Backport of the following upstream commit:
From fbb77e1e55866633c9f064e2b3bcf2b6402d962d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Tue, 23 Nov 2021 15:55:45 +0100
Subject: [PATCH 1/3] shared/rm_rf: refactor rm_rf_children_inner() to shorten
 code a bit

CVE: CVE-2021-3997
Upstream-Status: Backport [http://archive.ubuntu.com/ubuntu/pool/main/s/systemd/systemd_245.4-4ubuntu3.15.debian.tar.xz]
Signed-off-by: Purushottam Choudhary <Purushottam.Choudhary@kpit.com>
---
 src/basic/rm-rf.c | 27 +++++++++------------------
 1 file changed, 9 insertions(+), 18 deletions(-)

--- a/src/basic/rm-rf.c
+++ b/src/basic/rm-rf.c
@@ -34,7 +34,7 @@
                 const struct stat *root_dev) {
 
         struct stat st;
-        int r;
+        int r, q = 0;
 
         assert(fd >= 0);
         assert(fname);
@@ -50,7 +50,6 @@
 
         if (is_dir) {
                 _cleanup_close_ int subdir_fd = -1;
-                int q;
 
                 /* if root_dev is set, remove subdirectories only if device is same */
                 if (root_dev && st.st_dev != root_dev->st_dev)
@@ -86,23 +85,15 @@
                  * again for each directory */
                 q = rm_rf_children(TAKE_FD(subdir_fd), flags | REMOVE_PHYSICAL, root_dev);
 
-                r = unlinkat(fd, fname, AT_REMOVEDIR);
-                if (r < 0)
-                        return r;
-                if (q < 0)
-                        return q;
-
-                return 1;
-
-        } else if (!(flags & REMOVE_ONLY_DIRECTORIES)) {
-                r = unlinkat(fd, fname, 0);
-                if (r < 0)
-                        return r;
-
-                return 1;
-        }
+        } else if (flags & REMOVE_ONLY_DIRECTORIES)
+                return 0;
 
-        return 0;
+        r = unlinkat(fd, fname, is_dir ? AT_REMOVEDIR : 0);
+        if (r < 0)
+                return r;
+        if (q < 0)
+                return q;
+        return 1;
 }
 
 int rm_rf_children(