When __d_path and d_absolute_path fail due to the name being outside of the current namespace no name is reported. Use dentry_path to provide some hint as to which file was being accessed.
Signed-off-by: John Johansen <[email protected]> --- security/apparmor/path.c | 15 +++++++++------ 1 files changed, 9 insertions(+), 6 deletions(-) diff --git a/security/apparmor/path.c b/security/apparmor/path.c index 70b09bb..96fb310 100644 --- a/security/apparmor/path.c +++ b/security/apparmor/path.c @@ -95,18 +95,21 @@ static int d_namespace_path(struct path *path, char *buf, int buflen, } else res = d_absolute_path(path, buf, buflen); - *name = res; /* handle error conditions - and still allow a partial path to * be returned. */ if (IS_ERR(res)) { - error = PTR_ERR(res); - *name = buf; - goto out; - } - if (!our_mnt(path->mnt)) + res = dentry_path_raw(path->dentry, buf, buflen); + if (IS_ERR(res)) { + error = PTR_ERR(res); + *name = buf; + goto out; + }; + } else if (!our_mnt(path->mnt)) connected = 0; + *name = res; + ok: /* Handle two cases: * 1. A deleted dentry && profile is not allowing mediation of deleted -- 1.7.9 -- AppArmor mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
