diff options
| author | John Johansen <john.johansen@canonical.com> | 2024-11-09 20:45:58 +0100 |
|---|---|---|
| committer | John Johansen <john.johansen@canonical.com> | 2024-11-27 04:21:05 +0100 |
| commit | a2081b78e212a4cc0e8cfb64ed26cb494d8af574 (patch) | |
| tree | 961c965bff81011c573c0b17105cc973f58366b6 /security | |
| parent | apparmor: test: Fix memory leak for aa_unpack_strdup() (diff) | |
| download | linux-a2081b78e212a4cc0e8cfb64ed26cb494d8af574.tar.xz linux-a2081b78e212a4cc0e8cfb64ed26cb494d8af574.zip | |
apparmor: document first entry is in packed perms struct is reserved
Add a comment to unpack_perm to document the first entry in the packed
perms struct is reserved, and make a non-functional change of unpacking
to a temporary stack variable named "reserved" to help suppor the
documentation of which value is reserved.
Suggested-by: Serge E. Hallyn <serge@hallyn.com>
Signed-off-by: John Johansen <john.johansen@canonical.com>
Diffstat (limited to 'security')
| -rw-r--r-- | security/apparmor/policy_unpack.c | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/security/apparmor/policy_unpack.c b/security/apparmor/policy_unpack.c index 3483c595f999..992b74c50d64 100644 --- a/security/apparmor/policy_unpack.c +++ b/security/apparmor/policy_unpack.c @@ -645,10 +645,13 @@ fail: static bool unpack_perm(struct aa_ext *e, u32 version, struct aa_perms *perm) { + u32 reserved; + if (version != 1) return false; - return aa_unpack_u32(e, &perm->allow, NULL) && + /* reserved entry is for later expansion, discard for now */ + return aa_unpack_u32(e, &reserved, NULL) && aa_unpack_u32(e, &perm->allow, NULL) && aa_unpack_u32(e, &perm->deny, NULL) && aa_unpack_u32(e, &perm->subtree, NULL) && |