]>
Commit | Line | Data |
---|---|---|
6a930a95 BS |
1 | From: John Johansen <jjohansen@suse.de> |
2 | Subject: Call lsm hook before unhashing dentry in vfs_rmdir() | |
3 | ||
4 | If we unhash the dentry before calling the security_inode_rmdir hook, | |
5 | we cannot compute the file's pathname in the hook anymore. AppArmor | |
6 | needs to know the filename in order to decide whether a file may be | |
7 | deleted, though. | |
8 | ||
9 | Signed-off-by: John Johansen <jjohansen@suse.de> | |
10 | Signed-off-by: Andreas Gruenbacher <agruen@suse.de> | |
11 | ||
12 | --- | |
13 | fs/namei.c | 13 +++++++------ | |
14 | 1 file changed, 7 insertions(+), 6 deletions(-) | |
15 | ||
16 | --- a/fs/namei.c | |
17 | +++ b/fs/namei.c | |
18 | @@ -2177,6 +2177,10 @@ int vfs_rmdir(struct inode *dir, struct | |
19 | if (!dir->i_op || !dir->i_op->rmdir) | |
20 | return -EPERM; | |
21 | ||
22 | + error = security_inode_rmdir(dir, dentry, mnt); | |
23 | + if (error) | |
24 | + return error; | |
25 | + | |
26 | DQUOT_INIT(dir); | |
27 | ||
28 | mutex_lock(&dentry->d_inode->i_mutex); | |
29 | @@ -2184,12 +2188,9 @@ int vfs_rmdir(struct inode *dir, struct | |
30 | if (d_mountpoint(dentry)) | |
31 | error = -EBUSY; | |
32 | else { | |
33 | - error = security_inode_rmdir(dir, dentry, mnt); | |
34 | - if (!error) { | |
35 | - error = dir->i_op->rmdir(dir, dentry); | |
36 | - if (!error) | |
37 | - dentry->d_inode->i_flags |= S_DEAD; | |
38 | - } | |
39 | + error = dir->i_op->rmdir(dir, dentry); | |
40 | + if (!error) | |
41 | + dentry->d_inode->i_flags |= S_DEAD; | |
42 | } | |
43 | mutex_unlock(&dentry->d_inode->i_mutex); | |
44 | if (!error) { |