On Sun, Nov 20, 2022 at 10:27 PM Stephen Rothwell <sfr@xxxxxxxxxxxxxxxx> wrote:
>
> Hi all,
>
> Today's linux-next merge of the apparmor tree got a conflict in:
>
> security/apparmor/domain.c
>
> between commit:
>
> f6fbd8cbf3ed ("lsm,fs: fix vfs_getxattr_alloc() return type and caller error paths")
>
> from the security tree and commit:
>
> 217af7e2f4de ("apparmor: refactor profile rules and attachments")
>
> from the apparmor tree.
>
> I fixed it up (see below) and can carry the fix as necessary. This
> is now fixed as far as linux-next is concerned, but any non trivial
> conflicts should be mentioned to your upstream maintainer when your tree
> is submitted for merging. You may also want to consider cooperating
> with the maintainer of the conflicting tree to minimise any particularly
> complex conflicts.
>
> --
> Cheers,
> Stephen Rothwell
>
> diff --cc security/apparmor/domain.c
> index 00dc0ec066de,b447bc13ea8e..000000000000
> --- a/security/apparmor/domain.c
> +++ b/security/apparmor/domain.c
> @@@ -308,14 -296,16 +296,15 @@@ static int change_profile_perms(struct
> * Returns: number of extended attributes that matched, or < 0 on error
> */
> static int aa_xattrs_match(const struct linux_binprm *bprm,
> - struct aa_profile *profile, unsigned int state)
> + struct aa_profile *profile, aa_state_t state)
> {
> int i;
> - ssize_t size;
> struct dentry *d;
> char *value = NULL;
> - int size, value_size = 0, ret = profile->xattr_count;
> + struct aa_attachment *attach = &profile->attach;
> - int value_size = 0, ret = attach->xattr_count;
> ++ int size, value_size = 0, ret = attach->xattr_count;
>
> - if (!bprm || !profile->xattr_count)
> + if (!bprm || !attach->xattr_count)
> return 0;
> might_sleep();
John's the AppArmor expert, but this looks okay to me. As a reminder,
the lsm/next commit only changes the type of @size from a ssize_t to
an int type.
--
paul-moore.com
