From: Al Viro <viro@zeniv.linux.org.uk>
To: Boris Burkov <boris@bur.io>
Cc: linux-fsdevel@vger.kernel.org, daan.j.demeyer@gmail.com
Subject: Re: Possible bug with open between unshare(CLONE_NEWNS) calls
Date: Thu, 16 Jan 2025 04:14:59 +0000 [thread overview]
Message-ID: <20250116041459.GC1977892@ZenIV> (raw)
In-Reply-To: <20250115185608.GA2223535@zen.localdomain>
On Wed, Jan 15, 2025 at 10:56:08AM -0800, Boris Burkov wrote:
> Hello,
>
> If we run the following C code:
>
> unshare(CLONE_NEWNS);
> int fd = open("/dev/loop0", O_RDONLY)
> unshare(CLONE_NEWNS);
>
> Then after the second unshare, the mount hierarchy created by the first
> unshare is fully dereferenced and gets torn down, leaving the file
> pointed to by fd with a broken dentry.
No, it does not. dentry is just fine and so's mount - it is not
attached to anything, but it's alive and well.
> Specifically, subsequent calls to d_path on its path resolve to
> "/loop0".
> My question is:
> Is this expected behavior with respect to mount reference counts and
> namespace teardown?
Yes. Again, mount is still alive; it is detached, but that's it.
> If I mount a filesystem and have a running program with an open file
> descriptor in that filesystem, I would expect unmounting that filesystem
> to fail with EBUSY, so it stands to reason that the automatic unmount
> that happens from tearing down the mount namespace of the first unshare
> should respect similar semantics and either return EBUSY or at least
> have the lazy umount behavior and not wreck the still referenced mount
> objects.
Lazy umount is precisely what is happening. Referenced mount object is
there as long as it is referenced.
next prev parent reply other threads:[~2025-01-16 4:15 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-01-15 18:56 Possible bug with open between unshare(CLONE_NEWNS) calls Boris Burkov
2025-01-16 4:14 ` Al Viro [this message]
2025-01-16 4:52 ` Boris Burkov
2025-01-16 5:12 ` Al Viro
2025-01-16 10:46 ` Christian Brauner
2025-01-16 21:09 ` Qu Wenruo
2025-01-16 21:29 ` Al Viro
2025-01-16 21:42 ` Qu Wenruo
2025-01-20 15:37 ` Christian Brauner
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20250116041459.GC1977892@ZenIV \
--to=viro@zeniv.linux.org.uk \
--cc=boris@bur.io \
--cc=daan.j.demeyer@gmail.com \
--cc=linux-fsdevel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.