summaryrefslogtreecommitdiffstats
path: root/security
diff options
context:
space:
mode:
authorJohn Johansen <john.johansen@canonical.com>2012-02-16 15:21:30 +0100
committerJohn Johansen <john.johansen@canonical.com>2012-02-27 20:38:23 +0100
commit28042fabf43b9a8ccfaa38f8c8187cc525e53fd3 (patch)
treef881ccfdb821608683bebf4013a572464e798657 /security
parentAppArmor: fix mapping of META_READ to audit and quiet flags (diff)
downloadlinux-28042fabf43b9a8ccfaa38f8c8187cc525e53fd3.tar.xz
linux-28042fabf43b9a8ccfaa38f8c8187cc525e53fd3.zip
AppArmor: Fix the error case for chroot relative path name lookup
When a chroot relative pathname lookup fails it is falling through to do a d_absolute_path lookup. This is incorrect as d_absolute_path should only be used to lookup names for namespace absolute paths. Signed-off-by: John Johansen <john.johansen@canonical.com> Acked-by: Kees Cook <kees@ubuntu.com>
Diffstat (limited to 'security')
-rw-r--r--security/apparmor/path.c5
1 files changed, 2 insertions, 3 deletions
diff --git a/security/apparmor/path.c b/security/apparmor/path.c
index 9d070a7c3ffc..c31ce837fef4 100644
--- a/security/apparmor/path.c
+++ b/security/apparmor/path.c
@@ -91,9 +91,8 @@ static int d_namespace_path(struct path *path, char *buf, int buflen,
}
path_put(&root);
connected = 0;
- }
-
- res = d_absolute_path(path, buf, buflen);
+ } else
+ res = d_absolute_path(path, buf, buflen);
*name = res;
/* handle error conditions - and still allow a partial path to