lsm: add new securityfs delete function

When deleting a directory in the security file system, the existing securityfs_remove requires the directory to be empty, otherwise it will do nothing. This leads to a potential risk that the security file system might be in an unclean state when the intended deletion did not happen. This commit introduces a new function securityfs_recursive_remove to recursively delete a directory without leaving an unclean state. Co-developed-by: Christian Brauner (Microsoft) <brauner@kernel.org> Signed-off-by: Fan Wu <wufan@linux.microsoft.com> [PM: subject line tweak] Signed-off-by: Paul Moore <paul@paul-moore.com>
author: Fan Wu <wufan@linux.microsoft.com> 2024-08-03 09:08:21 +0300
committer: Paul Moore <paul@paul-moore.com> 2024-08-20 21:02:06 +0300
commit: 7138679ff2a2b1674f16618558d6cabea6ab2c53 (patch)
tree: 9b49f02fc98fdce0d5c87464f83a08fae269aed8 /include/linux/security.h
parent: a8a74df150835f5ceff89d40fadda1cf3961fdae (diff)
download: linux-7138679ff2a2b1674f16618558d6cabea6ab2c53.tar.xz
1 files changed, 1 insertions, 0 deletions
diff --git a/include/linux/security.h b/include/linux/security.h
index 3298855abdbc..f6d2bc69cfa6 100644
--- a/include/linux/security.h
+++ b/include/linux/security.h
@@ -2090,6 +2090,7 @@ struct dentry *securityfs_create_symlink(const char *name,
 					 const char *target,
 					 const struct inode_operations *iops);
 extern void securityfs_remove(struct dentry *dentry);
+extern void securityfs_recursive_remove(struct dentry *dentry);
 
 #else /* CONFIG_SECURITYFS */
author	Fan Wu <wufan@linux.microsoft.com>	2024-08-03 09:08:21 +0300
committer	Paul Moore <paul@paul-moore.com>	2024-08-20 21:02:06 +0300
commit	7138679ff2a2b1674f16618558d6cabea6ab2c53 (patch)
tree	9b49f02fc98fdce0d5c87464f83a08fae269aed8 /include/linux/security.h
parent	a8a74df150835f5ceff89d40fadda1cf3961fdae (diff)
download	linux-7138679ff2a2b1674f16618558d6cabea6ab2c53.tar.xz