+++ /dev/null
-From: John Johansen <jjohansen@suse.de>
-Subject: Call lsm hook before unhashing dentry in vfs_rmdir()
-
-If we unhash the dentry before calling the security_inode_rmdir hook,
-we cannot compute the file's pathname in the hook anymore. AppArmor
-needs to know the filename in order to decide whether a file may be
-deleted, though.
-
-Signed-off-by: John Johansen <jjohansen@suse.de>
-Signed-off-by: Andreas Gruenbacher <agruen@suse.de>
-
----
- fs/namei.c | 13 +++++++------
- 1 file changed, 7 insertions(+), 6 deletions(-)
-
---- a/fs/namei.c
-+++ b/fs/namei.c
-@@ -2177,6 +2177,10 @@ int vfs_rmdir(struct inode *dir, struct
- if (!dir->i_op || !dir->i_op->rmdir)
- return -EPERM;
-
-+ error = security_inode_rmdir(dir, dentry, mnt);
-+ if (error)
-+ return error;
-+
- DQUOT_INIT(dir);
-
- mutex_lock(&dentry->d_inode->i_mutex);
-@@ -2184,12 +2188,9 @@ int vfs_rmdir(struct inode *dir, struct
- if (d_mountpoint(dentry))
- error = -EBUSY;
- else {
-- error = security_inode_rmdir(dir, dentry, mnt);
-- if (!error) {
-- error = dir->i_op->rmdir(dir, dentry);
-- if (!error)
-- dentry->d_inode->i_flags |= S_DEAD;
-- }
-+ error = dir->i_op->rmdir(dir, dentry);
-+ if (!error)
-+ dentry->d_inode->i_flags |= S_DEAD;
- }
- mutex_unlock(&dentry->d_inode->i_mutex);
- if (!error) {