From 068b9f8f5dec46b222470f6d3f03244ba5b65f5c Mon Sep 17 00:00:00 2001
From: NymanRobin <robin.nyman@est.tech>
Date: Thu, 2 May 2024 11:20:01 +0300
Subject: Compare mount by value instead of reference

This has to be since the mounts are reloaded
each time a mount is added. In case of two
mounts mounting at the same time there will
be a race condition for applying policy.

Signed-off-by: NymanRobin <robin.nyman@est.tech>
---
 actions/policy.go | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

(limited to 'actions')

diff --git a/actions/policy.go b/actions/policy.go
index c621725..d745f8b 100644
--- a/actions/policy.go
+++ b/actions/policy.go
@@ -24,6 +24,7 @@ import (
 	"log"
 	"os"
 	"os/user"
+	"reflect"
 
 	"github.com/pkg/errors"
 	"google.golang.org/protobuf/proto"
@@ -452,7 +453,7 @@ func (policy *Policy) AddProtector(protector *Protector) error {
 
 	// If the protector is on a different filesystem, we need to add a link
 	// to it on the policy's filesystem.
-	if policy.Context.Mount != protector.Context.Mount {
+	if !reflect.DeepEqual(policy.Context.Mount, protector.Context.Mount) {
 		log.Printf("policy on %s\n protector on %s\n", policy.Context.Mount, protector.Context.Mount)
 		ownerIfCreating, err := getOwnerOfMetadataForProtector(protector)
 		if err != nil {
@@ -525,7 +526,7 @@ func (policy *Policy) RemoveProtector(protectorDescriptor string) error {
 func (policy *Policy) Apply(path string) error {
 	if pathMount, err := filesystem.FindMount(path); err != nil {
 		return err
-	} else if pathMount != policy.Context.Mount {
+	} else if !reflect.DeepEqual(pathMount, policy.Context.Mount) {
 		return &ErrDifferentFilesystem{policy.Context.Mount, pathMount}
 	}
 
-- 
cgit v1.2.3