From: Al Viro <viro@zeniv.linux.org.uk>
To: Christian Brauner <brauner@kernel.org>
Cc: linux-fsdevel@vger.kernel.org
Subject: Re: [PATCH][RFC] ->mnt_devname is never NULL
Date: Mon, 21 Apr 2025 17:29:47 +0100 [thread overview]
Message-ID: <20250421162947.GW2023217@ZenIV> (raw)
In-Reply-To: <20250421-annehmbar-fotoband-eb32f31f6124@brauner>
On Mon, Apr 21, 2025 at 09:56:20AM +0200, Christian Brauner wrote:
> On Mon, Apr 21, 2025 at 04:35:09AM +0100, Al Viro wrote:
> > Not since 8f2918898eb5 "new helpers: vfs_create_mount(), fc_mount()"
> > back in 2018. Get rid of the dead checks...
> >
> > Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
> > ---
>
> Good idea. Fwiw, I've put this into vfs-6.16.mount with some other minor
> stuff. If you're keeping it yourself let me know.
Not sure... I'm going through documenting the struct mount lifecycle/locking/etc.
and it already looks like there will be more patches, but then some are going
to be #fixes fodder.
Example caught just a couple of minutes ago: do_lock_mount()
if (beneath) {
m = real_mount(mnt);
read_seqlock_excl(&mount_lock);
dentry = dget(m->mnt_mountpoint);
read_sequnlock_excl(&mount_lock);
} else {
dentry = path->dentry;
}
inode_lock(dentry->d_inode);
What's to prevent the 'beneath' case from getting mnt mount --move'd
away *AND* the ex-parent from getting unmounted while we are blocked
in inode_lock? At this point we are not holding any locks whatsoever
(and all mount-related locks nest inside inode_lock(), so we couldn't
hold them there anyway).
Hit that race and watch a very unhappy umount...
BTW, a stylistic note: 'beneath' and '!beneath' cases have very little
in common; I'm pretty sure it would be cleaner to split this function
in two, putting the '!beneath' case back into lock_mount() and calling
the rest lock_mount_beneath()... This kind of boolean arguments is
a bad idea, IME - especially when they affect locking or lifetimes
in any way.
next prev parent reply other threads:[~2025-04-21 16:29 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-04-21 3:35 [PATCH][RFC] ->mnt_devname is never NULL Al Viro
2025-04-21 7:56 ` Christian Brauner
2025-04-21 16:29 ` Al Viro [this message]
2025-04-21 17:03 ` Al Viro
2025-04-22 3:14 ` [PATCH][RFC] do_lock_mount() races in 'beneath' case Al Viro
2025-04-22 7:47 ` Christian Brauner
2025-04-22 7:43 ` [PATCH][RFC] ->mnt_devname is never NULL Christian Brauner
2025-04-22 7:31 ` Christian Brauner
2025-04-22 12:25 ` Al Viro
2025-04-22 13:40 ` Christian Brauner
2025-04-23 1:30 ` Al Viro
2025-04-23 22:20 ` Al Viro
2025-04-24 8:56 ` Christian Brauner
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20250421162947.GW2023217@ZenIV \
--to=viro@zeniv.linux.org.uk \
--cc=brauner@kernel.org \
--cc=linux-fsdevel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.