Miklos Szeredi <miklos@xxxxxxxxxx> writes: >> @@ -691,6 +693,7 @@ static void detach_mnt(struct mount *mnt, struct path *old_path) >> list_del_init(&mnt->mnt_hash); >> put_mountpoint(mnt->mnt_mp); >> mnt->mnt_mp = NULL; >> + list_del_init(&mnt->mnt_mp_list); > > Should be done *before* put_mountpoint(), for obvious reasons. > > And a BUG_ON(!list_empty(&mp->m_list)) in put_mountpoint() for good measure (and > no, WARN_ON() is not better here, since use-after-free is definitely worse than > a BUG). Good point. I will take a look at making this change shortly and repost the patches. >> } >> >> /* >> @@ -705,6 +708,7 @@ void mnt_set_mountpoint(struct mount *mnt, >> child_mnt->mnt_mountpoint = dget(mp->m_dentry); >> child_mnt->mnt_parent = mnt; >> child_mnt->mnt_mp = mp; >> + list_add_tail(&child_mnt->mnt_mp_list, &mp->m_list); >> } >> >> /* >> @@ -1193,6 +1197,7 @@ void umount_tree(struct mount *mnt, int propagate) >> p->mnt_parent->mnt_ghosts++; >> put_mountpoint(p->mnt_mp); >> p->mnt_mp = NULL; >> + list_del_init(&mnt->mnt_mp_list); > > Ditto. > >> } >> change_mnt_propagation(p, MS_PRIVATE); >> } >> -- >> 1.7.5.4 >> -- To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
