aboutsummaryrefslogtreecommitdiffstats
path: root/security/apparmor/match.c
diff options
context:
space:
mode:
Diffstat (limited to 'security/apparmor/match.c')
-rw-r--r--security/apparmor/match.c23
1 files changed, 12 insertions, 11 deletions
diff --git a/security/apparmor/match.c b/security/apparmor/match.c
index 90971a8c3789..727eb4200d5c 100644
--- a/security/apparmor/match.c
+++ b/security/apparmor/match.c
@@ -4,7 +4,7 @@
4 * This file contains AppArmor dfa based regular expression matching engine 4 * This file contains AppArmor dfa based regular expression matching engine
5 * 5 *
6 * Copyright (C) 1998-2008 Novell/SUSE 6 * Copyright (C) 1998-2008 Novell/SUSE
7 * Copyright 2009-2010 Canonical Ltd. 7 * Copyright 2009-2012 Canonical Ltd.
8 * 8 *
9 * This program is free software; you can redistribute it and/or 9 * This program is free software; you can redistribute it and/or
10 * modify it under the terms of the GNU General Public License as 10 * modify it under the terms of the GNU General Public License as
@@ -23,6 +23,8 @@
23#include "include/apparmor.h" 23#include "include/apparmor.h"
24#include "include/match.h" 24#include "include/match.h"
25 25
26#define base_idx(X) ((X) & 0xffffff)
27
26/** 28/**
27 * unpack_table - unpack a dfa table (one of accept, default, base, next check) 29 * unpack_table - unpack a dfa table (one of accept, default, base, next check)
28 * @blob: data to unpack (NOT NULL) 30 * @blob: data to unpack (NOT NULL)
@@ -30,7 +32,7 @@
30 * 32 *
31 * Returns: pointer to table else NULL on failure 33 * Returns: pointer to table else NULL on failure
32 * 34 *
33 * NOTE: must be freed by kvfree (not kmalloc) 35 * NOTE: must be freed by kvfree (not kfree)
34 */ 36 */
35static struct table_header *unpack_table(char *blob, size_t bsize) 37static struct table_header *unpack_table(char *blob, size_t bsize)
36{ 38{
@@ -57,7 +59,7 @@ static struct table_header *unpack_table(char *blob, size_t bsize)
57 if (bsize < tsize) 59 if (bsize < tsize)
58 goto out; 60 goto out;
59 61
60 table = kvmalloc(tsize); 62 table = kvzalloc(tsize);
61 if (table) { 63 if (table) {
62 *table = th; 64 *table = th;
63 if (th.td_flags == YYTD_DATA8) 65 if (th.td_flags == YYTD_DATA8)
@@ -137,8 +139,7 @@ static int verify_dfa(struct aa_dfa *dfa, int flags)
137 for (i = 0; i < state_count; i++) { 139 for (i = 0; i < state_count; i++) {
138 if (DEFAULT_TABLE(dfa)[i] >= state_count) 140 if (DEFAULT_TABLE(dfa)[i] >= state_count)
139 goto out; 141 goto out;
140 /* TODO: do check that DEF state recursion terminates */ 142 if (base_idx(BASE_TABLE(dfa)[i]) + 255 >= trans_count) {
141 if (BASE_TABLE(dfa)[i] + 255 >= trans_count) {
142 printk(KERN_ERR "AppArmor DFA next/check upper " 143 printk(KERN_ERR "AppArmor DFA next/check upper "
143 "bounds error\n"); 144 "bounds error\n");
144 goto out; 145 goto out;
@@ -314,7 +315,7 @@ unsigned int aa_dfa_match_len(struct aa_dfa *dfa, unsigned int start,
314 u8 *equiv = EQUIV_TABLE(dfa); 315 u8 *equiv = EQUIV_TABLE(dfa);
315 /* default is direct to next state */ 316 /* default is direct to next state */
316 for (; len; len--) { 317 for (; len; len--) {
317 pos = base[state] + equiv[(u8) *str++]; 318 pos = base_idx(base[state]) + equiv[(u8) *str++];
318 if (check[pos] == state) 319 if (check[pos] == state)
319 state = next[pos]; 320 state = next[pos];
320 else 321 else
@@ -323,7 +324,7 @@ unsigned int aa_dfa_match_len(struct aa_dfa *dfa, unsigned int start,
323 } else { 324 } else {
324 /* default is direct to next state */ 325 /* default is direct to next state */
325 for (; len; len--) { 326 for (; len; len--) {
326 pos = base[state] + (u8) *str++; 327 pos = base_idx(base[state]) + (u8) *str++;
327 if (check[pos] == state) 328 if (check[pos] == state)
328 state = next[pos]; 329 state = next[pos];
329 else 330 else
@@ -364,7 +365,7 @@ unsigned int aa_dfa_match(struct aa_dfa *dfa, unsigned int start,
364 u8 *equiv = EQUIV_TABLE(dfa); 365 u8 *equiv = EQUIV_TABLE(dfa);
365 /* default is direct to next state */ 366 /* default is direct to next state */
366 while (*str) { 367 while (*str) {
367 pos = base[state] + equiv[(u8) *str++]; 368 pos = base_idx(base[state]) + equiv[(u8) *str++];
368 if (check[pos] == state) 369 if (check[pos] == state)
369 state = next[pos]; 370 state = next[pos];
370 else 371 else
@@ -373,7 +374,7 @@ unsigned int aa_dfa_match(struct aa_dfa *dfa, unsigned int start,
373 } else { 374 } else {
374 /* default is direct to next state */ 375 /* default is direct to next state */
375 while (*str) { 376 while (*str) {
376 pos = base[state] + (u8) *str++; 377 pos = base_idx(base[state]) + (u8) *str++;
377 if (check[pos] == state) 378 if (check[pos] == state)
378 state = next[pos]; 379 state = next[pos];
379 else 380 else
@@ -409,14 +410,14 @@ unsigned int aa_dfa_next(struct aa_dfa *dfa, unsigned int state,
409 u8 *equiv = EQUIV_TABLE(dfa); 410 u8 *equiv = EQUIV_TABLE(dfa);
410 /* default is direct to next state */ 411 /* default is direct to next state */
411 412
412 pos = base[state] + equiv[(u8) c]; 413 pos = base_idx(base[state]) + equiv[(u8) c];
413 if (check[pos] == state) 414 if (check[pos] == state)
414 state = next[pos]; 415 state = next[pos];
415 else 416 else
416 state = def[state]; 417 state = def[state];
417 } else { 418 } else {
418 /* default is direct to next state */ 419 /* default is direct to next state */
419 pos = base[state] + (u8) c; 420 pos = base_idx(base[state]) + (u8) c;
420 if (check[pos] == state) 421 if (check[pos] == state)
421 state = next[pos]; 422 state = next[pos];
422 else 423 else
generated by cgit v1.2.2 (git 2.25.0) at 2024-12-16 00:40:47 -0500