AppArmor: Fix error returned when a path lookup is disconnected The returning of -ESATLE when a path lookup fails as disconnected is wrong. Since AppArmor is rejecting the access return -EACCES instead. This also fixes a bug in complain (learning) mode where disconnected paths are denied because -ESTALE errors are not ignored causing failures that can change application behavior. Signed-off-by: John Johansen <john.johansen@canonical.com>

commit: ef9a762279c9ce98c592fb144b31898411feb94d [log] [tgz]
author: John Johansen <john.johansen@canonical.com> Sat Mar 10 11:19:51 2012 -0800
committer: John Johansen <john.johansen@canonical.com> Wed Mar 14 06:14:52 2012 -0700
tree: 4cb159b99e792781af212324aee7c8be4b549c38
parent: f67dabbdde1fe112dfff05d02890f1e0d54117a8 [diff] [blame]
diff --git a/security/apparmor/path.c b/security/apparmor/path.c
index c31ce83..3dd605c 100644
--- a/security/apparmor/path.c
+++ b/security/apparmor/path.c

@@ -137,7 +137,7 @@
 			/* disconnected path, don't return pathname starting
 			 * with '/'
 			 */
-			error = -ESTALE;
+			error = -EACCES;
 			if (*res == '/')
 				*name = res + 1;
 		}
commit	ef9a762279c9ce98c592fb144b31898411feb94d	[log] [tgz]
author	John Johansen <john.johansen@canonical.com>	Sat Mar 10 11:19:51 2012 -0800
committer	John Johansen <john.johansen@canonical.com>	Wed Mar 14 06:14:52 2012 -0700
tree	4cb159b99e792781af212324aee7c8be4b549c38
parent	f67dabbdde1fe112dfff05d02890f1e0d54117a8 [diff] [blame]