Re: [Devel] [PATCH vz8 v2] binfmt_misc: fix mount after umount in CT

Tue, 19 Oct 2021 16:22:52 -0700 

On 19.10.2021 17:40, Nikita Yushchenko wrote:
> The assumption that bm_fill_super() is not called for the second time
> for CT is wrong: umount operation clears sb->s_root, which causes
> vfs_get_super() to call fill_super again on the next mount.
> 
> Make bm_fill_super() handle multiple-calls corrently:
> - initialize bm_data and set ve->binfmt_misc only if it is not done
>   before,
> - delay desctruction of it up to CT destruction.
> 
> https://jira.sw.ru/browse/PSBM-133968
> Fixes: 8250ff41d190 ("ve/fs/binfmt: clean bm_data reference from ve on err 
> path")
> Signed-off-by: Nikita Yushchenko <nikita.yushche...@virtuozzo.com>
> ---
> Changes from v1:
> - fix double-free of bm_data
> - make sure it compiles for !CONFIG_VE case
> 
>  fs/binfmt_misc.c | 58 ++++++++++++++++++++++++++----------------------
>  1 file changed, 32 insertions(+), 26 deletions(-)
> 
> diff --git a/fs/binfmt_misc.c b/fs/binfmt_misc.c
> index 0946e7e6caa5..5a3de9fea265 100644
> --- a/fs/binfmt_misc.c
> +++ b/fs/binfmt_misc.c
> @@ -852,39 +852,32 @@ static int bm_fill_super(struct super_block *sb, struct 
> fs_context *fc)
>               /* last one */ {""}
>       };
>  
> +#ifdef CONFIG_VE
>       struct ve_struct *ve = get_exec_env();
> -     struct binfmt_misc *bm_data;
> +     struct binfmt_misc *bm_data = ve->binfmt_misc;
> +#else
> +     static struct binfmt_misc *bm_data = NULL;
> +#endif
>  
> -     /*
> -      * bm_get_tree()
> -      *  get_tree_keyed(fc, bm_fill_super, get_ve(ve))
> -      *   fc->s_fs_info = current VE
> -      *   vfs_get_super(fc, vfs_get_keyed_super, bm_fill_super)
> -      *    sb = sget_fc(fc, test, set_anon_super_fc)
> -      *    if (!sb->s_root) {
> -      *              err = bm_fill_super(sb, fc);
> -      *
> -      * => we should never get here with initialized ve->binfmt_misc.
> -      */
> -     if (WARN_ON_ONCE(ve->binfmt_misc))
> -             return -EEXIST;
> +     if (!bm_data) {
> +             bm_data = kzalloc(sizeof(struct binfmt_misc), GFP_KERNEL);
> +             if (!bm_data)
> +                     return -ENOMEM;
>  
> -     bm_data = kzalloc(sizeof(struct binfmt_misc), GFP_KERNEL);
> -     if (!bm_data)
> -             return -ENOMEM;
> +             INIT_LIST_HEAD(&bm_data->entries);
> +             rwlock_init(&bm_data->entries_lock);
>  
> -     INIT_LIST_HEAD(&bm_data->entries);
> -     rwlock_init(&bm_data->entries_lock);
> +#ifdef CONFIG_VE
> +             ve->binfmt_misc = bm_data;
> +             /* this will be cleared by ve_destroy() */
> +#endif
> +     }
>  
>       err = simple_fill_super(sb, BINFMTFS_MAGIC, bm_files);
> -     if (err) {
> -             kfree(bm_data);
> +     if (err)
>               return err;
> -     }

I do not have vz8 three, so I'm sorry for dump question:
if we failed here, who will free bm_data and clean up ve->binfmt_misc?

Thank you,
        Vasily Averin
_______________________________________________
Devel mailing list
Devel@openvz.org
https://lists.openvz.org/mailman/listinfo/devel

Reply via email to