proxmox-mirrors/mirror_lxc
1
0
Fork 0
mirror of https://git.proxmox.com/git/mirror_lxc synced 2025-08-06 17:44:23 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

apparmor: don't try to mmap empty files

Browse Source 
In case empty profile files linger somehow (eg. powerloss or
oom killer etc. between creating and writing the file) we
tried to use mmap() with a length of 0 which is invalid.
Let's treat this as if it did not exist.

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
This commit is contained in:
Wolfgang Bumiller 2023-02-27 11:02:43 +01:00 committed by Stéphane Graber
parent 706ee25cda
commit 3754e803fd
No known key found for this signature in database
GPG Key ID: C638974D64792D67
1 changed files with 8 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
src/lxc/lsm/apparmor.c
View File

@ -973,12 +973,14 @@ static int load_apparmor_profile(struct lsm_ops *ops, struct lxc_conf *conf, con
goto out;
}
old_len = profile_sb.st_size;
old_content = lxc_strmmap(NULL, old_len, PROT_READ,
MAP_PRIVATE, profile_fd, 0);
if (old_content == MAP_FAILED) {
SYSERROR("Failed to mmap old profile from %s",
profile_path);
goto out;
if (old_len) {
old_content = lxc_strmmap(NULL, old_len, PROT_READ,
MAP_PRIVATE, profile_fd, 0);
if (old_content == MAP_FAILED) {
SYSERROR("Failed to mmap old profile from %s",
profile_path);
goto out;
}
}
} else if (errno != ENOENT) {
SYSERROR("Error reading old profile from %s", profile_path);