[PATCH 3.8-stable] mnt: release locks on error path in do_loopback

From: Jonghwan Choi
Date: Sat Apr 13 2013 - 10:03:40 EST


From: Andrey Vagin <avagin@xxxxxxxxxx>

This patch looks like it should be in the 3.8-stable tree, should we apply
it?

------------------

From: "Andrey Vagin <avagin@xxxxxxxxxx>"

commit e9c5d8a562f01b211926d70443378eb14b29a676 upstream

do_loopback calls lock_mount(path) and forget to unlock_mount
if clone_mnt or copy_mnt fails.

[ 77.661566] ================================================
[ 77.662939] [ BUG: lock held when returning to user space! ]
[ 77.664104] 3.9.0-rc5+ #17 Not tainted
[ 77.664982] ------------------------------------------------
[ 77.666488] mount/514 is leaving the kernel with locks still held!
[ 77.668027] 2 locks held by mount/514:
[ 77.668817] #0: (&sb->s_type->i_mutex_key#7){+.+.+.}, at: [<ffffffff811cca22>] lock_mount+0x32/0xe0
[ 77.671755] #1: (&namespace_sem){+++++.}, at: [<ffffffff811cca3a>] lock_mount+0x4a/0xe0

Signed-off-by: Andrey Vagin <avagin@xxxxxxxxxx>
Signed-off-by: Al Viro <viro@xxxxxxxxxxxxxxxxxx>
Signed-off-by: Jonghwan Choi <jhbird.choi@xxxxxxxxxxx>
---
fs/namespace.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/fs/namespace.c b/fs/namespace.c
index 5dd7709..4abc8c0 100644
--- a/fs/namespace.c
+++ b/fs/namespace.c
@@ -1713,7 +1713,7 @@ static int do_loopback(struct path *path, const char *old_name,

if (IS_ERR(mnt)) {
err = PTR_ERR(mnt);
- goto out;
+ goto out2;
}

err = graft_tree(mnt, path);
--
1.7.10.4

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/