qiurui
/
linux-kernelorg-stable
mirror of https://kernel.googlesource.com/pub/scm/linux/kernel/git/stable/linux.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
linux-kernelorg-stable/security/apparmor
History
Helge Deller 785e79e1d3 apparmor: Fix 8-byte alignment for initial dfa blob streams 
commit c567de2c4f upstream.

The dfa blob stream for the aa_dfa_unpack() function is expected to be aligned
on a 8 byte boundary.

The static nulldfa_src[] and stacksplitdfa_src[] arrays store the initial
apparmor dfa blob streams, but since they are declared as an array-of-chars
the compiler and linker will only ensure a "char" (1-byte) alignment.

Add an __aligned(8) annotation to the arrays to tell the linker to always
align them on a 8-byte boundary. This avoids runtime warnings at startup on
alignment-sensitive platforms like parisc such as:

 Kernel: unaligned access to 0x7f2a584a in aa_dfa_unpack+0x124/0x788 (iir 0xca0109f)
 Kernel: unaligned access to 0x7f2a584e in aa_dfa_unpack+0x210/0x788 (iir 0xca8109c)
 Kernel: unaligned access to 0x7f2a586a in aa_dfa_unpack+0x278/0x788 (iir 0xcb01090)

Signed-off-by: Helge Deller <deller@gmx.de>
Cc: stable@vger.kernel.org
Fixes: 98b824ff89 ("apparmor: refcount the pdb")
Signed-off-by: John Johansen <john.johansen@canonical.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 		2025-08-28 16:30:56 +02:00
..
include apparmor: use the condition in AA_BUG_FMT even with debug disabled 2025-08-20 18:30:47 +02:00
.gitignore
Kconfig apparmor: switch SECURITY_APPARMOR_HASH from sha1 to sha256 2023-11-19 00:47:56 -08:00
Makefile
apparmorfs.c apparmor: fix possible NULL pointer dereference 2024-05-10 08:59:05 -07:00
audit.c ima: Avoid blocking in RCU read-side critical section 2024-06-13 14:26:50 -04:00
capability.c apparmor: fix 'Do simple duplicate message elimination' 2024-12-05 14:02:39 +01:00
crypto.c apparmor: switch SECURITY_APPARMOR_HASH from sha1 to sha256 2023-11-19 00:47:56 -08:00
domain.c apparmor: fix x_table_lookup when stacking is not the first entry 2025-08-20 18:30:47 +02:00
file.c apparmor: shift ouid when mediating hard links in userns 2025-08-20 18:30:46 +02:00
ipc.c
label.c
lib.c apparmor: fix possible memory leak in unpack_trans_table 2024-01-04 01:34:00 -08:00
lsm.c apparmor: Fix 8-byte alignment for initial dfa blob streams 2025-08-28 16:30:56 +02:00
match.c apparmor: fix loop detection used in conflicting attachment resolution 2025-08-15 12:13:59 +02:00
mount.c apparmor: take nosymfollow flag into account 2024-07-24 10:33:58 -07:00
net.c lsm: infrastructure management of the sock security 2024-07-29 16:54:50 -04:00
nulldfa.in
path.c
policy.c apparmor: allocate xmatch for nullpdb inside aa_alloc_null 2025-01-23 17:23:05 +01:00
policy_compat.c
policy_ns.c
policy_unpack.c move asm/unaligned.h to linux/unaligned.h 2024-10-02 17:23:23 -04:00
policy_unpack_test.c apparmor: Fix unaligned memory accesses in KUnit test 2025-08-15 12:13:59 +02:00
procattr.c AppArmor: Add selfattr hooks 2023-11-12 22:54:42 -05:00
resource.c
secid.c
stacksplitdfa.in
task.c apparmor: add missing params to aa_may_ptrace kernel-doc comments 2023-11-19 01:19:41 -08:00