Hi Alexander,
Do you have any comments about this patch?
Here is a reproducer for this leak:
$ cat mount.sh
set -e -x
mount --make-rprivate /
mount -t tmpfs zdtm /mnt
mount --make-shared /mnt
mount -t proc procX /proc
for i in `seq $1`; do
mount --bind /mnt /mnt
done
mount --make-rprivate /mnt
unshare -m sleep 1000 &
pid=$!
unshare -m nsenter -m -t $pid nsenter -m -t $$ true
$ while :; do unshare -Umpfr sh mount.sh 16 || break; done
...
$ cat /proc/slabinfo | grep mnt
mnt_cache 3281745 3281776 512 16 2 : tunables 0 0 0 : slabdata 205111 205111 0
On Thu, Jun 08, 2017 at 05:32:29PM -0700, Andrei Vagin wrote:
> Fixes: 4f757f3cbf54 ("make sure that mntns_install() doesn't end up with referral for root")
> Cc: Al Viro <viro@xxxxxxxxxxxxxxxxxx>
> Signed-off-by: Andrei Vagin <avagin@xxxxxxxxxx>
> ---
> fs/namespace.c | 2 ++
> 1 file changed, 2 insertions(+)
>
> diff --git a/fs/namespace.c b/fs/namespace.c
> index 8bd3e4d..5a44384 100644
> --- a/fs/namespace.c
> +++ b/fs/namespace.c
> @@ -3488,6 +3488,8 @@ static int mntns_install(struct nsproxy *nsproxy, struct ns_common *ns)
> return err;
> }
>
> + put_mnt_ns(old_mnt_ns);
> +
> /* Update the pwd and root */
> set_fs_pwd(fs, &root);
> set_fs_root(fs, &root);
> --
> 2.9.4
>
