2007-04-05 10:04:00 +00:00
|
|
|
From: John Johansen <jjohansen@suse.de>
|
|
|
|
|
Subject: call lsm hook before unhashing dentry in vfs_rmdir()
|
2007-03-22 08:20:24 +00:00
|
|
|
|
|
|
|
|
If we unhash the dentry before calling the security_inode_rmdir hook,
|
2007-04-03 12:04:05 +00:00
|
|
|
we cannot compute the file's pathname in the hook anymore. AppArmor
|
|
|
|
|
needs to know the filename in order to decide whether a file may be
|
|
|
|
|
deleted, though.
|
2007-03-22 08:20:24 +00:00
|
|
|
|
|
|
|
|
Signed-off-by: John Johansen <jjohansen@suse.de>
|
|
|
|
|
Signed-off-by: Andreas Gruenbacher <agruen@suse.de>
|
|
|
|
|
|
2007-04-05 10:04:00 +00:00
|
|
|
---
|
|
|
|
|
fs/namei.c | 13 +++++++------
|
|
|
|
|
1 file changed, 7 insertions(+), 6 deletions(-)
|
|
|
|
|
|
2007-03-13 21:44:05 +00:00
|
|
|
--- a/fs/namei.c
|
|
|
|
|
+++ b/fs/namei.c
|
2007-05-12 18:28:28 +00:00
|
|
|
@@ -2034,6 +2034,10 @@ int vfs_rmdir(struct inode *dir, struct
|
2007-03-13 21:44:05 +00:00
|
|
|
if (!dir->i_op || !dir->i_op->rmdir)
|
|
|
|
|
return -EPERM;
|
|
|
|
|
|
|
|
|
|
+ error = security_inode_rmdir(dir, dentry, mnt);
|
|
|
|
|
+ if (error)
|
|
|
|
|
+ return error;
|
|
|
|
|
+
|
|
|
|
|
DQUOT_INIT(dir);
|
|
|
|
|
|
|
|
|
|
mutex_lock(&dentry->d_inode->i_mutex);
|
2007-05-12 18:28:28 +00:00
|
|
|
@@ -2041,12 +2045,9 @@ int vfs_rmdir(struct inode *dir, struct
|
2007-03-13 21:44:05 +00:00
|
|
|
if (d_mountpoint(dentry))
|
|
|
|
|
error = -EBUSY;
|
|
|
|
|
else {
|
|
|
|
|
- error = security_inode_rmdir(dir, dentry, mnt);
|
|
|
|
|
- if (!error) {
|
|
|
|
|
- error = dir->i_op->rmdir(dir, dentry);
|
|
|
|
|
- if (!error)
|
|
|
|
|
- dentry->d_inode->i_flags |= S_DEAD;
|
|
|
|
|
- }
|
|
|
|
|
+ error = dir->i_op->rmdir(dir, dentry);
|
|
|
|
|
+ if (!error)
|
|
|
|
|
+ dentry->d_inode->i_flags |= S_DEAD;
|
|
|
|
|
}
|
|
|
|
|
mutex_unlock(&dentry->d_inode->i_mutex);
|
|
|
|
|
if (!error) {
|
