From patchwork Sat Dec 7 16:52:51 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrew Cooper X-Patchwork-Id: 11277669 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 2A517930 for ; Sat, 7 Dec 2019 16:54:19 +0000 (UTC) Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id F090824673 for ; Sat, 7 Dec 2019 16:54:18 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=fail reason="signature verification failed" (1024-bit key) header.d=citrix.com header.i=@citrix.com header.b="JDw3coQ9" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org F090824673 Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=citrix.com Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1iddKK-0001TE-FE; Sat, 07 Dec 2019 16:53:04 +0000 Received: from us1-rack-iad1.inumbo.com ([172.99.69.81]) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1iddKJ-0001T9-2b for xen-devel@lists.xenproject.org; Sat, 07 Dec 2019 16:53:03 +0000 X-Inumbo-ID: 0499da52-1912-11ea-a1e1-bc764e2007e4 Received: from esa5.hc3370-68.iphmx.com (unknown [216.71.155.168]) by us1-rack-iad1.inumbo.com (Halon) with ESMTPS id 0499da52-1912-11ea-a1e1-bc764e2007e4; Sat, 07 Dec 2019 16:52:57 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=citrix.com; s=securemail; t=1575737577; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version; bh=/FdFJaveInpq0PepbCf79b7l7Jgjsx9OuI5LZga/E60=; b=JDw3coQ9/PX+NfcoprAR7uUj9O32WjTg+lJ+8UvCcdNNyU9qL2yYpz4Q e7bJ8Z7FebdARlgLBDf7+/EinJ8vJfUbdtO1bVoQQb21+v9dA/UOYNKoc VAWnkJL6vjh1HVWRAPuE3dUVHwLZRgG9WoFStIFdIHfFDCkx4GHTdRRj5 E=; Authentication-Results: esa5.hc3370-68.iphmx.com; dkim=none (message not signed) header.i=none; spf=None smtp.pra=andrew.cooper3@citrix.com; spf=Pass smtp.mailfrom=Andrew.Cooper3@citrix.com; spf=None smtp.helo=postmaster@mail.citrix.com Received-SPF: None (esa5.hc3370-68.iphmx.com: no sender authenticity information available from domain of andrew.cooper3@citrix.com) identity=pra; client-ip=162.221.158.21; receiver=esa5.hc3370-68.iphmx.com; envelope-from="Andrew.Cooper3@citrix.com"; x-sender="andrew.cooper3@citrix.com"; x-conformance=sidf_compatible Received-SPF: Pass (esa5.hc3370-68.iphmx.com: domain of Andrew.Cooper3@citrix.com designates 162.221.158.21 as permitted sender) identity=mailfrom; client-ip=162.221.158.21; receiver=esa5.hc3370-68.iphmx.com; envelope-from="Andrew.Cooper3@citrix.com"; x-sender="Andrew.Cooper3@citrix.com"; x-conformance=sidf_compatible; x-record-type="v=spf1"; x-record-text="v=spf1 ip4:209.167.231.154 ip4:178.63.86.133 ip4:195.66.111.40/30 ip4:85.115.9.32/28 ip4:199.102.83.4 ip4:192.28.146.160 ip4:192.28.146.107 ip4:216.52.6.88 ip4:216.52.6.188 ip4:162.221.158.21 ip4:162.221.156.83 ip4:168.245.78.127 ~all" Received-SPF: None (esa5.hc3370-68.iphmx.com: no sender authenticity information available from domain of postmaster@mail.citrix.com) identity=helo; client-ip=162.221.158.21; receiver=esa5.hc3370-68.iphmx.com; envelope-from="Andrew.Cooper3@citrix.com"; x-sender="postmaster@mail.citrix.com"; x-conformance=sidf_compatible IronPort-SDR: 0RN1OxF1NQADeTXIHlMLjI3NtPuR4/hM/AgRkK47OLRRoUnSg2yE4tNrAw9ZrwBKHiCZcqyw47 Yn4uHBYGLjMdhGicDekgwwKJIL+85v76JTMKNDC9niEq/NpHEvxX/sFmvsXcGfr2lCSLuQ18Sx vWtSI3tZnUuKweryLUplzYWZMKuTRvwGBxQaF8mYdcWhhXI9B1z4QNLCJgArJ8X60VUo8X2bwc jYOQvVNhDf58hv6cbgCqUhJIzVtt8etb4vUI/1IDLfqUGLoZYHFakWbaJ5eeLRWgoZ2G0vs7ng 4L4= X-SBRS: 2.7 X-MesageID: 9704955 X-Ironport-Server: esa5.hc3370-68.iphmx.com X-Remote-IP: 162.221.158.21 X-Policy: $RELAYED X-IronPort-AV: E=Sophos;i="5.69,288,1571716800"; d="scan'208";a="9704955" From: Andrew Cooper To: Xen-devel Date: Sat, 7 Dec 2019 16:52:51 +0000 Message-ID: <20191207165252.1045-2-andrew.cooper3@citrix.com> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20191207165252.1045-1-andrew.cooper3@citrix.com> References: <20191207165252.1045-1-andrew.cooper3@citrix.com> MIME-Version: 1.0 Subject: [Xen-devel] [PATCH 1/2] xen/flask: Fix Python 3 problems with gen-policy.py X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Cc: Juergen Gross , Andrew Cooper , Daniel De Graaf Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" The script is Python 2 specific, and fails with string/binary issues with Python 3: Traceback (most recent call last): File "gen-policy.py", line 14, in for char in sys.stdin.read(): File "/usr/lib/python3.5/codecs.py", line 321, in decode (result, consumed) = self._buffer_decode(data, self.errors, final) UnicodeDecodeError: 'utf-8' codec can't decode byte 0x8c in position 0: invalid start byte Fixing the script to be compatible isn't hard, but using python here is wasteful. Drop the script entirely, and write a short flask-policy.S instead. Signed-off-by: Andrew Cooper --- CC: Daniel De Graaf CC: Juergen Gross For 4.13. This is a blocker to our intent to by Py3-clean in this release Discovered entirely accidently when testing the following patch. --- xen/xsm/flask/Makefile | 6 ++---- xen/xsm/flask/flask-policy.S | 20 ++++++++++++++++++++ xen/xsm/flask/gen-policy.py | 23 ----------------------- 3 files changed, 22 insertions(+), 27 deletions(-) create mode 100644 xen/xsm/flask/flask-policy.S delete mode 100644 xen/xsm/flask/gen-policy.py diff --git a/xen/xsm/flask/Makefile b/xen/xsm/flask/Makefile index f5ffab1226..7c3f381287 100644 --- a/xen/xsm/flask/Makefile +++ b/xen/xsm/flask/Makefile @@ -27,7 +27,8 @@ $(FLASK_H_FILES): $(FLASK_H_DEPEND) $(AV_H_FILES): $(AV_H_DEPEND) $(CONFIG_SHELL) policy/mkaccess_vector.sh $(AWK) $(AV_H_DEPEND) -obj-$(CONFIG_XSM_FLASK_POLICY) += policy.o +obj-bin-$(CONFIG_XSM_FLASK_POLICY) += flask-policy.o +flask-policy.o: policy.bin FLASK_BUILD_DIR := $(CURDIR) POLICY_SRC := $(FLASK_BUILD_DIR)/xenpolicy-$(XEN_FULLVERSION) @@ -36,9 +37,6 @@ policy.bin: FORCE $(MAKE) -f $(XEN_ROOT)/tools/flask/policy/Makefile.common -C $(XEN_ROOT)/tools/flask/policy FLASK_BUILD_DIR=$(FLASK_BUILD_DIR) cmp -s $(POLICY_SRC) $@ || cp $(POLICY_SRC) $@ -policy.c: policy.bin gen-policy.py - $(PYTHON) gen-policy.py < $< > $@ - .PHONY: clean clean:: rm -f $(ALL_H_FILES) *.o $(DEPS_RM) policy.* $(POLICY_SRC) diff --git a/xen/xsm/flask/flask-policy.S b/xen/xsm/flask/flask-policy.S new file mode 100644 index 0000000000..d78ce77fd6 --- /dev/null +++ b/xen/xsm/flask/flask-policy.S @@ -0,0 +1,20 @@ + .section .init.rodata, "a", @progbits + +/* const unsigned char xsm_flask_init_policy[] __initconst */ + .align 4 + .global xsm_flask_init_policy +xsm_flask_init_policy: + .incbin "policy.bin" +.Lend: + + .type xsm_flask_init_policy, @object + .size xsm_flask_init_policy, . - xsm_flask_init_policy + +/* const unsigned int __initconst xsm_flask_init_policy_size */ + .align 4 + .global xsm_flask_init_policy_size +xsm_flask_init_policy_size: + .long .Lend - xsm_flask_init_policy + + .type xsm_flask_init_policy_size, @object + .size xsm_flask_init_policy_size, . - xsm_flask_init_policy_size diff --git a/xen/xsm/flask/gen-policy.py b/xen/xsm/flask/gen-policy.py deleted file mode 100644 index c7501e4614..0000000000 --- a/xen/xsm/flask/gen-policy.py +++ /dev/null @@ -1,23 +0,0 @@ -#!/usr/bin/env python -import sys - -policy_size = 0 - -sys.stdout.write(""" -/* This file is autogenerated by gen_policy.py */ -#include -#include - -const unsigned char xsm_flask_init_policy[] __initconst = { -""") - -for char in sys.stdin.read(): - sys.stdout.write(" 0x%02x," % ord(char)) - policy_size = policy_size + 1 - if policy_size % 13 == 0: - sys.stdout.write("\n") - -sys.stdout.write(""" -}; -const unsigned int __initconst xsm_flask_init_policy_size = %d; -""" % policy_size)