1
Index: linux-2.6/security/apparmor/apparmor.h
2
===================================================================
3
--- linux-2.6.orig/security/apparmor/apparmor.h
4
+++ linux-2.6/security/apparmor/apparmor.h
5
@@ -253,7 +253,8 @@ extern void free_aa_profile(struct aa_pr
6
extern void free_aa_profile_kref(struct kref *kref);
9
-extern size_t aa_getprocattr(struct aa_profile *profile, char *str, size_t size);
10
+extern int aa_getprocattr(struct aa_profile *profile, char **string,
12
extern int aa_setprocattr_changehat(char *hatinfo, size_t infosize);
13
extern int aa_setprocattr_setprofile(struct task_struct *task,
15
Index: linux-2.6/security/apparmor/lsm.c
16
===================================================================
17
--- linux-2.6.orig/security/apparmor/lsm.c
18
+++ linux-2.6/security/apparmor/lsm.c
19
@@ -575,11 +575,11 @@ static void apparmor_task_reparent_to_in
22
static int apparmor_getprocattr(struct task_struct *task, char *name,
23
- void *value, size_t size)
28
struct aa_profile *profile;
31
/* AppArmor only supports the "current" process attribute */
32
if (strcmp(name, "current") != 0) {
33
@@ -594,8 +594,10 @@ static int apparmor_getprocattr(struct t
36
profile = aa_get_profile(task);
37
- error = aa_getprocattr(profile, str, size);
38
+ error = aa_getprocattr(profile, value, &len);
39
aa_put_profile(profile);
45
Index: linux-2.6/security/apparmor/procattr.c
46
===================================================================
47
--- linux-2.6.orig/security/apparmor/procattr.c
48
+++ linux-2.6/security/apparmor/procattr.c
53
-size_t aa_getprocattr(struct aa_profile *profile, char *str, size_t size)
54
+int aa_getprocattr(struct aa_profile *profile, char **string, unsigned *len)
56
- int error = -EACCES; /* default to a perm denied */
61
- size_t lena, lenm, lenp = 0;
62
- const char *enforce_str = " (enforce)";
63
- const char *complain_str = " (complain)";
64
- const char *mode_str =
65
- PROFILE_COMPLAIN(profile) ? complain_str : enforce_str;
66
+ const char *mode_str = PROFILE_COMPLAIN(profile) ?
67
+ " (complain)" : " (enforce)";
69
- lenm = strlen(mode_str);
70
+ *len = ((profile != profile->parent) ?
71
+ strlen(profile->parent->name) + 1 : 0) +
72
+ strlen(mode_str) + strlen(profile->name) + 1;
73
+ str = kmalloc(*len, GFP_ATOMIC);
77
- lena = strlen(profile->name);
80
if (profile != profile->parent) {
81
- lenp = strlen(profile->parent->name);
82
- len += (lenp + 1); /* +1 for ^ */
84
- /* DONT null terminate strings we output via proc */
85
- len += (lenm + 1); /* for \n */
89
- memcpy(str, profile->parent->name,
95
- memcpy(str, profile->name, lena);
97
- memcpy(str, mode_str, lenm);
101
- } else if (size == 0) {
105
+ memcpy(str, profile->parent->name,
106
+ strlen(profile->parent->name));
107
+ str += strlen(profile->parent->name);
110
+ memcpy(str, profile->name, strlen(profile->name));
111
+ str += strlen(profile->name);
112
+ memcpy(str, mode_str, strlen(mode_str));
113
+ str += strlen(mode_str);
116
const char *unconfined_str = "unconfined\n";
117
- len = strlen(unconfined_str);
119
- /* DONT null terminate strings we output via proc */
121
- memcpy(str, unconfined_str, len);
123
- } else if (size == 0) {
128
+ *len = strlen(unconfined_str);
129
+ str = kmalloc(*len, GFP_ATOMIC);
133
+ memcpy(str, unconfined_str, *len);
142
int aa_setprocattr_changehat(char *hatinfo, size_t infosize)