apparmor: don't try to mmap empty files

In case empty profile files linger somehow (eg. powerloss or
oom killer etc. between creating and writing the file) we
tried to use mmap() with a length of 0 which is invalid.
Let's treat this as if it did not exist.

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>

diff --git a/src/lxc/lsm/apparmor.c b/src/lxc/lsm/apparmor.c
index 23af021aae7b21257e3677d69ee1efeea009e4ec..685d3b9ef7735d36b314fc5b948b58c35ff9631c 100644 (file)
--- a/src/lxc/lsm/apparmor.c
+++ b/src/lxc/lsm/apparmor.c
@@ -973,12 +973,14 @@ static int load_apparmor_profile(struct lsm_ops *ops, struct lxc_conf *conf, con
                        goto out;
                }
                old_len = profile_sb.st_size;
-               old_content = lxc_strmmap(NULL, old_len, PROT_READ,
-                                         MAP_PRIVATE, profile_fd, 0);
-               if (old_content == MAP_FAILED) {
-                       SYSERROR("Failed to mmap old profile from %s",
-                                profile_path);
-                       goto out;
+               if (old_len) {
+                       old_content = lxc_strmmap(NULL, old_len, PROT_READ,
+                                                 MAP_PRIVATE, profile_fd, 0);
+                       if (old_content == MAP_FAILED) {
+                               SYSERROR("Failed to mmap old profile from %s",
+                                        profile_path);
+                               goto out;
+                       }
                }
        } else if (errno != ENOENT) {
                SYSERROR("Error reading old profile from %s", profile_path);