Received: by 10.213.65.68 with SMTP id h4csp777351imn; Fri, 23 Mar 2018 16:16:59 -0700 (PDT) X-Google-Smtp-Source: AG47ELtYdy15ZX44jsG4WJCxCPJCpwMjP/tpZK/DXFw0f4oJYgszswWK267V9R5orQ30bxF5lqoe X-Received: by 2002:a17:902:bc41:: with SMTP id t1-v6mr30835931plz.56.1521847019425; Fri, 23 Mar 2018 16:16:59 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1521847019; cv=none; d=google.com; s=arc-20160816; b=PyXbV6MMrFVMHpCK3G6AXRBOC7ebpXbKpCVrln+mghIy5DYh6AIKZ7hmVqF/d6f25C zdR89PtuGARgpIbQ1h1iDTjnnwpQIv55lZT+Pi2J29AjAbTym+WU3uhWO1kHIvOT81Cc Esq+YYRXNBuX1+t0y5Ve7jzKHOPCYW9l0GRXlZtCmZ94F4nYxXFY18nqarl/Wx58SMUB cSNvRQw308jADQZsld1mp//n+M28R5diNSKRDcHmnFlXAJYoOBzhnEBlg0NfnjqpRLZU f2y3W2sYwPu1P9OrJWmugG1DK9nH5qJM5GlKwD1UlONacc2bfXA+nXOtZNBH8m/bbr1t 7xxA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date:arc-authentication-results; bh=4LleGjq41u9f79nlrR7LAiDLRROOpYD7e04kC4si6Og=; b=c5YvOqjUpHWkwQYKYHtLCMhsPSTiAeQjLqEEWmVxl5ed6T6vedF07w45T8JZZNhPdw hkwj3NxuwdvXWZWFoGvyfrwY9/VyS7ZgMV5jdEqGVBJHAT7QS6QEZ0qEGdLZVPZyYYnF 1/If2GA7+MZkgvh8y+yYcDDyVVikO3s80SBEHg5zy+EpceRGKh15KKWpHxrBJ1t22DFp 6z65LvLCTDLUNMvQbfcclfnh6J6ACDy5LGFrkvja/UMpNDlQi8NRDZQEeAgoEWP/Xrt3 tMQcpf/pE35X/+2hr7IS8yW7QnCaif6gU/O8rBxnOLPiLPEBJrv+h7Exm5gjjMi94YSH oepw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id 1-v6si9593095plj.510.2018.03.23.16.16.45; Fri, 23 Mar 2018 16:16:59 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752770AbeCWXPS (ORCPT + 99 others); Fri, 23 Mar 2018 19:15:18 -0400 Received: from zeniv.linux.org.uk ([195.92.253.2]:51646 "EHLO ZenIV.linux.org.uk" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752163AbeCWXPQ (ORCPT ); Fri, 23 Mar 2018 19:15:16 -0400 Received: from viro by ZenIV.linux.org.uk with local (Exim 4.87 #1 (Red Hat Linux)) id 1ezVtv-0005bY-CS; Fri, 23 Mar 2018 23:15:11 +0000 Date: Fri, 23 Mar 2018 23:15:11 +0000 From: Al Viro To: "Eric W. Biederman" Cc: Aleksa Sarai , linux-kernel@vger.kernel.org, containers@lists.linux-foundation.org Subject: Re: [PATCH 1/2] fs: Extend mount_ns with support for a fast namespace to vfsmount function Message-ID: <20180323231511.GK30522@ZenIV.linux.org.uk> References: <20180323060457.sxgsd3j2obi33fyw@gordon> <87k1u3ti9e.fsf@xmission.com> <87fu4qo4ff.fsf_-_@xmission.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <87fu4qo4ff.fsf_-_@xmission.com> User-Agent: Mutt/1.9.1 (2017-09-22) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, Mar 23, 2018 at 04:41:40PM -0500, Eric W. Biederman wrote: > struct dentry *mount_ns(struct file_system_type *fs_type, > int flags, void *data, void *ns, struct user_namespace *user_ns, > + struct vfsmount *(*ns_to_mnt)(void *ns), > int (*fill_super)(struct super_block *, void *, int)) > { > struct super_block *sb; > - > + int (*test_super)(struct super_block *, void *) = ns_test_super; > /* Don't allow mounting unless the caller has CAP_SYS_ADMIN > * over the namespace. > */ > if (!(flags & SB_KERNMOUNT) && !ns_capable(user_ns, CAP_SYS_ADMIN)) > return ERR_PTR(-EPERM); > > - sb = sget_userns(fs_type, ns_test_super, ns_set_super, flags, > - user_ns, ns); > + if (ns_to_mnt) { > + test_super = NULL; > + if (!(flags & SB_KERNMOUNT)) { > + struct vfsmount *m = ns_to_mnt(ns); > + if (IS_ERR(m)) > + return ERR_CAST(m); > + atomic_inc(&m->mnt_sb->s_active); > + down_write(&m->mnt_sb->s_umount); > + return dget(m->mnt_root); This is completely wrong. Look: * SB_KERNMOUNT and !SB_KERNMOUNT cases are almost entirely isolated; completely so once that ns_to_mnt becomes unconditionally non-NULL. * in !SB_KERNMOUNT passing ns_to_mnt() is pointless - you might as well pass existing vfsmount (or ERR_PTR()) and use _that_. fill_super() is not used at all in that case. * is SB_KERNMOUNT ns_to_mnt serves only as a flag, eventually constant true. So let's split it in two helpers and give them sane arguments.