---
 security/apparmor/main.c |   39 ++++++++++++++++++++++++++++-----------
 1 file changed, 28 insertions(+), 11 deletions(-)

--- a/security/apparmor/main.c
+++ b/security/apparmor/main.c
@@ -216,6 +216,12 @@ static int aa_perm_dentry(struct aa_prof
 		else {
 			sa->denied_mask = sa->request_mask;
 			sa->error_code = PTR_ERR(sa->name);
+			if (sa->error_code == -ENOENT)
+				sa->info = "Failed name resolution - object not a valid entry";
+			else if (sa->error_code == -ENAMETOOLONG)
+				sa->info = "Failed name resolution - name too long";
+			else
+				sa->info = "Failed name resolution";
 		}
 		sa->name = NULL;
 	} else
@@ -371,8 +377,11 @@ static int aa_audit_base(struct aa_profi
 	if (sa->operation)
 		audit_log_format(ab, "operation=\"%s\"", sa->operation);
 
-	if (sa->info)
+	if (sa->info) {
 		audit_log_format(ab, " info=\"%s\"", sa->info);
+		if (sa->error_code)
+			audit_log_format(ab, " error=%d", sa->error_code);
+	}
 
 	if (sa->request_mask)
 		aa_audit_file_mask(ab, "requested_mask", sa->request_mask);
@@ -918,23 +927,29 @@ int aa_register(struct linux_binprm *bpr
 
 	AA_DEBUG("%s\n", __FUNCTION__);
 
-	filename = aa_get_name(filp->f_dentry, filp->f_vfsmnt, &buffer, 0);
-	if (IS_ERR(filename)) {
-		AA_ERROR("%s: Failed to get filename", __FUNCTION__);
-		return -ENOENT;
-	}
+	profile = aa_get_profile(current);
 
 	shift = aa_inode_mode(filp->f_dentry->d_inode);
-	exec_mode = AA_EXEC_UNSAFE << shift;
-
 	memset(&sa, 0, sizeof(sa));
 	sa.operation = "exec";
 	sa.gfp_mask = GFP_KERNEL;
-	sa.name = filename;
 	sa.request_mask = MAY_EXEC << shift;
 
+	filename = aa_get_name(filp->f_dentry, filp->f_vfsmnt, &buffer, 0);
+	if (IS_ERR(filename)) {
+		if (profile) {
+			sa.info = "Failed name resolution - exec failed";
+			sa.error_code = PTR_ERR(filename);
+			aa_audit_reject(profile, &sa);
+			return sa.error_code;
+		} else
+			return 0;
+	}
+	sa.name = filename;
+
+	exec_mode = AA_EXEC_UNSAFE << shift;
+
 repeat:
-	profile = aa_get_profile(current);
 	if (profile) {
 		complain = PROFILE_COMPLAIN(profile);
 
@@ -1011,8 +1026,10 @@ repeat:
 	if (IS_ERR(old_profile)) {
 		aa_put_profile(new_profile);
 		aa_put_profile(profile);
-		if (PTR_ERR(old_profile) == -ESTALE)
+		if (PTR_ERR(old_profile) == -ESTALE) {
+			profile = aa_get_profile(current);
 			goto repeat;
+		}
 		if (PTR_ERR(old_profile) == -EPERM) {
 			sa.denied_mask = sa.request_mask;
 			sa.info = "unable to set profile due to ptrace";