From 5d88457eb5b86b475422dc882f089203faaeedb5 Mon Sep 17 00:00:00 2001 From: "Eric W. Biederman" Date: Sat, 3 Jan 2015 05:39:35 -0600 Subject: [PATCH] mnt: On an unmount propagate clearing of MNT_LOCKED A prerequisite of calling umount_tree is that the point where the tree is mounted at is valid to unmount. If we are propagating the effect of the unmount clear MNT_LOCKED in every instance where the same filesystem is mounted on the same mountpoint in the mount tree, as we know (by virtue of the fact that umount_tree was called) that it is safe to reveal what is at that mountpoint. Cc: stable@vger.kernel.org Signed-off-by: "Eric W. Biederman" --- fs/namespace.c | 3 +++ fs/pnode.c | 20 ++++++++++++++++++++ fs/pnode.h | 1 + 3 files changed, 24 insertions(+) diff --git a/fs/namespace.c b/fs/namespace.c index 083e3401a808..2b12b7a9455d 100644 --- a/fs/namespace.c +++ b/fs/namespace.c @@ -1333,6 +1333,9 @@ static void umount_tree(struct mount *mnt, enum umount_tree_flags how) LIST_HEAD(tmp_list); struct mount *p; + if (how & UMOUNT_PROPAGATE) + propagate_mount_unlock(mnt); + /* Gather the mounts to umount */ for (p = mnt; p; p = next_mnt(p, mnt)) { p->mnt.mnt_flags |= MNT_UMOUNT; diff --git a/fs/pnode.c b/fs/pnode.c index c27ae38ee250..89890293dd0a 100644 --- a/fs/pnode.c +++ b/fs/pnode.c @@ -361,6 +361,26 @@ int propagate_mount_busy(struct mount *mnt, int refcnt) return ret; } +/* + * Clear MNT_LOCKED when it can be shown to be safe. + * + * mount_lock lock must be held for write + */ +void propagate_mount_unlock(struct mount *mnt) +{ + struct mount *parent = mnt->mnt_parent; + struct mount *m, *child; + + BUG_ON(parent == mnt); + + for (m = propagation_next(parent, parent); m; + m = propagation_next(m, parent)) { + child = __lookup_mnt_last(&m->mnt, mnt->mnt_mountpoint); + if (child) + child->mnt.mnt_flags &= ~MNT_LOCKED; + } +} + /* * NOTE: unmounting 'mnt' naturally propagates to all other mounts its * parent propagates to. diff --git a/fs/pnode.h b/fs/pnode.h index aa6d65df7204..af47d4bd7b31 100644 --- a/fs/pnode.h +++ b/fs/pnode.h @@ -42,6 +42,7 @@ int propagate_mnt(struct mount *, struct mountpoint *, struct mount *, struct hlist_head *); int propagate_umount(struct list_head *); int propagate_mount_busy(struct mount *, int); +void propagate_mount_unlock(struct mount *); void mnt_release_group_id(struct mount *); int get_dominating_id(struct mount *mnt, const struct path *root); unsigned int mnt_get_count(struct mount *mnt); -- 2.34.1