4 * (C) Copyright Al Viro 2000, 2001
5 * Released under GPL v2.
7 * Based on code from fs/super.c, copyright Linus Torvalds and others.
11 #include <linux/syscalls.h>
12 #include <linux/export.h>
13 #include <linux/capability.h>
14 #include <linux/mnt_namespace.h>
15 #include <linux/namei.h>
16 #include <linux/security.h>
17 #include <linux/idr.h>
18 #include <linux/acct.h> /* acct_auto_close_mnt */
19 #include <linux/ramfs.h> /* init_rootfs */
20 #include <linux/fs_struct.h> /* get_fs_root et.al. */
21 #include <linux/fsnotify.h> /* fsnotify_vfsmount_delete */
22 #include <linux/uaccess.h>
23 #include <linux/proc_fs.h>
27 #define HASH_SHIFT ilog2(PAGE_SIZE / sizeof(struct list_head))
28 #define HASH_SIZE (1UL << HASH_SHIFT)
31 static DEFINE_IDA(mnt_id_ida);
32 static DEFINE_IDA(mnt_group_ida);
33 static DEFINE_SPINLOCK(mnt_id_lock);
34 static int mnt_id_start = 0;
35 static int mnt_group_start = 1;
37 static struct list_head *mount_hashtable __read_mostly;
38 static struct kmem_cache *mnt_cache __read_mostly;
39 static struct rw_semaphore namespace_sem;
42 struct kobject *fs_kobj;
43 EXPORT_SYMBOL_GPL(fs_kobj);
46 * vfsmount lock may be taken for read to prevent changes to the
47 * vfsmount hash, ie. during mountpoint lookups or walking back
50 * It should be taken for write in all cases where the vfsmount
51 * tree or hash is modified or when a vfsmount structure is modified.
53 DEFINE_BRLOCK(vfsmount_lock);
55 static inline unsigned long hash(struct vfsmount *mnt, struct dentry *dentry)
57 unsigned long tmp = ((unsigned long)mnt / L1_CACHE_BYTES);
58 tmp += ((unsigned long)dentry / L1_CACHE_BYTES);
59 tmp = tmp + (tmp >> HASH_SHIFT);
60 return tmp & (HASH_SIZE - 1);
63 #define MNT_WRITER_UNDERFLOW_LIMIT -(1<<16)
66 * allocation is serialized by namespace_sem, but we need the spinlock to
67 * serialize with freeing.
69 static int mnt_alloc_id(struct mount *mnt)
74 ida_pre_get(&mnt_id_ida, GFP_KERNEL);
75 spin_lock(&mnt_id_lock);
76 res = ida_get_new_above(&mnt_id_ida, mnt_id_start, &mnt->mnt_id);
78 mnt_id_start = mnt->mnt_id + 1;
79 spin_unlock(&mnt_id_lock);
86 static void mnt_free_id(struct mount *mnt)
89 spin_lock(&mnt_id_lock);
90 ida_remove(&mnt_id_ida, id);
91 if (mnt_id_start > id)
93 spin_unlock(&mnt_id_lock);
97 * Allocate a new peer group ID
99 * mnt_group_ida is protected by namespace_sem
101 static int mnt_alloc_group_id(struct mount *mnt)
105 if (!ida_pre_get(&mnt_group_ida, GFP_KERNEL))
108 res = ida_get_new_above(&mnt_group_ida,
112 mnt_group_start = mnt->mnt_group_id + 1;
118 * Release a peer group ID
120 void mnt_release_group_id(struct mount *mnt)
122 int id = mnt->mnt_group_id;
123 ida_remove(&mnt_group_ida, id);
124 if (mnt_group_start > id)
125 mnt_group_start = id;
126 mnt->mnt_group_id = 0;
130 * vfsmount lock must be held for read
132 static inline void mnt_add_count(struct mount *mnt, int n)
135 this_cpu_add(mnt->mnt_pcp->mnt_count, n);
144 * vfsmount lock must be held for write
146 unsigned int mnt_get_count(struct mount *mnt)
149 unsigned int count = 0;
152 for_each_possible_cpu(cpu) {
153 count += per_cpu_ptr(mnt->mnt_pcp, cpu)->mnt_count;
158 return mnt->mnt_count;
162 static struct mount *alloc_vfsmnt(const char *name)
164 struct mount *mnt = kmem_cache_zalloc(mnt_cache, GFP_KERNEL);
168 err = mnt_alloc_id(mnt);
173 mnt->mnt_devname = kstrdup(name, GFP_KERNEL);
174 if (!mnt->mnt_devname)
179 mnt->mnt_pcp = alloc_percpu(struct mnt_pcp);
181 goto out_free_devname;
183 this_cpu_add(mnt->mnt_pcp->mnt_count, 1);
186 mnt->mnt_writers = 0;
189 INIT_LIST_HEAD(&mnt->mnt_hash);
190 INIT_LIST_HEAD(&mnt->mnt_child);
191 INIT_LIST_HEAD(&mnt->mnt_mounts);
192 INIT_LIST_HEAD(&mnt->mnt_list);
193 INIT_LIST_HEAD(&mnt->mnt_expire);
194 INIT_LIST_HEAD(&mnt->mnt_share);
195 INIT_LIST_HEAD(&mnt->mnt_slave_list);
196 INIT_LIST_HEAD(&mnt->mnt_slave);
197 #ifdef CONFIG_FSNOTIFY
198 INIT_HLIST_HEAD(&mnt->mnt_fsnotify_marks);
205 kfree(mnt->mnt_devname);
210 kmem_cache_free(mnt_cache, mnt);
215 * Most r/o checks on a fs are for operations that take
216 * discrete amounts of time, like a write() or unlink().
217 * We must keep track of when those operations start
218 * (for permission checks) and when they end, so that
219 * we can determine when writes are able to occur to
223 * __mnt_is_readonly: check whether a mount is read-only
224 * @mnt: the mount to check for its write status
226 * This shouldn't be used directly ouside of the VFS.
227 * It does not guarantee that the filesystem will stay
228 * r/w, just that it is right *now*. This can not and
229 * should not be used in place of IS_RDONLY(inode).
230 * mnt_want/drop_write() will _keep_ the filesystem
233 int __mnt_is_readonly(struct vfsmount *mnt)
235 if (mnt->mnt_flags & MNT_READONLY)
237 if (mnt->mnt_sb->s_flags & MS_RDONLY)
241 EXPORT_SYMBOL_GPL(__mnt_is_readonly);
243 static inline void mnt_inc_writers(struct mount *mnt)
246 this_cpu_inc(mnt->mnt_pcp->mnt_writers);
252 static inline void mnt_dec_writers(struct mount *mnt)
255 this_cpu_dec(mnt->mnt_pcp->mnt_writers);
261 static unsigned int mnt_get_writers(struct mount *mnt)
264 unsigned int count = 0;
267 for_each_possible_cpu(cpu) {
268 count += per_cpu_ptr(mnt->mnt_pcp, cpu)->mnt_writers;
273 return mnt->mnt_writers;
277 static int mnt_is_readonly(struct vfsmount *mnt)
279 if (mnt->mnt_sb->s_readonly_remount)
281 /* Order wrt setting s_flags/s_readonly_remount in do_remount() */
283 return __mnt_is_readonly(mnt);
287 * Most r/o & frozen checks on a fs are for operations that take discrete
288 * amounts of time, like a write() or unlink(). We must keep track of when
289 * those operations start (for permission checks) and when they end, so that we
290 * can determine when writes are able to occur to a filesystem.
293 * __mnt_want_write - get write access to a mount without freeze protection
294 * @m: the mount on which to take a write
296 * This tells the low-level filesystem that a write is about to be performed to
297 * it, and makes sure that writes are allowed (mnt it read-write) before
298 * returning success. This operation does not protect against filesystem being
299 * frozen. When the write operation is finished, __mnt_drop_write() must be
300 * called. This is effectively a refcount.
302 int __mnt_want_write(struct vfsmount *m)
304 struct mount *mnt = real_mount(m);
308 mnt_inc_writers(mnt);
310 * The store to mnt_inc_writers must be visible before we pass
311 * MNT_WRITE_HOLD loop below, so that the slowpath can see our
312 * incremented count after it has set MNT_WRITE_HOLD.
315 while (mnt->mnt.mnt_flags & MNT_WRITE_HOLD)
318 * After the slowpath clears MNT_WRITE_HOLD, mnt_is_readonly will
319 * be set to match its requirements. So we must not load that until
320 * MNT_WRITE_HOLD is cleared.
323 if (mnt_is_readonly(m)) {
324 mnt_dec_writers(mnt);
333 * mnt_want_write - get write access to a mount
334 * @m: the mount on which to take a write
336 * This tells the low-level filesystem that a write is about to be performed to
337 * it, and makes sure that writes are allowed (mount is read-write, filesystem
338 * is not frozen) before returning success. When the write operation is
339 * finished, mnt_drop_write() must be called. This is effectively a refcount.
341 int mnt_want_write(struct vfsmount *m)
345 sb_start_write(m->mnt_sb);
346 ret = __mnt_want_write(m);
348 sb_end_write(m->mnt_sb);
351 EXPORT_SYMBOL_GPL(mnt_want_write);
354 * mnt_clone_write - get write access to a mount
355 * @mnt: the mount on which to take a write
357 * This is effectively like mnt_want_write, except
358 * it must only be used to take an extra write reference
359 * on a mountpoint that we already know has a write reference
360 * on it. This allows some optimisation.
362 * After finished, mnt_drop_write must be called as usual to
363 * drop the reference.
365 int mnt_clone_write(struct vfsmount *mnt)
367 /* superblock may be r/o */
368 if (__mnt_is_readonly(mnt))
371 mnt_inc_writers(real_mount(mnt));
375 EXPORT_SYMBOL_GPL(mnt_clone_write);
378 * __mnt_want_write_file - get write access to a file's mount
379 * @file: the file who's mount on which to take a write
381 * This is like __mnt_want_write, but it takes a file and can
382 * do some optimisations if the file is open for write already
384 int __mnt_want_write_file(struct file *file)
386 struct inode *inode = file->f_dentry->d_inode;
388 if (!(file->f_mode & FMODE_WRITE) || special_file(inode->i_mode))
389 return __mnt_want_write(file->f_path.mnt);
391 return mnt_clone_write(file->f_path.mnt);
395 * mnt_want_write_file - get write access to a file's mount
396 * @file: the file who's mount on which to take a write
398 * This is like mnt_want_write, but it takes a file and can
399 * do some optimisations if the file is open for write already
401 int mnt_want_write_file(struct file *file)
405 sb_start_write(file->f_path.mnt->mnt_sb);
406 ret = __mnt_want_write_file(file);
408 sb_end_write(file->f_path.mnt->mnt_sb);
411 EXPORT_SYMBOL_GPL(mnt_want_write_file);
414 * __mnt_drop_write - give up write access to a mount
415 * @mnt: the mount on which to give up write access
417 * Tells the low-level filesystem that we are done
418 * performing writes to it. Must be matched with
419 * __mnt_want_write() call above.
421 void __mnt_drop_write(struct vfsmount *mnt)
424 mnt_dec_writers(real_mount(mnt));
429 * mnt_drop_write - give up write access to a mount
430 * @mnt: the mount on which to give up write access
432 * Tells the low-level filesystem that we are done performing writes to it and
433 * also allows filesystem to be frozen again. Must be matched with
434 * mnt_want_write() call above.
436 void mnt_drop_write(struct vfsmount *mnt)
438 __mnt_drop_write(mnt);
439 sb_end_write(mnt->mnt_sb);
441 EXPORT_SYMBOL_GPL(mnt_drop_write);
443 void __mnt_drop_write_file(struct file *file)
445 __mnt_drop_write(file->f_path.mnt);
448 void mnt_drop_write_file(struct file *file)
450 mnt_drop_write(file->f_path.mnt);
452 EXPORT_SYMBOL(mnt_drop_write_file);
454 static int mnt_make_readonly(struct mount *mnt)
458 br_write_lock(&vfsmount_lock);
459 mnt->mnt.mnt_flags |= MNT_WRITE_HOLD;
461 * After storing MNT_WRITE_HOLD, we'll read the counters. This store
462 * should be visible before we do.
467 * With writers on hold, if this value is zero, then there are
468 * definitely no active writers (although held writers may subsequently
469 * increment the count, they'll have to wait, and decrement it after
470 * seeing MNT_READONLY).
472 * It is OK to have counter incremented on one CPU and decremented on
473 * another: the sum will add up correctly. The danger would be when we
474 * sum up each counter, if we read a counter before it is incremented,
475 * but then read another CPU's count which it has been subsequently
476 * decremented from -- we would see more decrements than we should.
477 * MNT_WRITE_HOLD protects against this scenario, because
478 * mnt_want_write first increments count, then smp_mb, then spins on
479 * MNT_WRITE_HOLD, so it can't be decremented by another CPU while
480 * we're counting up here.
482 if (mnt_get_writers(mnt) > 0)
485 mnt->mnt.mnt_flags |= MNT_READONLY;
487 * MNT_READONLY must become visible before ~MNT_WRITE_HOLD, so writers
488 * that become unheld will see MNT_READONLY.
491 mnt->mnt.mnt_flags &= ~MNT_WRITE_HOLD;
492 br_write_unlock(&vfsmount_lock);
496 static void __mnt_unmake_readonly(struct mount *mnt)
498 br_write_lock(&vfsmount_lock);
499 mnt->mnt.mnt_flags &= ~MNT_READONLY;
500 br_write_unlock(&vfsmount_lock);
503 int sb_prepare_remount_readonly(struct super_block *sb)
508 /* Racy optimization. Recheck the counter under MNT_WRITE_HOLD */
509 if (atomic_long_read(&sb->s_remove_count))
512 br_write_lock(&vfsmount_lock);
513 list_for_each_entry(mnt, &sb->s_mounts, mnt_instance) {
514 if (!(mnt->mnt.mnt_flags & MNT_READONLY)) {
515 mnt->mnt.mnt_flags |= MNT_WRITE_HOLD;
517 if (mnt_get_writers(mnt) > 0) {
523 if (!err && atomic_long_read(&sb->s_remove_count))
527 sb->s_readonly_remount = 1;
530 list_for_each_entry(mnt, &sb->s_mounts, mnt_instance) {
531 if (mnt->mnt.mnt_flags & MNT_WRITE_HOLD)
532 mnt->mnt.mnt_flags &= ~MNT_WRITE_HOLD;
534 br_write_unlock(&vfsmount_lock);
539 static void free_vfsmnt(struct mount *mnt)
541 kfree(mnt->mnt_devname);
544 free_percpu(mnt->mnt_pcp);
546 kmem_cache_free(mnt_cache, mnt);
550 * find the first or last mount at @dentry on vfsmount @mnt depending on
551 * @dir. If @dir is set return the first mount else return the last mount.
552 * vfsmount_lock must be held for read or write.
554 struct mount *__lookup_mnt(struct vfsmount *mnt, struct dentry *dentry,
557 struct list_head *head = mount_hashtable + hash(mnt, dentry);
558 struct list_head *tmp = head;
559 struct mount *p, *found = NULL;
562 tmp = dir ? tmp->next : tmp->prev;
566 p = list_entry(tmp, struct mount, mnt_hash);
567 if (&p->mnt_parent->mnt == mnt && p->mnt_mountpoint == dentry) {
576 * lookup_mnt - Return the first child mount mounted at path
578 * "First" means first mounted chronologically. If you create the
581 * mount /dev/sda1 /mnt
582 * mount /dev/sda2 /mnt
583 * mount /dev/sda3 /mnt
585 * Then lookup_mnt() on the base /mnt dentry in the root mount will
586 * return successively the root dentry and vfsmount of /dev/sda1, then
587 * /dev/sda2, then /dev/sda3, then NULL.
589 * lookup_mnt takes a reference to the found vfsmount.
591 struct vfsmount *lookup_mnt(struct path *path)
593 struct mount *child_mnt;
595 br_read_lock(&vfsmount_lock);
596 child_mnt = __lookup_mnt(path->mnt, path->dentry, 1);
598 mnt_add_count(child_mnt, 1);
599 br_read_unlock(&vfsmount_lock);
600 return &child_mnt->mnt;
602 br_read_unlock(&vfsmount_lock);
607 static inline int check_mnt(struct mount *mnt)
609 return mnt->mnt_ns == current->nsproxy->mnt_ns;
613 * vfsmount lock must be held for write
615 static void touch_mnt_namespace(struct mnt_namespace *ns)
619 wake_up_interruptible(&ns->poll);
624 * vfsmount lock must be held for write
626 static void __touch_mnt_namespace(struct mnt_namespace *ns)
628 if (ns && ns->event != event) {
630 wake_up_interruptible(&ns->poll);
635 * Clear dentry's mounted state if it has no remaining mounts.
636 * vfsmount_lock must be held for write.
638 static void dentry_reset_mounted(struct dentry *dentry)
642 for (u = 0; u < HASH_SIZE; u++) {
645 list_for_each_entry(p, &mount_hashtable[u], mnt_hash) {
646 if (p->mnt_mountpoint == dentry)
650 spin_lock(&dentry->d_lock);
651 dentry->d_flags &= ~DCACHE_MOUNTED;
652 spin_unlock(&dentry->d_lock);
656 * vfsmount lock must be held for write
658 static void detach_mnt(struct mount *mnt, struct path *old_path)
660 old_path->dentry = mnt->mnt_mountpoint;
661 old_path->mnt = &mnt->mnt_parent->mnt;
662 mnt->mnt_parent = mnt;
663 mnt->mnt_mountpoint = mnt->mnt.mnt_root;
664 list_del_init(&mnt->mnt_child);
665 list_del_init(&mnt->mnt_hash);
666 dentry_reset_mounted(old_path->dentry);
670 * vfsmount lock must be held for write
672 void mnt_set_mountpoint(struct mount *mnt, struct dentry *dentry,
673 struct mount *child_mnt)
675 mnt_add_count(mnt, 1); /* essentially, that's mntget */
676 child_mnt->mnt_mountpoint = dget(dentry);
677 child_mnt->mnt_parent = mnt;
678 spin_lock(&dentry->d_lock);
679 dentry->d_flags |= DCACHE_MOUNTED;
680 spin_unlock(&dentry->d_lock);
684 * vfsmount lock must be held for write
686 static void attach_mnt(struct mount *mnt, struct path *path)
688 mnt_set_mountpoint(real_mount(path->mnt), path->dentry, mnt);
689 list_add_tail(&mnt->mnt_hash, mount_hashtable +
690 hash(path->mnt, path->dentry));
691 list_add_tail(&mnt->mnt_child, &real_mount(path->mnt)->mnt_mounts);
695 * vfsmount lock must be held for write
697 static void commit_tree(struct mount *mnt)
699 struct mount *parent = mnt->mnt_parent;
702 struct mnt_namespace *n = parent->mnt_ns;
704 BUG_ON(parent == mnt);
706 list_add_tail(&head, &mnt->mnt_list);
707 list_for_each_entry(m, &head, mnt_list)
710 list_splice(&head, n->list.prev);
712 list_add_tail(&mnt->mnt_hash, mount_hashtable +
713 hash(&parent->mnt, mnt->mnt_mountpoint));
714 list_add_tail(&mnt->mnt_child, &parent->mnt_mounts);
715 touch_mnt_namespace(n);
718 static struct mount *next_mnt(struct mount *p, struct mount *root)
720 struct list_head *next = p->mnt_mounts.next;
721 if (next == &p->mnt_mounts) {
725 next = p->mnt_child.next;
726 if (next != &p->mnt_parent->mnt_mounts)
731 return list_entry(next, struct mount, mnt_child);
734 static struct mount *skip_mnt_tree(struct mount *p)
736 struct list_head *prev = p->mnt_mounts.prev;
737 while (prev != &p->mnt_mounts) {
738 p = list_entry(prev, struct mount, mnt_child);
739 prev = p->mnt_mounts.prev;
745 vfs_kern_mount(struct file_system_type *type, int flags, const char *name, void *data)
751 return ERR_PTR(-ENODEV);
753 mnt = alloc_vfsmnt(name);
755 return ERR_PTR(-ENOMEM);
757 if (flags & MS_KERNMOUNT)
758 mnt->mnt.mnt_flags = MNT_INTERNAL;
760 root = mount_fs(type, flags, name, data);
763 return ERR_CAST(root);
766 mnt->mnt.mnt_root = root;
767 mnt->mnt.mnt_sb = root->d_sb;
768 mnt->mnt_mountpoint = mnt->mnt.mnt_root;
769 mnt->mnt_parent = mnt;
770 br_write_lock(&vfsmount_lock);
771 list_add_tail(&mnt->mnt_instance, &root->d_sb->s_mounts);
772 br_write_unlock(&vfsmount_lock);
775 EXPORT_SYMBOL_GPL(vfs_kern_mount);
777 static struct mount *clone_mnt(struct mount *old, struct dentry *root,
780 struct super_block *sb = old->mnt.mnt_sb;
784 mnt = alloc_vfsmnt(old->mnt_devname);
786 return ERR_PTR(-ENOMEM);
788 if (flag & (CL_SLAVE | CL_PRIVATE))
789 mnt->mnt_group_id = 0; /* not a peer of original */
791 mnt->mnt_group_id = old->mnt_group_id;
793 if ((flag & CL_MAKE_SHARED) && !mnt->mnt_group_id) {
794 err = mnt_alloc_group_id(mnt);
799 mnt->mnt.mnt_flags = old->mnt.mnt_flags & ~MNT_WRITE_HOLD;
800 atomic_inc(&sb->s_active);
801 mnt->mnt.mnt_sb = sb;
802 mnt->mnt.mnt_root = dget(root);
803 mnt->mnt_mountpoint = mnt->mnt.mnt_root;
804 mnt->mnt_parent = mnt;
805 br_write_lock(&vfsmount_lock);
806 list_add_tail(&mnt->mnt_instance, &sb->s_mounts);
807 br_write_unlock(&vfsmount_lock);
809 if (flag & CL_SLAVE) {
810 list_add(&mnt->mnt_slave, &old->mnt_slave_list);
811 mnt->mnt_master = old;
812 CLEAR_MNT_SHARED(mnt);
813 } else if (!(flag & CL_PRIVATE)) {
814 if ((flag & CL_MAKE_SHARED) || IS_MNT_SHARED(old))
815 list_add(&mnt->mnt_share, &old->mnt_share);
816 if (IS_MNT_SLAVE(old))
817 list_add(&mnt->mnt_slave, &old->mnt_slave);
818 mnt->mnt_master = old->mnt_master;
820 if (flag & CL_MAKE_SHARED)
823 /* stick the duplicate mount on the same expiry list
824 * as the original if that was on one */
825 if (flag & CL_EXPIRE) {
826 if (!list_empty(&old->mnt_expire))
827 list_add(&mnt->mnt_expire, &old->mnt_expire);
837 static inline void mntfree(struct mount *mnt)
839 struct vfsmount *m = &mnt->mnt;
840 struct super_block *sb = m->mnt_sb;
843 * This probably indicates that somebody messed
844 * up a mnt_want/drop_write() pair. If this
845 * happens, the filesystem was probably unable
846 * to make r/w->r/o transitions.
849 * The locking used to deal with mnt_count decrement provides barriers,
850 * so mnt_get_writers() below is safe.
852 WARN_ON(mnt_get_writers(mnt));
853 fsnotify_vfsmount_delete(m);
856 deactivate_super(sb);
859 static void mntput_no_expire(struct mount *mnt)
863 br_read_lock(&vfsmount_lock);
864 if (likely(mnt->mnt_ns)) {
865 /* shouldn't be the last one */
866 mnt_add_count(mnt, -1);
867 br_read_unlock(&vfsmount_lock);
870 br_read_unlock(&vfsmount_lock);
872 br_write_lock(&vfsmount_lock);
873 mnt_add_count(mnt, -1);
874 if (mnt_get_count(mnt)) {
875 br_write_unlock(&vfsmount_lock);
879 mnt_add_count(mnt, -1);
880 if (likely(mnt_get_count(mnt)))
882 br_write_lock(&vfsmount_lock);
884 if (unlikely(mnt->mnt_pinned)) {
885 mnt_add_count(mnt, mnt->mnt_pinned + 1);
887 br_write_unlock(&vfsmount_lock);
888 acct_auto_close_mnt(&mnt->mnt);
892 list_del(&mnt->mnt_instance);
893 br_write_unlock(&vfsmount_lock);
897 void mntput(struct vfsmount *mnt)
900 struct mount *m = real_mount(mnt);
901 /* avoid cacheline pingpong, hope gcc doesn't get "smart" */
902 if (unlikely(m->mnt_expiry_mark))
903 m->mnt_expiry_mark = 0;
907 EXPORT_SYMBOL(mntput);
909 struct vfsmount *mntget(struct vfsmount *mnt)
912 mnt_add_count(real_mount(mnt), 1);
915 EXPORT_SYMBOL(mntget);
917 void mnt_pin(struct vfsmount *mnt)
919 br_write_lock(&vfsmount_lock);
920 real_mount(mnt)->mnt_pinned++;
921 br_write_unlock(&vfsmount_lock);
923 EXPORT_SYMBOL(mnt_pin);
925 void mnt_unpin(struct vfsmount *m)
927 struct mount *mnt = real_mount(m);
928 br_write_lock(&vfsmount_lock);
929 if (mnt->mnt_pinned) {
930 mnt_add_count(mnt, 1);
933 br_write_unlock(&vfsmount_lock);
935 EXPORT_SYMBOL(mnt_unpin);
937 static inline void mangle(struct seq_file *m, const char *s)
939 seq_escape(m, s, " \t\n\\");
943 * Simple .show_options callback for filesystems which don't want to
944 * implement more complex mount option showing.
946 * See also save_mount_options().
948 int generic_show_options(struct seq_file *m, struct dentry *root)
953 options = rcu_dereference(root->d_sb->s_options);
955 if (options != NULL && options[0]) {
963 EXPORT_SYMBOL(generic_show_options);
966 * If filesystem uses generic_show_options(), this function should be
967 * called from the fill_super() callback.
969 * The .remount_fs callback usually needs to be handled in a special
970 * way, to make sure, that previous options are not overwritten if the
973 * Also note, that if the filesystem's .remount_fs function doesn't
974 * reset all options to their default value, but changes only newly
975 * given options, then the displayed options will not reflect reality
978 void save_mount_options(struct super_block *sb, char *options)
980 BUG_ON(sb->s_options);
981 rcu_assign_pointer(sb->s_options, kstrdup(options, GFP_KERNEL));
983 EXPORT_SYMBOL(save_mount_options);
985 void replace_mount_options(struct super_block *sb, char *options)
987 char *old = sb->s_options;
988 rcu_assign_pointer(sb->s_options, options);
994 EXPORT_SYMBOL(replace_mount_options);
996 #ifdef CONFIG_PROC_FS
997 /* iterator; we want it to have access to namespace_sem, thus here... */
998 static void *m_start(struct seq_file *m, loff_t *pos)
1000 struct proc_mounts *p = proc_mounts(m);
1002 down_read(&namespace_sem);
1003 return seq_list_start(&p->ns->list, *pos);
1006 static void *m_next(struct seq_file *m, void *v, loff_t *pos)
1008 struct proc_mounts *p = proc_mounts(m);
1010 return seq_list_next(v, &p->ns->list, pos);
1013 static void m_stop(struct seq_file *m, void *v)
1015 up_read(&namespace_sem);
1018 static int m_show(struct seq_file *m, void *v)
1020 struct proc_mounts *p = proc_mounts(m);
1021 struct mount *r = list_entry(v, struct mount, mnt_list);
1022 return p->show(m, &r->mnt);
1025 const struct seq_operations mounts_op = {
1031 #endif /* CONFIG_PROC_FS */
1034 * may_umount_tree - check if a mount tree is busy
1035 * @mnt: root of mount tree
1037 * This is called to check if a tree of mounts has any
1038 * open files, pwds, chroots or sub mounts that are
1041 int may_umount_tree(struct vfsmount *m)
1043 struct mount *mnt = real_mount(m);
1044 int actual_refs = 0;
1045 int minimum_refs = 0;
1049 /* write lock needed for mnt_get_count */
1050 br_write_lock(&vfsmount_lock);
1051 for (p = mnt; p; p = next_mnt(p, mnt)) {
1052 actual_refs += mnt_get_count(p);
1055 br_write_unlock(&vfsmount_lock);
1057 if (actual_refs > minimum_refs)
1063 EXPORT_SYMBOL(may_umount_tree);
1066 * may_umount - check if a mount point is busy
1067 * @mnt: root of mount
1069 * This is called to check if a mount point has any
1070 * open files, pwds, chroots or sub mounts. If the
1071 * mount has sub mounts this will return busy
1072 * regardless of whether the sub mounts are busy.
1074 * Doesn't take quota and stuff into account. IOW, in some cases it will
1075 * give false negatives. The main reason why it's here is that we need
1076 * a non-destructive way to look for easily umountable filesystems.
1078 int may_umount(struct vfsmount *mnt)
1081 down_read(&namespace_sem);
1082 br_write_lock(&vfsmount_lock);
1083 if (propagate_mount_busy(real_mount(mnt), 2))
1085 br_write_unlock(&vfsmount_lock);
1086 up_read(&namespace_sem);
1090 EXPORT_SYMBOL(may_umount);
1092 void release_mounts(struct list_head *head)
1095 while (!list_empty(head)) {
1096 mnt = list_first_entry(head, struct mount, mnt_hash);
1097 list_del_init(&mnt->mnt_hash);
1098 if (mnt_has_parent(mnt)) {
1099 struct dentry *dentry;
1102 br_write_lock(&vfsmount_lock);
1103 dentry = mnt->mnt_mountpoint;
1104 m = mnt->mnt_parent;
1105 mnt->mnt_mountpoint = mnt->mnt.mnt_root;
1106 mnt->mnt_parent = mnt;
1108 br_write_unlock(&vfsmount_lock);
1117 * vfsmount lock must be held for write
1118 * namespace_sem must be held for write
1120 void umount_tree(struct mount *mnt, int propagate, struct list_head *kill)
1122 LIST_HEAD(tmp_list);
1125 for (p = mnt; p; p = next_mnt(p, mnt))
1126 list_move(&p->mnt_hash, &tmp_list);
1129 propagate_umount(&tmp_list);
1131 list_for_each_entry(p, &tmp_list, mnt_hash) {
1132 list_del_init(&p->mnt_expire);
1133 list_del_init(&p->mnt_list);
1134 __touch_mnt_namespace(p->mnt_ns);
1136 list_del_init(&p->mnt_child);
1137 if (mnt_has_parent(p)) {
1138 p->mnt_parent->mnt_ghosts++;
1139 dentry_reset_mounted(p->mnt_mountpoint);
1141 change_mnt_propagation(p, MS_PRIVATE);
1143 list_splice(&tmp_list, kill);
1146 static void shrink_submounts(struct mount *mnt, struct list_head *umounts);
1148 static int do_umount(struct mount *mnt, int flags)
1150 struct super_block *sb = mnt->mnt.mnt_sb;
1152 LIST_HEAD(umount_list);
1154 retval = security_sb_umount(&mnt->mnt, flags);
1159 * Allow userspace to request a mountpoint be expired rather than
1160 * unmounting unconditionally. Unmount only happens if:
1161 * (1) the mark is already set (the mark is cleared by mntput())
1162 * (2) the usage count == 1 [parent vfsmount] + 1 [sys_umount]
1164 if (flags & MNT_EXPIRE) {
1165 if (&mnt->mnt == current->fs->root.mnt ||
1166 flags & (MNT_FORCE | MNT_DETACH))
1170 * probably don't strictly need the lock here if we examined
1171 * all race cases, but it's a slowpath.
1173 br_write_lock(&vfsmount_lock);
1174 if (mnt_get_count(mnt) != 2) {
1175 br_write_unlock(&vfsmount_lock);
1178 br_write_unlock(&vfsmount_lock);
1180 if (!xchg(&mnt->mnt_expiry_mark, 1))
1185 * If we may have to abort operations to get out of this
1186 * mount, and they will themselves hold resources we must
1187 * allow the fs to do things. In the Unix tradition of
1188 * 'Gee thats tricky lets do it in userspace' the umount_begin
1189 * might fail to complete on the first run through as other tasks
1190 * must return, and the like. Thats for the mount program to worry
1191 * about for the moment.
1194 if (flags & MNT_FORCE && sb->s_op->umount_begin) {
1195 sb->s_op->umount_begin(sb);
1199 * No sense to grab the lock for this test, but test itself looks
1200 * somewhat bogus. Suggestions for better replacement?
1201 * Ho-hum... In principle, we might treat that as umount + switch
1202 * to rootfs. GC would eventually take care of the old vfsmount.
1203 * Actually it makes sense, especially if rootfs would contain a
1204 * /reboot - static binary that would close all descriptors and
1205 * call reboot(9). Then init(8) could umount root and exec /reboot.
1207 if (&mnt->mnt == current->fs->root.mnt && !(flags & MNT_DETACH)) {
1209 * Special case for "unmounting" root ...
1210 * we just try to remount it readonly.
1212 down_write(&sb->s_umount);
1213 if (!(sb->s_flags & MS_RDONLY))
1214 retval = do_remount_sb(sb, MS_RDONLY, NULL, 0);
1215 up_write(&sb->s_umount);
1219 down_write(&namespace_sem);
1220 br_write_lock(&vfsmount_lock);
1223 if (!(flags & MNT_DETACH))
1224 shrink_submounts(mnt, &umount_list);
1227 if (flags & MNT_DETACH || !propagate_mount_busy(mnt, 2)) {
1228 if (!list_empty(&mnt->mnt_list))
1229 umount_tree(mnt, 1, &umount_list);
1232 br_write_unlock(&vfsmount_lock);
1233 up_write(&namespace_sem);
1234 release_mounts(&umount_list);
1239 * Now umount can handle mount points as well as block devices.
1240 * This is important for filesystems which use unnamed block devices.
1242 * We now support a flag for forced unmount like the other 'big iron'
1243 * unixes. Our API is identical to OSF/1 to avoid making a mess of AMD
1246 SYSCALL_DEFINE2(umount, char __user *, name, int, flags)
1251 int lookup_flags = 0;
1253 if (flags & ~(MNT_FORCE | MNT_DETACH | MNT_EXPIRE | UMOUNT_NOFOLLOW))
1256 if (!(flags & UMOUNT_NOFOLLOW))
1257 lookup_flags |= LOOKUP_FOLLOW;
1259 retval = user_path_at(AT_FDCWD, name, lookup_flags, &path);
1262 mnt = real_mount(path.mnt);
1264 if (path.dentry != path.mnt->mnt_root)
1266 if (!check_mnt(mnt))
1270 if (!capable(CAP_SYS_ADMIN))
1273 retval = do_umount(mnt, flags);
1275 /* we mustn't call path_put() as that would clear mnt_expiry_mark */
1277 mntput_no_expire(mnt);
1282 #ifdef __ARCH_WANT_SYS_OLDUMOUNT
1285 * The 2.0 compatible umount. No flags.
1287 SYSCALL_DEFINE1(oldumount, char __user *, name)
1289 return sys_umount(name, 0);
1294 static int mount_is_safe(struct path *path)
1296 if (capable(CAP_SYS_ADMIN))
1300 if (S_ISLNK(path->dentry->d_inode->i_mode))
1302 if (path->dentry->d_inode->i_mode & S_ISVTX) {
1303 if (current_uid() != path->dentry->d_inode->i_uid)
1306 if (inode_permission(path->dentry->d_inode, MAY_WRITE))
1312 static bool mnt_ns_loop(struct path *path)
1314 /* Could bind mounting the mount namespace inode cause a
1315 * mount namespace loop?
1317 struct inode *inode = path->dentry->d_inode;
1318 struct proc_inode *ei;
1319 struct mnt_namespace *mnt_ns;
1321 if (!proc_ns_inode(inode))
1325 if (ei->ns_ops != &mntns_operations)
1329 return current->nsproxy->mnt_ns->seq >= mnt_ns->seq;
1332 struct mount *copy_tree(struct mount *mnt, struct dentry *dentry,
1335 struct mount *res, *p, *q, *r;
1338 if (!(flag & CL_COPY_ALL) && IS_MNT_UNBINDABLE(mnt))
1339 return ERR_PTR(-EINVAL);
1341 res = q = clone_mnt(mnt, dentry, flag);
1345 q->mnt_mountpoint = mnt->mnt_mountpoint;
1348 list_for_each_entry(r, &mnt->mnt_mounts, mnt_child) {
1350 if (!is_subdir(r->mnt_mountpoint, dentry))
1353 for (s = r; s; s = next_mnt(s, r)) {
1354 if (!(flag & CL_COPY_ALL) && IS_MNT_UNBINDABLE(s)) {
1355 s = skip_mnt_tree(s);
1358 while (p != s->mnt_parent) {
1364 path.dentry = p->mnt_mountpoint;
1365 q = clone_mnt(p, p->mnt.mnt_root, flag);
1368 br_write_lock(&vfsmount_lock);
1369 list_add_tail(&q->mnt_list, &res->mnt_list);
1370 attach_mnt(q, &path);
1371 br_write_unlock(&vfsmount_lock);
1377 LIST_HEAD(umount_list);
1378 br_write_lock(&vfsmount_lock);
1379 umount_tree(res, 0, &umount_list);
1380 br_write_unlock(&vfsmount_lock);
1381 release_mounts(&umount_list);
1386 /* Caller should check returned pointer for errors */
1388 struct vfsmount *collect_mounts(struct path *path)
1391 down_write(&namespace_sem);
1392 tree = copy_tree(real_mount(path->mnt), path->dentry,
1393 CL_COPY_ALL | CL_PRIVATE);
1394 up_write(&namespace_sem);
1400 void drop_collected_mounts(struct vfsmount *mnt)
1402 LIST_HEAD(umount_list);
1403 down_write(&namespace_sem);
1404 br_write_lock(&vfsmount_lock);
1405 umount_tree(real_mount(mnt), 0, &umount_list);
1406 br_write_unlock(&vfsmount_lock);
1407 up_write(&namespace_sem);
1408 release_mounts(&umount_list);
1411 int iterate_mounts(int (*f)(struct vfsmount *, void *), void *arg,
1412 struct vfsmount *root)
1415 int res = f(root, arg);
1418 list_for_each_entry(mnt, &real_mount(root)->mnt_list, mnt_list) {
1419 res = f(&mnt->mnt, arg);
1426 static void cleanup_group_ids(struct mount *mnt, struct mount *end)
1430 for (p = mnt; p != end; p = next_mnt(p, mnt)) {
1431 if (p->mnt_group_id && !IS_MNT_SHARED(p))
1432 mnt_release_group_id(p);
1436 static int invent_group_ids(struct mount *mnt, bool recurse)
1440 for (p = mnt; p; p = recurse ? next_mnt(p, mnt) : NULL) {
1441 if (!p->mnt_group_id && !IS_MNT_SHARED(p)) {
1442 int err = mnt_alloc_group_id(p);
1444 cleanup_group_ids(mnt, p);
1454 * @source_mnt : mount tree to be attached
1455 * @nd : place the mount tree @source_mnt is attached
1456 * @parent_nd : if non-null, detach the source_mnt from its parent and
1457 * store the parent mount and mountpoint dentry.
1458 * (done when source_mnt is moved)
1460 * NOTE: in the table below explains the semantics when a source mount
1461 * of a given type is attached to a destination mount of a given type.
1462 * ---------------------------------------------------------------------------
1463 * | BIND MOUNT OPERATION |
1464 * |**************************************************************************
1465 * | source-->| shared | private | slave | unbindable |
1469 * |**************************************************************************
1470 * | shared | shared (++) | shared (+) | shared(+++)| invalid |
1472 * |non-shared| shared (+) | private | slave (*) | invalid |
1473 * ***************************************************************************
1474 * A bind operation clones the source mount and mounts the clone on the
1475 * destination mount.
1477 * (++) the cloned mount is propagated to all the mounts in the propagation
1478 * tree of the destination mount and the cloned mount is added to
1479 * the peer group of the source mount.
1480 * (+) the cloned mount is created under the destination mount and is marked
1481 * as shared. The cloned mount is added to the peer group of the source
1483 * (+++) the mount is propagated to all the mounts in the propagation tree
1484 * of the destination mount and the cloned mount is made slave
1485 * of the same master as that of the source mount. The cloned mount
1486 * is marked as 'shared and slave'.
1487 * (*) the cloned mount is made a slave of the same master as that of the
1490 * ---------------------------------------------------------------------------
1491 * | MOVE MOUNT OPERATION |
1492 * |**************************************************************************
1493 * | source-->| shared | private | slave | unbindable |
1497 * |**************************************************************************
1498 * | shared | shared (+) | shared (+) | shared(+++) | invalid |
1500 * |non-shared| shared (+*) | private | slave (*) | unbindable |
1501 * ***************************************************************************
1503 * (+) the mount is moved to the destination. And is then propagated to
1504 * all the mounts in the propagation tree of the destination mount.
1505 * (+*) the mount is moved to the destination.
1506 * (+++) the mount is moved to the destination and is then propagated to
1507 * all the mounts belonging to the destination mount's propagation tree.
1508 * the mount is marked as 'shared and slave'.
1509 * (*) the mount continues to be a slave at the new location.
1511 * if the source mount is a tree, the operations explained above is
1512 * applied to each mount in the tree.
1513 * Must be called without spinlocks held, since this function can sleep
1516 static int attach_recursive_mnt(struct mount *source_mnt,
1517 struct path *path, struct path *parent_path)
1519 LIST_HEAD(tree_list);
1520 struct mount *dest_mnt = real_mount(path->mnt);
1521 struct dentry *dest_dentry = path->dentry;
1522 struct mount *child, *p;
1525 if (IS_MNT_SHARED(dest_mnt)) {
1526 err = invent_group_ids(source_mnt, true);
1530 err = propagate_mnt(dest_mnt, dest_dentry, source_mnt, &tree_list);
1532 goto out_cleanup_ids;
1534 br_write_lock(&vfsmount_lock);
1536 if (IS_MNT_SHARED(dest_mnt)) {
1537 for (p = source_mnt; p; p = next_mnt(p, source_mnt))
1541 detach_mnt(source_mnt, parent_path);
1542 attach_mnt(source_mnt, path);
1543 touch_mnt_namespace(source_mnt->mnt_ns);
1545 mnt_set_mountpoint(dest_mnt, dest_dentry, source_mnt);
1546 commit_tree(source_mnt);
1549 list_for_each_entry_safe(child, p, &tree_list, mnt_hash) {
1550 list_del_init(&child->mnt_hash);
1553 br_write_unlock(&vfsmount_lock);
1558 if (IS_MNT_SHARED(dest_mnt))
1559 cleanup_group_ids(source_mnt, NULL);
1564 static int lock_mount(struct path *path)
1566 struct vfsmount *mnt;
1568 mutex_lock(&path->dentry->d_inode->i_mutex);
1569 if (unlikely(cant_mount(path->dentry))) {
1570 mutex_unlock(&path->dentry->d_inode->i_mutex);
1573 down_write(&namespace_sem);
1574 mnt = lookup_mnt(path);
1577 up_write(&namespace_sem);
1578 mutex_unlock(&path->dentry->d_inode->i_mutex);
1581 path->dentry = dget(mnt->mnt_root);
1585 static void unlock_mount(struct path *path)
1587 up_write(&namespace_sem);
1588 mutex_unlock(&path->dentry->d_inode->i_mutex);
1591 static int graft_tree(struct mount *mnt, struct path *path)
1593 if (mnt->mnt.mnt_sb->s_flags & MS_NOUSER)
1596 if (S_ISDIR(path->dentry->d_inode->i_mode) !=
1597 S_ISDIR(mnt->mnt.mnt_root->d_inode->i_mode))
1600 if (d_unlinked(path->dentry))
1603 return attach_recursive_mnt(mnt, path, NULL);
1607 * Sanity check the flags to change_mnt_propagation.
1610 static int flags_to_propagation_type(int flags)
1612 int type = flags & ~(MS_REC | MS_SILENT);
1614 /* Fail if any non-propagation flags are set */
1615 if (type & ~(MS_SHARED | MS_PRIVATE | MS_SLAVE | MS_UNBINDABLE))
1617 /* Only one propagation flag should be set */
1618 if (!is_power_of_2(type))
1624 * recursively change the type of the mountpoint.
1626 static int do_change_type(struct path *path, int flag)
1629 struct mount *mnt = real_mount(path->mnt);
1630 int recurse = flag & MS_REC;
1634 if (!capable(CAP_SYS_ADMIN))
1637 if (path->dentry != path->mnt->mnt_root)
1640 type = flags_to_propagation_type(flag);
1644 down_write(&namespace_sem);
1645 if (type == MS_SHARED) {
1646 err = invent_group_ids(mnt, recurse);
1651 br_write_lock(&vfsmount_lock);
1652 for (m = mnt; m; m = (recurse ? next_mnt(m, mnt) : NULL))
1653 change_mnt_propagation(m, type);
1654 br_write_unlock(&vfsmount_lock);
1657 up_write(&namespace_sem);
1662 * do loopback mount.
1664 static int do_loopback(struct path *path, const char *old_name,
1667 LIST_HEAD(umount_list);
1668 struct path old_path;
1669 struct mount *mnt = NULL, *old;
1670 int err = mount_is_safe(path);
1673 if (!old_name || !*old_name)
1675 err = kern_path(old_name, LOOKUP_FOLLOW|LOOKUP_AUTOMOUNT, &old_path);
1680 if (mnt_ns_loop(&old_path))
1683 err = lock_mount(path);
1687 old = real_mount(old_path.mnt);
1690 if (IS_MNT_UNBINDABLE(old))
1693 if (!check_mnt(real_mount(path->mnt)) || !check_mnt(old))
1697 mnt = copy_tree(old, old_path.dentry, 0);
1699 mnt = clone_mnt(old, old_path.dentry, 0);
1706 err = graft_tree(mnt, path);
1708 br_write_lock(&vfsmount_lock);
1709 umount_tree(mnt, 0, &umount_list);
1710 br_write_unlock(&vfsmount_lock);
1714 release_mounts(&umount_list);
1716 path_put(&old_path);
1720 static int change_mount_flags(struct vfsmount *mnt, int ms_flags)
1723 int readonly_request = 0;
1725 if (ms_flags & MS_RDONLY)
1726 readonly_request = 1;
1727 if (readonly_request == __mnt_is_readonly(mnt))
1730 if (readonly_request)
1731 error = mnt_make_readonly(real_mount(mnt));
1733 __mnt_unmake_readonly(real_mount(mnt));
1738 * change filesystem flags. dir should be a physical root of filesystem.
1739 * If you've mounted a non-root directory somewhere and want to do remount
1740 * on it - tough luck.
1742 static int do_remount(struct path *path, int flags, int mnt_flags,
1746 struct super_block *sb = path->mnt->mnt_sb;
1747 struct mount *mnt = real_mount(path->mnt);
1749 if (!capable(CAP_SYS_ADMIN))
1752 if (!check_mnt(mnt))
1755 if (path->dentry != path->mnt->mnt_root)
1758 err = security_sb_remount(sb, data);
1762 down_write(&sb->s_umount);
1763 if (flags & MS_BIND)
1764 err = change_mount_flags(path->mnt, flags);
1766 err = do_remount_sb(sb, flags, data, 0);
1768 br_write_lock(&vfsmount_lock);
1769 mnt_flags |= mnt->mnt.mnt_flags & MNT_PROPAGATION_MASK;
1770 mnt->mnt.mnt_flags = mnt_flags;
1771 br_write_unlock(&vfsmount_lock);
1773 up_write(&sb->s_umount);
1775 br_write_lock(&vfsmount_lock);
1776 touch_mnt_namespace(mnt->mnt_ns);
1777 br_write_unlock(&vfsmount_lock);
1782 static inline int tree_contains_unbindable(struct mount *mnt)
1785 for (p = mnt; p; p = next_mnt(p, mnt)) {
1786 if (IS_MNT_UNBINDABLE(p))
1792 static int do_move_mount(struct path *path, const char *old_name)
1794 struct path old_path, parent_path;
1798 if (!capable(CAP_SYS_ADMIN))
1800 if (!old_name || !*old_name)
1802 err = kern_path(old_name, LOOKUP_FOLLOW, &old_path);
1806 err = lock_mount(path);
1810 old = real_mount(old_path.mnt);
1811 p = real_mount(path->mnt);
1814 if (!check_mnt(p) || !check_mnt(old))
1817 if (d_unlinked(path->dentry))
1821 if (old_path.dentry != old_path.mnt->mnt_root)
1824 if (!mnt_has_parent(old))
1827 if (S_ISDIR(path->dentry->d_inode->i_mode) !=
1828 S_ISDIR(old_path.dentry->d_inode->i_mode))
1831 * Don't move a mount residing in a shared parent.
1833 if (IS_MNT_SHARED(old->mnt_parent))
1836 * Don't move a mount tree containing unbindable mounts to a destination
1837 * mount which is shared.
1839 if (IS_MNT_SHARED(p) && tree_contains_unbindable(old))
1842 for (; mnt_has_parent(p); p = p->mnt_parent)
1846 err = attach_recursive_mnt(old, path, &parent_path);
1850 /* if the mount is moved, it should no longer be expire
1852 list_del_init(&old->mnt_expire);
1857 path_put(&parent_path);
1858 path_put(&old_path);
1862 static struct vfsmount *fs_set_subtype(struct vfsmount *mnt, const char *fstype)
1865 const char *subtype = strchr(fstype, '.');
1874 mnt->mnt_sb->s_subtype = kstrdup(subtype, GFP_KERNEL);
1876 if (!mnt->mnt_sb->s_subtype)
1882 return ERR_PTR(err);
1885 static struct vfsmount *
1886 do_kern_mount(const char *fstype, int flags, const char *name, void *data)
1888 struct file_system_type *type = get_fs_type(fstype);
1889 struct vfsmount *mnt;
1891 return ERR_PTR(-ENODEV);
1892 mnt = vfs_kern_mount(type, flags, name, data);
1893 if (!IS_ERR(mnt) && (type->fs_flags & FS_HAS_SUBTYPE) &&
1894 !mnt->mnt_sb->s_subtype)
1895 mnt = fs_set_subtype(mnt, fstype);
1896 put_filesystem(type);
1901 * add a mount into a namespace's mount tree
1903 static int do_add_mount(struct mount *newmnt, struct path *path, int mnt_flags)
1907 mnt_flags &= ~(MNT_SHARED | MNT_WRITE_HOLD | MNT_INTERNAL);
1909 err = lock_mount(path);
1914 if (unlikely(!check_mnt(real_mount(path->mnt)))) {
1915 /* that's acceptable only for automounts done in private ns */
1916 if (!(mnt_flags & MNT_SHRINKABLE))
1918 /* ... and for those we'd better have mountpoint still alive */
1919 if (!real_mount(path->mnt)->mnt_ns)
1923 /* Refuse the same filesystem on the same mount point */
1925 if (path->mnt->mnt_sb == newmnt->mnt.mnt_sb &&
1926 path->mnt->mnt_root == path->dentry)
1930 if (S_ISLNK(newmnt->mnt.mnt_root->d_inode->i_mode))
1933 newmnt->mnt.mnt_flags = mnt_flags;
1934 err = graft_tree(newmnt, path);
1942 * create a new mount for userspace and request it to be added into the
1945 static int do_new_mount(struct path *path, const char *type, int flags,
1946 int mnt_flags, const char *name, void *data)
1948 struct vfsmount *mnt;
1954 /* we need capabilities... */
1955 if (!capable(CAP_SYS_ADMIN))
1958 mnt = do_kern_mount(type, flags, name, data);
1960 return PTR_ERR(mnt);
1962 err = do_add_mount(real_mount(mnt), path, mnt_flags);
1968 int finish_automount(struct vfsmount *m, struct path *path)
1970 struct mount *mnt = real_mount(m);
1972 /* The new mount record should have at least 2 refs to prevent it being
1973 * expired before we get a chance to add it
1975 BUG_ON(mnt_get_count(mnt) < 2);
1977 if (m->mnt_sb == path->mnt->mnt_sb &&
1978 m->mnt_root == path->dentry) {
1983 err = do_add_mount(mnt, path, path->mnt->mnt_flags | MNT_SHRINKABLE);
1987 /* remove m from any expiration list it may be on */
1988 if (!list_empty(&mnt->mnt_expire)) {
1989 down_write(&namespace_sem);
1990 br_write_lock(&vfsmount_lock);
1991 list_del_init(&mnt->mnt_expire);
1992 br_write_unlock(&vfsmount_lock);
1993 up_write(&namespace_sem);
2001 * mnt_set_expiry - Put a mount on an expiration list
2002 * @mnt: The mount to list.
2003 * @expiry_list: The list to add the mount to.
2005 void mnt_set_expiry(struct vfsmount *mnt, struct list_head *expiry_list)
2007 down_write(&namespace_sem);
2008 br_write_lock(&vfsmount_lock);
2010 list_add_tail(&real_mount(mnt)->mnt_expire, expiry_list);
2012 br_write_unlock(&vfsmount_lock);
2013 up_write(&namespace_sem);
2015 EXPORT_SYMBOL(mnt_set_expiry);
2018 * process a list of expirable mountpoints with the intent of discarding any
2019 * mountpoints that aren't in use and haven't been touched since last we came
2022 void mark_mounts_for_expiry(struct list_head *mounts)
2024 struct mount *mnt, *next;
2025 LIST_HEAD(graveyard);
2028 if (list_empty(mounts))
2031 down_write(&namespace_sem);
2032 br_write_lock(&vfsmount_lock);
2034 /* extract from the expiration list every vfsmount that matches the
2035 * following criteria:
2036 * - only referenced by its parent vfsmount
2037 * - still marked for expiry (marked on the last call here; marks are
2038 * cleared by mntput())
2040 list_for_each_entry_safe(mnt, next, mounts, mnt_expire) {
2041 if (!xchg(&mnt->mnt_expiry_mark, 1) ||
2042 propagate_mount_busy(mnt, 1))
2044 list_move(&mnt->mnt_expire, &graveyard);
2046 while (!list_empty(&graveyard)) {
2047 mnt = list_first_entry(&graveyard, struct mount, mnt_expire);
2048 touch_mnt_namespace(mnt->mnt_ns);
2049 umount_tree(mnt, 1, &umounts);
2051 br_write_unlock(&vfsmount_lock);
2052 up_write(&namespace_sem);
2054 release_mounts(&umounts);
2057 EXPORT_SYMBOL_GPL(mark_mounts_for_expiry);
2060 * Ripoff of 'select_parent()'
2062 * search the list of submounts for a given mountpoint, and move any
2063 * shrinkable submounts to the 'graveyard' list.
2065 static int select_submounts(struct mount *parent, struct list_head *graveyard)
2067 struct mount *this_parent = parent;
2068 struct list_head *next;
2072 next = this_parent->mnt_mounts.next;
2074 while (next != &this_parent->mnt_mounts) {
2075 struct list_head *tmp = next;
2076 struct mount *mnt = list_entry(tmp, struct mount, mnt_child);
2079 if (!(mnt->mnt.mnt_flags & MNT_SHRINKABLE))
2082 * Descend a level if the d_mounts list is non-empty.
2084 if (!list_empty(&mnt->mnt_mounts)) {
2089 if (!propagate_mount_busy(mnt, 1)) {
2090 list_move_tail(&mnt->mnt_expire, graveyard);
2095 * All done at this level ... ascend and resume the search
2097 if (this_parent != parent) {
2098 next = this_parent->mnt_child.next;
2099 this_parent = this_parent->mnt_parent;
2106 * process a list of expirable mountpoints with the intent of discarding any
2107 * submounts of a specific parent mountpoint
2109 * vfsmount_lock must be held for write
2111 static void shrink_submounts(struct mount *mnt, struct list_head *umounts)
2113 LIST_HEAD(graveyard);
2116 /* extract submounts of 'mountpoint' from the expiration list */
2117 while (select_submounts(mnt, &graveyard)) {
2118 while (!list_empty(&graveyard)) {
2119 m = list_first_entry(&graveyard, struct mount,
2121 touch_mnt_namespace(m->mnt_ns);
2122 umount_tree(m, 1, umounts);
2128 * Some copy_from_user() implementations do not return the exact number of
2129 * bytes remaining to copy on a fault. But copy_mount_options() requires that.
2130 * Note that this function differs from copy_from_user() in that it will oops
2131 * on bad values of `to', rather than returning a short copy.
2133 static long exact_copy_from_user(void *to, const void __user * from,
2137 const char __user *f = from;
2140 if (!access_ok(VERIFY_READ, from, n))
2144 if (__get_user(c, f)) {
2155 int copy_mount_options(const void __user * data, unsigned long *where)
2165 if (!(page = __get_free_page(GFP_KERNEL)))
2168 /* We only care that *some* data at the address the user
2169 * gave us is valid. Just in case, we'll zero
2170 * the remainder of the page.
2172 /* copy_from_user cannot cross TASK_SIZE ! */
2173 size = TASK_SIZE - (unsigned long)data;
2174 if (size > PAGE_SIZE)
2177 i = size - exact_copy_from_user((void *)page, data, size);
2183 memset((char *)page + i, 0, PAGE_SIZE - i);
2188 int copy_mount_string(const void __user *data, char **where)
2197 tmp = strndup_user(data, PAGE_SIZE);
2199 return PTR_ERR(tmp);
2206 * Flags is a 32-bit value that allows up to 31 non-fs dependent flags to
2207 * be given to the mount() call (ie: read-only, no-dev, no-suid etc).
2209 * data is a (void *) that can point to any structure up to
2210 * PAGE_SIZE-1 bytes, which can contain arbitrary fs-dependent
2211 * information (or be NULL).
2213 * Pre-0.97 versions of mount() didn't have a flags word.
2214 * When the flags word was introduced its top half was required
2215 * to have the magic value 0xC0ED, and this remained so until 2.4.0-test9.
2216 * Therefore, if this magic number is present, it carries no information
2217 * and must be discarded.
2219 long do_mount(const char *dev_name, const char *dir_name,
2220 const char *type_page, unsigned long flags, void *data_page)
2227 if ((flags & MS_MGC_MSK) == MS_MGC_VAL)
2228 flags &= ~MS_MGC_MSK;
2230 /* Basic sanity checks */
2232 if (!dir_name || !*dir_name || !memchr(dir_name, 0, PAGE_SIZE))
2236 ((char *)data_page)[PAGE_SIZE - 1] = 0;
2238 /* ... and get the mountpoint */
2239 retval = kern_path(dir_name, LOOKUP_FOLLOW, &path);
2243 retval = security_sb_mount(dev_name, &path,
2244 type_page, flags, data_page);
2248 /* Default to relatime unless overriden */
2249 if (!(flags & MS_NOATIME))
2250 mnt_flags |= MNT_RELATIME;
2252 /* Separate the per-mountpoint flags */
2253 if (flags & MS_NOSUID)
2254 mnt_flags |= MNT_NOSUID;
2255 if (flags & MS_NODEV)
2256 mnt_flags |= MNT_NODEV;
2257 if (flags & MS_NOEXEC)
2258 mnt_flags |= MNT_NOEXEC;
2259 if (flags & MS_NOATIME)
2260 mnt_flags |= MNT_NOATIME;
2261 if (flags & MS_NODIRATIME)
2262 mnt_flags |= MNT_NODIRATIME;
2263 if (flags & MS_STRICTATIME)
2264 mnt_flags &= ~(MNT_RELATIME | MNT_NOATIME);
2265 if (flags & MS_RDONLY)
2266 mnt_flags |= MNT_READONLY;
2268 flags &= ~(MS_NOSUID | MS_NOEXEC | MS_NODEV | MS_ACTIVE | MS_BORN |
2269 MS_NOATIME | MS_NODIRATIME | MS_RELATIME| MS_KERNMOUNT |
2272 if (flags & MS_REMOUNT)
2273 retval = do_remount(&path, flags & ~MS_REMOUNT, mnt_flags,
2275 else if (flags & MS_BIND)
2276 retval = do_loopback(&path, dev_name, flags & MS_REC);
2277 else if (flags & (MS_SHARED | MS_PRIVATE | MS_SLAVE | MS_UNBINDABLE))
2278 retval = do_change_type(&path, flags);
2279 else if (flags & MS_MOVE)
2280 retval = do_move_mount(&path, dev_name);
2282 retval = do_new_mount(&path, type_page, flags, mnt_flags,
2283 dev_name, data_page);
2290 * Assign a sequence number so we can detect when we attempt to bind
2291 * mount a reference to an older mount namespace into the current
2292 * mount namespace, preventing reference counting loops. A 64bit
2293 * number incrementing at 10Ghz will take 12,427 years to wrap which
2294 * is effectively never, so we can ignore the possibility.
2296 static atomic64_t mnt_ns_seq = ATOMIC64_INIT(1);
2298 static struct mnt_namespace *alloc_mnt_ns(void)
2300 struct mnt_namespace *new_ns;
2302 new_ns = kmalloc(sizeof(struct mnt_namespace), GFP_KERNEL);
2304 return ERR_PTR(-ENOMEM);
2305 new_ns->seq = atomic64_add_return(1, &mnt_ns_seq);
2306 atomic_set(&new_ns->count, 1);
2307 new_ns->root = NULL;
2308 INIT_LIST_HEAD(&new_ns->list);
2309 init_waitqueue_head(&new_ns->poll);
2315 * Allocate a new namespace structure and populate it with contents
2316 * copied from the namespace of the passed in task structure.
2318 static struct mnt_namespace *dup_mnt_ns(struct mnt_namespace *mnt_ns,
2319 struct fs_struct *fs)
2321 struct mnt_namespace *new_ns;
2322 struct vfsmount *rootmnt = NULL, *pwdmnt = NULL;
2323 struct mount *p, *q;
2324 struct mount *old = mnt_ns->root;
2327 new_ns = alloc_mnt_ns();
2331 down_write(&namespace_sem);
2332 /* First pass: copy the tree topology */
2333 new = copy_tree(old, old->mnt.mnt_root, CL_COPY_ALL | CL_EXPIRE);
2335 up_write(&namespace_sem);
2337 return ERR_CAST(new);
2340 br_write_lock(&vfsmount_lock);
2341 list_add_tail(&new_ns->list, &new->mnt_list);
2342 br_write_unlock(&vfsmount_lock);
2345 * Second pass: switch the tsk->fs->* elements and mark new vfsmounts
2346 * as belonging to new namespace. We have already acquired a private
2347 * fs_struct, so tsk->fs->lock is not needed.
2354 if (&p->mnt == fs->root.mnt) {
2355 fs->root.mnt = mntget(&q->mnt);
2358 if (&p->mnt == fs->pwd.mnt) {
2359 fs->pwd.mnt = mntget(&q->mnt);
2363 p = next_mnt(p, old);
2364 q = next_mnt(q, new);
2366 up_write(&namespace_sem);
2376 struct mnt_namespace *copy_mnt_ns(unsigned long flags, struct mnt_namespace *ns,
2377 struct fs_struct *new_fs)
2379 struct mnt_namespace *new_ns;
2384 if (!(flags & CLONE_NEWNS))
2387 new_ns = dup_mnt_ns(ns, new_fs);
2394 * create_mnt_ns - creates a private namespace and adds a root filesystem
2395 * @mnt: pointer to the new root filesystem mountpoint
2397 static struct mnt_namespace *create_mnt_ns(struct vfsmount *m)
2399 struct mnt_namespace *new_ns = alloc_mnt_ns();
2400 if (!IS_ERR(new_ns)) {
2401 struct mount *mnt = real_mount(m);
2402 mnt->mnt_ns = new_ns;
2404 list_add(&new_ns->list, &mnt->mnt_list);
2411 struct dentry *mount_subtree(struct vfsmount *mnt, const char *name)
2413 struct mnt_namespace *ns;
2414 struct super_block *s;
2418 ns = create_mnt_ns(mnt);
2420 return ERR_CAST(ns);
2422 err = vfs_path_lookup(mnt->mnt_root, mnt,
2423 name, LOOKUP_FOLLOW|LOOKUP_AUTOMOUNT, &path);
2428 return ERR_PTR(err);
2430 /* trade a vfsmount reference for active sb one */
2431 s = path.mnt->mnt_sb;
2432 atomic_inc(&s->s_active);
2434 /* lock the sucker */
2435 down_write(&s->s_umount);
2436 /* ... and return the root of (sub)tree on it */
2439 EXPORT_SYMBOL(mount_subtree);
2441 SYSCALL_DEFINE5(mount, char __user *, dev_name, char __user *, dir_name,
2442 char __user *, type, unsigned long, flags, void __user *, data)
2446 struct filename *kernel_dir;
2448 unsigned long data_page;
2450 ret = copy_mount_string(type, &kernel_type);
2454 kernel_dir = getname(dir_name);
2455 if (IS_ERR(kernel_dir)) {
2456 ret = PTR_ERR(kernel_dir);
2460 ret = copy_mount_string(dev_name, &kernel_dev);
2464 ret = copy_mount_options(data, &data_page);
2468 ret = do_mount(kernel_dev, kernel_dir->name, kernel_type, flags,
2469 (void *) data_page);
2471 free_page(data_page);
2475 putname(kernel_dir);
2483 * Return true if path is reachable from root
2485 * namespace_sem or vfsmount_lock is held
2487 bool is_path_reachable(struct mount *mnt, struct dentry *dentry,
2488 const struct path *root)
2490 while (&mnt->mnt != root->mnt && mnt_has_parent(mnt)) {
2491 dentry = mnt->mnt_mountpoint;
2492 mnt = mnt->mnt_parent;
2494 return &mnt->mnt == root->mnt && is_subdir(dentry, root->dentry);
2497 int path_is_under(struct path *path1, struct path *path2)
2500 br_read_lock(&vfsmount_lock);
2501 res = is_path_reachable(real_mount(path1->mnt), path1->dentry, path2);
2502 br_read_unlock(&vfsmount_lock);
2505 EXPORT_SYMBOL(path_is_under);
2508 * pivot_root Semantics:
2509 * Moves the root file system of the current process to the directory put_old,
2510 * makes new_root as the new root file system of the current process, and sets
2511 * root/cwd of all processes which had them on the current root to new_root.
2514 * The new_root and put_old must be directories, and must not be on the
2515 * same file system as the current process root. The put_old must be
2516 * underneath new_root, i.e. adding a non-zero number of /.. to the string
2517 * pointed to by put_old must yield the same directory as new_root. No other
2518 * file system may be mounted on put_old. After all, new_root is a mountpoint.
2520 * Also, the current root cannot be on the 'rootfs' (initial ramfs) filesystem.
2521 * See Documentation/filesystems/ramfs-rootfs-initramfs.txt for alternatives
2522 * in this situation.
2525 * - we don't move root/cwd if they are not at the root (reason: if something
2526 * cared enough to change them, it's probably wrong to force them elsewhere)
2527 * - it's okay to pick a root that isn't the root of a file system, e.g.
2528 * /nfs/my_root where /nfs is the mount point. It must be a mountpoint,
2529 * though, so you may need to say mount --bind /nfs/my_root /nfs/my_root
2532 SYSCALL_DEFINE2(pivot_root, const char __user *, new_root,
2533 const char __user *, put_old)
2535 struct path new, old, parent_path, root_parent, root;
2536 struct mount *new_mnt, *root_mnt;
2539 if (!capable(CAP_SYS_ADMIN))
2542 error = user_path_dir(new_root, &new);
2546 error = user_path_dir(put_old, &old);
2550 error = security_sb_pivotroot(&old, &new);
2554 get_fs_root(current->fs, &root);
2555 error = lock_mount(&old);
2560 new_mnt = real_mount(new.mnt);
2561 root_mnt = real_mount(root.mnt);
2562 if (IS_MNT_SHARED(real_mount(old.mnt)) ||
2563 IS_MNT_SHARED(new_mnt->mnt_parent) ||
2564 IS_MNT_SHARED(root_mnt->mnt_parent))
2566 if (!check_mnt(root_mnt) || !check_mnt(new_mnt))
2569 if (d_unlinked(new.dentry))
2571 if (d_unlinked(old.dentry))
2574 if (new.mnt == root.mnt ||
2575 old.mnt == root.mnt)
2576 goto out4; /* loop, on the same file system */
2578 if (root.mnt->mnt_root != root.dentry)
2579 goto out4; /* not a mountpoint */
2580 if (!mnt_has_parent(root_mnt))
2581 goto out4; /* not attached */
2582 if (new.mnt->mnt_root != new.dentry)
2583 goto out4; /* not a mountpoint */
2584 if (!mnt_has_parent(new_mnt))
2585 goto out4; /* not attached */
2586 /* make sure we can reach put_old from new_root */
2587 if (!is_path_reachable(real_mount(old.mnt), old.dentry, &new))
2589 br_write_lock(&vfsmount_lock);
2590 detach_mnt(new_mnt, &parent_path);
2591 detach_mnt(root_mnt, &root_parent);
2592 /* mount old root on put_old */
2593 attach_mnt(root_mnt, &old);
2594 /* mount new_root on / */
2595 attach_mnt(new_mnt, &root_parent);
2596 touch_mnt_namespace(current->nsproxy->mnt_ns);
2597 br_write_unlock(&vfsmount_lock);
2598 chroot_fs_refs(&root, &new);
2603 path_put(&root_parent);
2604 path_put(&parent_path);
2616 static void __init init_mount_tree(void)
2618 struct vfsmount *mnt;
2619 struct mnt_namespace *ns;
2622 mnt = do_kern_mount("rootfs", 0, "rootfs", NULL);
2624 panic("Can't create rootfs");
2626 ns = create_mnt_ns(mnt);
2628 panic("Can't allocate initial namespace");
2630 init_task.nsproxy->mnt_ns = ns;
2634 root.dentry = mnt->mnt_root;
2636 set_fs_pwd(current->fs, &root);
2637 set_fs_root(current->fs, &root);
2640 void __init mnt_init(void)
2645 init_rwsem(&namespace_sem);
2647 mnt_cache = kmem_cache_create("mnt_cache", sizeof(struct mount),
2648 0, SLAB_HWCACHE_ALIGN | SLAB_PANIC, NULL);
2650 mount_hashtable = (struct list_head *)__get_free_page(GFP_ATOMIC);
2652 if (!mount_hashtable)
2653 panic("Failed to allocate mount hash table\n");
2655 printk(KERN_INFO "Mount-cache hash table entries: %lu\n", HASH_SIZE);
2657 for (u = 0; u < HASH_SIZE; u++)
2658 INIT_LIST_HEAD(&mount_hashtable[u]);
2660 br_lock_init(&vfsmount_lock);
2664 printk(KERN_WARNING "%s: sysfs_init error: %d\n",
2666 fs_kobj = kobject_create_and_add("fs", NULL);
2668 printk(KERN_WARNING "%s: kobj create error\n", __func__);
2673 void put_mnt_ns(struct mnt_namespace *ns)
2675 LIST_HEAD(umount_list);
2677 if (!atomic_dec_and_test(&ns->count))
2679 down_write(&namespace_sem);
2680 br_write_lock(&vfsmount_lock);
2681 umount_tree(ns->root, 0, &umount_list);
2682 br_write_unlock(&vfsmount_lock);
2683 up_write(&namespace_sem);
2684 release_mounts(&umount_list);
2688 struct vfsmount *kern_mount_data(struct file_system_type *type, void *data)
2690 struct vfsmount *mnt;
2691 mnt = vfs_kern_mount(type, MS_KERNMOUNT, type->name, data);
2694 * it is a longterm mount, don't release mnt until
2695 * we unmount before file sys is unregistered
2697 real_mount(mnt)->mnt_ns = MNT_NS_INTERNAL;
2701 EXPORT_SYMBOL_GPL(kern_mount_data);
2703 void kern_unmount(struct vfsmount *mnt)
2705 /* release long term mount so mount point can be released */
2706 if (!IS_ERR_OR_NULL(mnt)) {
2707 br_write_lock(&vfsmount_lock);
2708 real_mount(mnt)->mnt_ns = NULL;
2709 br_write_unlock(&vfsmount_lock);
2713 EXPORT_SYMBOL(kern_unmount);
2715 bool our_mnt(struct vfsmount *mnt)
2717 return check_mnt(real_mount(mnt));
2720 static void *mntns_get(struct task_struct *task)
2722 struct mnt_namespace *ns = NULL;
2723 struct nsproxy *nsproxy;
2726 nsproxy = task_nsproxy(task);
2728 ns = nsproxy->mnt_ns;
2736 static void mntns_put(void *ns)
2741 static int mntns_install(struct nsproxy *nsproxy, void *ns)
2743 struct fs_struct *fs = current->fs;
2744 struct mnt_namespace *mnt_ns = ns;
2747 if (!capable(CAP_SYS_ADMIN) || !capable(CAP_SYS_CHROOT))
2754 put_mnt_ns(nsproxy->mnt_ns);
2755 nsproxy->mnt_ns = mnt_ns;
2758 root.mnt = &mnt_ns->root->mnt;
2759 root.dentry = mnt_ns->root->mnt.mnt_root;
2761 while(d_mountpoint(root.dentry) && follow_down_one(&root))
2764 /* Update the pwd and root */
2765 set_fs_pwd(fs, &root);
2766 set_fs_root(fs, &root);
2772 const struct proc_ns_operations mntns_operations = {
2774 .type = CLONE_NEWNS,
2777 .install = mntns_install,
projects / karo-tx-linux.git / blob