apparmor: Replace memcpy + NUL termination with kmemdup_nul in do_setattr

Use kmemdup_nul() to copy 'value' instead of using memcpy() followed by a manual NUL termination. No functional changes. Reviewed-by: Serge Hallyn <serge@hallyn.com> Signed-off-by: Thorsten Blum <thorsten.blum@linux.dev> Signed-off-by: John Johansen <john.johansen@canonical.com>
author: Thorsten Blum <thorsten.blum@linux.dev> 2026-01-26 00:00:15 +0300
committer: John Johansen <john.johansen@canonical.com> 2026-04-22 20:57:52 +0300
commit: 46401cc99c6237ba825cfd65ef023955ce2a6316 (patch)
tree: e32f384169802a76f251cc277729bcf0004b0977
parent: 8813837aa7f5f5a262a5ebc1a1a2a3a5ec818c70 (diff)
download: linux-46401cc99c6237ba825cfd65ef023955ce2a6316.tar.xz
1 files changed, 1 insertions, 4 deletions
diff --git a/security/apparmor/lsm.c b/security/apparmor/lsm.c
index d3af2d10fc22..553f4127d59f 100644
--- a/security/apparmor/lsm.c
+++ b/security/apparmor/lsm.c
@@ -856,12 +856,9 @@ static int do_setattr(u64 attr, void *value, size_t size)
 
 	/* AppArmor requires that the buffer must be null terminated atm */
 	if (args[size - 1] != '\0') {
-		/* null terminate */
-		largs = args = kmalloc(size + 1, GFP_KERNEL);
+		largs = args = kmemdup_nul(value, size, GFP_KERNEL);
 		if (!args)
 			return -ENOMEM;
-		memcpy(args, value, size);
-		args[size] = '\0';
 	}
 
 	error = -EINVAL;
author	Thorsten Blum <thorsten.blum@linux.dev>	2026-01-26 00:00:15 +0300
committer	John Johansen <john.johansen@canonical.com>	2026-04-22 20:57:52 +0300
commit	46401cc99c6237ba825cfd65ef023955ce2a6316 (patch)
tree	e32f384169802a76f251cc277729bcf0004b0977
parent	8813837aa7f5f5a262a5ebc1a1a2a3a5ec818c70 (diff)
download	linux-46401cc99c6237ba825cfd65ef023955ce2a6316.tar.xz