On Sun, Feb 22, 2026 at 09:46:44PM +0100, Thorsten Blum wrote: > Use kmemdup_nul() to copy 'value' instead of using memcpy() followed by > a manual NUL termination. No functional changes. > > Signed-off-by: Thorsten Blum <[email protected]>
Looks correct, thanks. Reviewed-by: Serge Hallyn <[email protected]> > --- > security/apparmor/lsm.c | 5 +---- > 1 file changed, 1 insertion(+), 4 deletions(-) > > diff --git a/security/apparmor/lsm.c b/security/apparmor/lsm.c > index c1d42fc72fdb..49aa6ad68838 100644 > --- a/security/apparmor/lsm.c > +++ b/security/apparmor/lsm.c > @@ -858,12 +858,9 @@ static int do_setattr(u64 attr, void *value, size_t size) > > /* AppArmor requires that the buffer must be null terminated atm */ > if (args[size - 1] != '\0') { > - /* null terminate */ > - largs = args = kmalloc(size + 1, GFP_KERNEL); > + largs = args = kmemdup_nul(value, size, GFP_KERNEL); > if (!args) > return -ENOMEM; > - memcpy(args, value, size); > - args[size] = '\0'; > } > > error = -EINVAL; > -- > Thorsten Blum <[email protected]> > GPG: 1D60 735E 8AEF 3BE4 73B6 9D84 7336 78FD 8DFE EAD4
