apparmor: Fix & Optimize table creation from possibly unaligned memory

Source blob may come from userspace and might be unaligned.
Try to optize the copying process by avoiding unaligned memory accesses.

- Added Fixes tag
- Added "Fix &" to description as this doesn't just optimize but fixes
        a potential unaligned memory access
Fixes: e6e8bf418850d ("apparmor: fix restricted endian type warnings for dfa unpack")
Signed-off-by: Helge Deller <deller@gmx.de>
[jj: remove duplicate word "convert" in comment trigger checkpatch warning]
Signed-off-by: John Johansen <john.johansen@canonical.com>

diff --git a/security/apparmor/include/match.h b/security/apparmor/include/match.h
index 1fbe82f5021b16886025233672f07dd25784c12e..0dde8eda3d1a596c507c180e319beb8d1e51d0d1 100644 (file)
--- a/security/apparmor/include/match.h
+++ b/security/apparmor/include/match.h
@@ -104,16 +104,18 @@ struct aa_dfa {
        struct table_header *tables[YYTD_ID_TSIZE];
 };
 
-#define byte_to_byte(X) (X)
-
 #define UNPACK_ARRAY(TABLE, BLOB, LEN, TTYPE, BTYPE, NTOHX)    \
        do { \
                typeof(LEN) __i; \
                TTYPE *__t = (TTYPE *) TABLE; \
                BTYPE *__b = (BTYPE *) BLOB; \
-               for (__i = 0; __i < LEN; __i++) { \
-                       __t[__i] = NTOHX(__b[__i]); \
-               } \
+               BUILD_BUG_ON(sizeof(TTYPE) != sizeof(BTYPE)); \
+               if (IS_ENABLED(CONFIG_CPU_BIG_ENDIAN)) \
+                       memcpy(__t, __b, (LEN) * sizeof(BTYPE)); \
+               else /* copy & convert from big-endian */ \
+                       for (__i = 0; __i < LEN; __i++) { \
+                               __t[__i] = NTOHX(&__b[__i]); \
+                       } \
        } while (0)
 
 static inline size_t table_size(size_t len, size_t el_size)

diff --git a/security/apparmor/match.c b/security/apparmor/match.c
index 26e82ba879d44c7b43f30b280a6340c688f1a7ed..bbeb3be68572f1d8668b73d5e3ba1fb61bfde205 100644 (file)
--- a/security/apparmor/match.c
+++ b/security/apparmor/match.c
@@ -67,14 +67,13 @@ static struct table_header *unpack_table(char *blob, size_t bsize)
                table->td_flags = th.td_flags;
                table->td_lolen = th.td_lolen;
                if (th.td_flags == YYTD_DATA8)
-                       UNPACK_ARRAY(table->td_data, blob, th.td_lolen,
-                                    u8, u8, byte_to_byte);
+                       memcpy(table->td_data, blob, th.td_lolen);
                else if (th.td_flags == YYTD_DATA16)
                        UNPACK_ARRAY(table->td_data, blob, th.td_lolen,
-                                    u16, __be16, be16_to_cpu);
+                                    u16, __be16, get_unaligned_be16);
                else if (th.td_flags == YYTD_DATA32)
                        UNPACK_ARRAY(table->td_data, blob, th.td_lolen,
-                                    u32, __be32, be32_to_cpu);
+                                    u32, __be32, get_unaligned_be32);
                else
                        goto fail;
                /* if table was vmalloced make sure the page tables are synced