apparmor/kernel-patches/for-mainline/unreachabe-paths.diff

There is no need to go throught the whole state machine for unreachable
dentries; they will never match.

Index: b/security/apparmor/main.c
===================================================================
--- a/security/apparmor/main.c
+++ b/security/apparmor/main.c
@@ -172,6 +172,14 @@ static char *aa_get_name(struct dentry *
 
 		name = d_namespace_path(dentry, mnt, buf, size);
 		if (!IS_ERR(name)) {
+			if (name[0] != '/') {
+				/*
+				 * This dentry is not connected to the
+				 * namespace root -- reject access.
+				 */
+				kfree(buf);
+				return ERR_PTR(-ENOENT);
+			}
 			*buffer = buf;
 			return name;
 		}
Two minor cleanups / improvements 2007-02-22 04:45:15 +00:00			`There is no need to go throught the whole state machine for unreachable`
			`dentries; they will never match.`

			`Index: b/security/apparmor/main.c`
			`===================================================================`
			`--- a/security/apparmor/main.c`
			`+++ b/security/apparmor/main.c`
d_namespace_path fix; rename aa_get_pathname back to aa_get_name. Add tell-files-from-dirs.diff. 2007-02-23 07:38:14 +00:00			`@@ -172,6 +172,14 @@ static char aa_get_name(struct dentry `
Two minor cleanups / improvements 2007-02-22 04:45:15 +00:00
d_namespace_path fix; rename aa_get_pathname back to aa_get_name. Add tell-files-from-dirs.diff. 2007-02-23 07:38:14 +00:00			`name = d_namespace_path(dentry, mnt, buf, size);`
Two minor cleanups / improvements 2007-02-22 04:45:15 +00:00			`if (!IS_ERR(name)) {`
d_namespace_path fix; rename aa_get_pathname back to aa_get_name. Add tell-files-from-dirs.diff. 2007-02-23 07:38:14 +00:00			`+ if (name[0] != '/') {`
Two minor cleanups / improvements 2007-02-22 04:45:15 +00:00			`+ /*`
			`+ * This dentry is not connected to the`
			`+ * namespace root -- reject access.`
			`+ */`
			`+ kfree(buf);`
			`+ return ERR_PTR(-ENOENT);`
			`+ }`
			`*buffer = buf;`
			`return name;`
			`}`