[PATCH 3.12 207/235] apparmor: fix disconnected bind mnts reconnection
From: Jiri Slaby
Date: Fri Jan 27 2017 - 06:26:09 EST
From: John Johansen <john.johansen@xxxxxxxxxxxxx>
3.12-stable review patch. If anyone has any objections, please let me know.
===============
commit f2e561d190da7ff5ee265fa460e2d7f753dddfda upstream.
Bind mounts can fail to be properly reconnected when PATH_CONNECT is
specified. Ensure that when PATH_CONNECT is specified the path has
a root.
BugLink: http://bugs.launchpad.net/bugs/1319984
Signed-off-by: John Johansen <john.johansen@xxxxxxxxxxxxx>
Acked-by: Seth Arnold <seth.arnold@xxxxxxxxxxxxx>
Signed-off-by: Jiri Slaby <jslaby@xxxxxxx>
---
security/apparmor/path.c | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/security/apparmor/path.c b/security/apparmor/path.c
index 35b394a75d76..0f232e5cd18c 100644
--- a/security/apparmor/path.c
+++ b/security/apparmor/path.c
@@ -141,7 +141,10 @@ static int d_namespace_path(struct path *path, char *buf, int buflen,
error = -EACCES;
if (*res == '/')
*name = res + 1;
- }
+ } else if (*res != '/')
+ /* CONNECT_PATH with missing root */
+ error = prepend(name, *name - buf, "/", 1);
+
}
out:
--
2.11.0