apparmor: Fix undefined reference to `zlib_deflate_workspacesize'

author John Johansen <john.johansen@canonical.com>

Tue, 22 Feb 2022 10:09:20 +0000 (02:09 -0800)

committer John Johansen <john.johansen@canonical.com>

Sat, 9 Jul 2022 22:13:59 +0000 (15:13 -0700)
author John Johansen <john.johansen@canonical.com>
Tue, 22 Feb 2022 10:09:20 +0000 (02:09 -0800)
committer John Johansen <john.johansen@canonical.com>
Sat, 9 Jul 2022 22:13:59 +0000 (15:13 -0700)
diff --git a/security/apparmor/apparmorfs.c b/security/apparmor/apparmorfs.c

index 4d7df85..8b9c92f 100644 (file)
--- a/security/apparmor/apparmorfs.c
+++ b/security/apparmor/apparmorfs.c
@@ -1296,44 +1296,47 @@ SEQ_RAWDATA_FOPS(compressed_size);
  
  static int deflate_decompress(char *src, size_t slen, char *dst, size_t dlen)
  {
-       int error;
-       struct z_stream_s strm;
-
-       if (aa_g_rawdata_compression_level == 0) {
-               if (dlen < slen)
-                       return -EINVAL;
-               memcpy(dst, src, slen);
-               return 0;
-       }
+#ifdef CONFIG_SECURITY_APPARMOR_EXPORT_BINARY
+       if (aa_g_rawdata_compression_level != 0) {
+               int error = 0;
+               struct z_stream_s strm;
  
-       memset(&strm, 0, sizeof(strm));
+               memset(&strm, 0, sizeof(strm));
  
-       strm.workspace = kvzalloc(zlib_inflate_workspacesize(), GFP_KERNEL);
-       if (!strm.workspace)
-               return -ENOMEM;
+               strm.workspace = kvzalloc(zlib_inflate_workspacesize(), GFP_KERNEL);
+               if (!strm.workspace)
+                       return -ENOMEM;
  
-       strm.next_in = src;
-       strm.avail_in = slen;
+               strm.next_in = src;
+               strm.avail_in = slen;
  
-       error = zlib_inflateInit(&strm);
-       if (error != Z_OK) {
-               error = -ENOMEM;
-               goto fail_inflate_init;
-       }
+               error = zlib_inflateInit(&strm);
+               if (error != Z_OK) {
+                       error = -ENOMEM;
+                       goto fail_inflate_init;
+               }
  
-       strm.next_out = dst;
-       strm.avail_out = dlen;
+               strm.next_out = dst;
+               strm.avail_out = dlen;
  
-       error = zlib_inflate(&strm, Z_FINISH);
-       if (error != Z_STREAM_END)
-               error = -EINVAL;
-       else
-               error = 0;
+               error = zlib_inflate(&strm, Z_FINISH);
+               if (error != Z_STREAM_END)
+                       error = -EINVAL;
+               else
+                       error = 0;
  
-       zlib_inflateEnd(&strm);
+               zlib_inflateEnd(&strm);
  fail_inflate_init:
-       kvfree(strm.workspace);
-       return error;
+               kvfree(strm.workspace);
+
+               return error;
+       }
+#endif
+
+       if (dlen < slen)
+               return -EINVAL;
+       memcpy(dst, src, slen);
+       return 0;
  }
  
  static ssize_t rawdata_read(struct file *file, char __user *buf, size_t size,
diff --git a/security/apparmor/policy_unpack.c b/security/apparmor/policy_unpack.c

index 3cc0fd2..df4033d 100644 (file)
--- a/security/apparmor/policy_unpack.c
+++ b/security/apparmor/policy_unpack.c
@@ -1056,6 +1056,7 @@ struct aa_load_ent *aa_load_ent_alloc(void)
  static int deflate_compress(const char *src, size_t slen, char **dst,
                             size_t *dlen)
  {
+#ifdef CONFIG_SECURITY_APPARMOR_EXPORT_BINARY
         int error;
         struct z_stream_s strm;
         void *stgbuf, *dstbuf;
@@ -1127,6 +1128,10 @@ fail_deflate_init:
  fail_deflate:
         kvfree(stgbuf);
         goto fail_stg_alloc;
+#else
+       *dlen = slen;
+       return 0;
+#endif
  }
  
  static int compress_loaddata(struct aa_loaddata *data)
@@ -1145,7 +1150,8 @@ static int compress_loaddata(struct aa_loaddata *data)
                 if (error)
                         return error;
  
-               kvfree(udata);
+               if (udata != data->data)
+                       kvfree(udata);
         } else
                 data->compressed_size = data->size;
author	John Johansen <john.johansen@canonical.com>
	Tue, 22 Feb 2022 10:09:20 +0000 (02:09 -0800)
committer	John Johansen <john.johansen@canonical.com>
	Sat, 9 Jul 2022 22:13:59 +0000 (15:13 -0700)
security/apparmor/apparmorfs.c		patch \| blob \| history
security/apparmor/policy_unpack.c		patch \| blob \| history