From patchwork Fri Jan 26 14:32:41 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Peter Enderborg X-Patchwork-Id: 10186547 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id 422BC601D5 for ; Fri, 26 Jan 2018 16:24:33 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 303A32A1AF for ; Fri, 26 Jan 2018 16:24:33 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 248FD2A1BB; Fri, 26 Jan 2018 16:24:33 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-4.2 required=2.0 tests=BAYES_00, RCVD_IN_DNSWL_MED autolearn=ham version=3.3.1 Received: from USFB19PA12.eemsg.mail.mil (uphb19pa09.eemsg.mail.mil [214.24.26.83]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id C828D2A1AF for ; Fri, 26 Jan 2018 16:24:31 +0000 (UTC) Received: from emsm-gh1-uea11.ncsc.mil ([214.29.60.3]) by USFB19PA12.eemsg.mail.mil with ESMTP; 26 Jan 2018 16:24:30 +0000 X-IronPort-AV: E=Sophos;i="5.46,417,1511827200"; d="scan'208";a="8604672" IronPort-PHdr: =?us-ascii?q?9a23=3Asdwp0Bbzy5yHDLPSIQPEosH/LSx+4OfEezUN459i?= =?us-ascii?q?sYplN5qZocy/YB7h7PlgxGXEQZ/co6odzbaO6ua4ASQp2tWoiDg6aptCVhsI24?= =?us-ascii?q?09vjcLJ4q7M3D9N+PgdCcgHc5PBxdP9nC/NlVJSo6lPwWB6nK94iQPFRrhKAF7?= =?us-ascii?q?Ovr6GpLIj8Swyuu+54Dfbx9HiTahfL9+Ngm6oRnMvcQKnIVuLbo8xAHUqXVSYe?= =?us-ascii?q?RWwm1oJVOXnxni48q74YBu/SdNtf8/7sBMSar1cbg2QrxeFzQmLns65Nb3uhnZ?= =?us-ascii?q?TAuA/WUTX2MLmRdVGQfF7RX6XpDssivms+d2xSeXMdHqQb0yRD+v9LlgRgP2hy?= =?us-ascii?q?gbNj456GDXhdJ2jKJHuxKquhhzz5fJbI2JKPZye6XQct0ARWpFQ81fSSpPDI2h?= =?us-ascii?q?ZIcLFuYNIPpUo4z7qlATrxWxGBOsCfvvxDFWiHH43qo03OYvEQ7JwAMuEMgBvm?= =?us-ascii?q?nMrNj3KasfX/66zLLTwDXfbP5bwyvx5ZLUfh0jp/yHQLJ+cdDWyUkqDw7IiU2Q?= =?us-ascii?q?ppL5PzyLzOQBqXaU7+x9Wu2xkW4osAZxoiKgxso3kYnJgYQVy1De+Splx4Y1IM?= =?us-ascii?q?S1RUhmatCnCJtdrzyWOoR5T884Q2xkpTw2xqMJtJKlZiQG1YwryhDdZvCdboSF?= =?us-ascii?q?7BbuWPyMLTp4hX9pYqyzihK0/EO90OPzTNO030xPriddl9nMsW0C2ALL58icT/?= =?us-ascii?q?t94l+h2TGS1wDP8u1EIV47la7cK5M53r4/jIATsUXeHi/tgkn2kK+XeVkk+uiv?= =?us-ascii?q?8ejnZKnppoSAOINujwH+M6AultS+AeQ+LAcOQ3CW9fmz2bDs50H0QKhGguconq?= =?us-ascii?q?TWrpzWP9kXqra8AwBP04Yj7xi/Dy2h0NQdhXQHN0xKeBaGj4jvJlHPL+n0Auy4?= =?us-ascii?q?g1Sxljdk2+7JPqb6D5XRLnnMjLfhfbFn505a0wo818pT551TCrEfOP7zQFP+tM?= =?us-ascii?q?TEDh8lNAy52+TnCNJ71owERWKPArWWMKXJvF+K4eIvJeyMa5UOuDbhNfcl/eXu?= =?us-ascii?q?gWU+mV8HcqmjxYEXZ2ygHvR6P0WZZmLhgtUDEWgQogU+T/fqiFqEUT5SeXa/RK?= =?us-ascii?q?w85jUmCIOpFojDW4atgKCc3CuhGZ1WfG9GAEiWEXj0b4WER+sMaCWKL85vkzwE?= =?us-ascii?q?Ub2hRJE71Ry1ug/11adoLu3O+iICrZLjzt915+/Nmh4u6Tx4FcOd03uCT2tshG?= =?us-ascii?q?MHWyc23LxjoUx60lqMzLR3g/lfFdxV+/NFTxw3NYDCwOxgCtDzWwXBftGTRFag?= =?us-ascii?q?XNqmHSk7TsgtzN8Wf0Z9B9Kigwje0Cq2GbAVjaeGC4Az8qLZw3f+Pd19y2rc2K?= =?us-ascii?q?knkVYmXtNFNXe6ia5n6wjTG4nJnl2ZlqercqQc2jXA9GKHzWaXvUFYVhR8UaPf?= =?us-ascii?q?UnAFZUvWrMr56V3YQ7+oF7snLhNLydSeJatSdt3pkVJGSe/tONTEeW2xnXu/BR?= =?us-ascii?q?eTxr6XaYrqY2Qd0DzGCEkKiAAf53GGNRIxBi25uWLRECRuFU7zY0Pr6eR+q2m0?= =?us-ascii?q?TkwzzwGXdEBh1KC6+h0ShfyBUf8T2agEuCg5oTVuAFm9x87WC8aHpwd5ZqpTfM?= =?us-ascii?q?k94FZZ2mLDrAFyJICvL6V4il4ZaQR3sFvk1w9rBYVYjcgqsHQqwRJoKa2FzVxM?= =?us-ascii?q?bDyY3ZX/O7HNLGn94gyvYbbM2l7CyNaW5rsP6PMgplX4sgGpDE0i825709ROyH?= =?us-ascii?q?uc4JLKDQQXUZ3rVEY77R56qK/GYiMl/YPbyWVsMbWosj/Fw98oCvEqyhK8f9hB?= =?us-ascii?q?KqOEDxT/E9MECMi0M+Mqhl2pYggDPOBI+64+J9mmeOee2K63IOZgmyqrjWJG4I?= =?us-ascii?q?B51kKD6TF8R/XS0Jkb2fGY2RGLVzDmjFeuqsr3g5xLZSkOHmqjzijpHJBRZqxu?= =?us-ascii?q?coYXDmeuOde7ycl+h57qXX5Y+0WuB1cH2M+vYxWSdVv90RdX1UQNrnytgTG4wC?= =?us-ascii?q?BskzE1sqqf2zTDw+DjdBocJm5HXXJigknoIYi1idAaQUepYhMylBu95Eb6walb?= =?us-ascii?q?q7hkL2XJR0dHYTT2JXl4UqSsrrqCf9JP6JQwvCVNV+S8ZVSaRaDnoxQG1CPiEX?= =?us-ascii?q?BTxCsmdz62oZX1hRt6iHiSLHxrtnrWZdlwxQvD5NzbXfNR3SQJRC9jiTTMBViz?= =?us-ascii?q?Id+p/c6Sl5jdruCyTWWhVodccSPz14OPqDO75XF2AR24h/2zgsfoERU+0SDlz9?= =?us-ascii?q?llTyPIrAribYnxzKm6LPlncVdyBF/n8cZ6AYZ+kpYqhJ4Mx3caiJKV/WAIkWjt?= =?us-ascii?q?K9lb37zxbGYVTz4R39HV+BTl2FFkLn+R2YL5UGiSz9B/Z9m8f2wW2jgx78ZUB6?= =?us-ascii?q?eI9LZEhzd6okKkrQLNZvhwhi8dxuEz6H4emOwGpAstzjmdA7wLE0lXJyrsmw6P?= =?us-ascii?q?79Cko6VdfHyvfqSo1EpigdChC6mPog9GV3b/ZpciGipw495xMF3SzXLz7Zvkd8?= =?us-ascii?q?PIbdIJsR2UkQnPgPRJKJ4rkfoKnyVnM3rnvXI50+47kQBu3ZaisYiCMWpt+Ka5?= =?us-ascii?q?DQBENj3pfcwc4CrgjaBAkcaKxICgAo9uGi0VU5fyS/KnDi4Sv+z9NwmSCD08tm?= =?us-ascii?q?ubGb3HEA+F8ktnoWjDE5WxOHGTI3kYzc5vSwOBK0xamgwUWy86npEhHACw2MPh?= =?us-ascii?q?aFt55iwW5lPgpBtM0PxnOATkUmjFogeodjA0SIOEIRVM8g5C4l3ZMcuE7uJ8By?= =?us-ascii?q?tY5IGurBSRKmyHYARFFWcJWlaeCFD7Jrmj/tfA8+mCBuqlM/vOb7SOqepEWPeO?= =?us-ascii?q?2Z2v05Fp/zKWOsWIJHliAOUx2lBfUnBhB8TZhzIPRjQPly3TdMGUuhG8+ixrrs?= =?us-ascii?q?C46/nrWRzg6pWRBLdINtVv4R+2i7+ZN+GMnCZ5NSpY1pQUyHDT07cT21oSiyB1?= =?us-ascii?q?dzmxCrQMrzXNQ7zMlaNNFB4UdSdzNMpO76Ih0QhAItLUi9Pv1r5llf45EVlEWk?= =?us-ascii?q?b9msGyYswKJXuxNFTdBEaELL6GPyHEw9nrYaOgTr1dlP5btxy/uTacFU/uJSmM?= =?us-ascii?q?mCfyWBCuK+5MijuXPBtEuIGyahxtE3TsTMr6ah2nN996lSc5wbIuiXPUK2ERKj?= =?us-ascii?q?98c1tTob2W6CNXmPR/G2ha4XpiIuiIgSGZ7/PXKpwOq/tkHjx0l/5G4HQ907ZV?= =?us-ascii?q?8CZERPlvlCvIqd5vok+pku+UxTp9VxpBtDVLiZmXskVlPKXW6oNPWW3Y/B4X62?= =?us-ascii?q?WfFQgKrcN/CtLzo6BQ1sTPlKXrJTdB89PU+dUTCtPRKMKAPnohPwTmGCLIDAsF?= =?us-ascii?q?Sj6rMH/Qi1ZbkP6M6n2ftoI6pYT0mJoSVr9bU0Q4FvUEBUt/GNwPO5R3XjQ/kb?= =?us-ascii?q?6HlsEI42G+rBrQRMlAuJDISO6SC+31KDmFlblEewcIwbTgIIQJKIL7wFJtZUNg?= =?us-ascii?q?nIvWG0rdRstCoix7bgApp0VN/mB+Tnct1EPlcA+t5mEcFeKslB4slgR+efgt9C?= =?us-ascii?q?vr41ovO1XKoy0wkE8sltr7hTCRcSX8I72uUoFMDCr4rU8xMon0Qwxtdw29gVRk?= =?us-ascii?q?NCvYR7JWl7ZvaHpkiBHduZRSAv5RVrdLYAUKxfGQafQoykpTpTm6xU9d5OvFFZ?= =?us-ascii?q?tjmBEscZGys3JKwxhjY8ItJazMOKpJyUBdhqaJvi+yyO8xxg4fJ0EW/WOdfi4I?= =?us-ascii?q?pVYENr48Jyqn5uZs8xCNmyNfeGgQUPonuulq+V05O+SBySLgzrFCJ1utOOyYKq?= =?us-ascii?q?OWp3LPldWUQl8q0EMHiVVF96Bs0cg/a0qUS1wvzLyJGhQVNMrCLAZVb9ZS9HnT?= =?us-ascii?q?ZiuBrOTNwJJvMIqmDOzoS/GBtLoMiEK+AAkpB5gM7tgGHpS0yk7YKcbnI6Ibxh?= =?us-ascii?q?o14QTqJFOFDPNPeB2RizoIuMC/w4Vx3YVEKDEdHH9xMSOp6bbLvgUqmuaMXM8q?= =?us-ascii?q?YncGWYsJLmk5V9O8myNCpXtPESe33fwDyAiZ9TD8vCTRACP7b9p5a/eefQlsB8?= =?us-ascii?q?2u+TUj76i2jkba8prDJ2H7MdRivsHA6eYBqpmaFfxbVrh9vF3am4VCQHyqSWHP?= =?us-ascii?q?G8avJ5fsc4ksccD0CnGiX1yljTI1Ttv+PNaqLqiMmgHmXZ9avpSB0j0/MsGwDS?= =?us-ascii?q?0RGxB1p+4f/q18fhEDb4A9YRH2qwQ0L7a/LxuA0tWyX2atLiNbT+NFwuWgYLxY?= =?us-ascii?q?1DEhbvOgyHQ6UJE10e238U8LRJEFihHexPmjZ4lCUSj9AHNdYQDPqTA/l2d/Ku?= =?us-ascii?q?Y42v0/zw/QsVkALzCLc/RkaWJes94gBVOSIHB2CmsiSF+flofD4xCj0K4M8CdH?= =?us-ascii?q?mNZUy+JFumDkvpDDeDKsRLCrqZLNviold9cmua5xPpL/IsuHspPekSfSTZfKvQ?= =?us-ascii?q?2DTCG6E/1amsVNLyJDWvVIn38qOdAes4pb9UUxTts+J6BICKQ0vL+qcydkDSgI?= =?us-ascii?q?wS8aTI6A3T0Cguag27TBjBuQdootMAAcupVYntQdSzJ2Yj8ZpKK7VoXWkXOERX?= =?us-ascii?q?YPIAgN6ARD+h4AlpVwf+3+54rIVIFDyzhTo/1uUyvLEoJn91z0S22Mhlj4Uvqh?= =?us-ascii?q?mfSz3Q1O1PLszsUbWBlnBEhBwOZWk1AlKK1rJ6kVpYHGqDmIel3mvGj10uupOE?= =?us-ascii?q?FRydHId13/FIfFtXDzUjcG9n0QWIBC02zQGooKkwphdqkroEtDIJq8dkb5/Twk?= =?us-ascii?q?yJxjH6OkWsCz21YlsXEGSj+oE9pGFe5rq0/YVyN+Y5+1spXlJ4tdTXJK9J2btV?= =?us-ascii?q?hZjF1nMzSlxppEN8FN/jkMUSBToTqAodSySddM2cttApAQJdd/vmvyF7lfOJiN?= =?us-ascii?q?uXE2vKLgymPB8TAmrFi63CmzG7O/T+9B5GIeFBkmK3icp0UyAeYh6Xvd8lfIsl?= =?us-ascii?q?9o5ehbHaSPgV93oDljApBEHixJ2my9L1RvUHlGtP1XKL7LfMNBQ/k9fwOvNgc6?= =?us-ascii?q?Ff4hwUyG4194kmv+YyNvqARW4SbdUBcoVSMNmLfihSUeqt27OT8dU59IdS4hbz?= =?us-ascii?q?vfJA2GhSBapw1fa0Z3W5ADHtlK5bcb3ZdO/sXYTUagMyYFXAZtNgggy/pQiVZD?= =?us-ascii?q?sFmEeSDaFQeoaezPvQNpcsiMt8OpMfD5/Btdioz9ruA49qIDR3m4lg2xW9zeqJ?= =?us-ascii?q?X8ttKSvEuUaKj4K/G8YWPGTDXUjxC/n60kD57R/yjXKgVbNYJ3yX85YZjlFW7L?= =?us-ascii?q?PAhJJ6MBKEpdTqB2c9JGovpVZ8V8YqYG5bdtBg6bRhPoAIGvruNJLlDdRTTEKC?= =?us-ascii?q?WO7/KwrJnP7bPHT+jgfcuMy2zBQ61pIpdw8SP7FKvy0Y9C5kr23e9g9kV+SVXd?= =?us-ascii?q?MiCBqtHhKhkK5MmkeEvipIcmHSjKAJdqjXri2l1Ad9cNQyK06pgYz4lZ6HnoQ+?= =?us-ascii?q?JizkfzqPFS96Vj6YQv5bBpyNu7JaDWKftAqk9rGBmUBgJt9pU2G2hyXGVRb+Ae?= =?us-ascii?q?KfvLeqQZl8/uofjtF6ML8B2V5/BZadzfKk7dgMa/Di+TSQdYnAYBrj4XNRCc2O?= =?us-ascii?q?KEm6BqT8aluen51Vg371i4MBEG0Khn5Z2Y9aqQuO/XcxzRwKAAWqjxQ8P+rq8h?= =?us-ascii?q?u02M6vI5k74OYHZ6YxW9EOgaVM4S2HvvzbwwwSIrCcPDEKrq+ORfWHIhgjLgh5?= =?us-ascii?q?d9Ek0UGvMVGLqG5oFekXk4muPHLN0Wc6ZCmmmVGR6iDLAC1Wah6zGLL2l9nhHO?= =?us-ascii?q?zxbwTHuy7F73tyB3WzfDwsz4kkVLSrm4G1tdUzCuOU9ivzOFJBDou8bvuaQp8E?= =?us-ascii?q?E2NXTpu8mMlGu6NrJYBc//JN2AISksvl0XkZkxS8ez1oAcBNWyPs0e8GxkbvvZ?= =?us-ascii?q?8WOkiTVNo6Bdh4rR+suV4OnYHWG8j62GrLWA3ChYxWIkvV4j6tChOPbO58eJQ/?= =?us-ascii?q?ixzGYeUSN/uwrHXx6opb3WtEgUNlaX0EjXmIwLMNZZ3WM71k385+gsXsgz9ANA?= =?us-ascii?q?GYbEff8CoirzODTsy1aFf903TjWe0ydQHl/tHll3ArI813zsvMLJjnrQ/1woRp?= =?us-ascii?q?VueEznnxN3Ep44JVgr6FcJ3ioJCRINZgyDDLG0GUTlKpMJVUcdZhSBwLi6faA3?= =?us-ascii?q?0Upowryx4O/TbOp8B7cCN/tGig6BgkJbG5IMvqEERrJzZUNd/rbNpgf+E4jnQ+?= =?us-ascii?q?TmlX0oOPKpQMBV69wWumA+7Qa4Qxqg7ZZD4KgBiJCUaKFLfZjMsNp770d96j4F?= =?us-ascii?q?bjZNjwRnjxOlTeAco/ju4t3csJqu9uauW7giSv4S9xg1HWt+iYX/gEwtoNHQze?= =?us-ascii?q?dcSZbVhZ758A9TP36AoJza3AVkKeoSN4Kre65t93obKCgFPHICJMeYZfY67S9s?= =?us-ascii?q?NjXT+lNDD9gDZdMdJsXNnx5bhlfuWLFJ+crRAkWYBJtrd8A082r3zyg48Zk7Uu?= =?us-ascii?q?bg7j+6P4zQ71FJP/NekSptldPCpO4OwfrRCSga+meZaxlrwiyYz5mCFvfw8f+K?= =?us-ascii?q?yN7KS1MMBjQ2XJtFJDqe5QynQfK4lJT3UgyO7M/+m5Y+dF+NSXywm6QFqbxAEe?= =?us-ascii?q?laiiX0xjJeDJz6h+qJs9qw72tarl9HH5h97R3LHKVSJZt6Ng7+lsa1WkhwHC3/?= =?us-ascii?q?d9/IdhA2ouqZ2v8M4/liN0v5fYIbLRYEy7X06HVLSgtuTKX7vk2eXeIXZdtpVO?= =?us-ascii?q?nIrnZL5oJ8M6UPJkSSpIT2rjdUr1A7GA0paL8wrzxCcUnOmAxVW7rqt7Mbjwsc?= =?us-ascii?q?UMJ5uVVSFm6qP2I+/TXHX7xPjKaNEPwV7imTTqsWXkV0MyN+Rgi42Ilve7S1nv?= =?us-ascii?q?BIrGdGkjl7oPc0zzxsXAG8tjH0p6IRxTIg/6m1tDAAuXxGTeWelDzFCVdZw/QJ?= =?us-ascii?q?iqccDWjt6VqmbHkFcoTy/KFtJd78+ok5/3Q/fRIjcjUdUuu+DSHwk7iFApeLsN?= =?us-ascii?q?JbmB6NpNvOYqGuIiQIMbQ90x3jTWBn0gfChBZo7HcLQjK44d88I4W9PdwqxjCm?= =?us-ascii?q?GGjccFYM7LhEsM72tV4MV+s5d09uwH9k0sicXS0NRcrPG2kvgggjc2VEf4pJ6Q?= =?us-ascii?q?UGGKkwnjaIoq5G8xkaYDjKFoSl+5HQktnT1Hg8TNdqw2fWqbOfhpMuznJpgdR0?= =?us-ascii?q?7jSBuH4KbezXT9dsAmTv1odY0eH/ae2tsvoGSIR61rusS/oCMsi/+WusxppmQE?= =?us-ascii?q?ilxq4RH1ChKu8M2q/bUzu5SW2fQemLdGyMkCgiP07q4RmnNEY3aNtLr0AhLuvC?= =?us-ascii?q?nIBTmBP7XbNyWCqQuUfRzHY/PuMCawI2pICndhQOTO4QYeicOOcvzOQ6CFsNdH?= =?us-ascii?q?/JATB2BvS3sVG3moh7PG9s4ULgYeTi6grmKsedGgEYEY7GqZ584fm6SXidNn9g?= =?us-ascii?q?zR1yOk50+vzBF1QwsO9TbZKRndnWh9Rm3u8JbfBtMTcyutQLgIJs9ZGU0NuWcR?= =?us-ascii?q?HW1pvyJ8vaovufA/LE1EkqZ2daUqYZYQPy+oU6Md45W6HJEbtfoxscGbAwQIY9?= =?us-ascii?q?OGfp6KF0MARzfxbTZLSxhcnqvPiLZppPp3LN6FI/NiLctAMCyvCuSgx7dZ+qjW?= =?us-ascii?q?3oIJ8sXjJBs8FtChx+EYtUFcMAqhaoDp+Xlaygld++5Vl6u+4LsKr3DPDGztK5?= =?us-ascii?q?0JttX8sS2UveBD/MAOFOhUN/g6zmmv7d1rHpAN7mPNYDU/J2BGXCb+mCVr6jJy?= =?us-ascii?q?qON8S0QEtP97qRwfotSRmKTDzoVKqB8iu/PbNr5lttjsRVZuvYhAQk9bDAkI//?= =?us-ascii?q?f2hBpzyLtXeTNYBH6FXBCKrZRR0CDbKn+WNoBuUyapHu9fxGZd4rxdWHpQ016T?= =?us-ascii?q?NYysqeC6+7p0TI1wRwcpeNaAPF0iA4VI1CAgmlPkYqmieNpn3bAHlYLOChJM1p?= =?us-ascii?q?idCSHlrm4Ewn3SkBYXNOUk7lSdmWI2RTj866aQGE8xhHJ8wOk+6+ZQgzsajkDa?= =?us-ascii?q?E8IZhBmOO3pJ0bgN1pLGfJX8EcMCbOevs+aj5QCPjf4UMlaQMesqQkH4IyaYWK?= =?us-ascii?q?LWsZP0qajyD/1w3P1QvzbdP6kO7dJCcQ72UCzL/f1zVIjxe2tOzfgcD5Vr3dKp?= =?us-ascii?q?bsU6iWeAsjWTbSYDM2F0+zsQOhuvwLu9KCLGsfq0xSaSWXXkpb8qlrttGVAmLN?= =?us-ascii?q?lOlLdZkRjbWCQSfyRSZk0q0oCXAP/Qq3TuAMGEH7JzmpoGNYvB2kbLcY5n//YL?= =?us-ascii?q?CwxqNRX/0QRIBLd6vKbcHffKUKPzo0my9fNeCwcsfWqKw2+knPS3pfGK7Nog7N?= =?us-ascii?q?BHWKS+CRkmq4Fb4euJI5729xo4rd?= X-IPAS-Result: =?us-ascii?q?A2B4AwC4VWta/wHyM5BcGgEBAQEBAgEBAQEIAQEBAYM/A4F?= =?us-ascii?q?aJ4NdixiNdoICmVAthSOCIFgUAQEBAQEBAQECAWoogjgkAYJHAwMBAiAEBQYBR?= =?us-ascii?q?gMDCQEBHwUCGAoEAgIDAVMGARIFijADAbAcgW06JYNxAQGGPwwBJRN8g0OCFYM?= =?us-ascii?q?/hl0EggyCeoJlAQSKY4dZkVeVWQ2UKJkbNiKBUHCCfIJVHIEsATt3jiwBAQE?= Received: from tarius.tycho.ncsc.mil ([144.51.242.1]) by emsm-gh1-uea11.NCSC.MIL with ESMTP; 26 Jan 2018 16:24:29 +0000 Received: from prometheus.infosec.tycho.ncsc.mil (prometheus [192.168.25.40]) by tarius.tycho.ncsc.mil (8.14.4/8.14.4) with ESMTP id w0QGOStQ023498; Fri, 26 Jan 2018 11:24:29 -0500 Received: from tarius.tycho.ncsc.mil (tarius.infosec.tycho.ncsc.mil [144.51.242.1]) by prometheus.infosec.tycho.ncsc.mil (8.15.2/8.15.2) with ESMTP id w0QEXhbH037522 for ; Fri, 26 Jan 2018 09:33:43 -0500 Received: from goalie.tycho.ncsc.mil (goalie [144.51.242.250]) by tarius.tycho.ncsc.mil (8.14.4/8.14.4) with ESMTP id w0QEXiYF007410; Fri, 26 Jan 2018 09:33:44 -0500 X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: =?us-ascii?q?A1D0AABOO2talyobGNZdGgEBAQEBAgEBA?= =?us-ascii?q?QEIAQEBAYM/gV0ng12ZD4ICl0SCF4VFAoIdVhYBAQEBAQEBAQITAQEBAQEIFga?= =?us-ascii?q?FewMDIwQFTRAgBQIYDgICVwYBDQWKOAGwcYFtOiWDcQEBhj8BAQEBAQUBAQEBA?= =?us-ascii?q?QEBAQEfE3yDQ4IVgz+GXQSCDIJ6gmUBBIpjh1mRV5VZDZQomRsmCIF6cIJ8glU?= =?us-ascii?q?QDIEsATt3jiwBAQE?= X-IPAS-Result: =?us-ascii?q?A1D0AABOO2talyobGNZdGgEBAQEBAgEBAQEIAQEBAYM/gV0?= =?us-ascii?q?ng12ZD4ICl0SCF4VFAoIdVhYBAQEBAQEBAQITAQEBAQEIFgaFewMDIwQFTRAgB?= =?us-ascii?q?QIYDgICVwYBDQWKOAGwcYFtOiWDcQEBhj8BAQEBAQUBAQEBAQEBAQEfE3yDQ4I?= =?us-ascii?q?Vgz+GXQSCDIJ6gmUBBIpjh1mRV5VZDZQomRsmCIF6cIJ8glUQDIEsATt3jiwBA?= =?us-ascii?q?QE?= X-IronPort-AV: E=Sophos;i="5.46,416,1511845200"; d="scan'208";a="184424" Received: from emsm-gh1-uea10.ncsc.mil ([214.29.60.34]) by goalie.tycho.ncsc.mil with ESMTP; 26 Jan 2018 09:33:44 -0500 IronPort-PHdr: =?us-ascii?q?9a23=3AX4kPCxMQzvQumbMfKmgl6mtUPXoX/o7sNwtQ0KIM?= =?us-ascii?q?zox0K/7/pMbcNUDSrc9gkEXOFd2Cra4c0ayM6uu+BSRAuc/H7ChbNsQUFlcsso?= =?us-ascii?q?Y/p0QYGsmLCEn2frbBThcRO4B8bmJj5GyxKkNPGczzNBX4q3y26iMOSF2kbVIm?= =?us-ascii?q?buv6FZTPgMupyuu854PcYxlShDq6fLh+MAi6oR/eu8UKn4duMLg9xgbGrnZJdO?= =?us-ascii?q?ld2GdkKU6Okxrm6cq84INv/z5Mt/498sJLTLn3cbk/QbFEFjotLno75NfstRnN?= =?us-ascii?q?TAuP4mUTX2ALmRdWAAbL8Q/3UI7pviT1quRy1i+aPdbrTb8vQjSt871rSB7zhy?= =?us-ascii?q?gZMTMy7XzahdZxjKJfpxKhugB/zovJa4ybKPZyYqXQds4BSGFfQsheSTBOAoKk?= =?us-ascii?q?b4sOEeUBO/pYr5LgrFcKtBeyGBWgCP/qxjJOm3T437A10/45HA/b3AIuAdwAvn?= =?us-ascii?q?fTotr3OqcdXvy6wqbTwDXfdvNbwyvx5ZLUfh0jp/yHQLJ+cdDWyUkqDw7IiU2Q?= =?us-ascii?q?ppL5PzyLzOQBqXaU7+x9Wu2xkW4osAZxoiKgxso3kYnJgYQVy1De+Splx4Y1IM?= =?us-ascii?q?S1RUhmatCnCJtdrz+WO5Z5T884XW1ltzw2xqMEtJKhcyUG1owryhDdZvCdboSF?= =?us-ascii?q?7BbuWPyMLTp4hX9pYqyzihK0/EO90OPzTNO030xPriddktnDqHQN1xvL58eJUP?= =?us-ascii?q?Vz8Fms1DiR2g7J9uxIPU45mbDFJJE/x74wjZUTvV7GHiDsmUX2iLWadkAl+uis?= =?us-ascii?q?8+jnY7PmqYGAN4JslA3yL6sjltahDek3KAQCQWqW9f6z2bH95UH5Ra9Fjvwykq?= =?us-ascii?q?nXqpDaIsEbq7ajDQBLzoYs9Qy/Ay2p3tQegHYIMkhFdwmAj4jzNFHDO+v4DfC5?= =?us-ascii?q?g1Wsijtk2/fGPrj5DpXXMnfDiKvhfap660NE0wo80Mtf6olICrABPP3zWkjxuM?= =?us-ascii?q?beDh8iKQO42ennCNJj1okGQ2KAHreZML/OsV+P/u8vOPeDZIsUuDb7Nvgk6OXj?= =?us-ascii?q?jWM5mFABfamp2oEbaHajHvt8OUmZbn3sgslSWVsN6zI3UeiirVqFSzMbM267Qq?= =?us-ascii?q?YU/jgmDMejCoDZS8amh7nXmG+AApBOZm1AQmuJGHPsepTMD+wAcwqOM8RhlXoC?= =?us-ascii?q?TrHnRIg/g1XmmRX7wPJfJ/DV4WVMuIrqztluz/XajxAp7Th9BMnb1HuCGSU8vG?= =?us-ascii?q?oNSiR++adlu01mggOB2K11mLpcU9lU/elISS89L5fXy+E8ANf3DEaJUt6PSVui?= =?us-ascii?q?Cve7Gz48SMl5l9MHZUdwH9eKix3H2yOsBK9TnLuOUth83qXB0DDVKspzzGzKnP?= =?us-ascii?q?0ti1QqTMxVOUW8i6J//hSVDInMxQHRw72ncaUawT7l6HaIzW3IulpRFgF3T/OB?= =?us-ascii?q?FSQbZ03LvZHi60jfVb6yGPEiNQdczcOqNKRHcJvqgE9ASfOlP87RNSb5z2OxAw?= =?us-ascii?q?uYg7CBdoznf00D0yjHTksJiQYe+TCBLwdoQm+ApW3ZRBlpEVTmeQu49Oh4p3ST?= =?us-ascii?q?VEI4zwiWKUZm0uzxskocgeeVDv8ewL8AkC4lsDwxBEy63d/dF5yHvQU3OO0WWt?= =?us-ascii?q?4n71oP+Cqf/yx0OpixKeoq0kUTaQt6l0Pn0xFmDMNLls18/10wyw8nfbqVzF5b?= =?us-ascii?q?MT6e0Z3qMLrNJUHp+xa+LaXR3weNg56t5q4T5aFg+B3YtwazGx9nqi0/3g=3D?= =?us-ascii?q?=3D?= X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: =?us-ascii?q?A0DAAABOO2talyobGNZdGgEBAQEBAgEBA?= =?us-ascii?q?QEIAQEBAYM/gV0ng12ZD4ICl0SCF4VFAoIdVhYBAQEBAQEBAQIBEgEBAQEBCBY?= =?us-ascii?q?GV4I4JAGCRwMDIwQFTRAgBQIYDgICVwYBDQWKOAGwcYFtOiWDcQEBhj8BAQEBA?= =?us-ascii?q?QUBAQEBAQEBAQEfE3yDQ4IVgz+GXQSCDIJ6gmUFimOHWZFXlVkNlCiZGyYIgXp?= =?us-ascii?q?wgnyCVRAMgSwBO3eOLAEBAQ?= X-IPAS-Result: =?us-ascii?q?A0DAAABOO2talyobGNZdGgEBAQEBAgEBAQEIAQEBAYM/gV0?= =?us-ascii?q?ng12ZD4ICl0SCF4VFAoIdVhYBAQEBAQEBAQIBEgEBAQEBCBYGV4I4JAGCRwMDI?= =?us-ascii?q?wQFTRAgBQIYDgICVwYBDQWKOAGwcYFtOiWDcQEBhj8BAQEBAQUBAQEBAQEBAQE?= =?us-ascii?q?fE3yDQ4IVgz+GXQSCDIJ6gmUFimOHWZFXlVkNlCiZGyYIgXpwgnyCVRAMgSwBO?= =?us-ascii?q?3eOLAEBAQ?= X-IronPort-AV: E=Sophos;i="5.46,416,1511827200"; d="scan'208";a="8032003" X-IronPort-Outbreak-Status: No, level 0, Unknown - Unknown Received: from updc3cpa03.eemsg.mail.mil ([214.24.27.42]) by EMSM-GH1-UEA10.NCSC.MIL with ESMTP; 26 Jan 2018 14:33:42 +0000 X-EEMSG-check-005: 0 X-EEMSG-check-006: 000-001;ed119ebd-0bd8-44c6-b2bd-a9e00d67b142 Received: from localhost.localdomain (localhost [127.0.0.1]) by UPDCF3IC07.oob.disa.mil (Postfix) with SMTP id 3zShGt1Kn8z1x08f; Fri, 26 Jan 2018 14:33:42 +0000 (UTC) Received: from UPBD19PA01.eemsg.mil (unknown [192.168.18.2]) by UPDCF3IC07.oob.disa.mil (Postfix) with ESMTP id 3zShGs6pYgz1x08c; Fri, 26 Jan 2018 14:33:41 +0000 (UTC) Authentication-Results: upbd19pa01.eemsg.mail.mil; dkim=none (message not signed) header.i=none X-EEMSG-check-008: 288045716|UPBD19PA01_EEMSG_MP1.csd.disa.mil X-EEMSG-SBRS: 3.5 X-EEMSG-ORIG-IP: 37.139.156.29 X-EEMSG-check-002: true X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: A0BaAQCpOWtahx2ciyVdGgEBAQEBAgEBAQEIAQEBAYVDg12ZDoICmVuFQQICAgiCFVcVAQEBAQEBAQECEwEBAQoLCQgoL4UkAwMjBAVNECAFAhgOAgJXBgENBYo5sH6BbTolg3EBAYY+AQEBBwEBAQEBAQEhCQEJfINDghWDP4ZdBIIMgnqCZQWKY4dZkVeVWQ2UKJkbNYFzcIJ8glUQDIEsATtAN44sAQEB X-IPAS-Result: A0BaAQCpOWtahx2ciyVdGgEBAQEBAgEBAQEIAQEBAYVDg12ZDoICmVuFQQICAgiCFVcVAQEBAQEBAQECEwEBAQoLCQgoL4UkAwMjBAVNECAFAhgOAgJXBgENBYo5sH6BbTolg3EBAYY+AQEBBwEBAQEBAQEhCQEJfINDghWDP4ZdBIIMgnqCZQWKY4dZkVeVWQ2UKJkbNYFzcIJ8glUQDIEsATtAN44sAQEB Received: from seldsegrel01.sonyericsson.com ([37.139.156.29]) by upbd19pa01.eemsg.mail.mil with ESMTP; 26 Jan 2018 14:33:40 +0000 X-Authentication-Warning: seldlx23035.corpusers.net: 23059638 set sender to peter.enderborg@sony.com using -f X-EEMSG-check-009: 444-444 From: To: Paul Moore , Stephen Smalley , Eric Paris , James Morris , Daniel Jurgens , Doug Ledford , , , , Ingo Molnar , , "Serge E . Hallyn" Date: Fri, 26 Jan 2018 15:32:41 +0100 Message-ID: <20180126143241.23108-6-peter.enderborg@sony.com> X-Mailer: git-send-email 2.7.4 In-Reply-To: <20180126143241.23108-1-peter.enderborg@sony.com> References: <20180126143241.23108-1-peter.enderborg@sony.com> MIME-Version: 1.0 X-MIME-Autoconverted: from quoted-printable to 8bit by prometheus.infosec.tycho.ncsc.mil id w0QEXhbH037522 X-Mailman-Approved-At: Fri, 26 Jan 2018 11:22:23 -0500 Subject: [PATCH v2 5/5] selinux: Switch locking to RCU. X-BeenThere: selinux@tycho.nsa.gov X-Mailman-Version: 2.1.21 Precedence: list List-Id: "Security-Enhanced Linux \(SELinux\) mailing list" List-Post: List-Help: Cc: Peter Enderborg Errors-To: selinux-bounces@tycho.nsa.gov Sender: "Selinux" X-Virus-Scanned: ClamAV using ClamSMTP From: Peter Enderborg This patch switch to using RCU locks instead of rwlocks. This has the big advantage that it does not has preempt disable. Signed-off-by: Peter Enderborg Reported-by: Björn Davidsson --- security/selinux/ss/services.c | 162 +++++++++++++++++++++-------------------- 1 file changed, 82 insertions(+), 80 deletions(-) diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c index 81c5717..f142ef8 100644 --- a/security/selinux/ss/services.c +++ b/security/selinux/ss/services.c @@ -87,7 +87,7 @@ int selinux_policycap_alwaysnetwork; int selinux_policycap_cgroupseclabel; int selinux_policycap_nnp_nosuid_transition; -static DEFINE_RWLOCK(policy_rwlock); +static DEFINE_SPINLOCK(policy_w_lock); int ss_initialized; @@ -115,14 +115,14 @@ struct selinux_mapping { u32 perms[sizeof(u32) * 8]; }; -struct shared_current_mapping { +struct shared_rcu_mapping { struct selinux_mapping *current_mapping; u16 current_mapping_size; struct policydb policydb; struct sidtab sidtab; }; -static struct shared_current_mapping *crm; +static struct shared_rcu_mapping *crm; static int selinux_set_mapping(struct policydb *pol, struct security_class_mapping *map, @@ -791,7 +791,7 @@ static int security_compute_validatetrans(u32 oldsid, u32 newsid, u32 tasksid, if (!ss_initialized) return 0; - read_lock(&policy_rwlock); + rcu_read_lock(); if (!user) tclass = unmap_class(orig_tclass); @@ -845,7 +845,7 @@ static int security_compute_validatetrans(u32 oldsid, u32 newsid, u32 tasksid, } out: - read_unlock(&policy_rwlock); + rcu_read_unlock(); return rc; } @@ -879,7 +879,7 @@ int security_bounded_transition(u32 old_sid, u32 new_sid) int index; int rc; - read_lock(&policy_rwlock); + rcu_read_lock(); rc = -EINVAL; old_context = sidtab_search(&crm->sidtab, old_sid); @@ -941,7 +941,7 @@ int security_bounded_transition(u32 old_sid, u32 new_sid) kfree(old_name); } out: - read_unlock(&policy_rwlock); + rcu_read_unlock(); return rc; } @@ -1029,7 +1029,7 @@ void security_compute_xperms_decision(u32 ssid, memset(xpermd->auditallow->p, 0, sizeof(xpermd->auditallow->p)); memset(xpermd->dontaudit->p, 0, sizeof(xpermd->dontaudit->p)); - read_lock(&policy_rwlock); + rcu_read_lock(); if (!ss_initialized) goto allow; @@ -1083,7 +1083,7 @@ void security_compute_xperms_decision(u32 ssid, } } out: - read_unlock(&policy_rwlock); + rcu_read_unlock(); return; allow: memset(xpermd->allowed->p, 0xff, sizeof(xpermd->allowed->p)); @@ -1110,7 +1110,7 @@ void security_compute_av(u32 ssid, u16 tclass; struct context *scontext = NULL, *tcontext = NULL; - read_lock(&policy_rwlock); + rcu_read_lock(); avd_init(avd); xperms->len = 0; if (!ss_initialized) @@ -1143,7 +1143,7 @@ void security_compute_av(u32 ssid, context_struct_compute_av(scontext, tcontext, tclass, avd, xperms); map_decision(orig_tclass, avd, crm->policydb.allow_unknown); out: - read_unlock(&policy_rwlock); + rcu_read_unlock(); return; allow: avd->allowed = 0xffffffff; @@ -1157,7 +1157,7 @@ void security_compute_av_user(u32 ssid, { struct context *scontext = NULL, *tcontext = NULL; - read_lock(&policy_rwlock); + rcu_read_lock(); avd_init(avd); if (!ss_initialized) goto allow; @@ -1188,7 +1188,7 @@ void security_compute_av_user(u32 ssid, context_struct_compute_av(scontext, tcontext, tclass, avd, NULL); out: - read_unlock(&policy_rwlock); + rcu_read_unlock(); return; allow: avd->allowed = 0xffffffff; @@ -1293,7 +1293,7 @@ static int security_sid_to_context_core(u32 sid, char **scontext, rc = -EINVAL; goto out; } - read_lock(&policy_rwlock); + rcu_read_lock(); if (force) context = sidtab_search_force(&crm->sidtab, sid); else @@ -1306,7 +1306,7 @@ static int security_sid_to_context_core(u32 sid, char **scontext, } rc = context_struct_to_string(context, scontext, scontext_len); out_unlock: - read_unlock(&policy_rwlock); + rcu_read_unlock(); out: return rc; @@ -1458,7 +1458,7 @@ static int security_context_to_sid_core(const char *scontext, u32 scontext_len, goto out; } - read_lock(&policy_rwlock); + rcu_read_lock(); rc = string_to_context_struct(&crm->policydb, &crm->sidtab, scontext2, scontext_len, &context, def_sid); if (rc == -EINVAL && force) { @@ -1470,7 +1470,7 @@ static int security_context_to_sid_core(const char *scontext, u32 scontext_len, rc = sidtab_context_to_sid(&crm->sidtab, &context, sid); context_destroy(&context); out_unlock: - read_unlock(&policy_rwlock); + rcu_read_unlock(); out: kfree(scontext2); kfree(str); @@ -1620,7 +1620,7 @@ static int security_compute_sid(u32 ssid, context_init(&newcontext); - read_lock(&policy_rwlock); + rcu_read_lock(); if (kern) { tclass = unmap_class(orig_tclass); @@ -1759,7 +1759,7 @@ static int security_compute_sid(u32 ssid, /* Obtain the sid for the context. */ rc = sidtab_context_to_sid(&crm->sidtab, &newcontext, out_sid); out_unlock: - read_unlock(&policy_rwlock); + rcu_read_unlock(); context_destroy(&newcontext); out: return rc; @@ -2051,7 +2051,6 @@ static void security_load_policycaps(struct policydb *pdb) } static int security_preserve_bools(struct policydb *p); - /** * security_load_policy - Load a security policy configuration. * @data: binary policy data @@ -2068,17 +2067,17 @@ int security_load_policy(void *data, size_t len) struct sidtab oldsidtab, newsidtab; struct selinux_mapping *oldmap = NULL, *map = NULL; struct convert_context_args args; - struct shared_current_mapping *next_rcu; - struct shared_current_mapping *old_rcu; + struct shared_rcu_mapping *next_rcu; + struct shared_rcu_mapping *old_rcu; u32 seqno; u16 map_size; int rc = 0; struct policy_file file = { data, len }, *fp = &file; if (!ss_initialized) { - struct shared_current_mapping *first_mapping; + struct shared_rcu_mapping *first_mapping; - first_mapping = kzalloc(sizeof(struct shared_current_mapping), + first_mapping = kzalloc(sizeof(struct shared_rcu_mapping), GFP_KERNEL); if (!first_mapping) { rc = -ENOMEM; @@ -2145,7 +2144,7 @@ int security_load_policy(void *data, size_t len) goto out; } - next_rcu = kzalloc(sizeof(struct shared_current_mapping), GFP_KERNEL); + next_rcu = kzalloc(sizeof(struct shared_rcu_mapping), GFP_KERNEL); if (!next_rcu) { kfree(oldpolicydb); rc = -ENOMEM; @@ -2157,7 +2156,7 @@ int security_load_policy(void *data, size_t len) goto out; next_rcu->policydb.len = len; - read_lock(&policy_rwlock); + rcu_read_lock(); /* If switching between different policy types, log MLS status */ if (crm->policydb.mls_enabled && !next_rcu->policydb.mls_enabled) printk(KERN_INFO "SELinux: Disabling MLS support...\n"); @@ -2210,19 +2209,19 @@ int security_load_policy(void *data, size_t len) /* Install the new policydb and SID table. */ /* next */ security_load_policycaps(&next_rcu->policydb); - read_unlock(&policy_rwlock); - write_lock_irq(&policy_rwlock); sidtab_set(&next_rcu->sidtab, &newsidtab); security_load_policycaps(&next_rcu->policydb); oldmap = crm->current_mapping; + rcu_read_unlock(); next_rcu->current_mapping = map; next_rcu->current_mapping_size = map_size; + spin_lock(&policy_w_lock); seqno = ++latest_granting; old_rcu = crm; crm = next_rcu; - write_unlock_irq(&policy_rwlock); - + spin_unlock(&policy_w_lock); + synchronize_rcu(); /* Free the old policydb and SID table. */ policydb_destroy(oldpolicydb); sidtab_destroy(&oldsidtab); @@ -2250,9 +2249,9 @@ size_t security_policydb_len(void) { size_t len; - read_lock(&policy_rwlock); + rcu_read_lock(); len = crm->policydb.len; - read_unlock(&policy_rwlock); + rcu_read_unlock(); return len; } @@ -2268,7 +2267,7 @@ int security_port_sid(u8 protocol, u16 port, u32 *out_sid) struct ocontext *c; int rc = 0; - read_lock(&policy_rwlock); + rcu_read_lock(); c = crm->policydb.ocontexts[OCON_PORT]; while (c) { @@ -2293,7 +2292,7 @@ int security_port_sid(u8 protocol, u16 port, u32 *out_sid) } out: - read_unlock(&policy_rwlock); + rcu_read_unlock(); return rc; } @@ -2308,7 +2307,7 @@ int security_ib_pkey_sid(u64 subnet_prefix, u16 pkey_num, u32 *out_sid) struct ocontext *c; int rc = 0; - read_lock(&policy_rwlock); + rcu_read_lock(); c = crm->policydb.ocontexts[OCON_IBPKEY]; while (c) { @@ -2333,7 +2332,7 @@ int security_ib_pkey_sid(u64 subnet_prefix, u16 pkey_num, u32 *out_sid) *out_sid = SECINITSID_UNLABELED; out: - read_unlock(&policy_rwlock); + rcu_read_unlock(); return rc; } @@ -2348,7 +2347,7 @@ int security_ib_endport_sid(const char *dev_name, u8 port_num, u32 *out_sid) struct ocontext *c; int rc = 0; - read_lock(&policy_rwlock); + rcu_read_lock(); c = crm->policydb.ocontexts[OCON_IBENDPORT]; while (c) { @@ -2374,7 +2373,7 @@ int security_ib_endport_sid(const char *dev_name, u8 port_num, u32 *out_sid) *out_sid = SECINITSID_UNLABELED; out: - read_unlock(&policy_rwlock); + rcu_read_unlock(); return rc; } @@ -2388,7 +2387,7 @@ int security_netif_sid(char *name, u32 *if_sid) int rc = 0; struct ocontext *c; - read_lock(&policy_rwlock); + rcu_read_lock(); c = crm->policydb.ocontexts[OCON_NETIF]; while (c) { @@ -2415,7 +2414,7 @@ int security_netif_sid(char *name, u32 *if_sid) *if_sid = SECINITSID_NETIF; out: - read_unlock(&policy_rwlock); + rcu_read_unlock(); return rc; } @@ -2447,7 +2446,7 @@ int security_node_sid(u16 domain, int rc; struct ocontext *c; - read_lock(&policy_rwlock); + rcu_read_lock(); switch (domain) { case AF_INET: { @@ -2502,7 +2501,7 @@ int security_node_sid(u16 domain, rc = 0; out: - read_unlock(&policy_rwlock); + rcu_read_unlock(); return rc; } @@ -2541,7 +2540,7 @@ int security_get_user_sids(u32 fromsid, if (!ss_initialized) goto out; - read_lock(&policy_rwlock); + rcu_read_lock(); context_init(&usercon); @@ -2593,7 +2592,7 @@ int security_get_user_sids(u32 fromsid, } rc = 0; out_unlock: - read_unlock(&policy_rwlock); + rcu_read_unlock(); if (rc || !mynel) { kfree(mysids); goto out; @@ -2704,9 +2703,9 @@ int security_genfs_sid(const char *fstype, { int retval; - read_lock(&policy_rwlock); + rcu_read_lock(); retval = __security_genfs_sid(fstype, path, orig_sclass, sid); - read_unlock(&policy_rwlock); + rcu_read_unlock(); return retval; } @@ -2721,7 +2720,7 @@ int security_fs_use(struct super_block *sb) struct superblock_security_struct *sbsec = sb->s_security; const char *fstype = sb->s_type->name; - read_lock(&policy_rwlock); + rcu_read_lock(); c = crm->policydb.ocontexts[OCON_FSUSE]; while (c) { @@ -2752,7 +2751,7 @@ int security_fs_use(struct super_block *sb) } out: - read_unlock(&policy_rwlock); + rcu_read_unlock(); return rc; } @@ -2760,7 +2759,7 @@ int security_get_bools(int *len, char ***names, int **values) { int i, rc; - read_lock(&policy_rwlock); + rcu_read_lock(); *names = NULL; *values = NULL; @@ -2790,7 +2789,7 @@ int security_get_bools(int *len, char ***names, int **values) } rc = 0; out: - read_unlock(&policy_rwlock); + rcu_read_unlock(); return rc; err: if (*names) { @@ -2803,13 +2802,14 @@ int security_get_bools(int *len, char ***names, int **values) int security_set_bools(int len, int *values) { - struct shared_current_mapping *next_rcu, *old_rcu; + + struct shared_rcu_mapping *next_rcu, *old_rcu; int i, rc; int lenp, seqno = 0; struct cond_node *cur; - next_rcu = kzalloc(sizeof(struct shared_current_mapping), GFP_KERNEL); - read_lock(&policy_rwlock); + next_rcu = kzalloc(sizeof(struct shared_rcu_mapping), GFP_KERNEL); + rcu_read_lock(); old_rcu = crm; memcpy(&next_rcu->policydb, &old_rcu->policydb, sizeof(struct policydb)); @@ -2842,13 +2842,15 @@ int security_set_bools(int len, int *values) if (rc) goto out; } - read_unlock(&policy_rwlock); + rcu_read_unlock(); + rc = 0; - write_lock_irq(&policy_rwlock); + spin_lock(&policy_w_lock); seqno = ++latest_granting; crm = next_rcu; - write_unlock_irq(&policy_rwlock); + spin_unlock(&policy_w_lock); + synchronize_rcu(); out: if (!rc) { avc_ss_reset(seqno); @@ -2868,7 +2870,7 @@ int security_get_bool_value(int index) int rc; int len; - read_lock(&policy_rwlock); + rcu_read_lock(); rc = -EFAULT; len = crm->policydb.p_bools.nprim; @@ -2877,7 +2879,7 @@ int security_get_bool_value(int index) rc = crm->policydb.bool_val_to_struct[index]->state; out: - read_unlock(&policy_rwlock); + rcu_read_unlock(); return rc; } @@ -2933,7 +2935,7 @@ int security_sid_mls_copy(u32 sid, u32 mls_sid, u32 *new_sid) context_init(&newcon); - read_lock(&policy_rwlock); + rcu_read_lock(); rc = -EINVAL; context1 = sidtab_search(&crm->sidtab, sid); @@ -2975,7 +2977,7 @@ int security_sid_mls_copy(u32 sid, u32 mls_sid, u32 *new_sid) rc = sidtab_context_to_sid(&crm->sidtab, &newcon, new_sid); out_unlock: - read_unlock(&policy_rwlock); + rcu_read_unlock(); context_destroy(&newcon); out: return rc; @@ -3032,7 +3034,7 @@ int security_net_peersid_resolve(u32 nlbl_sid, u32 nlbl_type, if (!crm->policydb.mls_enabled) return 0; - read_lock(&policy_rwlock); + rcu_read_lock(); rc = -EINVAL; nlbl_ctx = sidtab_search(&crm->sidtab, nlbl_sid); @@ -3059,7 +3061,7 @@ int security_net_peersid_resolve(u32 nlbl_sid, u32 nlbl_type, * expressive */ *peer_sid = xfrm_sid; out: - read_unlock(&policy_rwlock); + rcu_read_unlock(); return rc; } @@ -3080,7 +3082,7 @@ int security_get_classes(char ***classes, int *nclasses) { int rc; - read_lock(&policy_rwlock); + rcu_read_lock(); rc = -ENOMEM; *nclasses = crm->policydb.p_classes.nprim; @@ -3098,7 +3100,7 @@ int security_get_classes(char ***classes, int *nclasses) } out: - read_unlock(&policy_rwlock); + rcu_read_unlock(); return rc; } @@ -3120,7 +3122,7 @@ int security_get_permissions(char *class, char ***perms, int *nperms) int rc, i; struct class_datum *match; - read_lock(&policy_rwlock); + rcu_read_lock(); rc = -EINVAL; match = hashtab_search(crm->policydb.p_classes.table, class); @@ -3149,11 +3151,11 @@ int security_get_permissions(char *class, char ***perms, int *nperms) goto err; out: - read_unlock(&policy_rwlock); + rcu_read_unlock(); return rc; err: - read_unlock(&policy_rwlock); + rcu_read_unlock(); for (i = 0; i < *nperms; i++) kfree((*perms)[i]); kfree(*perms); @@ -3184,9 +3186,9 @@ int security_policycap_supported(unsigned int req_cap) { int rc; - read_lock(&policy_rwlock); + rcu_read_lock(); rc = ebitmap_get_bit(&crm->policydb.policycaps, req_cap); - read_unlock(&policy_rwlock); + rcu_read_unlock(); return rc; } @@ -3250,7 +3252,7 @@ int selinux_audit_rule_init(u32 field, u32 op, char *rulestr, void **vrule) context_init(&tmprule->au_ctxt); - read_lock(&policy_rwlock); + rcu_read_lock(); tmprule->au_seqno = latest_granting; @@ -3294,7 +3296,7 @@ int selinux_audit_rule_init(u32 field, u32 op, char *rulestr, void **vrule) } rc = 0; out: - read_unlock(&policy_rwlock); + rcu_read_unlock(); if (rc) { selinux_audit_rule_free(tmprule); @@ -3344,7 +3346,7 @@ int selinux_audit_rule_match(u32 sid, u32 field, u32 op, void *vrule, return -ENOENT; } - read_lock(&policy_rwlock); + rcu_read_lock(); if (rule->au_seqno < latest_granting) { match = -ESTALE; @@ -3435,7 +3437,7 @@ int selinux_audit_rule_match(u32 sid, u32 field, u32 op, void *vrule, } out: - read_unlock(&policy_rwlock); + rcu_read_unlock(); return match; } @@ -3521,7 +3523,7 @@ int security_netlbl_secattr_to_sid(struct netlbl_lsm_secattr *secattr, return 0; } - read_lock(&policy_rwlock); + rcu_read_lock(); if (secattr->flags & NETLBL_SECATTR_CACHE) *sid = *(u32 *)secattr->cache->data; @@ -3558,12 +3560,12 @@ int security_netlbl_secattr_to_sid(struct netlbl_lsm_secattr *secattr, } else *sid = SECSID_NULL; - read_unlock(&policy_rwlock); + rcu_read_unlock(); return 0; out_free: ebitmap_destroy(&ctx_new.range.level[0].cat); out: - read_unlock(&policy_rwlock); + rcu_read_unlock(); return rc; } @@ -3585,7 +3587,7 @@ int security_netlbl_sid_to_secattr(u32 sid, struct netlbl_lsm_secattr *secattr) if (!ss_initialized) return 0; - read_lock(&policy_rwlock); + rcu_read_lock(); rc = -ENOENT; ctx = sidtab_search(&crm->sidtab, sid); @@ -3604,7 +3606,7 @@ int security_netlbl_sid_to_secattr(u32 sid, struct netlbl_lsm_secattr *secattr) mls_export_netlbl_lvl(&crm->policydb, ctx, secattr); rc = mls_export_netlbl_cat(&crm->policydb, ctx, secattr); out: - read_unlock(&policy_rwlock); + rcu_read_unlock(); return rc; } #endif /* CONFIG_NETLABEL */ @@ -3632,9 +3634,9 @@ int security_read_policy(void **data, size_t *len) fp.data = *data; fp.len = *len; - read_lock(&policy_rwlock); + rcu_read_lock(); rc = policydb_write(&crm->policydb, &fp); - read_unlock(&policy_rwlock); + rcu_read_unlock(); if (rc) return rc;