diff options
| author | Al Viro <[email protected]> | 2015-05-12 12:22:47 -0400 | 
|---|---|---|
| committer | Al Viro <[email protected]> | 2015-05-15 01:10:38 -0400 | 
| commit | aed434ada68573549d9f5106cde26b94c48e51c2 (patch) | |
| tree | 9cf3fe783412ce33d95e96deed19f260be0bd16d /scripts/gcc-plugins | |
| parent | 99ff6cf0e67ada025ba8054a055862383355ec0e (diff) | |
namei: be careful with mountpoint crossings in follow_dotdot_rcu()
Otherwise we are risking a hard error where nonlazy restart would be the right
thing to do; it's a very narrow race with mount --move and most of the time it
ends up being completely harmless, but it's possible to construct a case when
we'll get a bogus hard error instead of falling back to non-lazy walk...
For one thing, when crossing _into_ overmount of parent we need to check for
mount_lock bumps when we get NULL from __lookup_mnt() as well.
For another, and less exotically, we need to make sure that the data fetched
in follow_up_rcu() had been consistent.  ->mnt_mountpoint is pinned for as
long as it is a mountpoint, but we need to check mount_lock after fetching
to verify that.
Signed-off-by: Al Viro <[email protected]>
Diffstat (limited to 'scripts/gcc-plugins')
0 files changed, 0 insertions, 0 deletions