In the ongoing effort to convert all fake flexible arrays to proper flexible arrays, replace aa_buffer's 1-element "buffer" member with a flexible array.
Cc: John Johansen <john.johan...@canonical.com> Cc: Gustavo A. R. Silva <gustavo...@kernel.org> Cc: Paul Moore <p...@paul-moore.com> Cc: James Morris <jmor...@namei.org> Cc: "Serge E. Hallyn" <se...@hallyn.com> Cc: apparmor@lists.ubuntu.com Cc: linux-security-mod...@vger.kernel.org Signed-off-by: Kees Cook <keesc...@chromium.org> --- One thing I notice here is that it may be rare for "buffer" to ever change for a given kernel. Could this just be made PATH_MAX * 2 directly and remove the module parameter, etc, etc? --- security/apparmor/lsm.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/security/apparmor/lsm.c b/security/apparmor/lsm.c index d6cc4812ca53..35eb41bb9e3a 100644 --- a/security/apparmor/lsm.c +++ b/security/apparmor/lsm.c @@ -46,7 +46,7 @@ int apparmor_initialized; union aa_buffer { struct list_head list; - char buffer[1]; + DECLARE_FLEX_ARRAY(char, buffer); }; #define RESERVE_COUNT 2 @@ -1647,7 +1647,7 @@ char *aa_get_buffer(bool in_atomic) list_del(&aa_buf->list); buffer_count--; spin_unlock(&aa_buffers_lock); - return &aa_buf->buffer[0]; + return aa_buf->buffer; } if (in_atomic) { /* @@ -1670,7 +1670,7 @@ char *aa_get_buffer(bool in_atomic) pr_warn_once("AppArmor: Failed to allocate a memory buffer.\n"); return NULL; } - return &aa_buf->buffer[0]; + return aa_buf->buffer; } void aa_put_buffer(char *buf) @@ -1747,7 +1747,7 @@ static int __init alloc_buffers(void) destroy_buffers(); return -ENOMEM; } - aa_put_buffer(&aa_buf->buffer[0]); + aa_put_buffer(aa_buf->buffer); } return 0; } -- 2.34.1