apparmor: document capability.c:profile_capable ad ptr not being NULL

rlee287 · jrjohansen · commit 8532503eac69 · 2024-11-26T19:21:06.000-08:00
The profile_capabile function takes a struct apparmor_audit_data *ad,
which is documented as possibly being NULL. However, the single place that
calls this function never passes it a NULL ad. If we were ever to call
profile_capable with a NULL ad elsewhere, we would need to rework the
function, as its very first use of ad is to dereference ad-&gt;class without
checking if ad is NULL.

Thus, document profile_capable's ad parameter as not accepting NULL.

Signed-off-by: Ryan Lee &lt;ryan.lee@canonical.com&gt;
Signed-off-by: John Johansen &lt;john.johansen@canonical.com&gt;
diff --git a/security/apparmor/capability.c b/security/apparmor/capability.c
@@ -111,7 +111,7 @@ static int audit_caps(struct apparmor_audit_data *ad, struct aa_profile *profile
  * @profile: profile being enforced    (NOT NULL, NOT unconfined)
  * @cap: capability to test if allowed
  * @opts: CAP_OPT_NOAUDIT bit determines whether audit record is generated
- * @ad: audit data (MAY BE NULL indicating no auditing)
+ * @ad: audit data (NOT NULL)
  *
  * Returns: 0 if allowed else -EPERM
  */

Original file line number	Diff line number	Diff line change
`@@ -111,7 +111,7 @@ static int audit_caps(struct apparmor_audit_data ad, struct aa_profile profile`
`111`	`111`	`* @profile: profile being enforced (NOT NULL, NOT unconfined)`
`112`	`112`	`* @cap: capability to test if allowed`
`113`	`113`	`* @opts: CAP_OPT_NOAUDIT bit determines whether audit record is generated`
`114`		`- * @ad: audit data (MAY BE NULL indicating no auditing)`
	`114`	`+ * @ad: audit data (NOT NULL)`
`115`	`115`	`*`
`116`	`116`	`* Returns: 0 if allowed else -EPERM`
`117`	`117`	`*/`