On Wed, Jul 21, 2021 at 14:46:40 +0200, Tim Wiederhake wrote: > The next commit will use this macro outside the apparmor context. > > Signed-off-by: Tim Wiederhake <twiederh@xxxxxxxxxx> > --- > src/security/security_apparmor.c | 4 ++-- > src/security/security_apparmor.h | 1 - > src/security/virt-aa-helper.c | 10 +++++----- > src/util/virfile.h | 3 +++ > 4 files changed, 10 insertions(+), 8 deletions(-) [...] > diff --git a/src/util/virfile.h b/src/util/virfile.h > index 72368495bf..b6bcd1257d 100644 > --- a/src/util/virfile.h > +++ b/src/util/virfile.h > @@ -42,6 +42,9 @@ typedef enum { > # define VIR_FILE_MODULE_EXT ".so" > #endif > > +/* 10MB limit for sanity check */ > +#define VIR_MAX_FILE_LEN (10 * 1024 * 1024) Here you should add a note that this limit is arbitrary and it isn't an inherent limit of the file access functions where it's going to be used. Or alternatively pick a different name for it (VIR_MAX_FILE_LEN_10M?), since the name implies that it's an inherent limit. No need to repost, just propose what solution you'd like.