From patchwork Mon May 22 13:08:23 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Daniel Jurgens X-Patchwork-Id: 9740261 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id 4DF5B601C2 for ; Mon, 22 May 2017 13:11:08 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 3E7962846A for ; Mon, 22 May 2017 13:11:08 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 323E82870C; Mon, 22 May 2017 13:11:08 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-1.9 required=2.0 tests=BAYES_00, RCVD_IN_DNSWL_NONE, UNPARSEABLE_RELAY autolearn=ham version=3.3.1 Received: from emsm-gh1-uea10.nsa.gov (smtp.nsa.gov [8.44.101.8]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 426542846A for ; Mon, 22 May 2017 13:11:06 +0000 (UTC) X-IronPort-AV: E=Sophos;i="5.38,377,1491264000"; d="scan'208";a="7297806" IronPort-PHdr: =?us-ascii?q?9a23=3AIo7DLB9bCCVebf9uRHKM819IXTAuvvDOBiVQ1KB5?= =?us-ascii?q?0u8RIJqq85mqBkHD//Il1AaPBtSEragbwLSM+4nbGkU4qa6bt34DdJEeHzQksu?= =?us-ascii?q?4x2zIaPcieFEfgJ+TrZSFpVO5LVVti4m3peRMNQJW2aFLduGC94iAPERvjKwV1?= =?us-ascii?q?Ov71GonPhMiryuy+4ZPebgFKiTanf79/Lhq6oATPusILnYZsN6E9xwfTrHBVYe?= =?us-ascii?q?pW32RoJVySnxb4+Mi9+YNo/jpTtfw86cNOSL32cKskQ7NWCjQmKH0169bwtRbf?= =?us-ascii?q?VwuP52ATXXsQnxFVHgXK9hD6XpP2sivnqupw3TSRMMPqQbwoXzmp8qlkSAXsiC?= =?us-ascii?q?waKTA39m/ZgdF0gK5CvR6tuxlzzojJa4+XKfV+ZLvQc9MES2RcUMhfVCtPDYGy?= =?us-ascii?q?b4sXDecNIOhVoJfmp1YVsReyGROhCP/1xzNUmnP727Ax3eQ7EQHB2QwtB9wAv2?= =?us-ascii?q?7SrN7oMKkSTPq1zKbWwjXFdPNdxDDw55XSfRAnoPGDQ7ZwccjKxEkqCQzFilGQ?= =?us-ascii?q?ppbjPzOS2eUBqXSU7+1lVe+2jWMstg9/oj+qxsg2i4nJgJoYykvY+ipjxoY5P9?= =?us-ascii?q?m4R1V9bNW5E5VQrzmXO5Z5T84tWW1luDs2xqcYtZO0YiQG0okrywbCZ/GDfYWE?= =?us-ascii?q?+B3uWeSLLTtlhX9oeKiziwus/UWkzOD3S9O630xQriVfl9nBrnUN1xvO5ceZUv?= =?us-ascii?q?Z95UKh2SqX1wDU9+FEPVg4larFJJ4lxb49joYTvl7ZHi/3hUX2l7Wadlkk++e0?= =?us-ascii?q?6+TnZa/qppmAOI9vlg7yKKEums27AeggMwgOWXaU+fik2bH+8kD0T69Gg/0rnq?= =?us-ascii?q?XDrpzXKtoXqrSkDwNN14Ys8Re/DzOo0NQCmnkHKUpIeAmZgIjtOlHOJu34DPim?= =?us-ascii?q?j1u3lzdr2vbGMaH/DZXWNXXDjLfgcqp9605b0gYzy8tf6IhOBrEOJ/LzRFf9tM?= =?us-ascii?q?bEAR8hLwy03+HnBc1/1oMZX2KAGLOZMKPIvl+O/e8vIe6MZIkQuDnnMPgl++Dh?= =?us-ascii?q?jWUimVMHeqmpx5QXYmiiHvt6O0WZfWbsgtAZHGcIvAoxVvDliF6ZUT5UYXayXr?= =?us-ascii?q?w86yo1CIKiEIfCSZuigKGH3CenA51afGdGCkqDEX3wbYWLR+8MaD6OIs9mijEF?= =?us-ascii?q?W7mhS4sk1R6wrg/30LRnIfTJ9S0fr5LszsB15/fUlREw6zN7E9id33uKT2FukW?= =?us-ascii?q?MCXyU207xnoUxh1leD1rB1jOFEGtxW4PNJVBs6OYPHwuxkFd/yQAPBf9aOSFag?= =?us-ascii?q?WNmmBy8+Ts4pyd8Uf0l9A8mijgzE3yeyHrAVi6aEBIYv/63A2HjxItpyxGzd1K?= =?us-ascii?q?k9lVUmRNVANXG+jK5l6wfTH5LJk1mel6uydaUd3SnN9GGYwGqLuEFUSQ9wUaPf?= =?us-ascii?q?UXAZfETWt9f55kLcT7CwE7gnNBVOydKaIKtQdtLplUlGROvkONnGfW2xg32/BQ?= =?us-ascii?q?yJxrOXd4fqY38S3D/cCEgfiwAT+WyJOhQgCSu7pGLeFjNuH0r1Y0zw6el+tG+7?= =?us-ascii?q?TkgswgGEdU1uzby19QIUhfyHUP4T26oEuCY4pzVvEle9xMjaC92apwpuZK9ce8?= =?us-ascii?q?8y4E9b1WLFsAxwJp+gILphhl4ZbgR6pEDu2A90CoVHjMgmtnQqzBB9KaiAylNO?= =?us-ascii?q?ayuY3YzsOr3QMmT95g2ga7TX2l7Aytab4b0A5+g9q1n5uwGpDEUi+W1909ZJy3?= =?us-ascii?q?uc+onKDA0KXJLqXEY37R96p6rGYiQm/IPU03psMKexsjDY3dIlHu0lxQi8f91H?= =?us-ascii?q?KqOLCBfyE9EGB8ipMOErlUKmbhYYPO9M7q40JNird+WY166xJ+lggTemgX5A4I?= =?us-ascii?q?Bn3UKG7zB8RfLQ35YZ3/GY2ROKVyvhg1i8s8D4g4REaCoOEWq4zCjrGJReZrZu?= =?us-ascii?q?fYoRD2ehPdG3zM1kh5HxQ35Y6EKjB1Qe1c+veBqSa1j90hNL1UkMu3OohzG4zz?= =?us-ascii?q?tunzEutKqf0zTEw/7+exofJm5LWG5igE/yIYi1k98aQE+obxIzmBS55Ub6wK5b?= =?us-ascii?q?pKtkImnXQEdIeTL5L3tlUqeqsbqCecFP4osysSpLSOS8fUyaSrnlrhse0iPjBH?= =?us-ascii?q?deyCkgdz60vpX5nhp6iH+SLXtot3rZYcBwxRHe5NPAXv5dxDwGSzdkiTPPHFiz?= =?us-ascii?q?I8Gp/cmIl5fEqu2+TWWhVplXcSb114OPqCy75GNxDB2kgvC8hsbnHRI90S/h2N?= =?us-ascii?q?lgTT/IowrkYon3y6S6NvpqflFyC1/h78p2AJtxnpEri5EX3XgampKV/XwcnGf2?= =?us-ascii?q?Ldlb36X+Y2YXST4N3dHV/BDv2Fd/IXKR24L5SnKdz9NiZ9akZGMWwTkw78NUB6?= =?us-ascii?q?eS97xEmzV6okaioQLWe/h9kS8XyeEy534Cn+EJpA0twz2DArAUAEZVJjLslxKV?= =?us-ascii?q?4NC+tqlXYnigcaSo3kpkgd+hFK2Coh1bWHvhYpctBzJw7sFkPV3Q0X3z9oHldM?= =?us-ascii?q?Debd0JsB2YiRDAj/JaKJgpjPoFmTJnOX7hvX0i0+M7lwFh0oyhsYiILmVs87i1?= =?us-ascii?q?AhhGOT3pf8kT4C3ijb5CnsaK2ICiBo1hFS8WXJvsU/2oCCgdtfL7NwmQCj0xsW?= =?us-ascii?q?qbGaHBEg+F80dqtWnPE5e2N3GNOHYW09tiRB6HJExQng8YRjM6kYAlFgqy3szu?= =?us-ascii?q?bF955iwN5l7/shZMxPhnNx/jUmfYoQelcTk0R4aCIxpR9AFN/V/VMdaZ7uJxAS?= =?us-ascii?q?5X4oGhoBaKKmyBaARCFXsJVVCcB1D/Irmu4sHN8+2CCeq6K/vBf6mOqfBEWPiS?= =?us-ascii?q?3p+v1JVp/yqXNsqTJHZiF+M01lBFXX9nB8TTgy8PRDAPlyLRc86bow+x+jdtos?= =?us-ascii?q?Gx6vjrXRjg5Y+IC7pSKthg4Qy5gaKZO+6XniZ5Ji5S1okQyn/Q1LgfwFkShjlg?= =?us-ascii?q?dzm3D7sPqDXNQ7jWmq9LCB4bcDh+O9FU4KI5xAVNPtTbitzt3L5ikvE1E0tFVU?= =?us-ascii?q?DmmsyxY8wKOXuyNEvfBEuQOrSGJCfLw9rrYaOySL1Qiv9btxustjaaCUDjOi6P?= =?us-ascii?q?lz7zVxCgKetMlj2UPARCuIGhdRZgEXDjQ8z9ZRKlNt93jCE2wbovi3PLK2ETLy?= =?us-ascii?q?Zzf1lKrr2K4iNSmu9/FHBZ7np5MemEnD6U4PLDJZoRtftrAz90l/5B4Hgg0Lta?= =?us-ascii?q?8j1LSOZumCTMqt5uolemkvSAyzd8TBVPqixLhJ+QvUl4N6TW7IVAWW3D/BIL92?= =?us-ascii?q?mQDA4Kp9R9AN31p69Q0sTPlL70KDpa6NLb59UcCNLbKM2ZK3osKgHpFyTKDAQf?= =?us-ascii?q?Qj6kK3rfi1ZbkP6M6n2ftoI6pYT0mJoSVr9bU0Q4GegbCkRqG9wCJox6US46nr?= =?us-ascii?q?GAjc4H/3y+oAPWRMVAsZDNTuiSDun3KDaFkblEYAMFzqn3LYsJKI30xVdval5i?= =?us-ascii?q?nIvUHUrQWMpCoixlbgAvp0VM/2JyTmop20Lqcgmt+mMcFeaonh4qjQtzefgt9D?= =?us-ascii?q?Dp41stPFrKoyoxn1c3mdr+mzCRdyD+LKSrUI5KDCr0slQ+PYngQwZpdwGym1Jr?= =?us-ascii?q?NCvcTbJLk7RgbXxriBPbuZZXGv5dTalEbwELyPGSYPUo31pcpTu7xU9b5evFDp?= =?us-ascii?q?5imxUwfZ6qsX1AxxppbMQpKqzIOKpJ0l9Qi7qIviC2zO8xxBQTJ0UK8GOJZC4H?= =?us-ascii?q?okoINqIlJyqp5OBs7xKNmydbcmgWS/Uquu5q9l86O+mY1SLvzaVDJV6rOOyFM6?= =?us-ascii?q?yZu3PNmtWJQlMqy0wIkEdF/aBs0cg9c0uYTUYvw6WNFx4RL8rNNRlVb9ZO9HjU?= =?us-ascii?q?ZSuBrOLNwZRzP4qgCO/oSe6Oub0OjU26BgYpGJ4A7sMbHpmjyEvYN9voLKYZyR?= =?us-ascii?q?Ux4wTmPEiKA+5XeBKKjTgHuNqyw4Vt3YlHITEcD359Pjur6bbKvA8qgeaDXdcs?= =?us-ascii?q?bnccQIQEKmo8WNemlC5Bo3RAED633/oExwiZ8TDzvCvQDCPmYNp9f/qUfgljCN?= =?us-ascii?q?Kr+TUl6ae6k1rX8ojYJ27gL9Ruo8PP6eQZp5eHDPNYV799vFnAm4NAXXylT3bP?= =?us-ascii?q?EcKpJ5j3c4Qsadv0CmykXVy5ijM1SNz8PNmrLqiVmw3oQpxUsIaD1jA5KcC9Di?= =?us-ascii?q?0eGwt3p+wb/6JzewkDY5s9YR71uAUzLLCwIACd0tqyWWmtMidWQ+NZzeqke7xd?= =?us-ascii?q?1zAsYfOiyHs8UpE6yPG68U0XRJAKlB7ew+qjZ4lFXCj8HXxdYxnAqTA/l2d/Ku?= =?us-ascii?q?Y42v0/zw/QsVkALzCLc/RkaHBFv9E5AlOSPXV2C2ojSlCBjIrC4hSj0KsI8ytb?= =?us-ascii?q?gdlUzfVPsGLisZ/HfDKsRKurpI3PvCokbNgpv7N+PpTmIsqGspPemTrfQ4PLvw?= =?us-ascii?q?KeUS61DfxalsFeICJFWvVIn38qOdAes4pb9UUxTts+J6BICKQ0vb+ldzxkADUI?= =?us-ascii?q?wiAESYOPwiYCgvym1LvAlhacapMiMAYLsJ9amNsSTzZ2Yj8CpK+kT4jWmHKESm?= =?us-ascii?q?kPIAcX8wtM4RkNmZJuce/+4YrHVplMxyRRo/JuXSvBDoNo+EfjSmGKnVj4T+2s?= =?us-ascii?q?k/av3QJT0P3s0t4bWBpkCUZF3uhYi1EmJa1wJaQLooHKtTqIel/gs2L21OuqPl?= =?us-ascii?q?9RxtPId1fgForKqXL8UjEA+X0TXYJP0mvQFY4VkwVic6sruE9ML5q4ekng4zwk?= =?us-ascii?q?xoJpH7a8VcCqyFYlrWoGRymwHNpbDuFqqlTXVyN5Y5qzspXqJ41SQnNM+J2as1?= =?us-ascii?q?pYnl9hPDK5yZpdLsFN4yQDXDtUrDWcotS9VtNM1dVxD58WLdd1o239F79cOJiN?= =?us-ascii?q?v302vaTixWXD+zAhtle23jazFrS5T+JY/m0eBh4mK36YqkYxE+sm6n3S/UzVsl?= =?us-ascii?q?Bo4+dbAaCCjUR3oDZhAJ9OAihG1XW7IFRvVnlHs/5XKKPNc8NCRfkyYAWgOx06?= =?us-ascii?q?FfE92EyI8lt4nXDjYyx9rgFa4TzSXxEoVSkJhbfggTIeqtu9Nj8cV5JFdjQhby?= =?us-ascii?q?DLKgKdhSBXvAhQa0BsW5AFHNlF4asX3Y1K8creUUysMz0KXAR+NgIk1vpSjVJD?= =?us-ascii?q?sEKdeS3GEQqkafPPvQZtcceXssGpMOzz/B1bhYP/rOA466IDSmWmmQK3W9DRtY?= =?us-ascii?q?v8ucCRu0STaqj4K/W8bmHFTDfSlxC8n7AkD4PF/yLLKgpUN4F6yWY4YZjmEWPL?= =?us-ascii?q?PxNGKLwAKkVGS696cstJovpGZ8B6ZakF46ltCQybRhn3AoygsOFGLkrPRTTZNy?= =?us-ascii?q?iO6eK/rp7P4bHfVOTtaNeByGrAQ6JyIph18yL7G6vw3Y9Y5EX2xu9n9llmRlje?= =?us-ascii?q?LyCBsNPhKxsR5Ma8a0TivocmHS/NDZd0l3rt2F9Pe9QLTC2t7ZsX1olV6HDuRu?= =?us-ascii?q?JkykLzqvFd96F46Ykr5LBk0d+0JbzOKftArEBnHgOZBh5t9pUwGmhwW35eYukN?= =?us-ascii?q?KPfLZ6sZidriq+ftF6wY8BeV4fBWacPbJ0HdncmyEi2cSQZakwgftDEXNRac1/?= =?us-ascii?q?qZm69uU8mlu+n52kUp41egMh4K1rdt5Z2L+qCQvu/YcwPRzaQYWqjtXs7zrK4j?= =?us-ascii?q?u1mV5f0/kL4BYHJ1bhaiEOgAUs4d2mbgwrwrzS02FcPDBKjs+PlZV3I2hjjggY?= =?us-ascii?q?xyH00KGvMIGrqG5YZekX0+m+zXLN0Wdb1NlXiUGB64CLACz2Wr6yyNLGljnB7O?= =?us-ascii?q?zwn6QXmv41/usS94XSzMws/lkkpRTbS3BEFSXy+zNU95tjOPMhDou8DsuaQp9k?= =?us-ascii?q?E2L3DrtM6QlGu7JrxbBcr/JMaTISMsvlIYkIUxRsCz2YAcAde9JtYR/215bvva?= =?us-ascii?q?8WyriDVNo6ZAh4rZ+cGV4e7aHXyvgqyVsbmNwypYyncgt1El9t+gLu3O58GNQ/?= =?us-ascii?q?mwy2keVSN/tBXaXx6pqr3bqEsZOVeX30fKhoMKOM1Z3Xgi2U384ugsXs4z/h1E?= =?us-ascii?q?Foncf/MCuSzzODzszFabeNI3UymT3iBZHl3rDFZ4H7I813jovMLTknfQ+UMnSZ?= =?us-ascii?q?Vsd0D9ghx3FYo4I1o36FcL2ioDDRQNaReDAbGqBETlKJAJVU0dZhWHwre6YKY3?= =?us-ascii?q?3Ut8wr+14u/cc/B8DbIXNvlBlg6OgERbGpUOvK0fQbNzYUVS+7LMqwj5FYfnQ+?= =?us-ascii?q?bpmmYqOf2yWMBa/tgTt2E+7QanWxqg9ZBD4q4Ah5CJba5Fb4LDvMJ970d7/T4A?= =?us-ascii?q?bDFNgBxkghylVuATuf7s7cLGsJqy7eauTrwiS/8Q9xguCGR0l4Hwj0w7odHLy+?= =?us-ascii?q?dcTZXYiZzl/wBRP3GKuIjb0x5mKeoNMo6rZ6hv93EGJygYOnIPMsGba+Em7C9x?= =?us-ascii?q?LDrT51JDAsQWZdMbJsbNmh5bilfvWL5N8srXAFiYC518d8ow9Wr41Cg18YcgUu?= =?us-ascii?q?bn8DK2OYrf4E9JP/xZiiVjisnPq/UUwfrdCSgX/WOWawNvzSOY1pmBEfDw8vuQ?= =?us-ascii?q?yNvMTVMJAjY2U5tBJDqF4QGnSfC6lI/3XQOI6s/+m5Y+dEOMRnOvnKQKqLtMEf?= =?us-ascii?q?VahiX9wDdeCpj/h+iJvNq09GtXqlpHHZ587RLbHqVfIpJ7ORP/msmwWEd8Air/?= =?us-ascii?q?eMfJdhsho+eWwvkD4/9+NkTkf4MbJAwLy67i43pPUgRuUKL2vkqeXe8JeNRmSu?= =?us-ascii?q?nLoWxO5I18LK8POFydpJ30oTdStFA5HhMmaL8qojxdbEnOkxVfW7zot74Ylgsc?= =?us-ascii?q?Tdl5tFdJGWK3PmI++zXHWrpOgamUCfwa6DOTQbISU0RmNSN+WRC12I50d7uvg/?= =?us-ascii?q?9HrntMnjlhr/gyzzxmWBy8tDXjp60RwjIg46i0uigOt3JDT+WelTrICFpYwfQF?= =?us-ascii?q?iKcTEXDi5kKmbHkEdovy76FtJd78+ok5/3Q/fRIjcjUEXeSnCyHwibmEDZCPsN?= =?us-ascii?q?JYmR6CpcTPbb61LSgJNbQ9yAnuR2Z80gjAhhlo9HYEQjS64N8iOoq9Jd4vxjC0?= =?us-ascii?q?FmjDaFYM/qRJvdPwtV4VVuQ2b0hswGF+0seaRy0NQ9fPF3wyjgg+ZmVOaIhD5g?= =?us-ascii?q?MCF6k0njaIubFL/gMKbzfaHISl/pLdnMnS1nk7U9hq2njapqubiZM2yHdlgc97?= =?us-ascii?q?7jaSuHQOcOzVS8BsAnz01oZR1+P+Y/Gtv/scSIthzrShUeMNPtOl+WSoxJVgQl?= =?us-ascii?q?WlyagGH1qlLO8Dwa/WUyWlSWyYQeSLdGyMnzclMkHs/hSoK1w3aNtQr0AjKOfC?= =?us-ascii?q?gYRclwL5W7NuWiqQvUPbzHAkMe4CawI2uYKndhcWTO4Qe+ecJvYhwPkkBFsKcX?= =?us-ascii?q?DJATN8C/Wqvl61gIh7J3Jg7F3/YeTs8QDmM9ySFwIGEYHArZ5x/vq6SXyHOXN6?= =?us-ascii?q?yh19IlV0/f/FF1stru9cb4qRnd/Iittgz+EFcettPDYmut4XnYJj9ZWU0NmUfh?= =?us-ascii?q?7M1JryIsvVoveACf3F00sqYn1aUqYeYQ7t/4U6Odo5VKfJHbpXuhQcAaY6TYck?= =?us-ascii?q?N2f286F0Nx18fRLLZLSzmcnqveOLZp1bp3PM6VIwNijcsQUZyvOoVQx7c4yqh3?= =?us-ascii?q?LqLZA+WD1Bq9xtCgN4E4ZUGsIArg+nA5uKl6Ghj9++5Vl2u+gQsar/EvrKzsi2?= =?us-ascii?q?351tX5hG4kyGJDjQBLFxgkRkkuu9nOzN0pzwCcP+Y9MLSvJ3Qmnfar/JBo+/MC?= =?us-ascii?q?6BOtrge05a9L6RyLV5UhGPay3iR6qGsDerNO544UU61oN4YPDTwyIz4L3B3tv9?= =?us-ascii?q?eX1brD+5rXGVLJtf8EDKBevGUhJQSPqF9ntlHKIOYYvw9ecOKsAiwMOH7gly9j?= =?us-ascii?q?tC1syFL7Kmrk/W1UJxbYjbI1fx2yYlRYkKJwyyMVAyjm/dq3TdB2lcL8ejJcdi?= =?us-ascii?q?nNaVDgLi51NvlmE1fGFMAWnoSsmLOWgdxc2+YBaF9B9ED9oZmO63Y0E4vLWoSe?= =?us-ascii?q?Z0IpVFhfmqtLIfnNZsMS7AWMhaPyDWLL9xJTdREOTPpF42bR4Asrg1XJo1ZJeU?= =?us-ascii?q?LEMAKkeAxjv4zRHe3k3sa9ysyKGJLT4U8npdzLLF1iNDqhKkufafns3jULfZbI?= =?us-ascii?q?z5XP7SLCopTDeaSiouEUyx41erp+IEvOaEIWcYul0UbTidBxUJpqBus9fQCnTe?= =?us-ascii?q?mfNnfJIQn/CaWj3wRDd+lKUsGiZBrVqMTOYbFQnKc3/hh3JRuA6nJv9L53Lldb?= =?us-ascii?q?yYxrFOVuwQGIRMd+OWQ9rCdfBZPTcomS0TOPygcN3Es7Y5zlXIQHMCE6nG8V2R?= =?us-ascii?q?UE+bT/+HyjL1Q4oVpYk0uysv+tLWhCN3FbrHP6rM7wKpp5W1iCeepP32SngmY0?= =?us-ascii?q?tzhvkLRmaG3kpuMmYBXv0cvgnPX7SPakBXnCYlgORv1hsOUAF+Vnln1HpG2v26?= =?us-ascii?q?H5sKGhYvkGqyTahePxhMBzQq8BrPu1X/?= X-IPAS-Result: =?us-ascii?q?A2HkAQC+4iJZ/wHyM5BcGgEBAQECAQEBAQgBAQEBFgEBAQM?= =?us-ascii?q?BAQEJAQEBgwEpgW6OepB9cpcPJYJNiUlXAQEBAQEBAQECAQJoKIIzJIJCBgECJ?= =?us-ascii?q?FUDCQEBFwgpCAMBUxkFFog5gVAEsWY6JgKLGYg9gmeLCQWJP4dqWItHTopSiE+?= =?us-ascii?q?CA4kYDIZHlEhYgQpPIhWEeQFAAxyBZnOJKgEBAQ?= Received: from unknown (HELO tarius.tycho.ncsc.mil) ([144.51.242.1]) by emsm-gh1-uea10.nsa.gov with ESMTP; 22 May 2017 13:10:58 +0000 Received: from prometheus.infosec.tycho.ncsc.mil (prometheus [192.168.25.40]) by tarius.tycho.ncsc.mil (8.14.4/8.14.4) with ESMTP id v4MDArx6013017; Mon, 22 May 2017 09:10:54 -0400 Received: from tarius.tycho.ncsc.mil (tarius.infosec.tycho.ncsc.mil [144.51.242.1]) by prometheus.infosec.tycho.ncsc.mil (8.15.2/8.15.2) with ESMTP id v4MD8pMw141674 for ; Mon, 22 May 2017 09:08:51 -0400 Received: from goalie.tycho.ncsc.mil (goalie [144.51.242.250]) by tarius.tycho.ncsc.mil (8.14.4/8.14.4) with ESMTP id v4MD8oLb011891 for ; Mon, 22 May 2017 09:08:50 -0400 X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: A1B1AgAX4iJZf4GlL8FcHAEBBAEBCgEBgyyCF456kH1ylxOCboM2AoZoAQIBAQEBAQITAQEhXYUZAwMnUhAYCDFXGRuIOYFUsWI6iw8BMYg9gmeLCQWJP4dqWItHTopSiE+CA4kkhkeUSFaBC08iFYU6AxyBZj02iSoBAQE X-IPAS-Result: A1B1AgAX4iJZf4GlL8FcHAEBBAEBCgEBgyyCF456kH1ylxOCboM2AoZoAQIBAQEBAQITAQEhXYUZAwMnUhAYCDFXGRuIOYFUsWI6iw8BMYg9gmeLCQWJP4dqWItHTopSiE+CA4kkhkeUSFaBC08iFYU6AxyBZj02iSoBAQE X-IronPort-AV: E=Sophos;i="5.38,377,1491278400"; d="scan'208";a="6061033" Received: from emsm-gh1-uea10.corp.nsa.gov (HELO emsm-gh1-uea10.nsa.gov) ([10.208.41.36]) by goalie.tycho.ncsc.mil with ESMTP; 22 May 2017 09:08:50 -0400 IronPort-PHdr: =?us-ascii?q?9a23=3ASFN8zhUFlI6Jjs5HY8CSDcUzdrzV8LGtZVwlr6E/?= =?us-ascii?q?grcLSJyIuqrYYxGBt8tkgFKBZ4jH8fUM07OQ6PG/HzZfqsvQ+Fk5M7V0Hycfjs?= =?us-ascii?q?sXmwFySOWkMmbcaMDQUiohAc5ZX0Vk9XzoeWJcGcL5ekGA6ibqtW1aFRrwLxd6?= =?us-ascii?q?KfroEYDOkcu3y/qy+5rOaAlUmTaxe71/IRG0oAnLqMUbg4RuJ6Y1xxDUvnZGZu?= =?us-ascii?q?NayH9yK1mOhRj8/MCw/JBi8yRUpf0s8tNLXLv5caolU7FWFSwqPG8p6sLlsxnD?= =?us-ascii?q?VhaP6WAHUmoKiBpIAhPK4w/8U5zsryb1rOt92C2dPc3rUbA5XCmp4ql3RBP0ji?= =?us-ascii?q?oMKiU0+3/LhMNukK1boQqhpx1hzI7SfIGVL+d1cqfEcd8HWWZNQsNdWipcCY2+?= =?us-ascii?q?coQPFfIMM+ZGoYfgqVUArhywCguiBO701jNEmmX70bEg3ug9DQ3L2hErEdIUsH?= =?us-ascii?q?TTqdX4LKkcXvqzzKLVyTvDculW2Tjj54jOaRAqvPaBUq9qfsrXyEkgCQfFjleL?= =?us-ascii?q?pIzgITyV0uANvHKd7+pnWuOjkXIoqwZ0ojW2wMonl4fHhoUQyl/e9CV5xp44Jc?= =?us-ascii?q?akR0FhZ96oCp9QuDqcOoBrQc0iW3lltDs+x7AIo5K2cyoHxI46yxPea/GLaZWE?= =?us-ascii?q?7gznWeuXPDx2nmhqeKiliBa36UWgyvPzVs2z0FtSqypKjN3MtnQX2BzV7ciGRe?= =?us-ascii?q?Fx8Vum2TqV1gDT7vlIIUEylaXFN54s2qM8m54dvEjZESL7ml/6gLKXe0gk4OSk?= =?us-ascii?q?9vrrb7H+qp+ZLYB0iwX+Mqo0msy4BOQ1KhUBUHKd+eS9yrLj+U/5Ta5PjvIolq?= =?us-ascii?q?nZtIrVJcIcpq+2GQNazoEj6xOnAze8zNsYhWUHLE5CeB+flIjmJVXOIPH+Dfei?= =?us-ascii?q?jFWhiytrxvDaMb3hBZXBNH7DkKz7crpn5E5czxQznphj4MdPB7UAJu/jclPgv9?= =?us-ascii?q?zfSBkiOkq7xPi0Js9609YyUGTHILKDP67Uqhfc6uspIuSIZqcQtTL5Iv4i97jl?= =?us-ascii?q?inpvygxVRrWgwZZCMCPwJf9hOUjMJCO02to=3D?= X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: =?us-ascii?q?A0HnAQCO4SJZf4GlL8FcHAEBBAEBCgEBF?= =?us-ascii?q?wEBBAEBCgEBgwGCF456kH1ylxOCboM2AoZoAQEBAQEBAQECAQIQAQEhXYIzJAG?= =?us-ascii?q?CQQMDJ1IQGAgxVxkbiDmBVLFgOosPATGIPYJniwkFiT+HaliLR06KUohPggOJJ?= =?us-ascii?q?IZHlEhWgQxPIhWFOgMcgWY9NokqAQEB?= X-IPAS-Result: =?us-ascii?q?A0HnAQCO4SJZf4GlL8FcHAEBBAEBCgEBFwEBBAEBCgEBgwG?= =?us-ascii?q?CF456kH1ylxOCboM2AoZoAQEBAQEBAQECAQIQAQEhXYIzJAGCQQMDJ1IQGAgxV?= =?us-ascii?q?xkbiDmBVLFgOosPATGIPYJniwkFiT+HaliLR06KUohPggOJJIZHlEhWgQxPIhW?= =?us-ascii?q?FOgMcgWY9NokqAQEB?= X-IronPort-AV: E=Sophos;i="5.38,377,1491264000"; d="scan'208";a="7297671" X-IronPort-Outbreak-Status: No, level 0, Unknown - Unknown Received: from mail-il-dmz.mellanox.com (HELO mellanox.co.il) ([193.47.165.129]) by emsm-gh1-uea10.nsa.gov with ESMTP; 22 May 2017 13:08:49 +0000 Received: from Internal Mail-Server by MTLPINE1 (envelope-from danielj@mellanox.com) with ESMTPS (AES256-SHA encrypted); 22 May 2017 16:08:45 +0300 Received: from x-vnc01.mtx.labs.mlnx. (x-vnc01.mtx.labs.mlnx [10.12.150.16]) by labmailer.mlnx (8.13.8/8.13.8) with ESMTP id v4MD8f0n017562; Mon, 22 May 2017 16:08:43 +0300 From: Dan Jurgens To: selinux@tycho.nsa.gov Subject: [PATCH v3 1/9] checkpolicy: Add support for ibpkeycon labels Date: Mon, 22 May 2017 16:08:23 +0300 Message-Id: <1495458511-46724-2-git-send-email-danielj@mellanox.com> X-Mailer: git-send-email 1.7.1 In-Reply-To: <1495458511-46724-1-git-send-email-danielj@mellanox.com> References: <1495458511-46724-1-git-send-email-danielj@mellanox.com> X-BeenThere: selinux@tycho.nsa.gov X-Mailman-Version: 2.1.20 Precedence: list List-Id: "Security-Enhanced Linux \(SELinux\) mailing list" List-Post: List-Help: Errors-To: selinux-bounces@tycho.nsa.gov Sender: "Selinux" X-Virus-Scanned: ClamAV using ClamSMTP From: Daniel Jurgens Add checkpolicy support for scanning and parsing ibpkeycon labels. Also create a new ocontext for Infiniband Pkeys and define a new policydb version for infiniband support. Signed-off-by: Daniel Jurgens --- v1: Stephen Smalley: - Always use s6_addr instead of s6_addr32. - Add comment about POLICYDB_VERSION_INFINIBAND being linux specific. v2: Stephen Smalley: - Store subnet_prefix as 8 bytes. --- checkpolicy/policy_define.c | 107 +++++++++++++++++++++++++++++ checkpolicy/policy_define.h | 1 + checkpolicy/policy_parse.y | 15 +++- checkpolicy/policy_scan.l | 3 + libsepol/include/sepol/policydb/policydb.h | 30 +++++--- 5 files changed, 144 insertions(+), 12 deletions(-) diff --git a/checkpolicy/policy_define.c b/checkpolicy/policy_define.c index 8fab214b..e73ec8f7 100644 --- a/checkpolicy/policy_define.c +++ b/checkpolicy/policy_define.c @@ -20,6 +20,7 @@ * Copyright (C) 2004-2005 Trusted Computer Solutions, Inc. * Copyright (C) 2003 - 2008 Tresys Technology, LLC * Copyright (C) 2007 Red Hat Inc. + * Copyright (C) 2017 Mellanox Techonologies Inc. * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation, version 2. @@ -5057,6 +5058,112 @@ int define_port_context(unsigned int low, unsigned int high) return -1; } +int define_ibpkey_context(unsigned int low, unsigned int high) +{ + ocontext_t *newc, *c, *l, *head; + struct in6_addr subnet_prefix; + char *id; + int rc = 0; + + if (policydbp->target_platform != SEPOL_TARGET_SELINUX) { + yyerror("ibpkeycon not supported for target"); + return -1; + } + + if (pass == 1) { + id = (char *)queue_remove(id_queue); + free(id); + parse_security_context(NULL); + return 0; + } + + newc = malloc(sizeof(*newc)); + if (!newc) { + yyerror("out of memory"); + return -1; + } + memset(newc, 0, sizeof(*newc)); + + id = queue_remove(id_queue); + if (!id) { + yyerror("failed to read the subnet prefix"); + rc = -1; + goto out; + } + + rc = inet_pton(AF_INET6, id, &subnet_prefix); + free(id); + if (rc < 1) { + yyerror("failed to parse the subnet prefix"); + if (rc == 0) + rc = -1; + goto out; + } + + if (subnet_prefix.s6_addr[2] || subnet_prefix.s6_addr[3]) { + yyerror("subnet prefix should be 0's in the low order 64 bits."); + rc = -1; + goto out; + } + + if (low > 0xffff || high > 0xffff) { + yyerror("pkey value too large, pkeys are 16 bits."); + rc = -1; + goto out; + } + + memcpy(&newc->u.ibpkey.subnet_prefix, &subnet_prefix.s6_addr[0], + sizeof(newc->u.ibpkey.subnet_prefix)); + + newc->u.ibpkey.low_pkey = low; + newc->u.ibpkey.high_pkey = high; + + if (low > high) { + yyerror2("low pkey %d exceeds high pkey %d", low, high); + rc = -1; + goto out; + } + + rc = parse_security_context(&newc->context[0]); + if (rc) + goto out; + + /* Preserve the matching order specified in the configuration. */ + head = policydbp->ocontexts[OCON_IBPKEY]; + for (l = NULL, c = head; c; l = c, c = c->next) { + unsigned int low2, high2; + + low2 = c->u.ibpkey.low_pkey; + high2 = c->u.ibpkey.high_pkey; + + if (low == low2 && high == high2 && + c->u.ibpkey.subnet_prefix == newc->u.ibpkey.subnet_prefix) { + yyerror2("duplicate ibpkeycon entry for %d-%d ", + low, high); + rc = -1; + goto out; + } + if (low2 <= low && high2 >= high && + c->u.ibpkey.subnet_prefix == newc->u.ibpkey.subnet_prefix) { + yyerror2("ibpkeycon entry for %d-%d hidden by earlier entry for %d-%d", + low, high, low2, high2); + rc = -1; + goto out; + } + } + + if (l) + l->next = newc; + else + policydbp->ocontexts[OCON_IBPKEY] = newc; + + return 0; + +out: + free(newc); + return rc; +} + int define_netif_context(void) { ocontext_t *newc, *c, *head; diff --git a/checkpolicy/policy_define.h b/checkpolicy/policy_define.h index 9f4b6d0d..75e3683b 100644 --- a/checkpolicy/policy_define.h +++ b/checkpolicy/policy_define.h @@ -43,6 +43,7 @@ int define_level(void); int define_netif_context(void); int define_permissive(void); int define_polcap(void); +int define_ibpkey_context(unsigned int low, unsigned int high); int define_port_context(unsigned int low, unsigned int high); int define_pirq_context(unsigned int pirq); int define_iomem_context(uint64_t low, uint64_t high); diff --git a/checkpolicy/policy_parse.y b/checkpolicy/policy_parse.y index 1ac1c96b..35b433bd 100644 --- a/checkpolicy/policy_parse.y +++ b/checkpolicy/policy_parse.y @@ -21,6 +21,7 @@ * Copyright (C) 2004-2005 Trusted Computer Solutions, Inc. * Copyright (C) 2003 - 2008 Tresys Technology, LLC * Copyright (C) 2007 Red Hat Inc. + * Copyright (C) 2017 Mellanox Technologies Inc. * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation, version 2. @@ -135,6 +136,7 @@ typedef int (* require_func_t)(int pass); %token TARGET %token SAMEUSER %token FSCON PORTCON NETIFCON NODECON +%token IBPKEYCON %token PIRQCON IOMEMCON IOPORTCON PCIDEVICECON DEVICETREECON %token FSUSEXATTR FSUSETASK FSUSETRANS %token GENFSCON @@ -170,7 +172,7 @@ base_policy : { if (define_policy(pass, 0) == -1) return -1; } opt_default_rules opt_mls te_rbac users opt_constraints { if (pass == 1) { if (policydb_index_bools(policydbp)) return -1;} else if (pass == 2) { if (policydb_index_others(NULL, policydbp, 0)) return -1;}} - initial_sid_contexts opt_fs_contexts opt_fs_uses opt_genfs_contexts net_contexts opt_dev_contexts + initial_sid_contexts opt_fs_contexts opt_fs_uses opt_genfs_contexts net_contexts opt_dev_contexts opt_ibpkey_contexts ; classes : class_def | classes class_def @@ -713,6 +715,17 @@ port_context_def : PORTCON identifier number security_context_def | PORTCON identifier number '-' number security_context_def {if (define_port_context($3,$5)) return -1;} ; +opt_ibpkey_contexts : ibpkey_contexts + | + ; +ibpkey_contexts : ibpkey_context_def + | ibpkey_contexts ibpkey_context_def + ; +ibpkey_context_def : IBPKEYCON ipv6_addr number security_context_def + {if (define_ibpkey_context($3,$3)) return -1;} + | IBPKEYCON ipv6_addr number '-' number security_context_def + {if (define_ibpkey_context($3,$5)) return -1;} + ; opt_netif_contexts : netif_contexts | ; diff --git a/checkpolicy/policy_scan.l b/checkpolicy/policy_scan.l index 028bd25e..f742939a 100644 --- a/checkpolicy/policy_scan.l +++ b/checkpolicy/policy_scan.l @@ -12,6 +12,7 @@ * Added support for binary policy modules * * Copyright (C) 2003-5 Tresys Technology, LLC + * Copyright (C) 2017 Mellanox Technologies Inc. * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation, version 2. @@ -183,6 +184,8 @@ INCOMP | incomp { return(INCOMP);} fscon | FSCON { return(FSCON);} +ibpkeycon | +IBPKEYCON { return(IBPKEYCON);} portcon | PORTCON { return(PORTCON);} netifcon | diff --git a/libsepol/include/sepol/policydb/policydb.h b/libsepol/include/sepol/policydb/policydb.h index 99e49902..d06d2153 100644 --- a/libsepol/include/sepol/policydb/policydb.h +++ b/libsepol/include/sepol/policydb/policydb.h @@ -24,6 +24,7 @@ * Copyright (C) 2004-2005 Trusted Computer Solutions, Inc. * Copyright (C) 2003 - 2004 Tresys Technology, LLC * Copyright (C) 2003 - 2004 Red Hat, Inc. + * Copyright (C) 2017 Mellanox Techonolgies Inc. * * This library is free software; you can redistribute it and/or * modify it under the terms of the GNU Lesser General Public @@ -358,6 +359,11 @@ typedef struct ocontext { uint32_t low_ioport; uint32_t high_ioport; } ioport; + struct { + uint64_t subnet_prefix; + uint16_t low_pkey; + uint16_t high_pkey; + } ibpkey; } u; union { uint32_t sclass; /* security class for genfs */ @@ -386,14 +392,14 @@ typedef struct genfs { #define SYM_NUM 8 /* object context array indices */ -#define OCON_ISID 0 /* initial SIDs */ -#define OCON_FS 1 /* unlabeled file systems */ -#define OCON_PORT 2 /* TCP and UDP port numbers */ -#define OCON_NETIF 3 /* network interfaces */ -#define OCON_NODE 4 /* nodes */ -#define OCON_FSUSE 5 /* fs_use */ -#define OCON_NODE6 6 /* IPv6 nodes */ -#define OCON_GENFS 7 /* needed for ocontext_supported */ +#define OCON_ISID 0 /* initial SIDs */ +#define OCON_FS 1 /* unlabeled file systems */ +#define OCON_PORT 2 /* TCP and UDP port numbers */ +#define OCON_NETIF 3 /* network interfaces */ +#define OCON_NODE 4 /* nodes */ +#define OCON_FSUSE 5 /* fs_use */ +#define OCON_NODE6 6 /* IPv6 nodes */ +#define OCON_IBPKEY 7 /* Infiniband PKEY */ /* object context array indices for Xen */ #define OCON_XEN_ISID 0 /* initial SIDs */ @@ -404,7 +410,7 @@ typedef struct genfs { #define OCON_XEN_DEVICETREE 5 /* device tree node */ /* OCON_NUM needs to be the largest index in any platform's ocontext array */ -#define OCON_NUM 7 +#define OCON_NUM 8 /* section: module information */ @@ -726,10 +732,11 @@ extern int policydb_set_target_platform(policydb_t *p, int platform); #define POLICYDB_VERSION_CONSTRAINT_NAMES 29 #define POLICYDB_VERSION_XEN_DEVICETREE 30 /* Xen-specific */ #define POLICYDB_VERSION_XPERMS_IOCTL 30 /* Linux-specific */ +#define POLICYDB_VERSION_INFINIBAND 31 /* Linux-specific */ /* Range of policy versions we understand*/ #define POLICYDB_VERSION_MIN POLICYDB_VERSION_BASE -#define POLICYDB_VERSION_MAX POLICYDB_VERSION_XPERMS_IOCTL +#define POLICYDB_VERSION_MAX POLICYDB_VERSION_INFINIBAND /* Module versions and specific changes*/ #define MOD_POLICYDB_VERSION_BASE 4 @@ -749,9 +756,10 @@ extern int policydb_set_target_platform(policydb_t *p, int platform); #define MOD_POLICYDB_VERSION_DEFAULT_TYPE 16 #define MOD_POLICYDB_VERSION_CONSTRAINT_NAMES 17 #define MOD_POLICYDB_VERSION_XPERMS_IOCTL 18 +#define MOD_POLICYDB_VERSION_INFINIBAND 19 #define MOD_POLICYDB_VERSION_MIN MOD_POLICYDB_VERSION_BASE -#define MOD_POLICYDB_VERSION_MAX MOD_POLICYDB_VERSION_XPERMS_IOCTL +#define MOD_POLICYDB_VERSION_MAX MOD_POLICYDB_VERSION_INFINIBAND #define POLICYDB_CONFIG_MLS 1