UBUNTU: SAUCE: apparmor: fix log of apparmor audit message when kern_path() fails

BugLink: http://bugs.launchpad.net/bugs/1482943
apparmor use kern_path() to lookup the path of the dev_name, and when
this fails apparmor emits a DENIED log message. However for bind and
move mounts the underlying code does a call to kern_path() regardless
of apparmor being present and so has the same failure.

In these cases when kern_path() fails apparmor is not responsible for
the mount failure as the kernel will fail the mount regarless of
apparmor's presence, so just return the error and don't log an apparmor
audit message.

Signed-off-by: John Johansen <john.johansen@canonical.com>
Signed-off-by: Tim Gardner <tim.gardner@canonical.com>

diff --git a/security/apparmor/mount.c b/security/apparmor/mount.c
index 3239b3a7d04325bbfe7896acca099d896cd8aa6a..c9794fe71470e22dbd783de634e5f605d8a4252a 100644 (file)
--- a/security/apparmor/mount.c
+++ b/security/apparmor/mount.c
@@ -472,7 +472,7 @@ int aa_move_mount(struct aa_label *label, struct path *path,
                             buffer, &name, &info,
                             labels_profile(label)->disconnected);
        if (error)
-               goto error;
+               goto out;
 
        error = aa_path_name(&old_path, path_flags(labels_profile(label),
                                                   &old_path),