From: John Johansen <[email protected]> commit f2e561d190da7ff5ee265fa460e2d7f753dddfda upstream.
Bind mounts can fail to be properly reconnected when PATH_CONNECT is specified. Ensure that when PATH_CONNECT is specified the path has a root. BugLink: http://bugs.launchpad.net/bugs/1319984 Signed-off-by: John Johansen <[email protected]> Acked-by: Seth Arnold <[email protected]> Signed-off-by: Jiri Slaby <[email protected]> Signed-off-by: Willy Tarreau <[email protected]> --- security/apparmor/path.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/security/apparmor/path.c b/security/apparmor/path.c index e91ffee..ebc7780 100644 --- a/security/apparmor/path.c +++ b/security/apparmor/path.c @@ -141,7 +141,10 @@ static int d_namespace_path(struct path *path, char *buf, int buflen, error = -EACCES; if (*res == '/') *name = res + 1; - } + } else if (*res != '/') + /* CONNECT_PATH with missing root */ + error = prepend(name, *name - buf, "/", 1); + } out: -- 2.8.0.rc2.1.gbe9624a
