Re: [PATCH 23/34] union-mount: Prevent topmost file system from being mounted elsewhere

From: Valerie Aurora
Date: Thu Sep 30 2010 - 17:47:44 EST

Next message: Ira W. Snyder: "[PATCH v4 0/4] dma: add support for scatterlist to scatterlist copy"
Previous message: Ira W. Snyder: "[PATCH v4 4/4] ste_dma40: implement support for scatterlist to scatterlist copy"
In reply to: Miklos Szeredi: "Re: [PATCH 23/34] union-mount: Prevent topmost file system from being mounted elsewhere"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, Sep 30, 2010 at 11:37:48AM +0200, Miklos Szeredi wrote:
> On Thu, 16 Sep 2010, Valerie Aurora wrote:
> > The device underlying the topmost read-write layer of a file system
> > cannot be mounted anywhere else on the system. We keep a pointer to
> > the union stack in the dentry of the topmost directory, so that dentry
> > can't be part of a different mount, since dentries are shared between
> > different mounts of the same device.
> >
> > Signed-off-by: Valerie Aurora <vaurora@xxxxxxxxxx>
> > ---
> > fs/namespace.c | 5 +++++
> > 1 files changed, 5 insertions(+), 0 deletions(-)
> >
> > diff --git a/fs/namespace.c b/fs/namespace.c
> > index 61256e6..26efaf3 100644
> > --- a/fs/namespace.c
> > +++ b/fs/namespace.c
> > @@ -1998,6 +1998,11 @@ int do_add_mount(struct vfsmount *newmnt, struct path *path,
> > if (S_ISLNK(newmnt->mnt_root->d_inode->i_mode))
> > goto unlock;
> >
> > + /* Top layers of union mounts can't be mounted elsewhere */
> > + err = -EBUSY;
> > + if (newmnt->mnt_sb->s_union_lower_mnts)
> > + goto unlock;
> > +
>
> This is insufficient: the super block may be mounted elsewhere later.
> And no, preventing bind mounts is not enough.

My mistake, that's a bug in the comment/commit message - s/mount/union
mount/. The patch that prevents not-union mounts is:

union-mount: Create check_topmost_union_mnt()

check_topmost_union_mnt() checks that the topmost layer of a proposed
union mount is read-write, supports fallthrus and whiteouts, and isn't
mounted elsewhere.

And the patch that prevents bind mounts is:

union-mount: Prevent bind mounts of union mounts

Prevent bind mounts of parts of union mounts.

XXX - Bind mounting parts of union mounts is probably easy to
implement, but requires some careful thought about corner cases,
extensive testing, and some refactoring of the code.

If you see any problems in those patches, I'd appreciate the comment.

> BTW, what about CLONE_NEWNS? I think it's a rather big limitation if
> that doesn't work...

Great segue - I think the same code will make both CLONE_NEWNS and
bind mounts work. We can allow multiple mounts of a union if it's the
exact same stack in each mount. I will work on this.

-VAL
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Ira W. Snyder: "[PATCH v4 0/4] dma: add support for scatterlist to scatterlist copy"
Previous message: Ira W. Snyder: "[PATCH v4 4/4] ste_dma40: implement support for scatterlist to scatterlist copy"
In reply to: Miklos Szeredi: "Re: [PATCH 23/34] union-mount: Prevent topmost file system from being mounted elsewhere"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]