diff options
| author | Thorsten Blum <thorsten.blum@linux.dev> | 2026-02-22 22:40:38 +0100 |
|---|---|---|
| committer | John Johansen <john.johansen@canonical.com> | 2026-04-22 10:57:52 -0700 |
| commit | 497ad4be355b70a6786dd9344710d98b14b92848 (patch) | |
| tree | ba73bec4a84c81ffdce7eb860d29951a5143ad03 /security | |
| parent | e6a522c5b4803b8f5632d5ce8f27431a1ae73222 (diff) | |
| download | linux-next-history-497ad4be355b70a6786dd9344710d98b14b92848.tar.gz | |
apparmor: Use sysfs_emit in param_get_{audit,mode}
Replace sprintf() with sysfs_emit() in param_get_audit() and
param_get_mode(). sysfs_emit() is preferred for formatting sysfs output
because it provides safer bounds checking. Add terminating newlines as
suggested by checkpatch.
Signed-off-by: Thorsten Blum <thorsten.blum@linux.dev>
Signed-off-by: John Johansen <john.johansen@canonical.com>
Diffstat (limited to 'security')
| -rw-r--r-- | security/apparmor/lsm.c | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/security/apparmor/lsm.c b/security/apparmor/lsm.c index 6f15b968a32a7..49b5e4f329832 100644 --- a/security/apparmor/lsm.c +++ b/security/apparmor/lsm.c @@ -17,6 +17,7 @@ #include <linux/ptrace.h> #include <linux/ctype.h> #include <linux/sysctl.h> +#include <linux/sysfs.h> #include <linux/audit.h> #include <linux/user_namespace.h> #include <linux/netfilter_ipv4.h> @@ -2064,7 +2065,7 @@ static int param_get_audit(char *buffer, const struct kernel_param *kp) return -EINVAL; if (apparmor_initialized && !aa_current_policy_view_capable(NULL)) return -EPERM; - return sprintf(buffer, "%s", audit_mode_names[aa_g_audit]); + return sysfs_emit(buffer, "%s\n", audit_mode_names[aa_g_audit]); } static int param_set_audit(const char *val, const struct kernel_param *kp) @@ -2092,8 +2093,7 @@ static int param_get_mode(char *buffer, const struct kernel_param *kp) return -EINVAL; if (apparmor_initialized && !aa_current_policy_view_capable(NULL)) return -EPERM; - - return sprintf(buffer, "%s", aa_profile_mode_names[aa_g_profile_mode]); + return sysfs_emit(buffer, "%s\n", aa_profile_mode_names[aa_g_profile_mode]); } static int param_set_mode(const char *val, const struct kernel_param *kp) |