Re: [PATCH] namespace.c: fix bind mount from foreign namespace

[Miklos Szeredi]

> That's a bit smaller (source and compiled) as:
> 
> 	if (ns2 < ns1)
> 		down_write(&ns2->sem);
> 	down_write(&ns1->sem);
> 	if (ns2 > ns1)
> 		down_write(&ns2->sem);
> 
> (And you'll notice that does the right thing if ns2==ns1 too, in case
> that gives you any ideas.)

Nice.

> Otherwise, the patch looks convincing to me.

There's another problem with it: we don't hold a reference to
old_nd.mnt->mnt_namespace, and the namespace going away could race
with this function.

So first obtain the necessary reference:

	spin_lock(&vfsmount_lock);
	ns2 = old_nd.mnt->mnt_namespace;
	if (ns2)
		get_namespace(ns2);
	spin_unlock(&vfsmount_lock);

Then take the semaphores.

Then recheck old_nd.mnt->mnt_namespace, because it might have been
detached between the spin_unlock() and the down_write(&ns2->sem).

It's starting to get a bit complex, and I'm wondering if it's worth it :)

Miklos

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/