Skip to content

Commit b1f87be

Browse files
jrjohansenjrjohansen
committed
apparmor: Document that label must be last member in struct aa_profile
The label struct is variable length. While its use in struct aa_profile is fixed length at 2 entries the variable length member needs to be the last member in the structure. The code already does this but the comment has it in the wrong location. Also add a comment to ensure it stays at the end of the structure. While we are at it, update the documentation for other profile members as well. Signed-off-by: John Johansen <[email protected]>
1 parent 4c0dc42 commit b1f87be

File tree

1 file changed

+8
-1
lines changed

1 file changed

+8
-1
lines changed

security/apparmor/include/policy.h

Lines changed: 8 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -198,21 +198,26 @@ struct aa_attachment {
198198

199199
/* struct aa_profile - basic confinement data
200200
* @base - base components of the profile (name, refcount, lists, lock ...)
201-
* @label - label this profile is an extension of
202201
* @parent: parent of profile
203202
* @ns: namespace the profile is in
204203
* @rename: optional profile name that this profile renamed
205204
*
206205
* @audit: the auditing mode of the profile
207206
* @mode: the enforcement mode of the profile
208207
* @path_flags: flags controlling path generation behavior
208+
* @signal: the signal that should be used when kill is used
209209
* @disconnected: what to prepend if attach_disconnected is specified
210210
* @attach: attachment rules for the profile
211211
* @rules: rules to be enforced
212212
*
213+
* learning_cache: the accesses learned in complain mode
214+
* raw_data: rawdata of the loaded profile policy
215+
* hash: cryptographic hash of the profile
213216
* @dents: dentries for the profiles file entries in apparmorfs
214217
* @dirname: name of the profile dir in apparmorfs
218+
* @dents: set of dentries associated with the profile
215219
* @data: hashtable for free-form policy aa_data
220+
* @label - label this profile is an extension of
216221
*
217222
* The AppArmor profile contains the basic confinement data. Each profile
218223
* has a name, and exists in a namespace. The @name and @exec_match are
@@ -247,6 +252,8 @@ struct aa_profile {
247252
char *dirname;
248253
struct dentry *dents[AAFS_PROF_SIZEOF];
249254
struct rhashtable *data;
255+
256+
/* special - variable length must be last entry in profile */
250257
struct aa_label label;
251258
};
252259

0 commit comments

Comments
 (0)