From: Miklos Szeredi Date: Sun, 7 Aug 2005 16:42:25 +0000 (-0700) Subject: [PATCH] namespace.c: fix bind mount from foreign namespace X-Git-Url: https://git.stricted.de/?a=commitdiff_plain;h=68b47139ea94ab6d05e89c654db8daa99e9a232c;p=GitHub%2FLineageOS%2Fandroid_kernel_samsung_universal7580.git [PATCH] namespace.c: fix bind mount from foreign namespace I'm resending this patch, because I still believe it's the correct fix. Tested before/after applying the patch with a test application available from: http://www.inf.bme.hu/~mszeredi/nstest.c Bind mount from a foreign namespace results in an un-removable mount. The reason is that mnt->mnt_namespace is copied from the old mount in clone_mnt(). Because of this check_mnt() in sys_umount() will fail. The solution is to set mnt->mnt_namespace to current->namespace in clone_mnt(). clone_mnt() is either called from do_loopback() or copy_tree(). copy_tree() is called from do_loopback() or copy_namespace(). When called (directly or indirectly) from do_loopback(), always current->namspace is being modified: check_mnt(nd->mnt). So setting mnt->mnt_namespace to current->namspace is the right thing to do. When called from copy_namespace(), the setting of mnt_namespace is irrelevant, since mnt_namespace is reset later in that function for all copied mounts. Jamie said: This patch is correct. The old code was buggy for more fundamental and serious reason: it broke the invariant that a tree of vfsmnts all have the same value of mnt_namespace (and the same for the mnt_list list). Signed-off-by: Miklos Szeredi Acked-by: Jamie Lokier Cc: Cc: Christoph Hellwig Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds --- diff --git a/fs/namespace.c b/fs/namespace.c index 587eb0d707e..79bd8a46e1e 100644 --- a/fs/namespace.c +++ b/fs/namespace.c @@ -160,7 +160,7 @@ clone_mnt(struct vfsmount *old, struct dentry *root) mnt->mnt_root = dget(root); mnt->mnt_mountpoint = mnt->mnt_root; mnt->mnt_parent = mnt; - mnt->mnt_namespace = old->mnt_namespace; + mnt->mnt_namespace = current->namespace; /* stick the duplicate mount on the same expiry list * as the original if that was on one */