1. 10 8月, 2010 1 次提交
    • A
      Fix sget() race with failing mount · 7a4dec53
      Al Viro 提交于
      If sget() finds a matching superblock being set up, it'll
      grab an active reference to it and grab s_umount.  That's
      fine - we'll wait for completion of foofs_get_sb() that way.
      However, if said foofs_get_sb() fails we'll end up holding
      the halfway-created superblock.  deactivate_locked_super()
      called by foofs_get_sb() will just unlock the sucker since
      we are holding another active reference to it.
      
      What we need is a way to tell if superblock has been successfully
      set up.  Unfortunately, neither ->s_root nor the check for
      MS_ACTIVE quite fit.  Cheap and easy way, suitable for backport:
      new flag set by the (only) caller of ->get_sb().  If that flag
      isn't present by the time sget() grabbed s_umount on preexisting
      superblock it has found, it's seeing a stillborn and should
      just bury it with deactivate_locked_super() (and repeat the search).
      
      Longer term we want to set that flag in ->get_sb() instances (and
      check for it to distinguish between "sget() found us a live sb"
      and "sget() has allocated an sb, we need to set it up" in there,
      instead of checking ->s_root as we do now).
      Signed-off-by: NAl Viro <viro@zeniv.linux.org.uk>
      Cc: stable@kernel.org
      7a4dec53
  2. 28 7月, 2010 2 次提交
  3. 15 5月, 2010 1 次提交
    • A
      Fix the regression created by "set S_DEAD on unlink()..." commit · d83c49f3
      Al Viro 提交于
      1) i_flags simply doesn't work for mount/unlink race prevention;
      we may have many links to file and rm on one of those obviously
      shouldn't prevent bind on top of another later on.  To fix it
      right way we need to mark _dentry_ as unsuitable for mounting
      upon; new flag (DCACHE_CANT_MOUNT) is protected by d_flags and
      i_mutex on the inode in question.  Set it (with dont_mount(dentry))
      in unlink/rmdir/etc., check (with cant_mount(dentry)) in places
      in namespace.c that used to check for S_DEAD.  Setting S_DEAD
      is still needed in places where we used to set it (for directories
      getting killed), since we rely on it for readdir/rmdir race
      prevention.
      
      2) rename()/mount() protection has another bogosity - we unhash
      the target before we'd checked that it's not a mountpoint.  Fixed.
      
      3) ancient bogosity in pivot_root() - we locked i_mutex on the
      right directory, but checked S_DEAD on the different (and wrong)
      one.  Noticed and fixed.
      Signed-off-by: NAl Viro <viro@zeniv.linux.org.uk>
      d83c49f3
  4. 12 4月, 2010 6 次提交
  5. 04 3月, 2010 7 次提交
  6. 17 1月, 2010 4 次提交
  7. 18 12月, 2009 1 次提交
    • L
      Revert "fix mismerge with Trond's stuff (create_mnt_ns() export is gone now)" · a2770d86
      Linus Torvalds 提交于
      This reverts commit e9496ff4. Quoth Al:
      
       "it's dependent on a lot of other stuff not currently in mainline
        and badly broken with current fs/namespace.c.  Sorry, badly
        out-of-order cherry-pick from old queue.
      
        PS: there's a large pending series reworking the refcounting and
        lifetime rules for vfsmounts that will, among other things, allow to
        rip a subtree away _without_ dissolving connections in it, to be
        garbage-collected when all active references are gone.  It's
        considerably saner wrt "is the subtree busy" logics, but it's nowhere
        near being ready for merge at the moment; this changeset is one of the
        things becoming possible with that sucker, but it certainly shouldn't
        have been picked during this cycle.  My apologies..."
      Noticed-by: NEric Paris <eparis@redhat.com>
      Requested-by: NAl Viro <viro@ZenIV.linux.org.uk>
      Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      a2770d86
  8. 17 12月, 2009 1 次提交
  9. 12 10月, 2009 1 次提交
  10. 24 9月, 2009 1 次提交
    • V
      fs: fix overflow in sys_mount() for in-kernel calls · eca6f534
      Vegard Nossum 提交于
      sys_mount() reads/copies a whole page for its "type" parameter.  When
      do_mount_root() passes a kernel address that points to an object which is
      smaller than a whole page, copy_mount_options() will happily go past this
      memory object, possibly dereferencing "wild" pointers that could be in any
      state (hence the kmemcheck warning, which shows that parts of the next
      page are not even allocated).
      
      (The likelihood of something going wrong here is pretty low -- first of
      all this only applies to kernel calls to sys_mount(), which are mostly
      found in the boot code.  Secondly, I guess if the page was not mapped,
      exact_copy_from_user() _would_ in fact handle it correctly because of its
      access_ok(), etc.  checks.)
      
      But it is much nicer to avoid the dubious reads altogether, by stopping as
      soon as we find a NUL byte.  Is there a good reason why we can't do
      something like this, using the already existing strndup_from_user()?
      
      [akpm@linux-foundation.org: make copy_mount_string() static]
      [AV: fix compat mount breakage, which involves undoing akpm's change above]
      Reported-by: NIngo Molnar <mingo@elte.hu>
      Signed-off-by: NVegard Nossum <vegard.nossum@gmail.com>
      Cc: Al Viro <viro@zeniv.linux.org.uk>
      Cc: Pekka Enberg <penberg@cs.helsinki.fi>
      Signed-off-by: NAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: Nal <al@dizzy.pdmi.ras.ru>
      eca6f534
  11. 08 8月, 2009 1 次提交
  12. 09 7月, 2009 1 次提交
  13. 24 6月, 2009 2 次提交
  14. 23 6月, 2009 2 次提交
    • T
      VFS: Add VFS helper functions for setting up private namespaces · cf8d2c11
      Trond Myklebust 提交于
      The purpose of this patch is to improve the remote mount path lookup
      support for distributed filesystems such as the NFSv4 client.
      
      When given a mount command of the form "mount server:/foo/bar /mnt", the
      NFSv4 client is required to look up the filehandle for "server:/", and
      then look up each component of the remote mount path "foo/bar" in order
      to find the directory that is actually going to be mounted on /mnt.
      Following that remote mount path may involve following symlinks,
      crossing server-side mount points and even following referrals to
      filesystem volumes on other servers.
      
      Since the standard VFS path lookup code already supports walking paths
      that contain all these features (using in-kernel automounts for
      following referrals) we would like to be able to reuse that rather than
      duplicate the full path traversal functionality in the NFSv4 client code.
      
      This patch therefore defines a VFS helper function create_mnt_ns(), that
      sets up a temporary filesystem namespace and attaches a root filesystem to
      it. It exports the create_mnt_ns() and put_mnt_ns() function for use by
      filesystem modules.
      Signed-off-by: NTrond Myklebust <Trond.Myklebust@netapp.com>
      Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      cf8d2c11
    • T
      VFS: Uninline the function put_mnt_ns() · 616511d0
      Trond Myklebust 提交于
      In order to allow modules to use it without having to export vfsmount_lock.
      Signed-off-by: NTrond Myklebust <Trond.Myklebust@netapp.com>
      Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      616511d0
  15. 12 6月, 2009 9 次提交