summaryrefslogtreecommitdiffstats
path: root/security/apparmor/match.c
diff options
context:
space:
mode:
Diffstat (limited to 'security/apparmor/match.c')
-rw-r--r--security/apparmor/match.c47
1 files changed, 37 insertions, 10 deletions
diff --git a/security/apparmor/match.c b/security/apparmor/match.c
index 3f900fcca8fb..eb0efef746f5 100644
--- a/security/apparmor/match.c
+++ b/security/apparmor/match.c
@@ -20,11 +20,38 @@
#include <linux/err.h>
#include <linux/kref.h>
-#include "include/apparmor.h"
+#include "include/lib.h"
#include "include/match.h"
#define base_idx(X) ((X) & 0xffffff)
+static char nulldfa_src[] = {
+ #include "nulldfa.in"
+};
+struct aa_dfa *nulldfa;
+
+int aa_setup_dfa_engine(void)
+{
+ int error;
+
+ nulldfa = aa_dfa_unpack(nulldfa_src, sizeof(nulldfa_src),
+ TO_ACCEPT1_FLAG(YYTD_DATA32) |
+ TO_ACCEPT2_FLAG(YYTD_DATA32));
+ if (!IS_ERR(nulldfa))
+ return 0;
+
+ error = PTR_ERR(nulldfa);
+ nulldfa = NULL;
+
+ return error;
+}
+
+void aa_teardown_dfa_engine(void)
+{
+ aa_put_dfa(nulldfa);
+ nulldfa = NULL;
+}
+
/**
* unpack_table - unpack a dfa table (one of accept, default, base, next check)
* @blob: data to unpack (NOT NULL)
@@ -46,11 +73,11 @@ static struct table_header *unpack_table(char *blob, size_t bsize)
/* loaded td_id's start at 1, subtract 1 now to avoid doing
* it every time we use td_id as an index
*/
- th.td_id = be16_to_cpu(*(u16 *) (blob)) - 1;
+ th.td_id = be16_to_cpu(*(__be16 *) (blob)) - 1;
if (th.td_id > YYTD_ID_MAX)
goto out;
- th.td_flags = be16_to_cpu(*(u16 *) (blob + 2));
- th.td_lolen = be32_to_cpu(*(u32 *) (blob + 8));
+ th.td_flags = be16_to_cpu(*(__be16 *) (blob + 2));
+ th.td_lolen = be32_to_cpu(*(__be32 *) (blob + 8));
blob += sizeof(struct table_header);
if (!(th.td_flags == YYTD_DATA16 || th.td_flags == YYTD_DATA32 ||
@@ -68,13 +95,13 @@ static struct table_header *unpack_table(char *blob, size_t bsize)
table->td_lolen = th.td_lolen;
if (th.td_flags == YYTD_DATA8)
UNPACK_ARRAY(table->td_data, blob, th.td_lolen,
- u8, byte_to_byte);
+ u8, u8, byte_to_byte);
else if (th.td_flags == YYTD_DATA16)
UNPACK_ARRAY(table->td_data, blob, th.td_lolen,
- u16, be16_to_cpu);
+ u16, __be16, be16_to_cpu);
else if (th.td_flags == YYTD_DATA32)
UNPACK_ARRAY(table->td_data, blob, th.td_lolen,
- u32, be32_to_cpu);
+ u32, __be32, be32_to_cpu);
else
goto fail;
/* if table was vmalloced make sure the page tables are synced
@@ -222,14 +249,14 @@ struct aa_dfa *aa_dfa_unpack(void *blob, size_t size, int flags)
if (size < sizeof(struct table_set_header))
goto fail;
- if (ntohl(*(u32 *) data) != YYTH_MAGIC)
+ if (ntohl(*(__be32 *) data) != YYTH_MAGIC)
goto fail;
- hsize = ntohl(*(u32 *) (data + 4));
+ hsize = ntohl(*(__be32 *) (data + 4));
if (size < hsize)
goto fail;
- dfa->flags = ntohs(*(u16 *) (data + 12));
+ dfa->flags = ntohs(*(__be16 *) (data + 12));
data += hsize;
size -= hsize;