[PATCH] fix missed create event for directory audit

		return -ENOENT;

	BUG_ON(victim->d_parent->d_inode != dir);

	audit_inode_child(victim->d_name.name, victim->d_inode, dir->i_ino);

	audit_inode_child(victim->d_name.name, victim->d_inode, dir);

	error = permission(dir,MAY_WRITE | MAY_EXEC, NULL);

	if (error)

extern void audit_putname(const char *name);

extern void __audit_inode(const char *name, const struct inode *inode);

extern void __audit_inode_child(const char *dname, const struct inode *inode,

				unsigned long pino);

				const struct inode *parent);

extern void __audit_inode_update(const struct inode *inode);

static inline void audit_getname(const char *name)

{

}

static inline void audit_inode_child(const char *dname, 

				     const struct inode *inode,

				     unsigned long pino) {

				     const struct inode *parent) {

	if (unlikely(current->audit_context))

		__audit_inode_child(dname, inode, pino);

		__audit_inode_child(dname, inode, parent);

}

static inline void audit_inode_update(const struct inode *inode) {

	if (unlikely(current->audit_context))

	if (source) {

		inotify_inode_queue_event(source, IN_MOVE_SELF, 0, NULL, NULL);

	}

	audit_inode_child(new_name, source, new_dir->i_ino);

	audit_inode_child(new_name, source, new_dir);

}

/*

	inode_dir_notify(inode, DN_CREATE);

	inotify_inode_queue_event(inode, IN_CREATE, 0, dentry->d_name.name,

				  dentry->d_inode);

	audit_inode_child(dentry->d_name.name, dentry->d_inode, inode->i_ino);

	audit_inode_child(dentry->d_name.name, dentry->d_inode, inode);

}

/*

	inode_dir_notify(inode, DN_CREATE);

	inotify_inode_queue_event(inode, IN_CREATE | IN_ISDIR, 0, 

				  dentry->d_name.name, dentry->d_inode);

	audit_inode_child(dentry->d_name.name, dentry->d_inode, inode->i_ino);

	audit_inode_child(dentry->d_name.name, dentry->d_inode, inode);

}

/*

 * audit_inode_child - collect inode info for created/removed objects

 * @dname: inode's dentry name

 * @inode: inode being audited

 * @pino: inode number of dentry parent

 * @parent: inode of dentry parent

 *

 * For syscalls that create or remove filesystem objects, audit_inode

 * can only collect information for the filesystem object's parent.

 * unsuccessful attempts.

 */

void __audit_inode_child(const char *dname, const struct inode *inode,

			 unsigned long pino)

			 const struct inode *parent)

{

	int idx;

	struct audit_context *context = current->audit_context;

	if (!dname)

		goto update_context;

	for (idx = 0; idx < context->name_count; idx++)

		if (context->names[idx].ino == pino) {

		if (context->names[idx].ino == parent->i_ino) {

			const char *name = context->names[idx].name;

			if (!name)

		context->names[idx].ino = (unsigned long)-1;

	else

		audit_copy_inode(&context->names[idx], inode);

	/* A parent was not found in audit_names, so copy the inode data for the

	 * provided parent. */

	if (!found_name) {

		idx = context->name_count++;

#if AUDIT_DEBUG

		context->ino_count++;

#endif

		audit_copy_inode(&context->names[idx], parent);

	}

}

/**