aboutsummaryrefslogtreecommitdiffstats
path: root/security/apparmor
diff options
context:
space:
mode:
authorJohn Johansen <john.johansen@canonical.com>2012-02-16 09:28:50 -0500
committerJohn Johansen <john.johansen@canonical.com>2012-03-14 09:15:22 -0400
commitfbba8d89acea5d628d1d076b1d8962db438ff832 (patch)
tree1e3a27cb78369676de62f8587d84d281224df1ff /security/apparmor
parent33e521acff709d275950ec5bf8dd577d873cd61e (diff)
AppArmor: Retrieve the dentry_path for error reporting when path lookup fails
When __d_path and d_absolute_path fail due to the name being outside of the current namespace no name is reported. Use dentry_path to provide some hint as to which file was being accessed. Signed-off-by: John Johansen <john.johansen@canonical.com> Acked-by: Kees Cook <kees@ubuntu.com>
Diffstat (limited to 'security/apparmor')
-rw-r--r--security/apparmor/path.c15
1 files changed, 9 insertions, 6 deletions
diff --git a/security/apparmor/path.c b/security/apparmor/path.c
index 3dd605c69970..8c90fd0f49c5 100644
--- a/security/apparmor/path.c
+++ b/security/apparmor/path.c
@@ -94,18 +94,21 @@ static int d_namespace_path(struct path *path, char *buf, int buflen,
94 } else 94 } else
95 res = d_absolute_path(path, buf, buflen); 95 res = d_absolute_path(path, buf, buflen);
96 96
97 *name = res;
98 /* handle error conditions - and still allow a partial path to 97 /* handle error conditions - and still allow a partial path to
99 * be returned. 98 * be returned.
100 */ 99 */
101 if (IS_ERR(res)) { 100 if (IS_ERR(res)) {
102 error = PTR_ERR(res); 101 res = dentry_path_raw(path->dentry, buf, buflen);
103 *name = buf; 102 if (IS_ERR(res)) {
104 goto out; 103 error = PTR_ERR(res);
105 } 104 *name = buf;
106 if (!our_mnt(path->mnt)) 105 goto out;
106 };
107 } else if (!our_mnt(path->mnt))
107 connected = 0; 108 connected = 0;
108 109
110 *name = res;
111
109ok: 112ok:
110 /* Handle two cases: 113 /* Handle two cases:
111 * 1. A deleted dentry && profile is not allowing mediation of deleted 114 * 1. A deleted dentry && profile is not allowing mediation of deleted