diff options
Diffstat (limited to 'security/selinux/ss/policydb.c')
-rw-r--r-- | security/selinux/ss/policydb.c | 60 |
1 files changed, 34 insertions, 26 deletions
diff --git a/security/selinux/ss/policydb.c b/security/selinux/ss/policydb.c index 7b03fa0f92b0..0a758323a9cf 100644 --- a/security/selinux/ss/policydb.c +++ b/security/selinux/ss/policydb.c @@ -744,7 +744,8 @@ int policydb_context_isvalid(struct policydb *p, struct context *c) */ static int mls_read_range_helper(struct mls_range *r, void *fp) { - u32 buf[2], items; + __le32 buf[2]; + u32 items; int rc; rc = next_entry(buf, fp, sizeof(u32)); @@ -805,7 +806,7 @@ static int context_read_and_validate(struct context *c, struct policydb *p, void *fp) { - u32 buf[3]; + __le32 buf[3]; int rc; rc = next_entry(buf, fp, sizeof buf); @@ -845,7 +846,8 @@ static int perm_read(struct policydb *p, struct hashtab *h, void *fp) char *key = NULL; struct perm_datum *perdatum; int rc; - u32 buf[2], len; + __le32 buf[2]; + u32 len; perdatum = kmalloc(sizeof(*perdatum), GFP_KERNEL); if (!perdatum) { @@ -885,7 +887,8 @@ static int common_read(struct policydb *p, struct hashtab *h, void *fp) { char *key = NULL; struct common_datum *comdatum; - u32 buf[4], len, nel; + __le32 buf[4]; + u32 len, nel; int i, rc; comdatum = kmalloc(sizeof(*comdatum), GFP_KERNEL); @@ -939,7 +942,8 @@ static int read_cons_helper(struct constraint_node **nodep, int ncons, { struct constraint_node *c, *lc; struct constraint_expr *e, *le; - u32 buf[3], nexpr; + __le32 buf[3]; + u32 nexpr; int rc, i, j, depth; lc = NULL; @@ -1023,7 +1027,8 @@ static int class_read(struct policydb *p, struct hashtab *h, void *fp) { char *key = NULL; struct class_datum *cladatum; - u32 buf[6], len, len2, ncons, nel; + __le32 buf[6]; + u32 len, len2, ncons, nel; int i, rc; cladatum = kmalloc(sizeof(*cladatum), GFP_KERNEL); @@ -1117,7 +1122,8 @@ static int role_read(struct policydb *p, struct hashtab *h, void *fp) char *key = NULL; struct role_datum *role; int rc; - u32 buf[2], len; + __le32 buf[2]; + u32 len; role = kmalloc(sizeof(*role), GFP_KERNEL); if (!role) { @@ -1177,7 +1183,8 @@ static int type_read(struct policydb *p, struct hashtab *h, void *fp) char *key = NULL; struct type_datum *typdatum; int rc; - u32 buf[3], len; + __le32 buf[3]; + u32 len; typdatum = kmalloc(sizeof(*typdatum),GFP_KERNEL); if (!typdatum) { @@ -1221,7 +1228,7 @@ bad: */ static int mls_read_level(struct mls_level *lp, void *fp) { - u32 buf[1]; + __le32 buf[1]; int rc; memset(lp, 0, sizeof(*lp)); @@ -1249,7 +1256,8 @@ static int user_read(struct policydb *p, struct hashtab *h, void *fp) char *key = NULL; struct user_datum *usrdatum; int rc; - u32 buf[2], len; + __le32 buf[2]; + u32 len; usrdatum = kmalloc(sizeof(*usrdatum), GFP_KERNEL); if (!usrdatum) { @@ -1303,7 +1311,8 @@ static int sens_read(struct policydb *p, struct hashtab *h, void *fp) char *key = NULL; struct level_datum *levdatum; int rc; - u32 buf[2], len; + __le32 buf[2]; + u32 len; levdatum = kmalloc(sizeof(*levdatum), GFP_ATOMIC); if (!levdatum) { @@ -1354,7 +1363,8 @@ static int cat_read(struct policydb *p, struct hashtab *h, void *fp) char *key = NULL; struct cat_datum *catdatum; int rc; - u32 buf[3], len; + __le32 buf[3]; + u32 len; catdatum = kmalloc(sizeof(*catdatum), GFP_ATOMIC); if (!catdatum) { @@ -1417,7 +1427,8 @@ int policydb_read(struct policydb *p, void *fp) struct ocontext *l, *c, *newc; struct genfs *genfs_p, *genfs, *newgenfs; int i, j, rc; - u32 buf[8], len, len2, config, nprim, nel, nel2; + __le32 buf[8]; + u32 len, len2, config, nprim, nel, nel2; char *policydb_str; struct policydb_compat_info *info; struct range_trans *rt, *lrt; @@ -1433,17 +1444,14 @@ int policydb_read(struct policydb *p, void *fp) if (rc < 0) goto bad; - for (i = 0; i < 2; i++) - buf[i] = le32_to_cpu(buf[i]); - - if (buf[0] != POLICYDB_MAGIC) { + if (le32_to_cpu(buf[0]) != POLICYDB_MAGIC) { printk(KERN_ERR "security: policydb magic number 0x%x does " "not match expected magic number 0x%x\n", - buf[0], POLICYDB_MAGIC); + le32_to_cpu(buf[0]), POLICYDB_MAGIC); goto bad; } - len = buf[1]; + len = le32_to_cpu(buf[1]); if (len != strlen(POLICYDB_STRING)) { printk(KERN_ERR "security: policydb string length %d does not " "match expected length %Zu\n", @@ -1478,19 +1486,17 @@ int policydb_read(struct policydb *p, void *fp) rc = next_entry(buf, fp, sizeof(u32)*4); if (rc < 0) goto bad; - for (i = 0; i < 4; i++) - buf[i] = le32_to_cpu(buf[i]); - p->policyvers = buf[0]; + p->policyvers = le32_to_cpu(buf[0]); if (p->policyvers < POLICYDB_VERSION_MIN || p->policyvers > POLICYDB_VERSION_MAX) { printk(KERN_ERR "security: policydb version %d does not match " "my version range %d-%d\n", - buf[0], POLICYDB_VERSION_MIN, POLICYDB_VERSION_MAX); + le32_to_cpu(buf[0]), POLICYDB_VERSION_MIN, POLICYDB_VERSION_MAX); goto bad; } - if ((buf[1] & POLICYDB_CONFIG_MLS)) { + if ((le32_to_cpu(buf[1]) & POLICYDB_CONFIG_MLS)) { if (ss_initialized && !selinux_mls_enabled) { printk(KERN_ERR "Cannot switch between non-MLS and MLS " "policies\n"); @@ -1519,9 +1525,11 @@ int policydb_read(struct policydb *p, void *fp) goto bad; } - if (buf[2] != info->sym_num || buf[3] != info->ocon_num) { + if (le32_to_cpu(buf[2]) != info->sym_num || + le32_to_cpu(buf[3]) != info->ocon_num) { printk(KERN_ERR "security: policydb table sizes (%d,%d) do " - "not match mine (%d,%d)\n", buf[2], buf[3], + "not match mine (%d,%d)\n", le32_to_cpu(buf[2]), + le32_to_cpu(buf[3]), info->sym_num, info->ocon_num); goto bad; } |