 Message-ID: <20180126143241.23108-4-peter.enderborg@sony.com> X-Mailer: git-send-email 2.7.4 In-Reply-To: <20180126143241.23108-1-peter.enderborg@sony.com> References: <20180126143241.23108-1-peter.enderborg@sony.com> MIME-Version: 1.0 X-Mailman-Approved-At: Fri, 26 Jan 2018 11:22:23 -0500 Subject: [PATCH v2 3/5] selinux: Move sidtab to pointer structure X-BeenThere: selinux@tycho.nsa.gov X-Mailman-Version: 2.1.21 Precedence: list List-Id: "Security-Enhanced Linux \(SELinux\) mailing list" List-Post: List-Help: Cc: Peter Enderborg Errors-To: selinux-bounces@tycho.nsa.gov Sender: "Selinux" X-Virus-Scanned: ClamAV using ClamSMTP From: Peter Enderborg To be able to use rcu locks we need access the sidtab trough a pointer. This moves the sittab to a dynamic allocated struture. Signed-off-by: Peter Enderborg --- security/selinux/ss/services.c | 140 ++++++++++++++++++++++------------------- 1 file changed, 74 insertions(+), 66 deletions(-) diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c index 21400bd..2a8486c 100644 --- a/security/selinux/ss/services.c +++ b/security/selinux/ss/services.c @@ -89,7 +89,6 @@ int selinux_policycap_nnp_nosuid_transition; static DEFINE_RWLOCK(policy_rwlock); -static struct sidtab sidtab; int ss_initialized; /* @@ -120,6 +119,7 @@ struct shared_current_mapping { struct selinux_mapping *current_mapping; u16 current_mapping_size; struct policydb policydb; + struct sidtab sidtab; }; static struct shared_current_mapping *crm; @@ -804,7 +804,7 @@ static int security_compute_validatetrans(u32 oldsid, u32 newsid, u32 tasksid, } tclass_datum = crm->policydb.class_val_to_struct[tclass - 1]; - ocontext = sidtab_search(&sidtab, oldsid); + ocontext = sidtab_search(&crm->sidtab, oldsid); if (!ocontext) { printk(KERN_ERR "SELinux: %s: unrecognized SID %d\n", __func__, oldsid); @@ -812,7 +812,7 @@ static int security_compute_validatetrans(u32 oldsid, u32 newsid, u32 tasksid, goto out; } - ncontext = sidtab_search(&sidtab, newsid); + ncontext = sidtab_search(&crm->sidtab, newsid); if (!ncontext) { printk(KERN_ERR "SELinux: %s: unrecognized SID %d\n", __func__, newsid); @@ -820,7 +820,7 @@ static int security_compute_validatetrans(u32 oldsid, u32 newsid, u32 tasksid, goto out; } - tcontext = sidtab_search(&sidtab, tasksid); + tcontext = sidtab_search(&crm->sidtab, tasksid); if (!tcontext) { printk(KERN_ERR "SELinux: %s: unrecognized SID %d\n", __func__, tasksid); @@ -882,7 +882,7 @@ int security_bounded_transition(u32 old_sid, u32 new_sid) read_lock(&policy_rwlock); rc = -EINVAL; - old_context = sidtab_search(&sidtab, old_sid); + old_context = sidtab_search(&crm->sidtab, old_sid); if (!old_context) { printk(KERN_ERR "SELinux: %s: unrecognized SID %u\n", __func__, old_sid); @@ -890,7 +890,7 @@ int security_bounded_transition(u32 old_sid, u32 new_sid) } rc = -EINVAL; - new_context = sidtab_search(&sidtab, new_sid); + new_context = sidtab_search(&crm->sidtab, new_sid); if (!new_context) { printk(KERN_ERR "SELinux: %s: unrecognized SID %u\n", __func__, new_sid); @@ -1033,14 +1033,14 @@ void security_compute_xperms_decision(u32 ssid, if (!ss_initialized) goto allow; - scontext = sidtab_search(&sidtab, ssid); + scontext = sidtab_search(&crm->sidtab, ssid); if (!scontext) { printk(KERN_ERR "SELinux: %s: unrecognized SID %d\n", __func__, ssid); goto out; } - tcontext = sidtab_search(&sidtab, tsid); + tcontext = sidtab_search(&crm->sidtab, tsid); if (!tcontext) { printk(KERN_ERR "SELinux: %s: unrecognized SID %d\n", __func__, tsid); @@ -1116,7 +1116,7 @@ void security_compute_av(u32 ssid, if (!ss_initialized) goto allow; - scontext = sidtab_search(&sidtab, ssid); + scontext = sidtab_search(&crm->sidtab, ssid); if (!scontext) { printk(KERN_ERR "SELinux: %s: unrecognized SID %d\n", __func__, ssid); @@ -1127,7 +1127,7 @@ void security_compute_av(u32 ssid, if (ebitmap_get_bit(&crm->policydb.permissive_map, scontext->type)) avd->flags |= AVD_FLAGS_PERMISSIVE; - tcontext = sidtab_search(&sidtab, tsid); + tcontext = sidtab_search(&crm->sidtab, tsid); if (!tcontext) { printk(KERN_ERR "SELinux: %s: unrecognized SID %d\n", __func__, tsid); @@ -1162,7 +1162,7 @@ void security_compute_av_user(u32 ssid, if (!ss_initialized) goto allow; - scontext = sidtab_search(&sidtab, ssid); + scontext = sidtab_search(&crm->sidtab, ssid); if (!scontext) { printk(KERN_ERR "SELinux: %s: unrecognized SID %d\n", __func__, ssid); @@ -1173,7 +1173,7 @@ void security_compute_av_user(u32 ssid, if (ebitmap_get_bit(&crm->policydb.permissive_map, scontext->type)) avd->flags |= AVD_FLAGS_PERMISSIVE; - tcontext = sidtab_search(&sidtab, tsid); + tcontext = sidtab_search(&crm->sidtab, tsid); if (!tcontext) { printk(KERN_ERR "SELinux: %s: unrecognized SID %d\n", __func__, tsid); @@ -1295,9 +1295,9 @@ static int security_sid_to_context_core(u32 sid, char **scontext, } read_lock(&policy_rwlock); if (force) - context = sidtab_search_force(&sidtab, sid); + context = sidtab_search_force(&crm->sidtab, sid); else - context = sidtab_search(&sidtab, sid); + context = sidtab_search(&crm->sidtab, sid); if (!context) { printk(KERN_ERR "SELinux: %s: unrecognized SID %d\n", __func__, sid); @@ -1459,7 +1459,7 @@ static int security_context_to_sid_core(const char *scontext, u32 scontext_len, } read_lock(&policy_rwlock); - rc = string_to_context_struct(&crm->policydb, &sidtab, scontext2, + rc = string_to_context_struct(&crm->policydb, &crm->sidtab, scontext2, scontext_len, &context, def_sid); if (rc == -EINVAL && force) { context.str = str; @@ -1467,7 +1467,7 @@ static int security_context_to_sid_core(const char *scontext, u32 scontext_len, str = NULL; } else if (rc) goto out_unlock; - rc = sidtab_context_to_sid(&sidtab, &context, sid); + rc = sidtab_context_to_sid(&crm->sidtab, &context, sid); context_destroy(&context); out_unlock: read_unlock(&policy_rwlock); @@ -1630,14 +1630,14 @@ static int security_compute_sid(u32 ssid, sock = security_is_socket_class(map_class(tclass)); } - scontext = sidtab_search(&sidtab, ssid); + scontext = sidtab_search(&crm->sidtab, ssid); if (!scontext) { printk(KERN_ERR "SELinux: %s: unrecognized SID %d\n", __func__, ssid); rc = -EINVAL; goto out_unlock; } - tcontext = sidtab_search(&sidtab, tsid); + tcontext = sidtab_search(&crm->sidtab, tsid); if (!tcontext) { printk(KERN_ERR "SELinux: %s: unrecognized SID %d\n", __func__, tsid); @@ -1757,7 +1757,7 @@ static int security_compute_sid(u32 ssid, goto out_unlock; } /* Obtain the sid for the context. */ - rc = sidtab_context_to_sid(&sidtab, &newcontext, out_sid); + rc = sidtab_context_to_sid(&crm->sidtab, &newcontext, out_sid); out_unlock: read_unlock(&policy_rwlock); context_destroy(&newcontext); @@ -2017,36 +2017,33 @@ static int convert_context(u32 key, goto out; } -static void security_load_policycaps(void) +static void security_load_policycaps(struct policydb *pdb) { unsigned int i; struct ebitmap_node *node; - selinux_policycap_netpeer = - ebitmap_get_bit(&crm->policydb.policycaps, - POLICYDB_CAPABILITY_NETPEER); - selinux_policycap_openperm = - ebitmap_get_bit(&crm->policydb.policycaps, - POLICYDB_CAPABILITY_OPENPERM); - selinux_policycap_extsockclass = - ebitmap_get_bit(&crm->policydb.policycaps, - POLICYDB_CAPABILITY_EXTSOCKCLASS); + selinux_policycap_netpeer = ebitmap_get_bit(&pdb->policycaps, + POLICYDB_CAPABILITY_NETPEER); + selinux_policycap_openperm = ebitmap_get_bit(&pdb->policycaps, + POLICYDB_CAPABILITY_OPENPERM); + selinux_policycap_extsockclass = ebitmap_get_bit(&pdb->policycaps, + POLICYDB_CAPABILITY_EXTSOCKCLASS); selinux_policycap_alwaysnetwork = - ebitmap_get_bit(&crm->policydb.policycaps, + ebitmap_get_bit(&pdb->policycaps, POLICYDB_CAPABILITY_ALWAYSNETWORK); selinux_policycap_cgroupseclabel = - ebitmap_get_bit(&crm->policydb.policycaps, + ebitmap_get_bit(&pdb->policycaps, POLICYDB_CAPABILITY_CGROUPSECLABEL); selinux_policycap_nnp_nosuid_transition = - ebitmap_get_bit(&crm->policydb.policycaps, + ebitmap_get_bit(&pdb->policycaps, POLICYDB_CAPABILITY_NNP_NOSUID_TRANSITION); for (i = 0; i < ARRAY_SIZE(selinux_policycap_names); i++) pr_info("SELinux: policy capability %s=%d\n", selinux_policycap_names[i], - ebitmap_get_bit(&crm->policydb.policycaps, i)); + ebitmap_get_bit(&pdb->policycaps, i)); - ebitmap_for_each_positive_bit(&crm->policydb.policycaps, node, i) { + ebitmap_for_each_positive_bit(&pdb->policycaps, node, i) { if (i >= ARRAY_SIZE(selinux_policycap_names)) pr_info("SELinux: unknown policy capability %u\n", i); @@ -2072,6 +2069,8 @@ int security_load_policy(void *data, size_t len) struct selinux_mapping *oldmap = NULL, *map = NULL; struct convert_context_args args; struct shared_current_mapping *new_mapping; + struct shared_current_mapping *next_rcu; + u32 seqno; u16 map_size; int rc = 0; @@ -2089,6 +2088,11 @@ int security_load_policy(void *data, size_t len) goto out; } newpolicydb = oldpolicydb + 1; + next_rcu = kmalloc(sizeof(struct shared_current_mapping), GFP_KERNEL); + if (!next_rcu) { + rc = -ENOMEM; + goto out; + } if (!ss_initialized) { crm = kzalloc(sizeof(struct shared_current_mapping), @@ -2097,7 +2101,6 @@ int security_load_policy(void *data, size_t len) rc = -ENOMEM; goto out; } - avtab_cache_init(); ebitmap_cache_init(); hashtab_cache_init(); @@ -2121,7 +2124,7 @@ int security_load_policy(void *data, size_t len) goto out; } - rc = policydb_load_isids(&crm->policydb, &sidtab); + rc = policydb_load_isids(&crm->policydb, &crm->sidtab); if (rc) { policydb_destroy(&crm->policydb); avtab_cache_destroy(); @@ -2130,7 +2133,7 @@ int security_load_policy(void *data, size_t len) goto out; } - security_load_policycaps(); + security_load_policycaps(&crm->policydb); ss_initialized = 1; seqno = ++latest_granting; selinux_complete_init(); @@ -2143,7 +2146,7 @@ int security_load_policy(void *data, size_t len) } #if 0 - sidtab_hash_eval(&sidtab, "sids"); + sidtab_hash_eval(&crm->sidtab, "sids"); #endif rc = policydb_read(newpolicydb, fp); @@ -2175,9 +2178,9 @@ int security_load_policy(void *data, size_t len) } /* Clone the SID table. */ - sidtab_shutdown(&sidtab); + sidtab_shutdown(&crm->sidtab); - rc = sidtab_map(&sidtab, clone_sid, &newsidtab); + rc = sidtab_map(&crm->sidtab, clone_sid, &newsidtab); if (rc) goto err; @@ -2197,19 +2200,21 @@ int security_load_policy(void *data, size_t len) /* Save the old policydb and SID table to free later. */ memcpy(oldpolicydb, &crm->policydb, sizeof(struct policydb)); - sidtab_set(&oldsidtab, &sidtab); + sidtab_set(&oldsidtab, &crm->sidtab); /* Install the new policydb and SID table. */ + /* next */ write_lock_irq(&policy_rwlock); - memcpy(&crm->policydb, newpolicydb, sizeof(struct policydb)); - - sidtab_set(&sidtab, &newsidtab); - security_load_policycaps(); + memcpy(&next_rcu->policydb, newpolicydb, sizeof(struct policydb)); + sidtab_set(&next_rcu->sidtab, &newsidtab); + security_load_policycaps(&next_rcu->policydb); oldmap = crm->current_mapping; - crm->current_mapping = map; - crm->current_mapping_size = map_size; + next_rcu->current_mapping = map; + next_rcu->current_mapping_size = map_size; + seqno = ++latest_granting; write_unlock_irq(&policy_rwlock); + crm = next_rcu; /* Free the old policydb and SID table. */ policydb_destroy(oldpolicydb); @@ -2270,7 +2275,7 @@ int security_port_sid(u8 protocol, u16 port, u32 *out_sid) if (c) { if (!c->sid[0]) { - rc = sidtab_context_to_sid(&sidtab, + rc = sidtab_context_to_sid(&crm->sidtab, &c->context[0], &c->sid[0]); if (rc) @@ -2311,7 +2316,7 @@ int security_ib_pkey_sid(u64 subnet_prefix, u16 pkey_num, u32 *out_sid) if (c) { if (!c->sid[0]) { - rc = sidtab_context_to_sid(&sidtab, + rc = sidtab_context_to_sid(&crm->sidtab, &c->context[0], &c->sid[0]); if (rc) @@ -2352,7 +2357,7 @@ int security_ib_endport_sid(const char *dev_name, u8 port_num, u32 *out_sid) if (c) { if (!c->sid[0]) { - rc = sidtab_context_to_sid(&sidtab, + rc = sidtab_context_to_sid(&crm->sidtab, &c->context[0], &c->sid[0]); if (rc) @@ -2388,12 +2393,12 @@ int security_netif_sid(char *name, u32 *if_sid) if (c) { if (!c->sid[0] || !c->sid[1]) { - rc = sidtab_context_to_sid(&sidtab, + rc = sidtab_context_to_sid(&crm->sidtab, &c->context[0], &c->sid[0]); if (rc) goto out; - rc = sidtab_context_to_sid(&sidtab, + rc = sidtab_context_to_sid(&crm->sidtab, &c->context[1], &c->sid[1]); if (rc) @@ -2478,7 +2483,7 @@ int security_node_sid(u16 domain, if (c) { if (!c->sid[0]) { - rc = sidtab_context_to_sid(&sidtab, + rc = sidtab_context_to_sid(&crm->sidtab, &c->context[0], &c->sid[0]); if (rc) @@ -2535,7 +2540,7 @@ int security_get_user_sids(u32 fromsid, context_init(&usercon); rc = -EINVAL; - fromcon = sidtab_search(&sidtab, fromsid); + fromcon = sidtab_search(&crm->sidtab, fromsid); if (!fromcon) goto out_unlock; @@ -2561,7 +2566,8 @@ int security_get_user_sids(u32 fromsid, user, &usercon)) continue; - rc = sidtab_context_to_sid(&sidtab, &usercon, &sid); + rc = sidtab_context_to_sid(&crm->sidtab, &usercon, + &sid); if (rc) goto out_unlock; if (mynel < maxnel) { @@ -2663,7 +2669,8 @@ static inline int __security_genfs_sid(const char *fstype, goto out; if (!c->sid[0]) { - rc = sidtab_context_to_sid(&sidtab, &c->context[0], &c->sid[0]); + rc = sidtab_context_to_sid(&crm->sidtab, &c->context[0], + &c->sid[0]); if (rc) goto out; } @@ -2720,7 +2727,8 @@ int security_fs_use(struct super_block *sb) if (c) { sbsec->behavior = c->v.behavior; if (!c->sid[0]) { - rc = sidtab_context_to_sid(&sidtab, &c->context[0], + rc = sidtab_context_to_sid(&crm->sidtab, + &c->context[0], &c->sid[0]); if (rc) goto out; @@ -2911,7 +2919,7 @@ int security_sid_mls_copy(u32 sid, u32 mls_sid, u32 *new_sid) read_lock(&policy_rwlock); rc = -EINVAL; - context1 = sidtab_search(&sidtab, sid); + context1 = sidtab_search(&crm->sidtab, sid); if (!context1) { printk(KERN_ERR "SELinux: %s: unrecognized SID %d\n", __func__, sid); @@ -2919,7 +2927,7 @@ int security_sid_mls_copy(u32 sid, u32 mls_sid, u32 *new_sid) } rc = -EINVAL; - context2 = sidtab_search(&sidtab, mls_sid); + context2 = sidtab_search(&crm->sidtab, mls_sid); if (!context2) { printk(KERN_ERR "SELinux: %s: unrecognized SID %d\n", __func__, mls_sid); @@ -2948,7 +2956,7 @@ int security_sid_mls_copy(u32 sid, u32 mls_sid, u32 *new_sid) } } - rc = sidtab_context_to_sid(&sidtab, &newcon, new_sid); + rc = sidtab_context_to_sid(&crm->sidtab, &newcon, new_sid); out_unlock: read_unlock(&policy_rwlock); context_destroy(&newcon); @@ -3010,14 +3018,14 @@ int security_net_peersid_resolve(u32 nlbl_sid, u32 nlbl_type, read_lock(&policy_rwlock); rc = -EINVAL; - nlbl_ctx = sidtab_search(&sidtab, nlbl_sid); + nlbl_ctx = sidtab_search(&crm->sidtab, nlbl_sid); if (!nlbl_ctx) { printk(KERN_ERR "SELinux: %s: unrecognized SID %d\n", __func__, nlbl_sid); goto out; } rc = -EINVAL; - xfrm_ctx = sidtab_search(&sidtab, xfrm_sid); + xfrm_ctx = sidtab_search(&crm->sidtab, xfrm_sid); if (!xfrm_ctx) { printk(KERN_ERR "SELinux: %s: unrecognized SID %d\n", __func__, xfrm_sid); @@ -3326,7 +3334,7 @@ int selinux_audit_rule_match(u32 sid, u32 field, u32 op, void *vrule, goto out; } - ctxt = sidtab_search(&sidtab, sid); + ctxt = sidtab_search(&crm->sidtab, sid); if (unlikely(!ctxt)) { WARN_ONCE(1, "selinux_audit_rule_match: unrecognized SID %d\n", sid); @@ -3504,7 +3512,7 @@ int security_netlbl_secattr_to_sid(struct netlbl_lsm_secattr *secattr, *sid = secattr->attr.secid; else if (secattr->flags & NETLBL_SECATTR_MLS_LVL) { rc = -EIDRM; - ctx = sidtab_search(&sidtab, SECINITSID_NETMSG); + ctx = sidtab_search(&crm->sidtab, SECINITSID_NETMSG); if (ctx == NULL) goto out; @@ -3523,7 +3531,7 @@ int security_netlbl_secattr_to_sid(struct netlbl_lsm_secattr *secattr, if (!mls_context_isvalid(&crm->policydb, &ctx_new)) goto out_free; - rc = sidtab_context_to_sid(&sidtab, &ctx_new, sid); + rc = sidtab_context_to_sid(&crm->sidtab, &ctx_new, sid); if (rc) goto out_free; @@ -3563,7 +3571,7 @@ int security_netlbl_sid_to_secattr(u32 sid, struct netlbl_lsm_secattr *secattr) read_lock(&policy_rwlock); rc = -ENOENT; - ctx = sidtab_search(&sidtab, sid); + ctx = sidtab_search(&crm->sidtab, sid); if (ctx == NULL) goto out;