From patchwork Tue Nov 15 10:06:40 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andreas Gruenbacher X-Patchwork-Id: 9429937 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id 839F060471 for ; Tue, 15 Nov 2016 14:52:10 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 711FF27D29 for ; Tue, 15 Nov 2016 14:52:10 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 63B9428B87; Tue, 15 Nov 2016 14:52:10 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-4.2 required=2.0 tests=BAYES_00, RCVD_IN_DNSWL_MED autolearn=ham version=3.3.1 Received: from emsm-gh1-uea11.nsa.gov (emsm-gh1-uea11.nsa.gov [8.44.101.9]) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id 25D7427D29 for ; Tue, 15 Nov 2016 14:52:08 +0000 (UTC) X-IronPort-AV: E=Sophos;i="5.31,495,1473120000"; d="scan'208";a="767319" IronPort-PHdr: =?us-ascii?q?9a23=3ArnrGjR0RkK6ORvx5smDT+DRfVm0co7zxezQtwd8Z?= =?us-ascii?q?sewSKPjxwZ3uMQTl6Ol3ixeRBMOAuqkC0rCd7fqocFdDyK7JiGoFfp1IWk1Nou?= =?us-ascii?q?QttCtkPvS4D1bmJuXhdS0wEZcKflZk+3amLRodQ56mNBXdrXKo8DEdBAj0OxZr?= =?us-ascii?q?KeTpAI7SiNm82/yv95HJbQhFgDSwbalvIBmoognct9caipZ+J6gszRfEvmFGcP?= =?us-ascii?q?lMy2NyIlKTkRf85sOu85Nm7i9dpfEv+dNeXKvjZ6g3QqBWAzogM2Au+c3krgLD?= =?us-ascii?q?QheV5nsdSWoZjBxFCBXY4R7gX5fxtiz6tvdh2CSfIMb7Q6w4VSik4qx2UxLjlj?= =?us-ascii?q?sJOCAl/2HWksxwjbxUoBS9pxxk3oXYZJiZOOdicq/BeN8XQ2ROXtxVVydcHI2y?= =?us-ascii?q?aYUBBPcFMepBsoXxu14CoB2jDgeuGezv0CdFiH/o06Mn3eovEgPJ3AI4H98MrX?= =?us-ascii?q?jZotr6O7sdX++r16nF1inDYvFM1Dvh9ITEbg4trPeRVrxwa8rRzkwvGhvZg1WW?= =?us-ascii?q?tIPlJS2a2f4Ws2OG7uRgT/+vhHAhqw5quDeg2scshZfThokIzV3L7yp5wJwoJd?= =?us-ascii?q?KmTk50esSrHYBKty6EKoR2QtktQ31ytCkmzb0GvIe2cS4Xw5ok3x7Sc+GLfoeH?= =?us-ascii?q?7x75VOudPC10iGxqdb6hnRq+7FCsxvPgWsSwylpGsyRInsfWunwQ1BHe5NKLRu?= =?us-ascii?q?V+80qnxD2BzRrc6vteLkAxjafbLpkhzaMumZcLqkTDGzP2mF3xjK+LakUo4uio?= =?us-ascii?q?5PrjYrXhvpKcK5V7ihv/MqQzgcyzG/g4MwgSUGib/uSwzrvj8lHiQLpWlPE2l6?= =?us-ascii?q?jZsJTCKcQaoK62HRNV354+5xuwADqqytQVkWQdIF5bdx+LkZLlN0zWLPD9F/i/?= =?us-ascii?q?glCskDlxx/DBO73sGo7NIWbHkLfge7Z99kFdxBMowtBY+pJUDK0OL+zoWkLqqN?= =?us-ascii?q?zZDgM2Mwyzw+r9DtV9zZkRVXiAAq+eLqPeqUWI6f43I+mQeI8Vvy7wKvgk5v7p?= =?us-ascii?q?i380glodfa2w0ZsWbnC0BPJmLF+DYXrvg9cBD3kFshA4TOP0lF2ISSRTaGqqX6?= =?us-ascii?q?Ig+jE7D5qrDInCRoCphbyOwj27E4ZYZm9YF1+MFm3oeJ+cW/cWbyKSINFunSAY?= =?us-ascii?q?VbS7TI8hzx6uvhfgy7V7NurU5jEYtZX72dh7/e3cjxcy+iB1D8SGyGyNSnl0nm?= =?us-ascii?q?IRSz8t0qF/ulZxylCZ0ah3m/ZYD8Bc5+tVUgcmMp7R1+96BMrxWgLGY9eEU1Wm?= =?us-ascii?q?Tc+lATE2U9I92dgOY1xyG9+6lBDMwzKqA6MJl7yMHJE76L/T32LwJ8lj0XbLz7?= =?us-ascii?q?MugEUjQsdVMm2mnKF//RDJB4HVi0WZi7qqdaME0SHR7miDyXSBvFpEUA9wVqXI?= =?us-ascii?q?RmsfaVfXrdvn4EPCU76uBq49PgtH18GCNrNAasf1glVeWPfjJNPebnqxm2iuAR?= =?us-ascii?q?aIwrSMYZHue2UAwCXdD00EnBoJ8XaBLwg+CT+ro3jCAzx2CVLvf0Ts/PFlqHO1?= =?us-ascii?q?VE80yBqKb1F62rqu/B4VgvKdS/YJ0bICoishrSt7HEql1dLMF9WAvxZhfLlbYd?= =?us-ascii?q?4l7lZIz2bZtxBjMZy6NKBvnUAefBptv0z1yhV3D59Mkc8wrHMl1AByM76X0Etd?= =?us-ascii?q?dzOE2pD9IqHXJXTv8xCucaHW3krT38qR+qcK9Ps3sU7jvB2zGkok7Xpnz8Ff02?= =?us-ascii?q?GA6ZXSEAoSTZXxX14x9xh7o7HaZjcy55jP2HJ2L6a0qDjC18guBOs/xRaqZ81f?= =?us-ascii?q?P7+cFA/uD80aANCjJ/EwlFi1dB0LIu5S9aEvMsy6d/uJwrSrPPp+kzK8l2hH5p?= =?us-ascii?q?5y0l6U/SpmVuHIx4oFw+2f3gafSTf8jUuustzwmYBefz0dAmq/yS/iBI5efaBy?= =?us-ascii?q?eYcLCWG0LM2twdVynZntW2RX9FS7HVMJxNepeQaOb1z6xQBQ0UUXoWe7mSeh1D?= =?us-ascii?q?x7jTUprquZ3CzTzOXvbwEHOnZKRGlkjFfjPZO0g8ocXEe2cwgjjAGl6lrix6hH?= =?us-ascii?q?uKR/KHHeQV1PfyjyK2FtTLGwuaaFY89B854oqjhXX/inYVyATb79uRQa2Tv5H2?= =?us-ascii?q?RC3DA7ay2qupLhkhxikm2dMXJzoGDDds1q3hjf49jcReJW3joAXyR4jCXbBl67?= =?us-ascii?q?P9a159mUkYnMsvymXWK7SpJTaTXrzZ+HtCaj4G1qBQSzkO61mtD8Dwg1zyv719?= =?us-ascii?q?10WiXSthr8ZJfk17iiO+J9YkZoHEP869Z9GoxmkYs/mpcQ2WMBi5WW43UHl3zz?= =?us-ascii?q?MdNF1qLidnYNQiQLw9HN6gj/xEJjNm6Jx57+VniF2stufcS6YmcI1SIl9c9KDr?= =?us-ascii?q?uU46JenSZuv1q4thzeYeJmnjsH0vsu72Mag/sVtwUzwCWdBaoSHUZGMiD2kRSH?= =?us-ascii?q?8cy+pr1NZGmzabiwyFZ+nde5AbGcpAFTRW30eokkHSBt7sVzKlTM32Pv6ov8Yt?= =?us-ascii?q?nfccoTtgGIkxfHl+VVMIg+lucOhSd8JW39vGElyu4igRxgx566upKLK2J3/KK2?= =?us-ascii?q?GhRYLCH6Z9sP+jHxiqZThsWW3oCrHpp/ATgLWZzoTfymED0MqfTnKwaOEDo5qn?= =?us-ascii?q?iFA7bfGxGQ6Ft+pXLVD5+rL22XJGUezdh6ShmSPkpfgBwTXDU/hZM5GB6ly9Hm?= =?us-ascii?q?cEdj/D8R/kT4qhxOyu12Kxb/Tn3TpACyajc7UJKfNgZZ7hle50fJNsyT9u1zHy?= =?us-ascii?q?FE8Z27rA2NMnCbZwNTAGEPREOEG0vjMaW06tnY7eeUHOy+IOXSYb+Ws+xRS++I?= =?us-ascii?q?xY6z0oth5zuDK8OPMWN5AvIm3EpMR2p1G8PDmzUAUyYXjT7Cb9aHpBeg/S16tt?= =?us-ascii?q?q//O7lWQ714IuAEb9SMdJv+h2tm6iMK+uQiDx+KTZC2ZMG3WXIx6QH3F4OlyFu?= =?us-ascii?q?cCGgEbIatSHXVKLQgrRaDxAaayNpL8tI86w83ghLOcHBjNP6yr94geQxC1tfUl?= =?us-ascii?q?zhgM6pb9QQI26hLFPHGFqLNLOeKDLQ2M77Zqe8SbxLjOVIrB28oy2bHFH/MTiZ?= =?us-ascii?q?jDnmSRSvMeBKjCGGMx1To52ycxZ3CWj+V9LqcBO6P8VrjT0txr00gGnGNWkGMT?= =?us-ascii?q?hza0lNtKGf7TtEgvVjHGxM9mFqLeiLmyae6enVMYsZvuVwDSR1je1a5m42y7xP?= =?us-ascii?q?7CFLXPZ1gjfdrsZyo1G6lemC0iBoUBVUpTZVmo2GpkJiOb3H+ZlGXHbL5hMN7W?= =?us-ascii?q?GLBBQNqNppENrvu7pfytLXjqL8NC9C887I/csbH8XUNMWHMH87PRrzHz7VDRUK?= =?us-ascii?q?TTiwOmHFgExSjvKS+2aJoZg9r5jjhIABSqRHVFAvEPMVFFhlFsQYIJhrRjMkja?= =?us-ascii?q?KbjMkQ6Hq+sBnRRMJavpXdWfKJGvjvLTeZjaVeZxQW27/4Kp4TNoLj0Ux4dlZ6?= =?us-ascii?q?hJjKG1bXXd1VpC1ucBU7oEFW/Xh9SW0zwF7lZRmr4H8IFv60nwQ6ig1gbuQx7D?= =?us-ascii?q?3s+Us4JkLWpCssl0k8gc/lji6KcDHvNqiwR51ZCyrvukcqM5P7WRt6bQq8nUx8?= =?us-ascii?q?LjfLWbJQg6FmdW91lA/WoYFPFuJETa1YfB8QwumaaOgy3lRCqyWo2FRH6PDfBp?= =?us-ascii?q?t4jgsqdpCtr2le1A1/cd41P63QJLZJz1RKgKKBoDOo3PgrwAACP0YN7H+SeCkQ?= =?us-ascii?q?tUMVLbkpOTCn/uN26QOYhTtOY3MMWOApovJ37EMyIf6Mzyb9075FME+xLfWTL7?= =?us-ascii?q?+eu2jDlc+IRUk81kUWmElZ5bJ2y9ssc1KIV0Azy7ucDxoJNdDcJg5IdMpd7n7T?= =?us-ascii?q?fTqJseXW2p96JZmyFuXyQe+JrqYUjVquHBw1EIQU8sQBAp6s3VncLcfgNr4K1x?= =?us-ascii?q?Mt5QXsJFieA/RJfg+LnC0Ao8Glw599xZNdKS0FAWVhLSW34a7aphQ0j/qHXdc2?= =?us-ascii?q?ZGoaX4QfO30qX826njJWsG5bDDmryO4ZzhaN7yPkrCTKEDb8d8ZjZOuTZR50Fd?= =?us-ascii?q?655TA/86+wiV7L75nTPH/6Osp4ut/O6OIaoJCHB+lSTbZjr0fWg5NYSGCyU27T?= =?us-ascii?q?Dd61IID9a4o2bd30EHm6VEC/izIuQsf+O9atNrSHjRvuRYlKrImRxCojOtOlFj?= =?us-ascii?q?ECBxdwoPkO5L59ZQ0GZJo7fR7otgQlOqOiIQeZ0s+hTH23JTtQUfZf0f2wZ6ZL?= =?us-ascii?q?wCo0cu+61HwgQ4k1z+mt60ENQo0KgwrfxfakaYheVzTzGnxDdAXOoyo5i3ZuNv?= =?us-ascii?q?wozuc53hzIrUEWMyqXe+xxdGxEo9Y8CEuILnVyC2o3W0GTgpLG4g+s2bAS+C1d?= =?us-ascii?q?kMxP3OJesXjxpJnfbCuiWKy2s5nVtTQvbcQ+qa1rLYPjOteGtI/ZnjHHV5bfrA?= =?us-ascii?q?uFXTWgGPVHhNhfPjhYQOJSlmE/Oc0Ko41B6VA+Vs0mPbxAFLEspqy2aTpjFSMS?= =?us-ascii?q?1ykZV4Kc0zwChee836DamA+Jfpo/KhIJrJJMj8ABXC5xZyMRuLWsV57Kl2OeTG?= =?us-ascii?q?gEPhsT5xxW5A0cjo9wYvzl4I3QQZBQyT5Zue57XzDXGZlv81v7TmCWjkbiSPW9?= =?us-ascii?q?jeOmwQJSwOjr0tkBVx51EVJdyPpOlks0NLF3LLEdvpTQvT+SckP1p3ngyPe8JF?= =?us-ascii?q?ZL183baVn4DIvDtWrzVi0c+HIURY9TyHHRD5sSiQ95ZLwtpFpSPICsYlz+6CA8?= =?us-ascii?q?x4R1A7m4UtimxlY/onYdXSiqFttBC+d9vVLWRD1qeYurp4n/NJlIRG9f5oGdoU?= =?us-ascii?q?9DkEpxKy651YZcK8ZV7z8CRjRAvTWdvNq3SM1Cw8B2DIQBItZhtHjjBqxIIp+R?= =?us-ascii?q?o2c5urb30H/W5yg8sEumxDW0A6K4V+VZ/2kEFQUzKWWerU0vD+U3/2fX9VDNtU?= =?us-ascii?q?t08PlHCbiVikVxuy19HpFIBjZGz3ylKE5zTHZeueVANKvVa9BcQ+U1ZRK3IRM+?= =?us-ascii?q?D+Mm30qT8UF3hnr5Yi1ytgpG+y/GRQU0Uzcagqv1kz0Ets6nISMaS45PbTg5cy?= =?us-ascii?q?fFLAeblDtLvBpDbkFlQIoVAtBb9LEHxYFU5NbNSV6wKSEZWxxvLgI43uBFlUFZ?= =?us-ascii?q?tEWXZDvQAhe2evbXqh14Y8ORo9CzLPjj+wdHkIznuvgi96ofX32mhRGtQdfGoo?= =?us-ascii?q?/8sd2FqEWOe7niM+CnYH/OUibDgg6qibcjFZnK8DDZMBBHJJli1XokfZ/hBHbJ?= =?us-ascii?q?PRRBOa0WPFdUWr5hadpYuOBae9Frd7sT9a9rGB2HWgvlGJazo/leMlbTWTPeIj?= =?us-ascii?q?2a/eyxvY3f8b7QRfXua8GX23nHRKd3MYtg5jngB7fmy4le9VTq2v117EN1VUDG?= =?us-ascii?q?MzydrNTmPg4L/teteVbivpIzATPbG5NwkH3zxk5eacYYXyqq/4kGx59D7nb/V/?= =?us-ascii?q?542FDpsOJO77lk9ZU347dxxMesPqfSNe5VvlJ7AhWPHQVq8YgtAHJjSG9PZO8R?= =?us-ascii?q?NO3Rcr4djcz0rOD3DaMX4gWP++NFcdvHO13Bms6nBzGAUxxLghkOpiMBIwuB0/?= =?us-ascii?q?6Fh7V0Rty7pej43UIt50axLgIcwLBq/4eE9bKCpPXLYBvJ0bgERq/qS9v2rrs2?= =?us-ascii?q?v0OS4eMrlKISemNveQKqC+4dWdABxmf70a8l1zosHN3ZE7Lm5vFDS2oznij8lJ?= =?us-ascii?q?BlA1UWBvQUEKKJ/YtEhGc4nPfZNtkMfaBcgWuPEAOkErseyX6q9ySXIXNqghfV?= =?us-ascii?q?0x3qRmOz9lD2pzdiQSTQ19fjjlZVVr6vCEdQRSWpP0F4sCmIPAX1qtX6org141?= =?us-ascii?q?swMmz/s9KBjm2hN61LH8fnPtyTPTE0pE4LjJ02XtGv1p0bGdu5INcV7n5+a+DT?= =?us-ascii?q?5H61nCBaoqdInYze7tuS+vXNEnmql7eapKmVxDBE1ng4ukky6takNvzV5t2KRf?= =?us-ascii?q?Go23wQTyd5tQvBRQS6qqfHr1AOJEyEzFvLmJEQPt5Hx3U40Vvm5Oc7StIp6Ape?= =?us-ascii?q?DprAZ+8FpT3rPTv0xlCfY844ViaAyDZXG1P1HkN+GKcixGLxssXJlW3T+10zXI?= =?us-ascii?q?VwcVLohQBvBYUiNU0t8EQXwjYEEQUVcxCUEaynCF/qLYsBWkkPcxKH06ameq0v?= =?us-ascii?q?x0183quv5PPPbex7H6cNMu1djguOkVVAFJIZr7ARQLVme1BH7K7XvA/iC4r5UP?= =?us-ascii?q?f6iXo8L/q1QtpV8coBrXst/h6/Rwa86ZdE97sbjZSIebBBYZjLos9861xq5TER?= =?us-ascii?q?eSxKmxh/lwm2UfwdpO/55tjbsZyo6vqwW6YpQ+UX9hc0CHp4j5Tsnl8vu9fX2P?= =?us-ascii?q?lASofNk4Tw7BhNI2KWuIbdyxR8MvABK5yxc7Zv6XoHPDMTJ2kUMtqIcfY87DFi?= =?us-ascii?q?MC7J61xEHMwMecsSPNDRlgBMlk3pRLZT+9LZGl+ZDod+bMUo4HT3yT8r65s8U+?= =?us-ascii?q?Dg6DCsKZDZ8V5NI+tJjD9wm9LauOgV3f3SBTAW4XiYcRd62D+NxoKWC/nu4eWD?= =?us-ascii?q?1s3bW0kBHi4sXIdXPCCC9hC/RuqpiJXpVRuZ5dTygJIlekOfXH6xnKUZsqZUC+?= =?us-ascii?q?FAlyH70yNCGYDymv2arcCj6HZNtl1ACoZ89wfJGKJFPpV0IR74jNWkRlBgBivj?= =?us-ascii?q?f8HZbgIut/CKxugQ4+V/OUz+ZZUYIh4d0LL1935VTgpoSL7rsVeURvoRa8F6SP?= =?us-ascii?q?zYrnBU54VgK7UMPFSHp5zlsC1IqFYoDw8tcrMwqSZadkbWlg1PR6n0oKIAihcb?= =?us-ascii?q?UdNhpU9MA3y/OGYk6DrBS6tYl7SeCP0a8jWSUqwBSV5oPTlkQxOowplufaWmne?= =?us-ascii?q?xfuGNcgix9uOQq0yBhRBakti3jvbgN1iw8+LG4rzgBvX1FTvmAnCfIE1pD0e8K?= =?us-ascii?q?gb0aC3n89Vy2eGMDY5fq4Ll7OcTg8pEs43shbhUlYy0GWuOgBybrj6yWBoyPsd?= =?us-ascii?q?RchAOCucjVab+8MzISN7Qnxh75QXhyzBTelg5y8GQXWjWg8MMkJIKlNMYjxyqn?= =?us-ascii?q?BW/bdFIW7aNSqsfxtFkLTOwtaVN622hj18eKRyIXSMzIAWY1gRAuaX9Yf5Jb9R?= =?us-ascii?q?8aC64ojy6HvqZa5QEUey7YHJmq9IfWnMfI32Q9TNhxy2LZo62KnJUq32N/l9Nz?= =?us-ascii?q?9C6Ot2wYd/bEXM90HnjzyoBfxPT8Z/WqsuAHTpFqx6ihUP8GL8ms5Gq32JRsWk?= =?us-ascii?q?++xbQeHkG0MPECxrfFSSilTXCXWeWRf2iKgTk5Llb45QO0IV0vdMdKs0g9P/PD?= =?us-ascii?q?hp5CjQLhV6h5RiGNpVDGzWwjNvgaexgxuIe9dAwAVPQRaPSEJegy3P0+D0MBb3?= =?us-ascii?q?3XEit4Be+2tUWgnYZhNHVm/0r6ff7h8gb4P9uOAhMEC5LVroZt+fymQWKMIXBg?= =?us-ascii?q?zBl1PEh66ejfE1Axu/RHc5aWm9jQhsh03fQDd/hzLS03osQTlZ576YmIzMeKdg?= =?us-ascii?q?nczpTyJdDVuviYBPnfz0U2em5ESbcZZAL155kgPtEnQbHTGqFZvRsED6ggXJMh?= =?us-ascii?q?L3vx9L1zLA5rbg7RZbG0j9L2puKKepRUpGHZ7lYqICfapRID1uS+TRZnYJCym3?= =?us-ascii?q?XyPJcwSypEr91sCRtmH4xPFtgCrwW9AJ6Un6e7hMG3+09gve8Fr7bwAOjQ1Nul?= =?us-ascii?q?x4VxQ4Ra5UuTMTnKGqZrhFhlg/+pgvfE1ZnxFd/iec0aW+dmWGLFbaXGHoqnID?= =?us-ascii?q?KUJs38Y1JG86Kb0L9hXBWeeiT5X6uetCK6L/hl4EQ7yol9fOXN1jwt66/U1MH1?= =?us-ascii?q?Z2FBqSeptWSJO4dH7FzWGezeWApZSPSd8GZ/HK0YcZX7+fwLMdwj3Nic+Rd84C?= =?us-ascii?q?5F0MufLKirtlXM1V5jdZLHMEvp3D40WY4OIBuhKkYsmWvZpW7GAXRAL8irNdVt?= =?us-ascii?q?gMyLARPz/UVxn38iZnJZEGryWdiRIXQb2965ZACS8AJLDtADn/O4eEIhsq2ySP?= =?us-ascii?q?JoOolemeixtbUIi9BpKybVSMhdJSHQI6d8PiBNAeXXuFgofhkEvqAuWogrYZiO?= =?us-ascii?q?IUUHMFqPyC/1wgXCzU30eMK21KmXOCYZ6G5Kz7Hb3jhWoQm2p/KZjdb+ULDWdp?= =?us-ascii?q?32W+TSMCU9XDGAWTsyCVqp+Uuju/ccuPqYIHwfokwPbyOTEQ4ToLpgocLWDmDN?= =?us-ascii?q?he1pZIcKi+yCWyDsVC14k7I/BiNRuk+QQ/oDFA/Wb3j6jWpCuQyiIOFD/Xbkb7?= =?us-ascii?q?2e26pUVPYaAoxWcv2WW9HYY+xRJy80ljUFP+axZ9/coKw60lLPVmQUCLTI9FuC?= =?us-ascii?q?TE6WRfyc2j3rXYUJv4QuvCon5M7QlDdtE6vUJ7afuyKu8omggSaXo+LRTXMtY0?= =?us-ascii?q?0rj+IGG2SB3h1AJ3sfC9EUpUHhWKiAaFhQ1Hgxk+JhxwcMeBhvUn1pynBWnvO9?= =?us-ascii?q?GspDSV4OjWOuW+YLbFZtAzM140CK4xf+YdsaucDcX2Ve7KcDSZIBLPk074naIL?= =?us-ascii?q?UfwPQu3DJmpiw6qCKdD1VGgwKK6arQAbx8yaNY5WUi+fF5QF2PSSvFcmfb0oqm?= =?us-ascii?q?F95PxSB2rHD/2crUu/xiObpZqoxiHlcFHzh2JtHc/DBGV2H4wg2ysAinHD6GOj?= =?us-ascii?q?IW/C4LJTAZduZy1+J7shHIdtDF6U6LsqIutlakCQiMCrquxJNEFNvl1QOmZilX?= =?us-ascii?q?In2XEMVOo+tJ3PMVZrkqLdymCk3FBhD3EwbdvicL7hWsqbOuW5lk2GIbx4wqJM?= =?us-ascii?q?vkVpJCIsPE0Tdyyn1IyYBHmWSeGM7SYJfww9Z1CXEHKt+2Tny9M8GBBCn7qP1W?= =?us-ascii?q?isRmLE2VcuhPeTsC65M=3D?= X-IPAS-Result: =?us-ascii?q?A2HyBADGICtY/wHyM5BdHAEBBAEBCgEBFwEBBAEBCgEBgww?= =?us-ascii?q?BAQEBAR+BWKRJlmUhiChTAQEBAQEBAQECAQJfKIIzGgGCFAEBBAECJBMUIAsDA?= =?us-ascii?q?wkBAQoNCx4ICAMBLRURBggLBRgEiEuyIz0qAos1AQoBAQEBIoY8hFqEGhEBhX0?= =?us-ascii?q?BBIhQhhCLYZBiAooWhgqNR4QKVVoqHIMjHIFecYVtgi0BAQE?= Received: from unknown (HELO tarius.tycho.ncsc.mil) ([144.51.242.1]) by emsm-gh1-uea11.nsa.gov with ESMTP; 15 Nov 2016 14:51:49 +0000 Received: from prometheus.infosec.tycho.ncsc.mil (prometheus [192.168.25.40]) by tarius.tycho.ncsc.mil (8.14.4/8.14.4) with ESMTP id uAFEpaRX026411; Tue, 15 Nov 2016 09:51:37 -0500 Received: from tarius.tycho.ncsc.mil (tarius.infosec.tycho.ncsc.mil [144.51.242.1]) by prometheus.infosec.tycho.ncsc.mil (8.15.2/8.15.2) with ESMTP id uAFA6vv2113346 for ; Tue, 15 Nov 2016 05:06:57 -0500 Received: from goalie.tycho.ncsc.mil (goalie [144.51.242.250]) by tarius.tycho.ncsc.mil (8.14.4/8.14.4) with ESMTP id uAFA6uFb029648; Tue, 15 Nov 2016 05:06:57 -0500 X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: A1CcAADh3SpYhxy3hNFdGwEBAQMBAQEJAQEBgzcBAQEBAYF3pEiSU4QWhiMCgjBTAQIBAQEBAQITAQEBCgsJCR2FEgEBAQMnUhALGC5XBhOIbLFoPYtbAQEIJ4Y8hFqKKQWIUIYQi2GQYgKQII1HhAqBWRyDIxELgV49NIc+AQEB X-IPAS-Result: A1CcAADh3SpYhxy3hNFdGwEBAQMBAQEJAQEBgzcBAQEBAYF3pEiSU4QWhiMCgjBTAQIBAQEBAQITAQEBCgsJCR2FEgEBAQMnUhALGC5XBhOIbLFoPYtbAQEIJ4Y8hFqKKQWIUIYQi2GQYgKQII1HhAqBWRyDIxELgV49NIc+AQEB X-IronPort-AV: E=Sophos;i="5.31,494,1473134400"; d="scan'208";a="5824095" Received: from emsm-gh1-uea10.corp.nsa.gov (HELO emsm-gh1-uea10.nsa.gov) ([10.208.41.36]) by goalie.tycho.ncsc.mil with ESMTP; 15 Nov 2016 05:06:44 -0500 IronPort-PHdr: =?us-ascii?q?9a23=3Ada/+FRDGyymopKnuTXgmUyQJP3N1i/DPJgcQr6Af?= =?us-ascii?q?oPdwSPvypMbcNUDSrc9gkEXOFd2CrakV0KyP6ejJYi8p2d65qncMcZhBBVcuqP?= =?us-ascii?q?49uEgeOvODElDxN/XwbiY3T4xoXV5h+GynYwAOQJ6tL1LdrWev4jEMBx7xKRR6?= =?us-ascii?q?JvjvGo7Vks+7y/2+94fdbghMijexe65+IAurpgjNq8cahpdvJLwswRXTuHtIfO?= =?us-ascii?q?pWxWJsJV2Nmhv3+9m98p1+/SlOovwt78FPX7n0cKQ+VrxYES8pM3sp683xtBnM?= =?us-ascii?q?VhWA630BWWgLiBVIAgzF7BbnXpfttybxq+Rw1DWGMcDwULs5Qiqp4bt1RxD0iS?= =?us-ascii?q?cHLz85/3/Risxsl6JQvRatqwViz4LIfI2ZMfxzdb7fc9wHX2pMRsZfWTJcDI2y?= =?us-ascii?q?bIUADeQBMP1Eo4XhvVYCsQeyCRWwCO7p1zRGhmX23ao/0+k5DQzG2hEvH8gQv3?= =?us-ascii?q?vOt9X+KaYcUfqozKbWyzXMdOlZ1iv96IfWaBAqvPaBUqh/ccrL1EkgCQXFgU6K?= =?us-ascii?q?poH+JTOayPkCs2iB4Op8T+6gl2knqwRorzWp28wiiZHJi5oLxlzY8Sh12ps5KN?= =?us-ascii?q?OmREJhfNKpE5VduzuEO4Z1RM4pXntmtzwgyrIcvJ62ZCgKx4ojxx7Yc/GHdoeJ?= =?us-ascii?q?7g/5WOaLPzh3mXJld6ijhxqo7Uegzej8WtG10FZMsCVFjsHBum4R2xHX8MSLV/?= =?us-ascii?q?Vw8lm71TqS1A3e5PtILV43mKbDLp4u2L8wlp4dsUTZGS/2nV37g7WZdkU+5+in?= =?us-ascii?q?9eLnba78qZKHLY97lBzxMqQ0lcyjG+g3Lg8OX22D9eSmyLLj5VH5QKlNjvAuia?= =?us-ascii?q?nWrYvaKN8Hpq+5HwBV0oEj5wy5Dze9ytsUh3YHLFVbeBiflYjmJ0nOIOzkDfe4?= =?us-ascii?q?m1msiylkx/THPr3nH5XMIWPOkKvhfLlh605czxA/zdZE551OEL0BL/XzWlGi/O?= =?us-ascii?q?DfWycwLgj85uHgEtg1gpsXRGanGqaENObXtliS66QkJOzaN6EPvzOoAv4p/fPn?= =?us-ascii?q?ljcWg0IQe6Og1psacjjsF/t8Pkifa3PEmNoNEW4W+AE5Sbq52xW5TTdPaiPqDO?= =?us-ascii?q?oH7TYhBdfjVN+bSw=3D=3D?= X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: =?us-ascii?q?A0HnAADh3SpYhxy3hNFdHAEBBAEBCgEBF?= =?us-ascii?q?gEBAQMBAQEJAQEBgwwBAQEBAYF3pEiSU4QWhiMCgjBTAQEBAQEBAQECAQIQAQE?= =?us-ascii?q?BCgsJCR0wgjMaAYIUAQEBAydSEAsYLlcGE4hssWg9i1sBAQgCASSGPIRaiikFi?= =?us-ascii?q?FCGEIthkGICkCCNR4QKgVkcgyMRC4FePTSHPgEBAQ?= X-IPAS-Result: =?us-ascii?q?A0HnAADh3SpYhxy3hNFdHAEBBAEBCgEBFgEBAQMBAQEJAQE?= =?us-ascii?q?BgwwBAQEBAYF3pEiSU4QWhiMCgjBTAQEBAQEBAQECAQIQAQEBCgsJCR0wgjMaA?= =?us-ascii?q?YIUAQEBAydSEAsYLlcGE4hssWg9i1sBAQgCASSGPIRaiikFiFCGEIthkGICkCC?= =?us-ascii?q?NR4QKgVkcgyMRC4FePTSHPgEBAQ?= X-IronPort-AV: E=Sophos;i="5.31,494,1473120000"; d="scan'208";a="933132" Received: from mx1.redhat.com ([209.132.183.28]) by emsm-gh1-uea10.nsa.gov with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 15 Nov 2016 10:06:43 +0000 Received: from int-mx11.intmail.prod.int.phx2.redhat.com (int-mx11.intmail.prod.int.phx2.redhat.com [10.5.11.24]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 07E52C0567A2; Tue, 15 Nov 2016 10:06:43 +0000 (UTC) Received: from nux.redhat.com (vpn1-6-94.ams2.redhat.com [10.36.6.94]) by int-mx11.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id uAFA6eNk015138; Tue, 15 Nov 2016 05:06:41 -0500 From: Andreas Gruenbacher To: Paul Moore Subject: Re: [PATCH 4/4] selinux: Convert isec->lock into a spinlock Date: Tue, 15 Nov 2016 11:06:40 +0100 Message-Id: <1479204400-24557-1-git-send-email-agruenba@redhat.com> In-Reply-To: References: <1478812710-17190-1-git-send-email-agruenba@redhat.com> <1478812710-17190-5-git-send-email-agruenba@redhat.com> X-Scanned-By: MIMEDefang 2.68 on 10.5.11.24 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.32]); Tue, 15 Nov 2016 10:06:43 +0000 (UTC) X-Mailman-Approved-At: Tue, 15 Nov 2016 09:51:34 -0500 X-BeenThere: selinux@tycho.nsa.gov X-Mailman-Version: 2.1.20 Precedence: list List-Id: "Security-Enhanced Linux \(SELinux\) mailing list" List-Post: List-Help: Cc: Stephen Smalley , Andreas Gruenbacher , selinux@tycho.nsa.gov MIME-Version: 1.0 Errors-To: selinux-bounces@tycho.nsa.gov Sender: "Selinux" X-Virus-Scanned: ClamAV using ClamSMTP On Mon, Nov 14, 2016 at 11:22 PM, Paul Moore wrote: > We shouldn't need the spinlocks on the socket_post_create() and the > socket_accept() hooks as the callers should still have exclusive > access to the socket/inode at that point. > > I didn't check all the callers of the inode_init_security(), but it > looks like the same idea applies. Indeed. An updated patch with the unnecessary locking removed follows. Thanks, Andreas --- Convert isec->lock from a mutex into a spinlock. Instead of holding the lock while sleeping in inode_doinit_with_dentry, set isec->initialized to LABEL_PENDING and release the lock. Then, when the sid has been determined, re-acquire the lock. If isec->initialized is still set to LABEL_PENDING, set isec->sid; otherwise, the sid has been set by another task (LABEL_INITIALIZED) or invalidated (LABEL_INVALID) in the meantime. This fixes a deadlock on gfs2 where * one task is in inode_doinit_with_dentry -> gfs2_getxattr, holds isec->lock, and tries to acquire the inode's glock, and * another task is in do_xmote -> inode_go_inval -> selinux_inode_invalidate_secctx, holds the inode's glock, and tries to acquire isec->lock. Signed-off-by: Andreas Gruenbacher --- security/selinux/hooks.c | 102 +++++++++++++++++++++++--------------- security/selinux/include/objsec.h | 5 +- 2 files changed, 66 insertions(+), 41 deletions(-) diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index cf5067e..ea77ed3 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -231,7 +231,7 @@ static int inode_alloc_security(struct inode *inode) if (!isec) return -ENOMEM; - mutex_init(&isec->lock); + spin_lock_init(&isec->lock); INIT_LIST_HEAD(&isec->list); isec->inode = inode; isec->sid = SECINITSID_UNLABELED; @@ -1381,7 +1381,8 @@ static int inode_doinit_with_dentry(struct inode *inode, struct dentry *opt_dent { struct superblock_security_struct *sbsec = NULL; struct inode_security_struct *isec = inode->i_security; - u32 sid; + u32 task_sid, sid = 0; + u16 sclass; struct dentry *dentry; #define INITCONTEXTLEN 255 char *context = NULL; @@ -1391,7 +1392,7 @@ static int inode_doinit_with_dentry(struct inode *inode, struct dentry *opt_dent if (isec->initialized == LABEL_INITIALIZED) return 0; - mutex_lock(&isec->lock); + spin_lock(&isec->lock); if (isec->initialized == LABEL_INITIALIZED) goto out_unlock; @@ -1410,12 +1411,18 @@ static int inode_doinit_with_dentry(struct inode *inode, struct dentry *opt_dent goto out_unlock; } + sclass = isec->sclass; + task_sid = isec->task_sid; + sid = isec->sid; + isec->initialized = LABEL_PENDING; + spin_unlock(&isec->lock); + switch (sbsec->behavior) { case SECURITY_FS_USE_NATIVE: break; case SECURITY_FS_USE_XATTR: if (!(inode->i_opflags & IOP_XATTR)) { - isec->sid = sbsec->def_sid; + sid = sbsec->def_sid; break; } /* Need a dentry, since the xattr API requires one. @@ -1437,7 +1444,7 @@ static int inode_doinit_with_dentry(struct inode *inode, struct dentry *opt_dent * inode_doinit with a dentry, before these inodes could * be used again by userspace. */ - goto out_unlock; + goto out; } len = INITCONTEXTLEN; @@ -1445,7 +1452,7 @@ static int inode_doinit_with_dentry(struct inode *inode, struct dentry *opt_dent if (!context) { rc = -ENOMEM; dput(dentry); - goto out_unlock; + goto out; } context[len] = '\0'; rc = __vfs_getxattr(dentry, inode, XATTR_NAME_SELINUX, context, len); @@ -1456,14 +1463,14 @@ static int inode_doinit_with_dentry(struct inode *inode, struct dentry *opt_dent rc = __vfs_getxattr(dentry, inode, XATTR_NAME_SELINUX, NULL, 0); if (rc < 0) { dput(dentry); - goto out_unlock; + goto out; } len = rc; context = kmalloc(len+1, GFP_NOFS); if (!context) { rc = -ENOMEM; dput(dentry); - goto out_unlock; + goto out; } context[len] = '\0'; rc = __vfs_getxattr(dentry, inode, XATTR_NAME_SELINUX, context, len); @@ -1475,7 +1482,7 @@ static int inode_doinit_with_dentry(struct inode *inode, struct dentry *opt_dent "%d for dev=%s ino=%ld\n", __func__, -rc, inode->i_sb->s_id, inode->i_ino); kfree(context); - goto out_unlock; + goto out; } /* Map ENODATA to the default file SID */ sid = sbsec->def_sid; @@ -1505,28 +1512,25 @@ static int inode_doinit_with_dentry(struct inode *inode, struct dentry *opt_dent } } kfree(context); - isec->sid = sid; break; case SECURITY_FS_USE_TASK: - isec->sid = isec->task_sid; + sid = task_sid; break; case SECURITY_FS_USE_TRANS: /* Default to the fs SID. */ - isec->sid = sbsec->sid; + sid = sbsec->sid; /* Try to obtain a transition SID. */ - rc = security_transition_sid(isec->task_sid, sbsec->sid, - isec->sclass, NULL, &sid); + rc = security_transition_sid(task_sid, sid, sclass, NULL, &sid); if (rc) - goto out_unlock; - isec->sid = sid; + goto out; break; case SECURITY_FS_USE_MNTPOINT: - isec->sid = sbsec->mntpoint_sid; + sid = sbsec->mntpoint_sid; break; default: /* Default to the fs superblock SID. */ - isec->sid = sbsec->sid; + sid = sbsec->sid; if ((sbsec->flags & SE_SBGENFS) && !S_ISLNK(inode->i_mode)) { /* We must have a dentry to determine the label on @@ -1549,21 +1553,29 @@ static int inode_doinit_with_dentry(struct inode *inode, struct dentry *opt_dent * could be used again by userspace. */ if (!dentry) - goto out_unlock; - rc = selinux_genfs_get_sid(dentry, isec->sclass, - sbsec->flags, &sid); + goto out; + rc = selinux_genfs_get_sid(dentry, sclass, sbsec->flags, &sid); dput(dentry); if (rc) - goto out_unlock; - isec->sid = sid; + goto out; } break; } - isec->initialized = LABEL_INITIALIZED; +out: + spin_lock(&isec->lock); + if (isec->initialized == LABEL_PENDING) { + if (!sid || rc) { + isec->initialized = LABEL_INVALID; + goto out_unlock; + } + + isec->initialized = LABEL_INITIALIZED; + isec->sid = sid; + } out_unlock: - mutex_unlock(&isec->lock); + spin_unlock(&isec->lock); return rc; } @@ -3194,9 +3206,11 @@ static void selinux_inode_post_setxattr(struct dentry *dentry, const char *name, } isec = backing_inode_security(dentry); + spin_lock(&isec->lock); isec->sclass = inode_mode_to_security_class(inode->i_mode); isec->sid = newsid; isec->initialized = LABEL_INITIALIZED; + spin_unlock(&isec->lock); return; } @@ -3289,9 +3303,11 @@ static int selinux_inode_setsecurity(struct inode *inode, const char *name, if (rc) return rc; + spin_lock(&isec->lock); isec->sclass = inode_mode_to_security_class(inode->i_mode); isec->sid = newsid; isec->initialized = LABEL_INITIALIZED; + spin_unlock(&isec->lock); return 0; } @@ -3952,9 +3968,11 @@ static void selinux_task_to_inode(struct task_struct *p, struct inode_security_struct *isec = inode->i_security; u32 sid = task_sid(p); + spin_lock(&isec->lock); isec->sclass = inode_mode_to_security_class(inode->i_mode); isec->sid = sid; isec->initialized = LABEL_INITIALIZED; + spin_unlock(&isec->lock); } /* Returns error only if unable to parse addresses */ @@ -4273,24 +4291,24 @@ static int selinux_socket_post_create(struct socket *sock, int family, const struct task_security_struct *tsec = current_security(); struct inode_security_struct *isec = inode_security_novalidate(SOCK_INODE(sock)); struct sk_security_struct *sksec; + u16 sclass = socket_type_to_security_class(family, type, protocol); + u32 sid = SECINITSID_KERNEL; int err = 0; - isec->sclass = socket_type_to_security_class(family, type, protocol); - - if (kern) - isec->sid = SECINITSID_KERNEL; - else { - err = socket_sockcreate_sid(tsec, isec->sclass, &(isec->sid)); + if (!kern) { + err = socket_sockcreate_sid(tsec, sclass, &sid); if (err) return err; } + isec->sclass = sclass; + isec->sid = sid; isec->initialized = LABEL_INITIALIZED; if (sock->sk) { sksec = sock->sk->sk_security; - sksec->sid = isec->sid; - sksec->sclass = isec->sclass; + sksec->sclass = sclass; + sksec->sid = sid; err = selinux_netlbl_socket_post_create(sock->sk, family); } @@ -4466,16 +4484,22 @@ static int selinux_socket_accept(struct socket *sock, struct socket *newsock) int err; struct inode_security_struct *isec; struct inode_security_struct *newisec; + u16 sclass; + u32 sid; err = sock_has_perm(current, sock->sk, SOCKET__ACCEPT); if (err) return err; - newisec = inode_security_novalidate(SOCK_INODE(newsock)); - isec = inode_security_novalidate(SOCK_INODE(sock)); - newisec->sclass = isec->sclass; - newisec->sid = isec->sid; + spin_lock(&isec->lock); + sclass = isec->sclass; + sid = isec->sid; + spin_unlock(&isec->lock); + + newisec = inode_security_novalidate(SOCK_INODE(newsock)); + newisec->sclass = sclass; + newisec->sid = sid; newisec->initialized = LABEL_INITIALIZED; return 0; @@ -5978,9 +6002,9 @@ static void selinux_inode_invalidate_secctx(struct inode *inode) { struct inode_security_struct *isec = inode->i_security; - mutex_lock(&isec->lock); + spin_lock(&isec->lock); isec->initialized = LABEL_INVALID; - mutex_unlock(&isec->lock); + spin_unlock(&isec->lock); } /* diff --git a/security/selinux/include/objsec.h b/security/selinux/include/objsec.h index c21e135..7e770e9 100644 --- a/security/selinux/include/objsec.h +++ b/security/selinux/include/objsec.h @@ -39,7 +39,8 @@ struct task_security_struct { enum label_initialized { LABEL_INVALID, /* invalid or not initialized */ - LABEL_INITIALIZED /* initialized */ + LABEL_INITIALIZED, /* initialized */ + LABEL_PENDING }; struct inode_security_struct { @@ -52,7 +53,7 @@ struct inode_security_struct { u32 sid; /* SID of this object */ u16 sclass; /* security class of this object */ unsigned char initialized; /* initialization flag */ - struct mutex lock; + struct spinlock lock; }; struct file_security_struct {