From patchwork Sat Dec 7 18:18:11 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrew Cooper X-Patchwork-Id: 11277729 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 907DE138C for ; Sat, 7 Dec 2019 18:20:03 +0000 (UTC) Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 6A7A124670 for ; Sat, 7 Dec 2019 18:20:03 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=fail reason="signature verification failed" (1024-bit key) header.d=citrix.com header.i=@citrix.com header.b="BqCrqtDW" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 6A7A124670 Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=citrix.com Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1idef8-00084O-J4; Sat, 07 Dec 2019 18:18:38 +0000 Received: from all-amaz-eas1.inumbo.com ([34.197.232.57] helo=us1-amaz-eas2.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1idef7-00084G-Dv for xen-devel@lists.xenproject.org; Sat, 07 Dec 2019 18:18:37 +0000 X-Inumbo-ID: f9212b57-191d-11ea-85dd-12813bfff9fa Received: from esa3.hc3370-68.iphmx.com (unknown [216.71.145.155]) by us1-amaz-eas2.inumbo.com (Halon) with ESMTPS id f9212b57-191d-11ea-85dd-12813bfff9fa; Sat, 07 Dec 2019 18:18:32 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=citrix.com; s=securemail; t=1575742712; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version; bh=3520/ESBLK4L06rTyx5p5Mu+JL92QIa+7XDyqJ/WxhM=; b=BqCrqtDWGZPVAI/J1WlKUVnLL6qsJe12Ph7m3FLZ4DXe5PpGFYb9JRIm bep/jXiz9ZVpKOQotWAAsT/Mm45JP+tLgFLX3y5FnMGxJA5Z5saf1qrMq ewWJI91Caec4ejCZ6CcV5cFC0s0Zv9Ov2eNjuJEWvXiKT8dBe7I9I3V3i E=; Authentication-Results: esa3.hc3370-68.iphmx.com; dkim=none (message not signed) header.i=none; spf=None smtp.pra=andrew.cooper3@citrix.com; spf=Pass smtp.mailfrom=Andrew.Cooper3@citrix.com; spf=None smtp.helo=postmaster@mail.citrix.com Received-SPF: None (esa3.hc3370-68.iphmx.com: no sender authenticity information available from domain of andrew.cooper3@citrix.com) identity=pra; client-ip=162.221.158.21; receiver=esa3.hc3370-68.iphmx.com; envelope-from="Andrew.Cooper3@citrix.com"; x-sender="andrew.cooper3@citrix.com"; x-conformance=sidf_compatible Received-SPF: Pass (esa3.hc3370-68.iphmx.com: domain of Andrew.Cooper3@citrix.com designates 162.221.158.21 as permitted sender) identity=mailfrom; client-ip=162.221.158.21; receiver=esa3.hc3370-68.iphmx.com; envelope-from="Andrew.Cooper3@citrix.com"; x-sender="Andrew.Cooper3@citrix.com"; x-conformance=sidf_compatible; x-record-type="v=spf1"; x-record-text="v=spf1 ip4:209.167.231.154 ip4:178.63.86.133 ip4:195.66.111.40/30 ip4:85.115.9.32/28 ip4:199.102.83.4 ip4:192.28.146.160 ip4:192.28.146.107 ip4:216.52.6.88 ip4:216.52.6.188 ip4:162.221.158.21 ip4:162.221.156.83 ip4:168.245.78.127 ~all" Received-SPF: None (esa3.hc3370-68.iphmx.com: no sender authenticity information available from domain of postmaster@mail.citrix.com) identity=helo; client-ip=162.221.158.21; receiver=esa3.hc3370-68.iphmx.com; envelope-from="Andrew.Cooper3@citrix.com"; x-sender="postmaster@mail.citrix.com"; x-conformance=sidf_compatible IronPort-SDR: 4EoXKo3TshCIOjlsJ0GNW4sYYb2UsLiaxjl0ho916/jL6SpztubvaCE/+bbGadD+Sut0NjHd2W I+LzWKLYGt4f0iMsNeZJNM6m7weC4n/GcJrAmhqx3lkGmFiMP+TTXRUF3WkPBhQSx2n2+qxyYJ C8ReD29GVZEIYl1Ht6/FHNYgSbdOXCoCXwmXDiydaoBI1NCD8z0Ne38QwzQ3y6o+GvZARt/mzs wCuBt7yBTlgXWcg2e0J4IGIiZQ/ei/nrsq7uCcF874k6d7DpQB0axUwB/rlXZ9qTSAE0uJxzAl CB8= X-SBRS: 2.7 X-MesageID: 9350459 X-Ironport-Server: esa3.hc3370-68.iphmx.com X-Remote-IP: 162.221.158.21 X-Policy: $RELAYED X-IronPort-AV: E=Sophos;i="5.69,289,1571716800"; d="scan'208";a="9350459" From: Andrew Cooper To: Xen-devel Date: Sat, 7 Dec 2019 18:18:11 +0000 Message-ID: <20191207181813.30176-2-andrew.cooper3@citrix.com> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20191207181813.30176-1-andrew.cooper3@citrix.com> References: <20191207181813.30176-1-andrew.cooper3@citrix.com> MIME-Version: 1.0 Subject: [Xen-devel] [PATCH v2 1/3] xen/flask: Drop the gen-policy.py script X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Cc: Juergen Gross , Andrew Cooper , Daniel De Graaf Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" The script is Python 2 specific, and fails with string/binary issues with Python 3: Traceback (most recent call last): File "gen-policy.py", line 14, in for char in sys.stdin.read(): File "/usr/lib/python3.5/codecs.py", line 321, in decode (result, consumed) = self._buffer_decode(data, self.errors, final) UnicodeDecodeError: 'utf-8' codec can't decode byte 0x8c in position 0: invalid start byte Fixing the script to be compatible isn't hard, but using python here is wasteful. Drop the script entirely, and write a short flask-policy.S instead. Signed-off-by: Andrew Cooper --- CC: Daniel De Graaf CC: Juergen Gross v2: * Fix tabs vs spaces issues For 4.13. This is a blocker to our intent to by Py3-clean in this release. Discovered entirely accidently when testing the final patch. --- xen/xsm/flask/Makefile | 6 ++---- xen/xsm/flask/flask-policy.S | 20 ++++++++++++++++++++ xen/xsm/flask/gen-policy.py | 23 ----------------------- 3 files changed, 22 insertions(+), 27 deletions(-) create mode 100644 xen/xsm/flask/flask-policy.S delete mode 100644 xen/xsm/flask/gen-policy.py diff --git a/xen/xsm/flask/Makefile b/xen/xsm/flask/Makefile index f5ffab1226..7c3f381287 100644 --- a/xen/xsm/flask/Makefile +++ b/xen/xsm/flask/Makefile @@ -27,7 +27,8 @@ $(FLASK_H_FILES): $(FLASK_H_DEPEND) $(AV_H_FILES): $(AV_H_DEPEND) $(CONFIG_SHELL) policy/mkaccess_vector.sh $(AWK) $(AV_H_DEPEND) -obj-$(CONFIG_XSM_FLASK_POLICY) += policy.o +obj-bin-$(CONFIG_XSM_FLASK_POLICY) += flask-policy.o +flask-policy.o: policy.bin FLASK_BUILD_DIR := $(CURDIR) POLICY_SRC := $(FLASK_BUILD_DIR)/xenpolicy-$(XEN_FULLVERSION) @@ -36,9 +37,6 @@ policy.bin: FORCE $(MAKE) -f $(XEN_ROOT)/tools/flask/policy/Makefile.common -C $(XEN_ROOT)/tools/flask/policy FLASK_BUILD_DIR=$(FLASK_BUILD_DIR) cmp -s $(POLICY_SRC) $@ || cp $(POLICY_SRC) $@ -policy.c: policy.bin gen-policy.py - $(PYTHON) gen-policy.py < $< > $@ - .PHONY: clean clean:: rm -f $(ALL_H_FILES) *.o $(DEPS_RM) policy.* $(POLICY_SRC) diff --git a/xen/xsm/flask/flask-policy.S b/xen/xsm/flask/flask-policy.S new file mode 100644 index 0000000000..b63a14851d --- /dev/null +++ b/xen/xsm/flask/flask-policy.S @@ -0,0 +1,20 @@ + .section .init.rodata, "a", @progbits + +/* const unsigned char xsm_flask_init_policy[] __initconst */ + .align 4 + .global xsm_flask_init_policy +xsm_flask_init_policy: + .incbin "policy.bin" +.Lend: + + .type xsm_flask_init_policy, @object + .size xsm_flask_init_policy, . - xsm_flask_init_policy + +/* const unsigned int __initconst xsm_flask_init_policy_size */ + .align 4 + .global xsm_flask_init_policy_size +xsm_flask_init_policy_size: + .long .Lend - xsm_flask_init_policy + + .type xsm_flask_init_policy_size, @object + .size xsm_flask_init_policy_size, . - xsm_flask_init_policy_size diff --git a/xen/xsm/flask/gen-policy.py b/xen/xsm/flask/gen-policy.py deleted file mode 100644 index c7501e4614..0000000000 --- a/xen/xsm/flask/gen-policy.py +++ /dev/null @@ -1,23 +0,0 @@ -#!/usr/bin/env python -import sys - -policy_size = 0 - -sys.stdout.write(""" -/* This file is autogenerated by gen_policy.py */ -#include -#include - -const unsigned char xsm_flask_init_policy[] __initconst = { -""") - -for char in sys.stdin.read(): - sys.stdout.write(" 0x%02x," % ord(char)) - policy_size = policy_size + 1 - if policy_size % 13 == 0: - sys.stdout.write("\n") - -sys.stdout.write(""" -}; -const unsigned int __initconst xsm_flask_init_policy_size = %d; -""" % policy_size)