[PATCH 3.14 083/114] fix copy_tree() regression

From: Greg Kroah-Hartman
Date: Mon Sep 15 2014 - 16:14:00 EST

Next message: Greg Kroah-Hartman: "[PATCH 3.14 092/114] xfs: dont dirty buffers beyond EOF"
Previous message: Greg Kroah-Hartman: "[PATCH 3.14 111/114] vfs: fix bad hashing of dentries"
In reply to: Greg Kroah-Hartman: "[PATCH 3.14 111/114] vfs: fix bad hashing of dentries"
Next in thread: Greg Kroah-Hartman: "[PATCH 3.14 092/114] xfs: dont dirty buffers beyond EOF"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

3.14-stable review patch. If anyone has any objections, please let me know.

------------------

From: Al Viro <viro@xxxxxxxxxxxxxxxxxx>

commit 12a5b5294cb1896e9a3c9fca8ff5a7e3def4e8c6 upstream.

Since 3.14 we had copy_tree() get the shadowing wrong - if we had one
vfsmount shadowing another (i.e. if A is a slave of B, C is mounted
on A/foo, then D got mounted on B/foo creating D' on A/foo shadowed
by C), copy_tree() of A would make a copy of D' shadow the the copy of
C, not the other way around.

It's easy to fix, fortunately - just make sure that mount follows
the one that shadows it in mnt_child as well as in mnt_hash, and when
copy_tree() decides to attach a new mount, check if the last child
it has added to the same parent should be shadowing the new one.
And if it should, just use the same logics commit_tree() has - put the
new mount into the hash and children lists right after the one that
should shadow it.

Signed-off-by: Al Viro <viro@xxxxxxxxxxxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>

---
fs/namespace.c | 31 ++++++++++++++++++++++++-------
1 file changed, 24 insertions(+), 7 deletions(-)

--- a/fs/namespace.c
+++ b/fs/namespace.c
@@ -777,6 +777,20 @@ static void attach_mnt(struct mount *mnt
list_add_tail(&mnt->mnt_child, &parent->mnt_mounts);
}

+static void attach_shadowed(struct mount *mnt,
+ struct mount *parent,
+ struct mount *shadows)
+{
+ if (shadows) {
+ hlist_add_after_rcu(&shadows->mnt_hash, &mnt->mnt_hash);
+ list_add(&mnt->mnt_child, &shadows->mnt_child);
+ } else {
+ hlist_add_head_rcu(&mnt->mnt_hash,
+ m_hash(&parent->mnt, mnt->mnt_mountpoint));
+ list_add_tail(&mnt->mnt_child, &parent->mnt_mounts);
+ }
+}
+
/*
* vfsmount lock must be held for write
*/
@@ -795,12 +809,7 @@ static void commit_tree(struct mount *mn

list_splice(&head, n->list.prev);

- if (shadows)
- hlist_add_after_rcu(&shadows->mnt_hash, &mnt->mnt_hash);
- else
- hlist_add_head_rcu(&mnt->mnt_hash,
- m_hash(&parent->mnt, mnt->mnt_mountpoint));
- list_add_tail(&mnt->mnt_child, &parent->mnt_mounts);
+ attach_shadowed(mnt, parent, shadows);
touch_mnt_namespace(n);
}

@@ -1504,6 +1513,7 @@ struct mount *copy_tree(struct mount *mn
continue;

for (s = r; s; s = next_mnt(s, r)) {
+ struct mount *t = NULL;
if (!(flag & CL_COPY_UNBINDABLE) &&
IS_MNT_UNBINDABLE(s)) {
s = skip_mnt_tree(s);
@@ -1525,7 +1535,14 @@ struct mount *copy_tree(struct mount *mn
goto out;
lock_mount_hash();
list_add_tail(&q->mnt_list, &res->mnt_list);
- attach_mnt(q, parent, p->mnt_mp);
+ mnt_set_mountpoint(parent, p->mnt_mp, q);
+ if (!list_empty(&parent->mnt_mounts)) {
+ t = list_last_entry(&parent->mnt_mounts,
+ struct mount, mnt_child);
+ if (t->mnt_mp != p->mnt_mp)
+ t = NULL;
+ }
+ attach_shadowed(q, parent, t);
unlock_mount_hash();
}
}

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Greg Kroah-Hartman: "[PATCH 3.14 092/114] xfs: dont dirty buffers beyond EOF"
Previous message: Greg Kroah-Hartman: "[PATCH 3.14 111/114] vfs: fix bad hashing of dentries"
In reply to: Greg Kroah-Hartman: "[PATCH 3.14 111/114] vfs: fix bad hashing of dentries"
Next in thread: Greg Kroah-Hartman: "[PATCH 3.14 092/114] xfs: dont dirty buffers beyond EOF"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]