Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security

{

	struct common_audit_data sa;

	struct apparmor_audit_data aad = {0,};

	char *command, *args = value;

	char *command, *largs = NULL, *args = value;

	size_t arg_size;

	int error;

	if (size == 0)

		return -EINVAL;

	/* args points to a PAGE_SIZE buffer, AppArmor requires that

	 * the buffer must be null terminated or have size <= PAGE_SIZE -1

	 * so that AppArmor can null terminate them

	 */

	if (args[size - 1] != '\0') {

		if (size == PAGE_SIZE)

			return -EINVAL;

		args[size] = '\0';

	}

	/* task can only write its own attributes */

	if (current != task)

		return -EACCES;

	args = value;

	/* AppArmor requires that the buffer must be null terminated atm */

	if (args[size - 1] != '\0') {

		/* null terminate */

		largs = args = kmalloc(size + 1, GFP_KERNEL);

		if (!args)

			return -ENOMEM;

		memcpy(args, value, size);

		args[size] = '\0';

	}

	error = -EINVAL;

	args = strim(args);

	command = strsep(&args, " ");

	if (!args)

		return -EINVAL;

		goto out;

	args = skip_spaces(args);

	if (!*args)

		return -EINVAL;

		goto out;

	arg_size = size - (args - (char *) value);

	if (strcmp(name, "current") == 0) {

			goto fail;

	} else

		/* only support the "current" and "exec" process attributes */

		return -EINVAL;

		goto fail;

	if (!error)

		error = size;

out:

	kfree(largs);

	return error;

fail:

	aad.profile = aa_current_profile();

	aad.op = OP_SETPROCATTR;

	aad.info = name;

	aad.error = -EINVAL;

	aad.error = error = -EINVAL;

	aa_audit_msg(AUDIT_APPARMOR_DENIED, &sa, NULL);

	return -EINVAL;

	goto out;

}

static int apparmor_task_setrlimit(struct task_struct *task,