diff options
| author | Georgia Garcia <georgia.garcia@canonical.com> | 2026-05-28 16:04:12 -0300 |
|---|---|---|
| committer | John Johansen <john.johansen@canonical.com> | 2026-06-13 20:20:05 -0700 |
| commit | add2b70038bea194bcdef8a680f9153ee7f93ac0 (patch) | |
| tree | 86ada5abb4b60fae8f6f1a6eb6d7dcaf238704eb /security | |
| parent | 340372688bb87da45ff8d4e2f82ccfd1b64c65ff (diff) | |
| download | ath-add2b70038bea194bcdef8a680f9153ee7f93ac0.tar.gz | |
apparmor: don't audit files pointing to aa_null.dentry
In
commit 4a134723f9f1 ("apparmor: move check for aa_null file to cover all cases")
there was a change to not audit files pointing to
aa_null.dentry because they provide no value, but setting the error
variable instead of returning -EACCES was still causing them to be
audited.
Fixes: 4a134723f9f1 ("apparmor: move check for aa_null file to cover all cases")
Acked-by: David Disseldorp <ddiss@suse.de>
Signed-off-by: Georgia Garcia <georgia.garcia@canonical.com>
Signed-off-by: John Johansen <john.johansen@canonical.com>
Diffstat (limited to 'security')
| -rw-r--r-- | security/apparmor/file.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/security/apparmor/file.c b/security/apparmor/file.c index 694e157149e85..fc5abd5473c85 100644 --- a/security/apparmor/file.c +++ b/security/apparmor/file.c @@ -157,7 +157,7 @@ static int path_name(const char *op, const struct cred *subj_cred, /* don't reaudit files closed during inheritance */ if (unlikely(path->dentry == aa_null.dentry)) - error = -EACCES; + return -EACCES; else error = aa_path_name(path, flags, buffer, name, &info, labels_profile(label)->disconnected); |
