From patchwork Tue May 9 20:50:34 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Daniel Jurgens X-Patchwork-Id: 9718959 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id A2CFC60364 for ; Tue, 9 May 2017 20:52:17 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 946D828389 for ; Tue, 9 May 2017 20:52:17 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 8925F2848E; Tue, 9 May 2017 20:52:17 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-4.2 required=2.0 tests=BAYES_00, RCVD_IN_DNSWL_MED, UNPARSEABLE_RELAY autolearn=ham version=3.3.1 Received: from emsm-gh1-uea11.nsa.gov (smtp.nsa.gov [8.44.101.9]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 729A628389 for ; Tue, 9 May 2017 20:52:16 +0000 (UTC) X-IronPort-AV: E=Sophos;i="5.38,316,1491264000"; d="scan'208";a="5619587" IronPort-PHdr: =?us-ascii?q?9a23=3AEMbAnxzMl0LMI3XXCy+O+j09IxM/srCxBDY+r6Qd?= =?us-ascii?q?1esQKvad9pjvdHbS+e9qxAeQG96KtLQc0qGP6fCocFdDyK7JiGoFfp1IWk1Nou?= =?us-ascii?q?QttCtkPvS4D1bmJuXhdS0wEZcKflZk+3amLRodQ56mNBXdrXKo8DEdBAj0OxZr?= =?us-ascii?q?KeTpAI7SiNm82/yv95HJbQhFgDiwbaluIBmrogndq9cajIh/Iast1xXFpWdFdf?= =?us-ascii?q?5Lzm1yP1KTmBj85sa0/JF99ilbpuws+c1dX6jkZqo0VbNXAigoPGAz/83rqALM?= =?us-ascii?q?TRCT6XsGU2UZiQRHDg7Y5xznRJjxsy/6tu1g2CmGOMD9UL45VSi+46ptVRTnhj?= =?us-ascii?q?0HNzok+2/JjMJ+gr9QrBa4qxBi34LYZYeYP+d8cKzAZ9MXXWpPUNhMWSJPAY2y?= =?us-ascii?q?aIkAD+QZPetasoXwqUUBrQClCAWwGO/i0CNEi2Xq0aEm1ekqDAHI3BYnH9ILqH?= =?us-ascii?q?naos/6NKEPWu6x0anI1zrDYO1Q2Tfm9YPFdQ0uruuKXbJxb8XRzUsvGhjAjlqO?= =?us-ascii?q?rYzlOyma1uIKs2mU9eZvSeWvi2s+pgx3vzOhyMAsiozTiYIUzFDJ7T55z5ovKt?= =?us-ascii?q?2+UkJ7ZcWrHZ1NvC+ZL4t7Wt4uTm5ntSogyrAKpIS3cDYFxZg53RLTduSLf5WM?= =?us-ascii?q?7x/tTuqcLjV1iGh4dL++hxu+61WsxvP4W8SyzV1EtDBKksPWuXAIzxHT78+HRe?= =?us-ascii?q?Zj8Uq5wjaP0hzT6vlDIUApiarXM54hzaA0lpoUqUnDAjX5mF/3jK+LbUUo4PSo?= =?us-ascii?q?6uT7bbXmoZ+QLYl0hR3lMqsygMC/BOU4MgwWU2ia/+SzyqHj8FXkTLhFgfA6iK?= =?us-ascii?q?nUvI3AKcgFqaO1HRVZ3ps75xa6FTim0dAYnXcdLFJCfRKKl5PpNE/KIPD5C/e/?= =?us-ascii?q?nlutnC5wyPDBI73hBInCIWbYkLr6YbZ861JTyAo0zdxF4ZJUEasOLOj8Wk/2qt?= =?us-ascii?q?zUFgU5PBCsw+b7FNV90ZsTWWCIAq+fKqzSrV+I6fgpI+SXZo8VvzD9K/0/6P71?= =?us-ascii?q?kX82h0UdfbKz0ZsQcnC4EexsI1+Fbnr0ntcBDWAKsxI8TOzoklKNTT1TZ221X6?= =?us-ascii?q?I65zE7FpmrDYnHRoCwj72Oxzq7HptKZmBbEFyMFm3od4qcUfcWdC2SOtNhkiAD?= =?us-ascii?q?VbW5RY4h1BWutArkxLp9NefU9DMXuo/k1Nhv/eLTjQsy9Tt2D8uDz26NU3t4nm?= =?us-ascii?q?QSRz85xKp/u1Byyk+f0ahkhPxVDcFc6O9MUgc9M57c0/F2BsvsWg3fZNeJSVen?= =?us-ascii?q?QtKgAT0rSNI+3cMOaV5nG9q+lhDDwzaqA7gNmrOWGJw76Ljc0mPtKMZ6znbJyL?= =?us-ascii?q?Muj0I6QsdVM22pmLJ//RDJB4HVi0WZi7qqdaME0S/N9WaDymyOsVpdUA50SKnF?= =?us-ascii?q?XHYfalHQrdvj/EPCTL6uCao5PQdbz86NNLdKYMXzjVpaXPfjJMjeY2WplmiuHR?= =?us-ascii?q?aH3KmMbIvxe2gGxCXSElIEkwEI/XaeMQgxHDuurHzEADxpD1LvbFvm8fNip3Oj?= =?us-ascii?q?Uk800waKYlVv17qv4BEVg+CTS/II3r8fvSchszR0EE+m39PYENqMvQ1hfL9TYd?= =?us-ascii?q?kl+ldIyXrZtxBhPpynN61ihUQRcwdwv0PzzBh3CZ9PkcstrHM31gZyLriY0FxZ?= =?us-ascii?q?fTOCwZ/wIqHXKnX1/B23caHZx0ve0NeI9acV8/k3sUnsvASzGkol6XVn3MFf02?= =?us-ascii?q?GA6ZXSEAoSTZXxX14s9xh0vbHaZTI955/P2H13N6m0tTHD29czC+sj0BqgeclQ?= =?us-ascii?q?ML+cHg/oD8IaH9SuKPAtm1WxYBMLJuRS9LIqMMO8bPuLw7CrM/h6nD29kGRH5Z?= =?us-ascii?q?px0kWW9ypzUuTIxYoKw+mE3gubUDfxlEuhvd3qloBFfz4SGnGyxjTjBI5UeqJ9?= =?us-ascii?q?Z50LCXu0L82x2Np+m4bnW2RE+167G1MGxMipdAKUb1z82Q1Q0VoYoWe8lCSi0T?= =?us-ascii?q?N0iTYporCY3CzUzOTobAAHNXJTRGl+kVfsJpC5j84bXEe0cwgpkwGl6VzmyKhb?= =?us-ascii?q?o6R/KWbTTFxMfyj3KWFtSLGwtr2Yb85I8pMovj1dUP6gblCCVr79vxwa3jvnH2?= =?us-ascii?q?tf3zA7ayimuo7nkBx+iWKdKmtzrXXCdMFr3Rff5drcRf9N0TodXiV4jyfYBkSk?= =?us-ascii?q?Ndmz4dqUj4vDsvy5V2+5TJ1Tdi3rzYeeuyuh+WJqBhO+kuuomt36DQc6yjX319?= =?us-ascii?q?5wVSXHtBz8eJXk17ymMeJ7eUllHEf85NBnGoF6iIc/nosc1mMdhpWR4XoHlmHz?= =?us-ascii?q?PM5e2a7ianoNQiIEz8TT4Af7xE1pNmiJyJ7hVnWB3sthYMG3YmAI1SI79MBHE6?= =?us-ascii?q?SU46JCnStupFq3sx7RbeJ6njcHxvsk8GQajP0RuAox0iWdBagfHVdePSPxjBmI?= =?us-ascii?q?8da+o7hXZGq1d7i/ylZ+l8i7DL6eugFcRGr5epA6EC9o9Mp/LVbM3Wbv5YHlZN?= =?us-ascii?q?nRbcsfthOOnBfGleRVL4gxlvUSjyp9JW39pWEly/I8jRF2x5G1oZWIJn5i/KK8?= =?us-ascii?q?DR9ULDv1aN0P+jv1l6ZRgt6W35yzHpVmAjgLRIHnTe+sED0MrfToLQCOECEipX?= =?us-ascii?q?eBArffABSf51l8r3LUCZyrLHaXJGQDzdp+WhadKktfgBobXDokhJI5EB6lxND5?= =?us-ascii?q?ekdj+j8R/kL4qgdLyu9wORnwSGHfpBuvajcxU5WfIgRZ4RxF50fPK8Oe9vhzHy?= =?us-ascii?q?Za/pK/sAONNnaXZwNSDWEGQkaEHUzsPqGy5dnc9OiVHu++IOHKYbWKt+NeS+uI?= =?us-ascii?q?yoi13YZ9+TaDKNmPPmJ+APIhwkpMQ2p1G8LHlDUTUyYXjT7Cb9aHpBeg/S16tt?= =?us-ascii?q?q//O7lWQ714IuAEb9SMdJv+h2tm6iMK+uQiDx+KTZC2ZMG3WXIx6QH3F4OlyFu?= =?us-ascii?q?cCGgEboatSHTUa3QgbVYDxgHayN0L8tF9Lgz0RVIOcLBjdP1zLF4hOYvC1hZTV?= =?us-ascii?q?zhht2pZcsSLmG7LlPIHl6LNKydKD3FwsH3e7i8SaFejOVVsR2/ozCbHFPiPjuZ?= =?us-ascii?q?kznlTRevMftDjCuDJhxRpJm9cgpxCWjkVN/mcgO0P8Rpgj0wwL00mnTKOHUdMT?= =?us-ascii?q?dibUxCsKec7SRCgvVwA2ZB9GZqLfGYmyaF6OnVMo0ZvuBsDiRwluJa+2g6y6BP?= =?us-ascii?q?4CFfWvN6hDHersVwrFGik+mPzCdnURVVpzlXhIOLp1hiOb7D+phOQ3nE4AkN7W?= =?us-ascii?q?KWCxgQoNtlENLvsbhKytfTjKLzNCtC89XM8MsHHcfUNtiIMHU/PhryAzPUFxEK?= =?us-ascii?q?TSCxOmHQmUNdi+ue9nuLoZgmspLsgoYBSqdHVFwpEfMXEl9qHN0NIJdwWDMpiq?= =?us-ascii?q?OUg9AT6nq/thbRQt9WvpfdVvKdGf/vMiqWjaFYZxsUxrP1NZ4cNoLh1Ex8dFZ3?= =?us-ascii?q?h4PKG1LOUtBLpy1udA40oEFW/3h5QWw/wUXlahmi4HULD/67ggY2ihdiYeQq7D?= =?us-ascii?q?rs/1A3Jl/QqCsql0kwmMvqgTaKfz7rK6e/Q4JWBjHouEg2N5P0Xxx6bRaunUB+?= =?us-ascii?q?MjfLWa5RhaN6dW93kA/cpYdPGflEQK1HYB4Qwe+Yau4t0VRbpCWny1FI5ffZCZ?= =?us-ascii?q?tikwsqdICjo2hG2w19cN4/PbbQK7ZRzlhMmqKOuTel1uYvzwAEI0YA62CSeCkT?= =?us-ascii?q?uEwULLYmITGo/u9t6QCYnTtMZnQMXeIwov127kM9J/iAzyX43r5ZNE+xLPKQIL?= =?us-ascii?q?mDu2fclc6FWUg/1kISl0ZY+rh2398jc1CKWEEv1reREQoGNdbaIwFPc8VS7GTT?= =?us-ascii?q?fTqJsejV3J11OIO9Fub1QuCQsKYUg1mpExw3EIQW6cQNBJ6s0FvXLc3/Nr4K1Q?= =?us-ascii?q?0t5Bj3JFWCFPlGZQiEkCkGo86i1596xpNSJisHAWV6PyS3/ajYqRM3gPqZXdc2?= =?us-ascii?q?fncbUpECNn0oRM2wgzRZsGhYDDmrzuIZzxCP4CLnpivOFjb8YMBja+2KZR53E9?= =?us-ascii?q?G54zY/87WsiVHN6JneI3z6NdJ4td/V8O8au5GHC/BUTLl6qUvcnZdXR2CyWW7V?= =?us-ascii?q?DdG1P4Twa5UrbdHsDna6VUa/hCwzT8bwO9agNaeIgQf1RYpOt4mbxj8jP9enFj?= =?us-ascii?q?4CAxdwu/0D5KVkaA0YfZU7ZR/otwIjN62wOwqXztKuQ2OxJjRMVPlf0f+2Z7pJ?= =?us-ascii?q?wCowduW60mcvTokmz+mr9k4AXJIKjgvexPm5YYleTSjzF2dSewXIvSo2i3JtNu?= =?us-ascii?q?Aszecj2BnIq0UTMyiXdOx1b2xJp808BVKXIXVxFmo4R1+dgJHe7Q6t37Ed5TBS?= =?us-ascii?q?k8xS0eJbrHj0poXfby60WKy3tZXVtDItYsIio61wLYPsPNOJtJbenzzZS5nQtB?= =?us-ascii?q?eKXTWhGPpbgNdQJjtUQPdVmW0/P8wJp5ZB41IrVsgiP7xPFLUspreyZDV/EyES?= =?us-ascii?q?yzQUWJmd0zwcnOi8waDamQ2KcJUiKhAEt49CgtQFWS5sfiwevLOjV5nRl2KcRW?= =?us-ascii?q?gLPQYT7QBI5A0ek499Zf3q75TTQ59N0TFWpeh4UizRFpln71H7UH2ZgUDkSPW9?= =?us-ascii?q?lOykxRhSzPTt0tYHWB5/Dkxdx/1OmEUxNb95MbUdsInRvzCUckP6uX7ix/G9JF?= =?us-ascii?q?lN08HUcUP3DJbdv2rmTiIc4WEURZNIyHzHD5QdiRB5aKEwq1hXPICmYFzx5yI6?= =?us-ascii?q?yIRtHrm4U8+rx1IkrXYJRyeqD9RBBPt8sFLSQjFlZY6kqIn9MZVIXmBQ4IGdq0?= =?us-ascii?q?tekEh1PS+104ZTK8FM4j4JXThAuzadscCzSMJdx8B5EYUAItBlu3fyAKlEIoSe?= =?us-ascii?q?o2UqurzzzX/U4yozsE2nxDW1AaO4TPlU/2wfGgUoO2SRsVMjD+0y/WfO6lrNqE?= =?us-ascii?q?x7//9HBriTikV8uDd9HpZSBjlX0XCqMVFzQ2das+VAKKXYaMtcQ+Esah+pPhwx?= =?us-ascii?q?D/8m30iS8kFzknb1eStythFV+yrFRQk7STEVgqvxmT0ZssynNiUaRIhObTU9dC?= =?us-ascii?q?rFKgWbmC5RvBZDa0FlRZEZAtBZ+74Fx4tY5MzCRliwKSsdRhxtKho40eZDlU5E?= =?us-ascii?q?qEiYZSfdDQ+zePbTrhF3eNyeoNSvLPvn4AdNkpnnv/wg96UfW32mnhWgQdDEoI?= =?us-ascii?q?/mrNKKslaBebzlPOKieX/BVCbDjRSuirc+FZXK+DLTMAVDIZlg1XUkeYThCXLM?= =?us-ascii?q?PRleJaIbIFRUWLtnZtpYueBVedVkeLoX9qBwHB6HQA3gGJC3pvlcMlnTXSjeLz?= =?us-ascii?q?mG8uGnuo3T46DSRfTia8CRyXvKWL54PpB/6TbnAbjqypNe9lDw2vhz6kNwUULG?= =?us-ascii?q?PDyZrNT9OgML49GvdlH8sZI0HTPZGotwnWHpxkFHacoYXTOm/4gfyJxE9nn8U+?= =?us-ascii?q?R43VbvsOdK7blr9ZE346x1ycezParSMe9asVN9DReJGgVn7Y4tAG9iR2BLfuAe?= =?us-ascii?q?NvHRfbgDjc/0r+D7DasX6Aea++ZBc9vIO1nBmtWjCjGbURFEgB0BpiAEIQSBzP?= =?us-ascii?q?OFhqt0Sdq/pefjxEIt4l++LhoYw7Bx/4uE/bCIpODPZRvL0bcEQrTqRt/0rrk0?= =?us-ascii?q?uUOd/+cklLkVemxxeQKnDvMQVssAxmfk0aAqzD4jE8LZELLm4/5PTXU5nijvm5?= =?us-ascii?q?plBVUZBusUHaaX/YRZhmo4mfbWNtsYcqBYnWaACACrH6QeyXGx7SuXO25ljgvI?= =?us-ascii?q?0x7uXWO59EX2ojNgQSvQ09fjlVJYVr+zBUpJXiqpP0p4vCmOPAruutr3o7467F?= =?us-ascii?q?oqMmz+qdKCiHehOK5NH8LhPtCcJjM0pF0Php0rWtOvwZwbGca6INoJ9nF+b+fR?= =?us-ascii?q?62SvkyBbuKdLnYve4saS+vXMBnmtlKiaprqCxTxCzXg4p14/4Mi6Nv7S/92KX+?= =?us-ascii?q?io12EJQihjoQTBWwC6qqfHr1EUPkyGy1zLl5ALPt5H23k4ykDm6/I5TNI16gpe?= =?us-ascii?q?Cp7KZ+keqjDrJDv03VGfbsozVimF1jtaHkn4EVdmF6ch32LwptjGlW/K+10vRI?= =?us-ascii?q?l/aVDohQBtA4U/M0It50AdwjAfHggVdRCbELaoCFznLYsFUEgOchGH06a6e6gp?= =?us-ascii?q?x01zw7Wv5ODJYex6GaUNKu5XjhSSk1hDBpIWraoeTap9e15c7qHYvBTtBpP8X/?= =?us-ascii?q?f4iXo/K+G6Ttpd8cADuHso+hy/SAa46Zdf87Ybj4iFebVFYZjXssFz9UVn5T8T?= =?us-ascii?q?dixVmhd/khe5XPsAq+Dk/9fUroCn6vu0VKYqXeUY7QI4B2Nkj5v/mFoju83Y1/?= =?us-ascii?q?9ASo3JjoTy6BhNLGSWuInG0xl9J+0OK5iofLp57HUIOSweJ3MIPdqLZPgx+Ddt?= =?us-ascii?q?Py/P51NeAsMNa9QYPNDOmQxOiU3mRqtT9szFFV+cEYtzcNoo72XvwjAv7ZQ8Sv?= =?us-ascii?q?rg6COxJZ3H81FNJe1MjCF2m9LEuucY2ufdCCkY4XmYdxh62DiCxIOXC/bt5+mM?= =?us-ascii?q?zs/bV08eFC4sT4hdPCaC+RCgRuetm5XmSBmU5dHvgJI+b0+QQn2xnLgbvaZMC+?= =?us-ascii?q?FAlz770iJYFo/rm/Kfq8Cs53dPtl1bDIZz6gXIGKpBMZV9JRT4kc6rSk9nBiTh?= =?us-ascii?q?fMHUdxwuuPeZx+oX5+VxKVH+ZI8BLR4ezbL192ZVRBN0SLHqplaZQf4RZNx+Rf?= =?us-ascii?q?zYrHBa855vJrQTM1iaoJzqqjZIp04sAA81drA/sjxaelPJnA1PVKb+oKQAhRcE?= =?us-ascii?q?Ud5lpU9MHnq9OGc55zrBSaRVg7eeBecQ8jWSVKMOVVtnMj9wQhOywpVueKCpke?= =?us-ascii?q?pBsmxYgiN3uOIq3CB+RBugpS3soLoA2T0897GjrzUNoGFLQOqYnSfJD1VD0fsL?= =?us-ascii?q?gLwTC3bn81O8ZmcMYJH14Ll9KsTq7ZMh7GgnYRU/Yy0GWvytCyP3j6OIBIyDqs?= =?us-ascii?q?5ThB6JuMXTcLCyLCkSNrImyRLgRnhwyRbenBd28GQRRjWv8d4kKJ+7Ock72iqi?= =?us-ascii?q?AXLbe0oU4qNVrMvxskYGTOooaVx7xmVuycyHRjAQS8zOHGY1lRIoaWJecJJM8R?= =?us-ascii?q?UaDbUngi6Uvqla+QEZeDXUHZqr+onemcfFwnc8Qs1sxm3Iuq2JnJUq32N5m9ls?= =?us-ascii?q?9C6BpGwSd/DEU89rGnXz2YNfyevwZvqztuAHTJBryK+mUP8EM8ms5XG62JN0VU?= =?us-ascii?q?+53r4eBUa2MPcfxrfHVCeoUW+YWeSLcmiUmDY5Nk/y5QW2IVAsbcdKrlM9MvHc?= =?us-ascii?q?iZJGkA3hS7x0TD2KpVDH1GwjLf8adwUutYe7egwKSfUcZ/SdJecyw/0xFl8MY2?= =?us-ascii?q?XPHSRoF++8qUStk5RjO3V8/UX6Zvzg8gXnMNuRGRkEFpXXrpxr9vy5QWKBP2Fv?= =?us-ascii?q?zBtoMEly6ejfC0w7tvVAfJaJgdjQm9N73PYeePhzNy09psUempln6YmTzMeKbQ?= =?us-ascii?q?/RwYjvKt3PpfiYGfLfxVwwem5GSroZfR/154IiM94hXL3TGaFWvQ4SBKg9RJwh?= =?us-ascii?q?OXz89KRzLAN0aQ7eeqi7gtPtpuKQfZtUpnnW7l0qICfboR0DxeS+TRZnYJCym3?= =?us-ascii?q?XyPJcwSypPr9JzDhtmHZNPFN0bogumAp6UnaS7hMGr+0N+peAGq63wCurF1N6h?= =?us-ascii?q?xYV+Q4Ba5VCXPDbWHKRqjFxljv6zgvjczJb8EsbiedIYVOhhXGHJcLjGHp+wKj?= =?us-ascii?q?iWIMLzZ1ZG86KA0LJ+ShiRYyT5ULSduS28MPVr+147ypB5fOXP0Dwt9a/U18Xo?= =?us-ascii?q?a2FduCijsWaDNIFD41zSGezeQxVUROKB8GZkG60XcIT1+P4KMdwj29ic/xJz4S?= =?us-ascii?q?9D0MSfJaihqVXA2kVhdZLUNEHpwTo2WZEWIBSjNkshmXTZpWrZAXRdKMikNMZs?= =?us-ascii?q?jNGaABzx50l+h3staXBZGmXyXtqROnYU29i4ZAKU8AJEFMsDn+GtdU4/rK2yRv?= =?us-ascii?q?FiOo9ZluWyqLUHjdFpJjnKRMdAIy7QLL52PjxWDujUulgoYxgEvKYxWoc0Y5iO?= =?us-ascii?q?PUwGPF2HySPowgvIyVf0eMC01KaVPCYW9W1Kz7Df3jhPoAm2ou2UgtDlULDFbJ?= =?us-ascii?q?H2W+PSMCUlVjGGXzgyF1im+Uu8sfoeoPWYOXsfokwTYi+KBw4cvLtgrcLRDmDN?= =?us-ascii?q?ne1uZ4MKhPSAVCDrSS14ibA+BiBVukCQW/ADDxXZb2f9gGpAvwyvPv1M/Xfib7?= =?us-ascii?q?2C3KpVWvcWD5BKcvKDRtvXZ/FeKy0vljUDN+a2Z8fcoKoh0lLUUWsZFLHF9EaQ?= =?us-ascii?q?TE6TXvORxjHmUJ4Lv4cqoCoo+9PRnihxE6jSObaQuSKuocaEi3ODtOnfUHQ9S1?= =?us-ascii?q?Aki+IFRm+ayV9PL39XJcsSvRTBS6jIRVtW238vkqo61xYKeQl3UFVr33lSlfC6?= =?us-ascii?q?CotSTltC3zDme+EPcF0iVGB4xkSN+ACnJIVYtA=3D=3D?= X-IPAS-Result: =?us-ascii?q?A2GwAwBSKxJZ/wHyM5BdHAEBBAEBCgEBFwEBBAEBCgEBgwE?= =?us-ascii?q?pgW6OdJBicpcLJYJNiCVXAQEBAQEBAQECAQJoKIIzIoJBBgECJFUDCQEBFwgpC?= =?us-ascii?q?AMBUxkFFog6gUwEtHM6JgKKe4g9gmeLAAWJPYdmWIs8TopPiEyCAokVDIZGlEB?= =?us-ascii?q?YgQpPIRWEdgFDHIFmc4h0AQEB?= Received: from unknown (HELO tarius.tycho.ncsc.mil) ([144.51.242.1]) by emsm-gh1-uea11.nsa.gov with ESMTP; 09 May 2017 20:52:15 +0000 Received: from prometheus.infosec.tycho.ncsc.mil (prometheus [192.168.25.40]) by tarius.tycho.ncsc.mil (8.14.4/8.14.4) with ESMTP id v49KqEGt005814; Tue, 9 May 2017 16:52:14 -0400 Received: from tarius.tycho.ncsc.mil (tarius.infosec.tycho.ncsc.mil [144.51.242.1]) by prometheus.infosec.tycho.ncsc.mil (8.15.2/8.15.2) with ESMTP id v49KpJsS149476 for ; Tue, 9 May 2017 16:51:19 -0400 Received: from goalie.tycho.ncsc.mil (goalie [144.51.242.250]) by tarius.tycho.ncsc.mil (8.14.4/8.14.4) with ESMTP id v49KpH4v005429 for ; Tue, 9 May 2017 16:51:18 -0400 X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: A1B6AgDVKhJZf4GlL8FdHAEBBAEBCgEBgyyCF450kGJylw+CboM2AoVEAQIBAQEBAQITAQEhXYUWAwMnUhAYCDFXGRuIOoFQtHI6inABMYg9gmeLAAWJPYdmWIs8TopPiEyCAokhhkaUQFaBC08hFYU6HIFmPTaIdAEBAQ X-IPAS-Result: A1B6AgDVKhJZf4GlL8FdHAEBBAEBCgEBgyyCF450kGJylw+CboM2AoVEAQIBAQEBAQITAQEhXYUWAwMnUhAYCDFXGRuIOoFQtHI6inABMYg9gmeLAAWJPYdmWIs8TopPiEyCAokhhkaUQFaBC08hFYU6HIFmPTaIdAEBAQ X-IronPort-AV: E=Sophos;i="5.38,316,1491278400"; d="scan'208";a="6046340" Received: from emsm-gh1-uea11.corp.nsa.gov (HELO emsm-gh1-uea11.nsa.gov) ([10.208.41.37]) by goalie.tycho.ncsc.mil with ESMTP; 09 May 2017 16:51:17 -0400 IronPort-PHdr: =?us-ascii?q?9a23=3Az+jTexdCLwLPLgYP8riOhOyQlGMj4u6mDksu8pMi?= =?us-ascii?q?zoh2WeGdxcu/bR7h7PlgxGXEQZ/co6odzbGH7Oa4ACdZu8bJmUtBWaQEbwUCh8?= =?us-ascii?q?QSkl5oK+++Imq/EsTXaTcnFt9JTl5v8iLzG0FUHMHjew+a+SXqvnYdFRrlKAV6?= =?us-ascii?q?OPn+FJLMgMSrzeCy/IDYbxlViDanb75/KBe7oR/NusULjoduN7g9xxjUqXZUZu?= =?us-ascii?q?pawn9lK0iOlBjm/Mew+5Bj8yVUu/0/8sNLTLv3caclQ7FGFToqK2866tHluhnF?= =?us-ascii?q?VguP+2ATUn4KnRpSAgjK9w/1U5HsuSbnrOV92S2aPcrrTbAoXDmp8qlmRAP0hC?= =?us-ascii?q?oBKjU063/chNBug61HoRKhvx1/zJDSYIGJL/p1Y6fRccoHSWZdQspdUipMCZ6+?= =?us-ascii?q?YYQSFeoMJeZWoZfgqVUArhWwAgujBO30xzNUmnP7x7E23v49HQ3a2gErAtIAsG?= =?us-ascii?q?7TrNXwLKocX/q6zK/VxjvHcvNWwzj955bOchA6vPqBWq9/ftDXyUkuCQzFileQ?= =?us-ascii?q?pJfgPzyL0uQNt3KU7+xnVeOgkWIotwZxoj22y8oql4LHiIUVylXe+iV4xoY4Pc?= =?us-ascii?q?a4R1Jhbt6iCpdQszqVOo1rSc0hW2FloDs2x7kItJKhcyUHyo4rywPeZvGHaYSE?= =?us-ascii?q?/wzvWeKXLDxlnnxqYqi/iAy38UW4yu3zSM200FFSoypAjNbMsnQN2AbV6siARf?= =?us-ascii?q?px5Fuu2TGV2wDS7uFIOUE0lazFJJ492rM8i54evErZEiL5mkj6lrKae0Qk9+Sy?= =?us-ascii?q?9ujrfLHrqoeZN4BuiwH+Nqoumta4AeQ9KgUBQnKU+eK91LL9+U35Qq5Hjvgona?= =?us-ascii?q?ndtJDVP8Ibpqm2AgNPzokj7BO/Ay+80NsEhXkHME5FeBWfgojyJV7OJPH4DfGi?= =?us-ascii?q?g1Wjizpr2/DHMaHhApXKNHTDlqzhcqxn505Tzwoz04MX25UBEbwFIfTuSmftpd?= =?us-ascii?q?fYCVk/KAXyzOH5W/tn0YZLdWuJSo2EKqzft0TAsu4mJeiBYI09vTv5L/Ej4O6o?= =?us-ascii?q?hng8zwxONZK11IcaPSjrVs9tJF+UND+12o8M?= X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: =?us-ascii?q?A0HsAQBSKxJZf4GlL8FdHAEBBAEBCgEBF?= =?us-ascii?q?wEBBAEBCgEBgwGCF450kGJylw+CboM2AoVEAQEBAQEBAQECAQIQAQEhXYIzIgG?= =?us-ascii?q?CQAMDJ1IQGAgxVxkbiDqBULRzOopxATGIPYJniwAFiT2HZliLPE6KT4hMggKJI?= =?us-ascii?q?YZGlEBWgQxPIRWFOhyBZj02iHQBAQE?= X-IPAS-Result: =?us-ascii?q?A0HsAQBSKxJZf4GlL8FdHAEBBAEBCgEBFwEBBAEBCgEBgwG?= =?us-ascii?q?CF450kGJylw+CboM2AoVEAQEBAQEBAQECAQIQAQEhXYIzIgGCQAMDJ1IQGAgxV?= =?us-ascii?q?xkbiDqBULRzOopxATGIPYJniwAFiT2HZliLPE6KT4hMggKJIYZGlEBWgQxPIRW?= =?us-ascii?q?FOhyBZj02iHQBAQE?= X-IronPort-AV: E=Sophos;i="5.38,316,1491264000"; d="scan'208";a="5619498" X-IronPort-Outbreak-Status: No, level 0, Unknown - Unknown Received: from mail-il-dmz.mellanox.com (HELO mellanox.co.il) ([193.47.165.129]) by emsm-gh1-uea11.nsa.gov with ESMTP; 09 May 2017 20:50:58 +0000 Received: from Internal Mail-Server by MTLPINE1 (envelope-from danielj@mellanox.com) with ESMTPS (AES256-SHA encrypted); 9 May 2017 23:50:53 +0300 Received: from x-vnc01.mtx.labs.mlnx. (x-vnc01.mtx.labs.mlnx [10.12.150.16]) by labmailer.mlnx (8.13.8/8.13.8) with ESMTP id v49Koor1031538; Tue, 9 May 2017 23:50:52 +0300 From: Dan Jurgens To: selinux@tycho.nsa.gov Subject: [PATCH 1/9] checkpolicy: Add support for ibpkeycon labels Date: Tue, 9 May 2017 23:50:34 +0300 Message-Id: <1494363042-121766-2-git-send-email-danielj@mellanox.com> X-Mailer: git-send-email 1.7.1 In-Reply-To: <1494363042-121766-1-git-send-email-danielj@mellanox.com> References: <1494363042-121766-1-git-send-email-danielj@mellanox.com> X-BeenThere: selinux@tycho.nsa.gov X-Mailman-Version: 2.1.20 Precedence: list List-Id: "Security-Enhanced Linux \(SELinux\) mailing list" List-Post: List-Help: Errors-To: selinux-bounces@tycho.nsa.gov Sender: "Selinux" X-Virus-Scanned: ClamAV using ClamSMTP From: Daniel Jurgens Add checkpolicy support for scanning and parsing ibpkeycon labels. Also create a new ocontext for Infiniband Pkeys and define a new policydb version for infiniband support. Signed-off-by: Daniel Jurgens --- checkpolicy/policy_define.c | 110 ++++++++++++++++++++++++++++ checkpolicy/policy_define.h | 1 + checkpolicy/policy_parse.y | 15 ++++- checkpolicy/policy_scan.l | 3 + libsepol/include/sepol/policydb/policydb.h | 32 +++++--- 5 files changed, 148 insertions(+), 13 deletions(-) diff --git a/checkpolicy/policy_define.c b/checkpolicy/policy_define.c index 949ca71..6f92bc5 100644 --- a/checkpolicy/policy_define.c +++ b/checkpolicy/policy_define.c @@ -20,6 +20,7 @@ * Copyright (C) 2004-2005 Trusted Computer Solutions, Inc. * Copyright (C) 2003 - 2008 Tresys Technology, LLC * Copyright (C) 2007 Red Hat Inc. + * Copyright (C) 2017 Mellanox Techonologies Inc. * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation, version 2. @@ -4975,6 +4976,115 @@ int define_port_context(unsigned int low, unsigned int high) return -1; } +int define_ibpkey_context(unsigned int low, unsigned int high) +{ + ocontext_t *newc, *c, *l, *head; + struct in6_addr subnet_prefix; + char *id; + int rc = 0; + + if (policydbp->target_platform != SEPOL_TARGET_SELINUX) { + yyerror("ibpkeycon not supported for target"); + return -1; + } + + if (pass == 1) { + id = (char *)queue_remove(id_queue); + free(id); + parse_security_context(NULL); + return 0; + } + + newc = malloc(sizeof(*newc)); + if (!newc) { + yyerror("out of memory"); + return -1; + } + memset(newc, 0, sizeof(*newc)); + + id = queue_remove(id_queue); + if (!id) { + yyerror("failed to read the subnet prefix"); + rc = -1; + goto out; + } + + rc = inet_pton(AF_INET6, id, &subnet_prefix); + free(id); + if (rc < 1) { + yyerror("failed to parse the subnet prefix"); + if (rc == 0) + rc = -1; + goto out; + } + + if (subnet_prefix.s6_addr[2] || subnet_prefix.s6_addr[3]) { + yyerror("subnet prefix should be 0's in the low order 64 bits."); + rc = -1; + goto out; + } + +#ifdef DARWIN + memcpy(&newc->u.ibpkey.subnet_prefix[0], &subnet_prefix.s6_addr[0], + sizeof(newc->u.ibpkey.subnet_prefix)); +#else + memcpy(&newc->u.ibpkey.subnet_prefix[0], &subnet_prefix.s6_addr32[0], + sizeof(newc->u.ibpkey.subnet_prefix)); +#endif + + newc->u.ibpkey.low_pkey = low; + newc->u.ibpkey.high_pkey = high; + + if (low > high) { + yyerror2("low pkey %d exceeds high pkey %d", low, high); + rc = -1; + goto out; + } + + rc = parse_security_context(&newc->context[0]); + if (rc) + goto out; + + /* Preserve the matching order specified in the configuration. */ + head = policydbp->ocontexts[OCON_IBPKEY]; + for (l = NULL, c = head; c; l = c, c = c->next) { + unsigned int low2, high2; + + low2 = c->u.ibpkey.low_pkey; + high2 = c->u.ibpkey.high_pkey; + + if (low == low2 && high == high2 && + !memcmp(&c->u.ibpkey.subnet_prefix[0], + &newc->u.ibpkey.subnet_prefix[0], + sizeof(c->u.ibpkey.subnet_prefix))) { + yyerror2("duplicate ibpkeycon entry for %d-%d ", + low, high); + rc = -1; + goto out; + } + if (low2 <= low && high2 >= high && + !memcmp(&c->u.ibpkey.subnet_prefix[0], + &newc->u.ibpkey.subnet_prefix[0], + sizeof(c->u.ibpkey.subnet_prefix))) { + yyerror2("ibpkeycon entry for %d-%d hidden by earlier entry for %d-%d", + low, high, low2, high2); + rc = -1; + goto out; + } + } + + if (l) + l->next = newc; + else + policydbp->ocontexts[OCON_IBPKEY] = newc; + + return 0; + +out: + free(newc); + return rc; +} + int define_netif_context(void) { ocontext_t *newc, *c, *head; diff --git a/checkpolicy/policy_define.h b/checkpolicy/policy_define.h index 964baae..b019b1a 100644 --- a/checkpolicy/policy_define.h +++ b/checkpolicy/policy_define.h @@ -43,6 +43,7 @@ int define_level(void); int define_netif_context(void); int define_permissive(void); int define_polcap(void); +int define_ibpkey_context(unsigned int low, unsigned int high); int define_port_context(unsigned int low, unsigned int high); int define_pirq_context(unsigned int pirq); int define_iomem_context(uint64_t low, uint64_t high); diff --git a/checkpolicy/policy_parse.y b/checkpolicy/policy_parse.y index 3b6a2f8..f50eab1 100644 --- a/checkpolicy/policy_parse.y +++ b/checkpolicy/policy_parse.y @@ -21,6 +21,7 @@ * Copyright (C) 2004-2005 Trusted Computer Solutions, Inc. * Copyright (C) 2003 - 2008 Tresys Technology, LLC * Copyright (C) 2007 Red Hat Inc. + * Copyright (C) 2017 Mellanox Technologies Inc. * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation, version 2. @@ -134,6 +135,7 @@ typedef int (* require_func_t)(int pass); %token TARGET %token SAMEUSER %token FSCON PORTCON NETIFCON NODECON +%token IBPKEYCON %token PIRQCON IOMEMCON IOPORTCON PCIDEVICECON DEVICETREECON %token FSUSEXATTR FSUSETASK FSUSETRANS %token GENFSCON @@ -169,7 +171,7 @@ base_policy : { if (define_policy(pass, 0) == -1) return -1; } opt_default_rules opt_mls te_rbac users opt_constraints { if (pass == 1) { if (policydb_index_bools(policydbp)) return -1;} else if (pass == 2) { if (policydb_index_others(NULL, policydbp, 0)) return -1;}} - initial_sid_contexts opt_fs_contexts opt_fs_uses opt_genfs_contexts net_contexts opt_dev_contexts + initial_sid_contexts opt_fs_contexts opt_fs_uses opt_genfs_contexts net_contexts opt_dev_contexts opt_ibpkey_contexts ; classes : class_def | classes class_def @@ -708,6 +710,17 @@ port_context_def : PORTCON identifier number security_context_def | PORTCON identifier number '-' number security_context_def {if (define_port_context($3,$5)) return -1;} ; +opt_ibpkey_contexts : ibpkey_contexts + | + ; +ibpkey_contexts : ibpkey_context_def + | ibpkey_contexts ibpkey_context_def + ; +ibpkey_context_def : IBPKEYCON ipv6_addr number security_context_def + {if (define_ibpkey_context($3,$3)) return -1;} + | IBPKEYCON ipv6_addr number '-' number security_context_def + {if (define_ibpkey_context($3,$5)) return -1;} + ; opt_netif_contexts : netif_contexts | ; diff --git a/checkpolicy/policy_scan.l b/checkpolicy/policy_scan.l index 2f7f221..07352cb 100644 --- a/checkpolicy/policy_scan.l +++ b/checkpolicy/policy_scan.l @@ -12,6 +12,7 @@ * Added support for binary policy modules * * Copyright (C) 2003-5 Tresys Technology, LLC + * Copyright (C) 2017 Mellanox Technologies Inc. * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation, version 2. @@ -181,6 +182,8 @@ INCOMP | incomp { return(INCOMP);} fscon | FSCON { return(FSCON);} +ibpkeycon | +IBPKEYCON { return(IBPKEYCON);} portcon | PORTCON { return(PORTCON);} netifcon | diff --git a/libsepol/include/sepol/policydb/policydb.h b/libsepol/include/sepol/policydb/policydb.h index 4336a3f..5ecc623 100644 --- a/libsepol/include/sepol/policydb/policydb.h +++ b/libsepol/include/sepol/policydb/policydb.h @@ -24,6 +24,7 @@ * Copyright (C) 2004-2005 Trusted Computer Solutions, Inc. * Copyright (C) 2003 - 2004 Tresys Technology, LLC * Copyright (C) 2003 - 2004 Red Hat, Inc. + * Copyright (C) 2017 Mellanox Techonolgies Inc. * * This library is free software; you can redistribute it and/or * modify it under the terms of the GNU Lesser General Public @@ -354,6 +355,11 @@ typedef struct ocontext { uint32_t low_ioport; uint32_t high_ioport; } ioport; + struct { + uint32_t subnet_prefix[4]; + uint16_t low_pkey; + uint16_t high_pkey; + } ibpkey; } u; union { uint32_t sclass; /* security class for genfs */ @@ -382,14 +388,14 @@ typedef struct genfs { #define SYM_NUM 8 /* object context array indices */ -#define OCON_ISID 0 /* initial SIDs */ -#define OCON_FS 1 /* unlabeled file systems */ -#define OCON_PORT 2 /* TCP and UDP port numbers */ -#define OCON_NETIF 3 /* network interfaces */ -#define OCON_NODE 4 /* nodes */ -#define OCON_FSUSE 5 /* fs_use */ -#define OCON_NODE6 6 /* IPv6 nodes */ -#define OCON_GENFS 7 /* needed for ocontext_supported */ +#define OCON_ISID 0 /* initial SIDs */ +#define OCON_FS 1 /* unlabeled file systems */ +#define OCON_PORT 2 /* TCP and UDP port numbers */ +#define OCON_NETIF 3 /* network interfaces */ +#define OCON_NODE 4 /* nodes */ +#define OCON_FSUSE 5 /* fs_use */ +#define OCON_NODE6 6 /* IPv6 nodes */ +#define OCON_IBPKEY 7 /* Infiniband PKEY */ /* object context array indices for Xen */ #define OCON_XEN_ISID 0 /* initial SIDs */ @@ -400,7 +406,7 @@ typedef struct genfs { #define OCON_XEN_DEVICETREE 5 /* device tree node */ /* OCON_NUM needs to be the largest index in any platform's ocontext array */ -#define OCON_NUM 7 +#define OCON_NUM 8 /* section: module information */ @@ -722,10 +728,11 @@ extern int policydb_set_target_platform(policydb_t *p, int platform); #define POLICYDB_VERSION_CONSTRAINT_NAMES 29 #define POLICYDB_VERSION_XEN_DEVICETREE 30 /* Xen-specific */ #define POLICYDB_VERSION_XPERMS_IOCTL 30 /* Linux-specific */ +#define POLICYDB_VERSION_INFINIBAND 31 /* Range of policy versions we understand*/ #define POLICYDB_VERSION_MIN POLICYDB_VERSION_BASE -#define POLICYDB_VERSION_MAX POLICYDB_VERSION_XPERMS_IOCTL +#define POLICYDB_VERSION_MAX POLICYDB_VERSION_INFINIBAND /* Module versions and specific changes*/ #define MOD_POLICYDB_VERSION_BASE 4 @@ -743,10 +750,11 @@ extern int policydb_set_target_platform(policydb_t *p, int platform); #define MOD_POLICYDB_VERSION_TUNABLE_SEP 14 #define MOD_POLICYDB_VERSION_NEW_OBJECT_DEFAULTS 15 #define MOD_POLICYDB_VERSION_DEFAULT_TYPE 16 -#define MOD_POLICYDB_VERSION_CONSTRAINT_NAMES 17 +#define MOD_POLICYDB_VERSION_CONSTRAINT_NAMES 17 +#define MOD_POLICYDB_VERSION_INFINIBAND 18 #define MOD_POLICYDB_VERSION_MIN MOD_POLICYDB_VERSION_BASE -#define MOD_POLICYDB_VERSION_MAX MOD_POLICYDB_VERSION_CONSTRAINT_NAMES +#define MOD_POLICYDB_VERSION_MAX MOD_POLICYDB_VERSION_INFINIBAND #define POLICYDB_CONFIG_MLS 1