From: Georgia Garcia Date: Thu, 28 May 2026 19:04:12 +0000 (-0300) Subject: apparmor: don't audit files pointing to aa_null.dentry X-Git-Tag: v7.2-rc1~43^2~9 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=add2b70038bea194bcdef8a680f9153ee7f93ac0;p=thirdparty%2Flinux.git apparmor: don't audit files pointing to aa_null.dentry In commit 4a134723f9f1 ("apparmor: move check for aa_null file to cover all cases") there was a change to not audit files pointing to aa_null.dentry because they provide no value, but setting the error variable instead of returning -EACCES was still causing them to be audited. Fixes: 4a134723f9f1 ("apparmor: move check for aa_null file to cover all cases") Acked-by: David Disseldorp Signed-off-by: Georgia Garcia Signed-off-by: John Johansen --- diff --git a/security/apparmor/file.c b/security/apparmor/file.c index 694e157149e85..fc5abd5473c85 100644 --- a/security/apparmor/file.c +++ b/security/apparmor/file.c @@ -157,7 +157,7 @@ static int path_name(const char *op, const struct cred *subj_cred, /* don't reaudit files closed during inheritance */ if (unlikely(path->dentry == aa_null.dentry)) - error = -EACCES; + return -EACCES; else error = aa_path_name(path, flags, buffer, name, &info, labels_profile(label)->disconnected);