AppArmor: Fix the error case for chroot relative path name lookup
John Johansen [Thu, 16 Feb 2012 14:21:30 +0000 (06:21 -0800)]
When a chroot relative pathname lookup fails it is falling through to
do a d_absolute_path lookup.  This is incorrect as d_absolute_path should
only be used to lookup names for namespace absolute paths.

Signed-off-by: John Johansen <john.johansen@canonical.com>
Acked-by: Kees Cook <kees@ubuntu.com>

security/apparmor/path.c

index 9d070a7..c31ce83 100644 (file)
@@ -91,9 +91,8 @@ static int d_namespace_path(struct path *path, char *buf, int buflen,
                }
                path_put(&root);
                connected = 0;
-       }
-
-       res = d_absolute_path(path, buf, buflen);
+       } else
+               res = d_absolute_path(path, buf, buflen);
 
        *name = res;
        /* handle error conditions - and still allow a partial path to