summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJohn Johansen <john.johansen@canonical.com>2012-02-16 06:21:30 -0800
committerJohn Johansen <john.johansen@canonical.com>2012-02-27 11:38:23 -0800
commit28042fabf43b9a8ccfaa38f8c8187cc525e53fd3 (patch)
treef881ccfdb821608683bebf4013a572464e798657
parent38305a4bab4be5d278443b057f7f5e97afb07f26 (diff)
AppArmor: Fix the error case for chroot relative path name lookup
When a chroot relative pathname lookup fails it is falling through to do a d_absolute_path lookup. This is incorrect as d_absolute_path should only be used to lookup names for namespace absolute paths. Signed-off-by: John Johansen <john.johansen@canonical.com> Acked-by: Kees Cook <kees@ubuntu.com>
-rw-r--r--security/apparmor/path.c5
1 files changed, 2 insertions, 3 deletions
diff --git a/security/apparmor/path.c b/security/apparmor/path.c
index 9d070a7c3ff..c31ce837fef 100644
--- a/security/apparmor/path.c
+++ b/security/apparmor/path.c
@@ -91,9 +91,8 @@ static int d_namespace_path(struct path *path, char *buf, int buflen,
}
path_put(&root);
connected = 0;
- }
-
- res = d_absolute_path(path, buf, buflen);
+ } else
+ res = d_absolute_path(path, buf, buflen);
*name = res;
/* handle error conditions - and still allow a partial path to