[apparmor] [PATCH 06/16] apparmor: fix disconnected bind mnts reconnection
John Johansen
john.johansen at canonical.com
Thu Apr 21 06:52:48 UTC 2016
Bind mounts can fail to be properly reconnected when PATH_CONNECT is
specified. Ensure that when PATH_CONNECT is specified the path has
a root.
BugLink: http://bugs.launchpad.net/bugs/1319984
Signed-off-by: John Johansen <john.johansen at canonical.com>
---
security/apparmor/path.c | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/security/apparmor/path.c b/security/apparmor/path.c
index 71e0e3a..bb2f2c6 100644
--- a/security/apparmor/path.c
+++ b/security/apparmor/path.c
@@ -141,7 +141,10 @@ static int d_namespace_path(struct path *path, char *buf, int buflen,
error = -EACCES;
if (*res == '/')
*name = res + 1;
- }
+ } else if (*res != '/')
+ /* CONNECT_PATH with missing root */
+ error = prepend(name, *name - buf, "/", 1);
+
}
out:
--
2.7.4
More information about the AppArmor
mailing list