On Sun, Jul 07, 2019 at 02:17:38PM -0700, Linus Torvalds wrote:
> On Fri, Jul 5, 2019 at 5:22 PM Al Viro <viro@xxxxxxxxxxxxxxxxxx> wrote:
> >
> > +static HLIST_HEAD(unmounted); /* protected by namespace_sem */
> > +static LIST_HEAD(ex_mountpoints);
>
> What protects the ex_mountpoints list?
>
> It looks like it's the mount_lock, but why isn't that documented?
>
> It sure isn't namespace_sem from the comment above.
It is namespace_sem. Of all put_mountpoint() callers only the one
from mntput_no_expire() (disposing of stuck MNT_LOCKed children)
is not under namespace_sem; all such are told to use ex_mountpoints
for disposal. See
+ if (!list)
+ list = &ex_mountpoints;
+ dput_to_list(dentry, list);
in there. Only one call site gets non-default disposal list -
list_for_each_entry_safe(p, tmp, &mnt->mnt_mounts, mnt_child) {
- umount_mnt(p);
+ umount_mnt(p, &list);
}
in mntput_no_expire() passes a local list to umount_mnt() (which passes it
to put_mountpoint()).
And namespace_unlock() empties ex_mountpoints before dropping namespace_sem -
the contents gets moved to a local list, which is fed to shrink_dentry_list()
as soon as we drop namespace_sem.
Protection of the disposal list is up to the callers of put_mountpoint();
for ex_mountpoints it's namespace_sem, for the one in mntput_no_expire()
we don't need any exclusion whatsoever - no other thread can access it.
IOW, the comment re namespace_sem applies to ex_mountpoints as well.
