apparmor: document capability.c:profile_capable ad ptr not being NULL

The profile_capabile function takes a struct apparmor_audit_data *ad,
which is documented as possibly being NULL. However, the single place that
calls this function never passes it a NULL ad. If we were ever to call
profile_capable with a NULL ad elsewhere, we would need to rework the
function, as its very first use of ad is to dereference ad->class without
checking if ad is NULL.

Thus, document profile_capable's ad parameter as not accepting NULL.

Signed-off-by: Ryan Lee <ryan.lee@canonical.com>
Signed-off-by: John Johansen <john.johansen@canonical.com>

diff --git a/security/apparmor/capability.c b/security/apparmor/capability.c
index bf7df60868308d0581fae211946f5bd2679149f1..630b5f99b3130a01a11760c323743ca9bf16f83d 100644 (file)
--- a/security/apparmor/capability.c
+++ b/security/apparmor/capability.c
@@ -111,7 +111,7 @@ static int audit_caps(struct apparmor_audit_data *ad, struct aa_profile *profile
  * @profile: profile being enforced    (NOT NULL, NOT unconfined)
  * @cap: capability to test if allowed
  * @opts: CAP_OPT_NOAUDIT bit determines whether audit record is generated
- * @ad: audit data (MAY BE NULL indicating no auditing)
+ * @ad: audit data (NOT NULL)
  *
  * Returns: 0 if allowed else -EPERM
  */