AppArmor: Retrieve the dentry_path for error reporting when path lookup fails

When __d_path and d_absolute_path fail due to the name being outside of the current namespace no name is reported. Use dentry_path to provide some hint as to which file was being accessed. Signed-off-by: John Johansen <john.johansen@canonical.com> Acked-by: Kees Cook <kees@ubuntu.com>
2012-02-16 06:28:50 -08:00 · 2012-02-16 06:28:50 -08:00 · fbba8d89ac
--- a/security/apparmor/path.c
+++ b/security/apparmor/path.c
@ -94,18 +94,21 @@ static int d_namespace_path(struct path *path, char *buf, int buflen,
 	} else
 		res = d_absolute_path(path, buf, buflen);

-	*name = res;
 	/* handle error conditions - and still allow a partial path to
 	 * be returned.
 	 */
 	if (IS_ERR(res)) {
-		error = PTR_ERR(res);
-		*name = buf;
-		goto out;
-	}
-	if (!our_mnt(path->mnt))
+		res = dentry_path_raw(path->dentry, buf, buflen);
+		if (IS_ERR(res)) {
+			error = PTR_ERR(res);
+			*name = buf;
+			goto out;
+		};
+	} else if (!our_mnt(path->mnt))
 		connected = 0;

+	*name = res;
+
 ok:
 	/* Handle two cases:
 	 * 1. A deleted dentry && profile is not allowing mediation of deleted