From 06b451d31b0c00e3a640c65bdbe5c8387a017e22 Mon Sep 17 00:00:00 2001
From: Brendan Jackman <brendan.jackman@arm.com>
Date: Wed, 4 Oct 2017 13:25:06 +0100
Subject: [PATCH] framework: Add feature to mark workloads unsafe for
 confidential devices

Some workloads, such as Geekbench, may phone home and report data about the
device they are running on. This poses a risk for users that are testing on
unreleased or otherwise confidential devices - perhaps they use a standard
agenda to run a large battery of tests, in which case they may forget to disable
these dangerous workloads.

This provides a mechanism to prevent running those workloads from running by
setting allow_phone_home=False in the user configuration.
---
 wa/framework/configuration/core.py | 13 +++++++++++++
 wa/framework/execution.py          |  7 +++++++
 wa/framework/workload.py           | 11 +++++++++++
 3 files changed, 31 insertions(+)

diff --git a/wa/framework/configuration/core.py b/wa/framework/configuration/core.py
index b5ae7e83..8db5d553 100644
--- a/wa/framework/configuration/core.py
+++ b/wa/framework/configuration/core.py
@@ -783,6 +783,19 @@ class RunConfiguration(Configuration):
             export the output to an exeternal location.
             ''',
         ),
+        ConfigurationPoint(
+            'allow_phone_home',
+            kind=bool, default=True,
+            description='''
+            Setting this to ``False`` prevents running any workloads that are marked
+            with 'phones_home', meaning they are at risk of exposing information
+            about the device to the outside world. For example, some benchmark
+            applications upload device data to a database owned by the
+            maintainers.
+
+            This can be used to minimise the risk of accidentally running such
+            workloads when testing confidential devices.
+            '''),
     ]
     configuration = {cp.name: cp for cp in config_points + meta_data}
 
diff --git a/wa/framework/execution.py b/wa/framework/execution.py
index 590f55bd..d665389c 100644
--- a/wa/framework/execution.py
+++ b/wa/framework/execution.py
@@ -411,6 +411,13 @@ class Runner(object):
             self.check_job(job)
 
     def do_run_job(self, job, context):
+        rc = self.context.cm.run_config
+        if job.workload.phones_home and not rc.allow_phone_home:
+            self.logger.warning('Skipping job {} ({}) due to allow_phone_home=False'
+                                .format(job.id, job.workload.name))
+            job.set_status(Status.SKIPPED)
+            return
+
         job.set_status(Status.RUNNING)
         self.send(signal.JOB_STARTED)
 
diff --git a/wa/framework/workload.py b/wa/framework/workload.py
index baaba343..7638b376 100644
--- a/wa/framework/workload.py
+++ b/wa/framework/workload.py
@@ -39,6 +39,17 @@ class Workload(TargetedPlugin):
 
     kind = 'workload'
 
+    phones_home = False
+    """
+    Set this to True to mark that this workload poses a risk of exposing
+    information to the outside world about the device it runs on. An example of
+    this would be a benchmark application that sends scores and device data to a
+    database owned by the maintainer.
+
+    The user can then set allow_phone_home=False in their configuration to
+    prevent this workload from being run accidentally.
+    """
+
     def init_resources(self, context):
         """
         This method may be used to perform early resource discovery and