On Tue, Jan 16, 2024 at 1:46 AM Sasha Levin <sashal@xxxxxxxxxx> wrote: > > From: Miklos Szeredi <mszeredi@xxxxxxxxxx> > > [ Upstream commit 98d2b43081972abeb5bb5a087bc3e3197531c46e ] > > If a mount is released then its mnt_id can immediately be reused. This is > bad news for user interfaces that want to uniquely identify a mount. > Sasha, This is a new API, not a bug fix. Maybe AUTOSEL was triggered by the words "This is bad news for user...."? You have also selected this to other 6.*.y kernels. Thanks, Amir. > Implementing a unique mount ID is trivial (use a 64bit counter). > Unfortunately userspace assumes 32bit size and would overflow after the > counter reaches 2^32. > > Introduce a new 64bit ID alongside the old one. Initialize the counter to > 2^32, this guarantees that the old and new IDs are never mixed up. > > Signed-off-by: Miklos Szeredi <mszeredi@xxxxxxxxxx> > Link: https://lore.kernel.org/r/20231025140205.3586473-2-mszeredi@xxxxxxxxxx > Reviewed-by: Ian Kent <raven@xxxxxxxxxx> > Signed-off-by: Christian Brauner <brauner@xxxxxxxxxx> > Signed-off-by: Sasha Levin <sashal@xxxxxxxxxx> > --- > fs/mount.h | 3 ++- > fs/namespace.c | 4 ++++ > fs/stat.c | 9 +++++++-- > include/uapi/linux/stat.h | 1 + > 4 files changed, 14 insertions(+), 3 deletions(-) > > diff --git a/fs/mount.h b/fs/mount.h > index 130c07c2f8d2..a14f762b3f29 100644 > --- a/fs/mount.h > +++ b/fs/mount.h > @@ -72,7 +72,8 @@ struct mount { > struct fsnotify_mark_connector __rcu *mnt_fsnotify_marks; > __u32 mnt_fsnotify_mask; > #endif > - int mnt_id; /* mount identifier */ > + int mnt_id; /* mount identifier, reused */ > + u64 mnt_id_unique; /* mount ID unique until reboot */ > int mnt_group_id; /* peer group identifier */ > int mnt_expiry_mark; /* true if marked for expiry */ > struct hlist_head mnt_pins; > diff --git a/fs/namespace.c b/fs/namespace.c > index e04a9e9e3f14..12c8e2eeda91 100644 > --- a/fs/namespace.c > +++ b/fs/namespace.c > @@ -68,6 +68,9 @@ static u64 event; > static DEFINE_IDA(mnt_id_ida); > static DEFINE_IDA(mnt_group_ida); > > +/* Don't allow confusion with old 32bit mount ID */ > +static atomic64_t mnt_id_ctr = ATOMIC64_INIT(1ULL << 32); > + > static struct hlist_head *mount_hashtable __read_mostly; > static struct hlist_head *mountpoint_hashtable __read_mostly; > static struct kmem_cache *mnt_cache __read_mostly; > @@ -130,6 +133,7 @@ static int mnt_alloc_id(struct mount *mnt) > if (res < 0) > return res; > mnt->mnt_id = res; > + mnt->mnt_id_unique = atomic64_inc_return(&mnt_id_ctr); > return 0; > } > > diff --git a/fs/stat.c b/fs/stat.c > index ef50573c72a2..a003e891a682 100644 > --- a/fs/stat.c > +++ b/fs/stat.c > @@ -232,8 +232,13 @@ static int vfs_statx(int dfd, struct filename *filename, int flags, > > error = vfs_getattr(&path, stat, request_mask, flags); > > - stat->mnt_id = real_mount(path.mnt)->mnt_id; > - stat->result_mask |= STATX_MNT_ID; > + if (request_mask & STATX_MNT_ID_UNIQUE) { > + stat->mnt_id = real_mount(path.mnt)->mnt_id_unique; > + stat->result_mask |= STATX_MNT_ID_UNIQUE; > + } else { > + stat->mnt_id = real_mount(path.mnt)->mnt_id; > + stat->result_mask |= STATX_MNT_ID; > + } > > if (path.mnt->mnt_root == path.dentry) > stat->attributes |= STATX_ATTR_MOUNT_ROOT; > diff --git a/include/uapi/linux/stat.h b/include/uapi/linux/stat.h > index 7cab2c65d3d7..2f2ee82d5517 100644 > --- a/include/uapi/linux/stat.h > +++ b/include/uapi/linux/stat.h > @@ -154,6 +154,7 @@ struct statx { > #define STATX_BTIME 0x00000800U /* Want/got stx_btime */ > #define STATX_MNT_ID 0x00001000U /* Got stx_mnt_id */ > #define STATX_DIOALIGN 0x00002000U /* Want/got direct I/O alignment info */ > +#define STATX_MNT_ID_UNIQUE 0x00004000U /* Want/got extended stx_mount_id */ > > #define STATX__RESERVED 0x80000000U /* Reserved for future struct statx expansion */ > > -- > 2.43.0 > >
