[PATCH 2/4] UBUNTU: SAUCE: apparmor: fix notification header size

[John Johansen]

BugLink: https://bugs.launchpad.net/bugs/2040250

When strings are appended to the notification the header size should
be updated to reflect the correct size. While the size is also
directly returned as part of delivering the notification, the header
should also be update to conform to specification and allow for
verification.

If verification is enabled and the notification contains appended
strings then notifications fail verification and won't be delivered.

Fixes: 9a3b87d8b9a0 ("UBUNTU: SAUCE: apparmor4.0.0 [64/76]: prompt - rework build to use append fn, to simplify adding strings")
Signed-off-by: John Johansen <john.johansen at canonical.com>
---
 security/apparmor/notify.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/security/apparmor/notify.c b/security/apparmor/notify.c
index 63d0e03b429a..e1c5697f79c7 100644
--- a/security/apparmor/notify.c
+++ b/security/apparmor/notify.c
@@ -975,6 +975,9 @@ static long build_v3_unotif(struct aa_knotif *knotif, void __user *buf,
 	if (!build_append_str(buf, pos, max_size, knotif->ad->name,
 			      unotif.file.name, size))
 		return size;
+
+	/* set size after appending strings */
+	unotif.common.len = size;
 	/* now the struct, at the start of user mem */
 	if (copy_to_user(buf, &unotif, sizeof(unotif)))
 		return -EFAULT;
-- 
2.34.1