AppArmor: Fix error returned when a path lookup is disconnected

The returning of -ESATLE when a path lookup fails as disconnected is wrong. Since AppArmor is rejecting the access return -EACCES instead. This also fixes a bug in complain (learning) mode where disconnected paths are denied because -ESTALE errors are not ignored causing failures that can change application behavior. Signed-off-by: John Johansen <[email protected]>
tdeneau · Mar 14, 2012 · ef9a762 · ef9a762
1 parent f67dabb
commit ef9a762
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/security/apparmor/path.c b/security/apparmor/path.c
@@ -137,7 +137,7 @@ static int d_namespace_path(struct path *path, char *buf, int buflen,
 			/* disconnected path, don't return pathname starting
 			 * with '/'
 			 */
-			error = -ESTALE;
+			error = -EACCES;
 			if (*res == '/')
 				*name = res + 1;
 		}