11da177e4SLinus Torvalds /* 21da177e4SLinus Torvalds * linux/fs/namespace.c 31da177e4SLinus Torvalds * 41da177e4SLinus Torvalds * (C) Copyright Al Viro 2000, 2001 51da177e4SLinus Torvalds * Released under GPL v2. 61da177e4SLinus Torvalds * 71da177e4SLinus Torvalds * Based on code from fs/super.c, copyright Linus Torvalds and others. 81da177e4SLinus Torvalds * Heavily rewritten. 91da177e4SLinus Torvalds */ 101da177e4SLinus Torvalds 111da177e4SLinus Torvalds #include <linux/syscalls.h> 121da177e4SLinus Torvalds #include <linux/slab.h> 131da177e4SLinus Torvalds #include <linux/sched.h> 141da177e4SLinus Torvalds #include <linux/smp_lock.h> 151da177e4SLinus Torvalds #include <linux/init.h> 1615a67dd8SRandy Dunlap #include <linux/kernel.h> 171da177e4SLinus Torvalds #include <linux/quotaops.h> 181da177e4SLinus Torvalds #include <linux/acct.h> 1916f7e0feSRandy Dunlap #include <linux/capability.h> 201da177e4SLinus Torvalds #include <linux/module.h> 21f20a9eadSAndrew Morton #include <linux/sysfs.h> 221da177e4SLinus Torvalds #include <linux/seq_file.h> 236b3286edSKirill Korotaev #include <linux/mnt_namespace.h> 241da177e4SLinus Torvalds #include <linux/namei.h> 251da177e4SLinus Torvalds #include <linux/security.h> 261da177e4SLinus Torvalds #include <linux/mount.h> 2707f3f05cSDavid Howells #include <linux/ramfs.h> 2813f14b4dSEric Dumazet #include <linux/log2.h> 291da177e4SLinus Torvalds #include <asm/uaccess.h> 301da177e4SLinus Torvalds #include <asm/unistd.h> 3107b20889SRam Pai #include "pnode.h" 32948730b0SAdrian Bunk #include "internal.h" 331da177e4SLinus Torvalds 3413f14b4dSEric Dumazet #define HASH_SHIFT ilog2(PAGE_SIZE / sizeof(struct list_head)) 3513f14b4dSEric Dumazet #define HASH_SIZE (1UL << HASH_SHIFT) 3613f14b4dSEric Dumazet 371da177e4SLinus Torvalds /* spinlock for vfsmount related operations, inplace of dcache_lock */ 381da177e4SLinus Torvalds __cacheline_aligned_in_smp DEFINE_SPINLOCK(vfsmount_lock); 391da177e4SLinus Torvalds 405addc5ddSAl Viro static int event; 415addc5ddSAl Viro 42fa3536ccSEric Dumazet static struct list_head *mount_hashtable __read_mostly; 43e18b890bSChristoph Lameter static struct kmem_cache *mnt_cache __read_mostly; 44390c6843SRam Pai static struct rw_semaphore namespace_sem; 451da177e4SLinus Torvalds 46f87fd4c2SMiklos Szeredi /* /sys/fs */ 4700d26666SGreg Kroah-Hartman struct kobject *fs_kobj; 4800d26666SGreg Kroah-Hartman EXPORT_SYMBOL_GPL(fs_kobj); 49f87fd4c2SMiklos Szeredi 501da177e4SLinus Torvalds static inline unsigned long hash(struct vfsmount *mnt, struct dentry *dentry) 511da177e4SLinus Torvalds { 521da177e4SLinus Torvalds unsigned long tmp = ((unsigned long)mnt / L1_CACHE_BYTES); 531da177e4SLinus Torvalds tmp += ((unsigned long)dentry / L1_CACHE_BYTES); 5413f14b4dSEric Dumazet tmp = tmp + (tmp >> HASH_SHIFT); 5513f14b4dSEric Dumazet return tmp & (HASH_SIZE - 1); 561da177e4SLinus Torvalds } 571da177e4SLinus Torvalds 581da177e4SLinus Torvalds struct vfsmount *alloc_vfsmnt(const char *name) 591da177e4SLinus Torvalds { 60c3762229SRobert P. J. Day struct vfsmount *mnt = kmem_cache_zalloc(mnt_cache, GFP_KERNEL); 611da177e4SLinus Torvalds if (mnt) { 621da177e4SLinus Torvalds atomic_set(&mnt->mnt_count, 1); 631da177e4SLinus Torvalds INIT_LIST_HEAD(&mnt->mnt_hash); 641da177e4SLinus Torvalds INIT_LIST_HEAD(&mnt->mnt_child); 651da177e4SLinus Torvalds INIT_LIST_HEAD(&mnt->mnt_mounts); 661da177e4SLinus Torvalds INIT_LIST_HEAD(&mnt->mnt_list); 6755e700b9SMiklos Szeredi INIT_LIST_HEAD(&mnt->mnt_expire); 6803e06e68SRam Pai INIT_LIST_HEAD(&mnt->mnt_share); 69a58b0eb8SRam Pai INIT_LIST_HEAD(&mnt->mnt_slave_list); 70a58b0eb8SRam Pai INIT_LIST_HEAD(&mnt->mnt_slave); 711da177e4SLinus Torvalds if (name) { 721da177e4SLinus Torvalds int size = strlen(name) + 1; 731da177e4SLinus Torvalds char *newname = kmalloc(size, GFP_KERNEL); 741da177e4SLinus Torvalds if (newname) { 751da177e4SLinus Torvalds memcpy(newname, name, size); 761da177e4SLinus Torvalds mnt->mnt_devname = newname; 771da177e4SLinus Torvalds } 781da177e4SLinus Torvalds } 791da177e4SLinus Torvalds } 801da177e4SLinus Torvalds return mnt; 811da177e4SLinus Torvalds } 821da177e4SLinus Torvalds 83454e2398SDavid Howells int simple_set_mnt(struct vfsmount *mnt, struct super_block *sb) 84454e2398SDavid Howells { 85454e2398SDavid Howells mnt->mnt_sb = sb; 86454e2398SDavid Howells mnt->mnt_root = dget(sb->s_root); 87454e2398SDavid Howells return 0; 88454e2398SDavid Howells } 89454e2398SDavid Howells 90454e2398SDavid Howells EXPORT_SYMBOL(simple_set_mnt); 91454e2398SDavid Howells 921da177e4SLinus Torvalds void free_vfsmnt(struct vfsmount *mnt) 931da177e4SLinus Torvalds { 941da177e4SLinus Torvalds kfree(mnt->mnt_devname); 951da177e4SLinus Torvalds kmem_cache_free(mnt_cache, mnt); 961da177e4SLinus Torvalds } 971da177e4SLinus Torvalds 981da177e4SLinus Torvalds /* 99a05964f3SRam Pai * find the first or last mount at @dentry on vfsmount @mnt depending on 100a05964f3SRam Pai * @dir. If @dir is set return the first mount else return the last mount. 1011da177e4SLinus Torvalds */ 102a05964f3SRam Pai struct vfsmount *__lookup_mnt(struct vfsmount *mnt, struct dentry *dentry, 103a05964f3SRam Pai int dir) 1041da177e4SLinus Torvalds { 1051da177e4SLinus Torvalds struct list_head *head = mount_hashtable + hash(mnt, dentry); 1061da177e4SLinus Torvalds struct list_head *tmp = head; 1071da177e4SLinus Torvalds struct vfsmount *p, *found = NULL; 1081da177e4SLinus Torvalds 1091da177e4SLinus Torvalds for (;;) { 110a05964f3SRam Pai tmp = dir ? tmp->next : tmp->prev; 1111da177e4SLinus Torvalds p = NULL; 1121da177e4SLinus Torvalds if (tmp == head) 1131da177e4SLinus Torvalds break; 1141da177e4SLinus Torvalds p = list_entry(tmp, struct vfsmount, mnt_hash); 1151da177e4SLinus Torvalds if (p->mnt_parent == mnt && p->mnt_mountpoint == dentry) { 116a05964f3SRam Pai found = p; 1171da177e4SLinus Torvalds break; 1181da177e4SLinus Torvalds } 1191da177e4SLinus Torvalds } 1201da177e4SLinus Torvalds return found; 1211da177e4SLinus Torvalds } 1221da177e4SLinus Torvalds 123a05964f3SRam Pai /* 124a05964f3SRam Pai * lookup_mnt increments the ref count before returning 125a05964f3SRam Pai * the vfsmount struct. 126a05964f3SRam Pai */ 127a05964f3SRam Pai struct vfsmount *lookup_mnt(struct vfsmount *mnt, struct dentry *dentry) 128a05964f3SRam Pai { 129a05964f3SRam Pai struct vfsmount *child_mnt; 130a05964f3SRam Pai spin_lock(&vfsmount_lock); 131a05964f3SRam Pai if ((child_mnt = __lookup_mnt(mnt, dentry, 1))) 132a05964f3SRam Pai mntget(child_mnt); 133a05964f3SRam Pai spin_unlock(&vfsmount_lock); 134a05964f3SRam Pai return child_mnt; 135a05964f3SRam Pai } 136a05964f3SRam Pai 1371da177e4SLinus Torvalds static inline int check_mnt(struct vfsmount *mnt) 1381da177e4SLinus Torvalds { 1396b3286edSKirill Korotaev return mnt->mnt_ns == current->nsproxy->mnt_ns; 1401da177e4SLinus Torvalds } 1411da177e4SLinus Torvalds 1426b3286edSKirill Korotaev static void touch_mnt_namespace(struct mnt_namespace *ns) 1435addc5ddSAl Viro { 1445addc5ddSAl Viro if (ns) { 1455addc5ddSAl Viro ns->event = ++event; 1465addc5ddSAl Viro wake_up_interruptible(&ns->poll); 1475addc5ddSAl Viro } 1485addc5ddSAl Viro } 1495addc5ddSAl Viro 1506b3286edSKirill Korotaev static void __touch_mnt_namespace(struct mnt_namespace *ns) 1515addc5ddSAl Viro { 1525addc5ddSAl Viro if (ns && ns->event != event) { 1535addc5ddSAl Viro ns->event = event; 1545addc5ddSAl Viro wake_up_interruptible(&ns->poll); 1555addc5ddSAl Viro } 1565addc5ddSAl Viro } 1575addc5ddSAl Viro 1581a390689SAl Viro static void detach_mnt(struct vfsmount *mnt, struct path *old_path) 1591da177e4SLinus Torvalds { 1601a390689SAl Viro old_path->dentry = mnt->mnt_mountpoint; 1611a390689SAl Viro old_path->mnt = mnt->mnt_parent; 1621da177e4SLinus Torvalds mnt->mnt_parent = mnt; 1631da177e4SLinus Torvalds mnt->mnt_mountpoint = mnt->mnt_root; 1641da177e4SLinus Torvalds list_del_init(&mnt->mnt_child); 1651da177e4SLinus Torvalds list_del_init(&mnt->mnt_hash); 1661a390689SAl Viro old_path->dentry->d_mounted--; 1671da177e4SLinus Torvalds } 1681da177e4SLinus Torvalds 169b90fa9aeSRam Pai void mnt_set_mountpoint(struct vfsmount *mnt, struct dentry *dentry, 170b90fa9aeSRam Pai struct vfsmount *child_mnt) 171b90fa9aeSRam Pai { 172b90fa9aeSRam Pai child_mnt->mnt_parent = mntget(mnt); 173b90fa9aeSRam Pai child_mnt->mnt_mountpoint = dget(dentry); 174b90fa9aeSRam Pai dentry->d_mounted++; 175b90fa9aeSRam Pai } 176b90fa9aeSRam Pai 1771a390689SAl Viro static void attach_mnt(struct vfsmount *mnt, struct path *path) 1781da177e4SLinus Torvalds { 1791a390689SAl Viro mnt_set_mountpoint(path->mnt, path->dentry, mnt); 180b90fa9aeSRam Pai list_add_tail(&mnt->mnt_hash, mount_hashtable + 1811a390689SAl Viro hash(path->mnt, path->dentry)); 1821a390689SAl Viro list_add_tail(&mnt->mnt_child, &path->mnt->mnt_mounts); 183b90fa9aeSRam Pai } 184b90fa9aeSRam Pai 185b90fa9aeSRam Pai /* 186b90fa9aeSRam Pai * the caller must hold vfsmount_lock 187b90fa9aeSRam Pai */ 188b90fa9aeSRam Pai static void commit_tree(struct vfsmount *mnt) 189b90fa9aeSRam Pai { 190b90fa9aeSRam Pai struct vfsmount *parent = mnt->mnt_parent; 191b90fa9aeSRam Pai struct vfsmount *m; 192b90fa9aeSRam Pai LIST_HEAD(head); 1936b3286edSKirill Korotaev struct mnt_namespace *n = parent->mnt_ns; 194b90fa9aeSRam Pai 195b90fa9aeSRam Pai BUG_ON(parent == mnt); 196b90fa9aeSRam Pai 197b90fa9aeSRam Pai list_add_tail(&head, &mnt->mnt_list); 198b90fa9aeSRam Pai list_for_each_entry(m, &head, mnt_list) 1996b3286edSKirill Korotaev m->mnt_ns = n; 200b90fa9aeSRam Pai list_splice(&head, n->list.prev); 201b90fa9aeSRam Pai 202b90fa9aeSRam Pai list_add_tail(&mnt->mnt_hash, mount_hashtable + 203b90fa9aeSRam Pai hash(parent, mnt->mnt_mountpoint)); 204b90fa9aeSRam Pai list_add_tail(&mnt->mnt_child, &parent->mnt_mounts); 2056b3286edSKirill Korotaev touch_mnt_namespace(n); 2061da177e4SLinus Torvalds } 2071da177e4SLinus Torvalds 2081da177e4SLinus Torvalds static struct vfsmount *next_mnt(struct vfsmount *p, struct vfsmount *root) 2091da177e4SLinus Torvalds { 2101da177e4SLinus Torvalds struct list_head *next = p->mnt_mounts.next; 2111da177e4SLinus Torvalds if (next == &p->mnt_mounts) { 2121da177e4SLinus Torvalds while (1) { 2131da177e4SLinus Torvalds if (p == root) 2141da177e4SLinus Torvalds return NULL; 2151da177e4SLinus Torvalds next = p->mnt_child.next; 2161da177e4SLinus Torvalds if (next != &p->mnt_parent->mnt_mounts) 2171da177e4SLinus Torvalds break; 2181da177e4SLinus Torvalds p = p->mnt_parent; 2191da177e4SLinus Torvalds } 2201da177e4SLinus Torvalds } 2211da177e4SLinus Torvalds return list_entry(next, struct vfsmount, mnt_child); 2221da177e4SLinus Torvalds } 2231da177e4SLinus Torvalds 2249676f0c6SRam Pai static struct vfsmount *skip_mnt_tree(struct vfsmount *p) 2259676f0c6SRam Pai { 2269676f0c6SRam Pai struct list_head *prev = p->mnt_mounts.prev; 2279676f0c6SRam Pai while (prev != &p->mnt_mounts) { 2289676f0c6SRam Pai p = list_entry(prev, struct vfsmount, mnt_child); 2299676f0c6SRam Pai prev = p->mnt_mounts.prev; 2309676f0c6SRam Pai } 2319676f0c6SRam Pai return p; 2329676f0c6SRam Pai } 2339676f0c6SRam Pai 23436341f64SRam Pai static struct vfsmount *clone_mnt(struct vfsmount *old, struct dentry *root, 23536341f64SRam Pai int flag) 2361da177e4SLinus Torvalds { 2371da177e4SLinus Torvalds struct super_block *sb = old->mnt_sb; 2381da177e4SLinus Torvalds struct vfsmount *mnt = alloc_vfsmnt(old->mnt_devname); 2391da177e4SLinus Torvalds 2401da177e4SLinus Torvalds if (mnt) { 2411da177e4SLinus Torvalds mnt->mnt_flags = old->mnt_flags; 2421da177e4SLinus Torvalds atomic_inc(&sb->s_active); 2431da177e4SLinus Torvalds mnt->mnt_sb = sb; 2441da177e4SLinus Torvalds mnt->mnt_root = dget(root); 2451da177e4SLinus Torvalds mnt->mnt_mountpoint = mnt->mnt_root; 2461da177e4SLinus Torvalds mnt->mnt_parent = mnt; 247b90fa9aeSRam Pai 2485afe0022SRam Pai if (flag & CL_SLAVE) { 2495afe0022SRam Pai list_add(&mnt->mnt_slave, &old->mnt_slave_list); 2505afe0022SRam Pai mnt->mnt_master = old; 2515afe0022SRam Pai CLEAR_MNT_SHARED(mnt); 2528aec0809SAl Viro } else if (!(flag & CL_PRIVATE)) { 253b90fa9aeSRam Pai if ((flag & CL_PROPAGATION) || IS_MNT_SHARED(old)) 254b90fa9aeSRam Pai list_add(&mnt->mnt_share, &old->mnt_share); 2555afe0022SRam Pai if (IS_MNT_SLAVE(old)) 2565afe0022SRam Pai list_add(&mnt->mnt_slave, &old->mnt_slave); 2575afe0022SRam Pai mnt->mnt_master = old->mnt_master; 2585afe0022SRam Pai } 259b90fa9aeSRam Pai if (flag & CL_MAKE_SHARED) 260b90fa9aeSRam Pai set_mnt_shared(mnt); 2611da177e4SLinus Torvalds 2621da177e4SLinus Torvalds /* stick the duplicate mount on the same expiry list 2631da177e4SLinus Torvalds * as the original if that was on one */ 26436341f64SRam Pai if (flag & CL_EXPIRE) { 2651da177e4SLinus Torvalds spin_lock(&vfsmount_lock); 26655e700b9SMiklos Szeredi if (!list_empty(&old->mnt_expire)) 26755e700b9SMiklos Szeredi list_add(&mnt->mnt_expire, &old->mnt_expire); 2681da177e4SLinus Torvalds spin_unlock(&vfsmount_lock); 2691da177e4SLinus Torvalds } 27036341f64SRam Pai } 2711da177e4SLinus Torvalds return mnt; 2721da177e4SLinus Torvalds } 2731da177e4SLinus Torvalds 2747b7b1aceSAl Viro static inline void __mntput(struct vfsmount *mnt) 2751da177e4SLinus Torvalds { 2761da177e4SLinus Torvalds struct super_block *sb = mnt->mnt_sb; 2771da177e4SLinus Torvalds dput(mnt->mnt_root); 2781da177e4SLinus Torvalds free_vfsmnt(mnt); 2791da177e4SLinus Torvalds deactivate_super(sb); 2801da177e4SLinus Torvalds } 2811da177e4SLinus Torvalds 2827b7b1aceSAl Viro void mntput_no_expire(struct vfsmount *mnt) 2837b7b1aceSAl Viro { 2847b7b1aceSAl Viro repeat: 2857b7b1aceSAl Viro if (atomic_dec_and_lock(&mnt->mnt_count, &vfsmount_lock)) { 2867b7b1aceSAl Viro if (likely(!mnt->mnt_pinned)) { 2877b7b1aceSAl Viro spin_unlock(&vfsmount_lock); 2887b7b1aceSAl Viro __mntput(mnt); 2897b7b1aceSAl Viro return; 2907b7b1aceSAl Viro } 2917b7b1aceSAl Viro atomic_add(mnt->mnt_pinned + 1, &mnt->mnt_count); 2927b7b1aceSAl Viro mnt->mnt_pinned = 0; 2937b7b1aceSAl Viro spin_unlock(&vfsmount_lock); 2947b7b1aceSAl Viro acct_auto_close_mnt(mnt); 2957b7b1aceSAl Viro security_sb_umount_close(mnt); 2967b7b1aceSAl Viro goto repeat; 2977b7b1aceSAl Viro } 2987b7b1aceSAl Viro } 2997b7b1aceSAl Viro 3007b7b1aceSAl Viro EXPORT_SYMBOL(mntput_no_expire); 3017b7b1aceSAl Viro 3027b7b1aceSAl Viro void mnt_pin(struct vfsmount *mnt) 3037b7b1aceSAl Viro { 3047b7b1aceSAl Viro spin_lock(&vfsmount_lock); 3057b7b1aceSAl Viro mnt->mnt_pinned++; 3067b7b1aceSAl Viro spin_unlock(&vfsmount_lock); 3077b7b1aceSAl Viro } 3087b7b1aceSAl Viro 3097b7b1aceSAl Viro EXPORT_SYMBOL(mnt_pin); 3107b7b1aceSAl Viro 3117b7b1aceSAl Viro void mnt_unpin(struct vfsmount *mnt) 3127b7b1aceSAl Viro { 3137b7b1aceSAl Viro spin_lock(&vfsmount_lock); 3147b7b1aceSAl Viro if (mnt->mnt_pinned) { 3157b7b1aceSAl Viro atomic_inc(&mnt->mnt_count); 3167b7b1aceSAl Viro mnt->mnt_pinned--; 3177b7b1aceSAl Viro } 3187b7b1aceSAl Viro spin_unlock(&vfsmount_lock); 3197b7b1aceSAl Viro } 3207b7b1aceSAl Viro 3217b7b1aceSAl Viro EXPORT_SYMBOL(mnt_unpin); 3221da177e4SLinus Torvalds 323b3b304a2SMiklos Szeredi static inline void mangle(struct seq_file *m, const char *s) 324b3b304a2SMiklos Szeredi { 325b3b304a2SMiklos Szeredi seq_escape(m, s, " \t\n\\"); 326b3b304a2SMiklos Szeredi } 327b3b304a2SMiklos Szeredi 328b3b304a2SMiklos Szeredi /* 329b3b304a2SMiklos Szeredi * Simple .show_options callback for filesystems which don't want to 330b3b304a2SMiklos Szeredi * implement more complex mount option showing. 331b3b304a2SMiklos Szeredi * 332b3b304a2SMiklos Szeredi * See also save_mount_options(). 333b3b304a2SMiklos Szeredi */ 334b3b304a2SMiklos Szeredi int generic_show_options(struct seq_file *m, struct vfsmount *mnt) 335b3b304a2SMiklos Szeredi { 336b3b304a2SMiklos Szeredi const char *options = mnt->mnt_sb->s_options; 337b3b304a2SMiklos Szeredi 338b3b304a2SMiklos Szeredi if (options != NULL && options[0]) { 339b3b304a2SMiklos Szeredi seq_putc(m, ','); 340b3b304a2SMiklos Szeredi mangle(m, options); 341b3b304a2SMiklos Szeredi } 342b3b304a2SMiklos Szeredi 343b3b304a2SMiklos Szeredi return 0; 344b3b304a2SMiklos Szeredi } 345b3b304a2SMiklos Szeredi EXPORT_SYMBOL(generic_show_options); 346b3b304a2SMiklos Szeredi 347b3b304a2SMiklos Szeredi /* 348b3b304a2SMiklos Szeredi * If filesystem uses generic_show_options(), this function should be 349b3b304a2SMiklos Szeredi * called from the fill_super() callback. 350b3b304a2SMiklos Szeredi * 351b3b304a2SMiklos Szeredi * The .remount_fs callback usually needs to be handled in a special 352b3b304a2SMiklos Szeredi * way, to make sure, that previous options are not overwritten if the 353b3b304a2SMiklos Szeredi * remount fails. 354b3b304a2SMiklos Szeredi * 355b3b304a2SMiklos Szeredi * Also note, that if the filesystem's .remount_fs function doesn't 356b3b304a2SMiklos Szeredi * reset all options to their default value, but changes only newly 357b3b304a2SMiklos Szeredi * given options, then the displayed options will not reflect reality 358b3b304a2SMiklos Szeredi * any more. 359b3b304a2SMiklos Szeredi */ 360b3b304a2SMiklos Szeredi void save_mount_options(struct super_block *sb, char *options) 361b3b304a2SMiklos Szeredi { 362b3b304a2SMiklos Szeredi kfree(sb->s_options); 363b3b304a2SMiklos Szeredi sb->s_options = kstrdup(options, GFP_KERNEL); 364b3b304a2SMiklos Szeredi } 365b3b304a2SMiklos Szeredi EXPORT_SYMBOL(save_mount_options); 366b3b304a2SMiklos Szeredi 3671da177e4SLinus Torvalds /* iterator */ 3681da177e4SLinus Torvalds static void *m_start(struct seq_file *m, loff_t *pos) 3691da177e4SLinus Torvalds { 3706b3286edSKirill Korotaev struct mnt_namespace *n = m->private; 3711da177e4SLinus Torvalds 372390c6843SRam Pai down_read(&namespace_sem); 373b0765fb8SPavel Emelianov return seq_list_start(&n->list, *pos); 3741da177e4SLinus Torvalds } 3751da177e4SLinus Torvalds 3761da177e4SLinus Torvalds static void *m_next(struct seq_file *m, void *v, loff_t *pos) 3771da177e4SLinus Torvalds { 3786b3286edSKirill Korotaev struct mnt_namespace *n = m->private; 379b0765fb8SPavel Emelianov 380b0765fb8SPavel Emelianov return seq_list_next(v, &n->list, pos); 3811da177e4SLinus Torvalds } 3821da177e4SLinus Torvalds 3831da177e4SLinus Torvalds static void m_stop(struct seq_file *m, void *v) 3841da177e4SLinus Torvalds { 385390c6843SRam Pai up_read(&namespace_sem); 3861da177e4SLinus Torvalds } 3871da177e4SLinus Torvalds 3881da177e4SLinus Torvalds static int show_vfsmnt(struct seq_file *m, void *v) 3891da177e4SLinus Torvalds { 390b0765fb8SPavel Emelianov struct vfsmount *mnt = list_entry(v, struct vfsmount, mnt_list); 3911da177e4SLinus Torvalds int err = 0; 3921da177e4SLinus Torvalds static struct proc_fs_info { 3931da177e4SLinus Torvalds int flag; 3941da177e4SLinus Torvalds char *str; 3951da177e4SLinus Torvalds } fs_info[] = { 3961da177e4SLinus Torvalds { MS_SYNCHRONOUS, ",sync" }, 3971da177e4SLinus Torvalds { MS_DIRSYNC, ",dirsync" }, 3981da177e4SLinus Torvalds { MS_MANDLOCK, ",mand" }, 3991da177e4SLinus Torvalds { 0, NULL } 4001da177e4SLinus Torvalds }; 4011da177e4SLinus Torvalds static struct proc_fs_info mnt_info[] = { 4021da177e4SLinus Torvalds { MNT_NOSUID, ",nosuid" }, 4031da177e4SLinus Torvalds { MNT_NODEV, ",nodev" }, 4041da177e4SLinus Torvalds { MNT_NOEXEC, ",noexec" }, 405fc33a7bbSChristoph Hellwig { MNT_NOATIME, ",noatime" }, 406fc33a7bbSChristoph Hellwig { MNT_NODIRATIME, ",nodiratime" }, 40747ae32d6SValerie Henson { MNT_RELATIME, ",relatime" }, 4081da177e4SLinus Torvalds { 0, NULL } 4091da177e4SLinus Torvalds }; 4101da177e4SLinus Torvalds struct proc_fs_info *fs_infop; 411c32c2f63SJan Blunck struct path mnt_path = { .dentry = mnt->mnt_root, .mnt = mnt }; 4121da177e4SLinus Torvalds 4131da177e4SLinus Torvalds mangle(m, mnt->mnt_devname ? mnt->mnt_devname : "none"); 4141da177e4SLinus Torvalds seq_putc(m, ' '); 415c32c2f63SJan Blunck seq_path(m, &mnt_path, " \t\n\\"); 4161da177e4SLinus Torvalds seq_putc(m, ' '); 4171da177e4SLinus Torvalds mangle(m, mnt->mnt_sb->s_type->name); 41879c0b2dfSMiklos Szeredi if (mnt->mnt_sb->s_subtype && mnt->mnt_sb->s_subtype[0]) { 41979c0b2dfSMiklos Szeredi seq_putc(m, '.'); 42079c0b2dfSMiklos Szeredi mangle(m, mnt->mnt_sb->s_subtype); 42179c0b2dfSMiklos Szeredi } 4221da177e4SLinus Torvalds seq_puts(m, mnt->mnt_sb->s_flags & MS_RDONLY ? " ro" : " rw"); 4231da177e4SLinus Torvalds for (fs_infop = fs_info; fs_infop->flag; fs_infop++) { 4241da177e4SLinus Torvalds if (mnt->mnt_sb->s_flags & fs_infop->flag) 4251da177e4SLinus Torvalds seq_puts(m, fs_infop->str); 4261da177e4SLinus Torvalds } 4271da177e4SLinus Torvalds for (fs_infop = mnt_info; fs_infop->flag; fs_infop++) { 4281da177e4SLinus Torvalds if (mnt->mnt_flags & fs_infop->flag) 4291da177e4SLinus Torvalds seq_puts(m, fs_infop->str); 4301da177e4SLinus Torvalds } 4311da177e4SLinus Torvalds if (mnt->mnt_sb->s_op->show_options) 4321da177e4SLinus Torvalds err = mnt->mnt_sb->s_op->show_options(m, mnt); 4331da177e4SLinus Torvalds seq_puts(m, " 0 0\n"); 4341da177e4SLinus Torvalds return err; 4351da177e4SLinus Torvalds } 4361da177e4SLinus Torvalds 4371da177e4SLinus Torvalds struct seq_operations mounts_op = { 4381da177e4SLinus Torvalds .start = m_start, 4391da177e4SLinus Torvalds .next = m_next, 4401da177e4SLinus Torvalds .stop = m_stop, 4411da177e4SLinus Torvalds .show = show_vfsmnt 4421da177e4SLinus Torvalds }; 4431da177e4SLinus Torvalds 444b4629fe2SChuck Lever static int show_vfsstat(struct seq_file *m, void *v) 445b4629fe2SChuck Lever { 446b0765fb8SPavel Emelianov struct vfsmount *mnt = list_entry(v, struct vfsmount, mnt_list); 447c32c2f63SJan Blunck struct path mnt_path = { .dentry = mnt->mnt_root, .mnt = mnt }; 448b4629fe2SChuck Lever int err = 0; 449b4629fe2SChuck Lever 450b4629fe2SChuck Lever /* device */ 451b4629fe2SChuck Lever if (mnt->mnt_devname) { 452b4629fe2SChuck Lever seq_puts(m, "device "); 453b4629fe2SChuck Lever mangle(m, mnt->mnt_devname); 454b4629fe2SChuck Lever } else 455b4629fe2SChuck Lever seq_puts(m, "no device"); 456b4629fe2SChuck Lever 457b4629fe2SChuck Lever /* mount point */ 458b4629fe2SChuck Lever seq_puts(m, " mounted on "); 459c32c2f63SJan Blunck seq_path(m, &mnt_path, " \t\n\\"); 460b4629fe2SChuck Lever seq_putc(m, ' '); 461b4629fe2SChuck Lever 462b4629fe2SChuck Lever /* file system type */ 463b4629fe2SChuck Lever seq_puts(m, "with fstype "); 464b4629fe2SChuck Lever mangle(m, mnt->mnt_sb->s_type->name); 465b4629fe2SChuck Lever 466b4629fe2SChuck Lever /* optional statistics */ 467b4629fe2SChuck Lever if (mnt->mnt_sb->s_op->show_stats) { 468b4629fe2SChuck Lever seq_putc(m, ' '); 469b4629fe2SChuck Lever err = mnt->mnt_sb->s_op->show_stats(m, mnt); 470b4629fe2SChuck Lever } 471b4629fe2SChuck Lever 472b4629fe2SChuck Lever seq_putc(m, '\n'); 473b4629fe2SChuck Lever return err; 474b4629fe2SChuck Lever } 475b4629fe2SChuck Lever 476b4629fe2SChuck Lever struct seq_operations mountstats_op = { 477b4629fe2SChuck Lever .start = m_start, 478b4629fe2SChuck Lever .next = m_next, 479b4629fe2SChuck Lever .stop = m_stop, 480b4629fe2SChuck Lever .show = show_vfsstat, 481b4629fe2SChuck Lever }; 482b4629fe2SChuck Lever 4831da177e4SLinus Torvalds /** 4841da177e4SLinus Torvalds * may_umount_tree - check if a mount tree is busy 4851da177e4SLinus Torvalds * @mnt: root of mount tree 4861da177e4SLinus Torvalds * 4871da177e4SLinus Torvalds * This is called to check if a tree of mounts has any 4881da177e4SLinus Torvalds * open files, pwds, chroots or sub mounts that are 4891da177e4SLinus Torvalds * busy. 4901da177e4SLinus Torvalds */ 4911da177e4SLinus Torvalds int may_umount_tree(struct vfsmount *mnt) 4921da177e4SLinus Torvalds { 49336341f64SRam Pai int actual_refs = 0; 49436341f64SRam Pai int minimum_refs = 0; 49536341f64SRam Pai struct vfsmount *p; 4961da177e4SLinus Torvalds 4971da177e4SLinus Torvalds spin_lock(&vfsmount_lock); 49836341f64SRam Pai for (p = mnt; p; p = next_mnt(p, mnt)) { 4991da177e4SLinus Torvalds actual_refs += atomic_read(&p->mnt_count); 5001da177e4SLinus Torvalds minimum_refs += 2; 5011da177e4SLinus Torvalds } 5021da177e4SLinus Torvalds spin_unlock(&vfsmount_lock); 5031da177e4SLinus Torvalds 5041da177e4SLinus Torvalds if (actual_refs > minimum_refs) 5051da177e4SLinus Torvalds return 0; 506e3474a8eSIan Kent 507e3474a8eSIan Kent return 1; 5081da177e4SLinus Torvalds } 5091da177e4SLinus Torvalds 5101da177e4SLinus Torvalds EXPORT_SYMBOL(may_umount_tree); 5111da177e4SLinus Torvalds 5121da177e4SLinus Torvalds /** 5131da177e4SLinus Torvalds * may_umount - check if a mount point is busy 5141da177e4SLinus Torvalds * @mnt: root of mount 5151da177e4SLinus Torvalds * 5161da177e4SLinus Torvalds * This is called to check if a mount point has any 5171da177e4SLinus Torvalds * open files, pwds, chroots or sub mounts. If the 5181da177e4SLinus Torvalds * mount has sub mounts this will return busy 5191da177e4SLinus Torvalds * regardless of whether the sub mounts are busy. 5201da177e4SLinus Torvalds * 5211da177e4SLinus Torvalds * Doesn't take quota and stuff into account. IOW, in some cases it will 5221da177e4SLinus Torvalds * give false negatives. The main reason why it's here is that we need 5231da177e4SLinus Torvalds * a non-destructive way to look for easily umountable filesystems. 5241da177e4SLinus Torvalds */ 5251da177e4SLinus Torvalds int may_umount(struct vfsmount *mnt) 5261da177e4SLinus Torvalds { 527e3474a8eSIan Kent int ret = 1; 528a05964f3SRam Pai spin_lock(&vfsmount_lock); 529a05964f3SRam Pai if (propagate_mount_busy(mnt, 2)) 530e3474a8eSIan Kent ret = 0; 531a05964f3SRam Pai spin_unlock(&vfsmount_lock); 532a05964f3SRam Pai return ret; 5331da177e4SLinus Torvalds } 5341da177e4SLinus Torvalds 5351da177e4SLinus Torvalds EXPORT_SYMBOL(may_umount); 5361da177e4SLinus Torvalds 537b90fa9aeSRam Pai void release_mounts(struct list_head *head) 5381da177e4SLinus Torvalds { 53970fbcdf4SRam Pai struct vfsmount *mnt; 54070fbcdf4SRam Pai while (!list_empty(head)) { 541b5e61818SPavel Emelianov mnt = list_first_entry(head, struct vfsmount, mnt_hash); 54270fbcdf4SRam Pai list_del_init(&mnt->mnt_hash); 54370fbcdf4SRam Pai if (mnt->mnt_parent != mnt) { 54470fbcdf4SRam Pai struct dentry *dentry; 54570fbcdf4SRam Pai struct vfsmount *m; 54670fbcdf4SRam Pai spin_lock(&vfsmount_lock); 54770fbcdf4SRam Pai dentry = mnt->mnt_mountpoint; 54870fbcdf4SRam Pai m = mnt->mnt_parent; 54970fbcdf4SRam Pai mnt->mnt_mountpoint = mnt->mnt_root; 55070fbcdf4SRam Pai mnt->mnt_parent = mnt; 5517c4b93d8SAl Viro m->mnt_ghosts--; 5521da177e4SLinus Torvalds spin_unlock(&vfsmount_lock); 55370fbcdf4SRam Pai dput(dentry); 55470fbcdf4SRam Pai mntput(m); 5551da177e4SLinus Torvalds } 5561da177e4SLinus Torvalds mntput(mnt); 55770fbcdf4SRam Pai } 55870fbcdf4SRam Pai } 55970fbcdf4SRam Pai 560a05964f3SRam Pai void umount_tree(struct vfsmount *mnt, int propagate, struct list_head *kill) 56170fbcdf4SRam Pai { 56270fbcdf4SRam Pai struct vfsmount *p; 56370fbcdf4SRam Pai 5641bfba4e8SAkinobu Mita for (p = mnt; p; p = next_mnt(p, mnt)) 5651bfba4e8SAkinobu Mita list_move(&p->mnt_hash, kill); 56670fbcdf4SRam Pai 567a05964f3SRam Pai if (propagate) 568a05964f3SRam Pai propagate_umount(kill); 569a05964f3SRam Pai 57070fbcdf4SRam Pai list_for_each_entry(p, kill, mnt_hash) { 57170fbcdf4SRam Pai list_del_init(&p->mnt_expire); 57270fbcdf4SRam Pai list_del_init(&p->mnt_list); 5736b3286edSKirill Korotaev __touch_mnt_namespace(p->mnt_ns); 5746b3286edSKirill Korotaev p->mnt_ns = NULL; 57570fbcdf4SRam Pai list_del_init(&p->mnt_child); 5767c4b93d8SAl Viro if (p->mnt_parent != p) { 5777c4b93d8SAl Viro p->mnt_parent->mnt_ghosts++; 578f30ac319SAl Viro p->mnt_mountpoint->d_mounted--; 5797c4b93d8SAl Viro } 580a05964f3SRam Pai change_mnt_propagation(p, MS_PRIVATE); 5811da177e4SLinus Torvalds } 5821da177e4SLinus Torvalds } 5831da177e4SLinus Torvalds 5841da177e4SLinus Torvalds static int do_umount(struct vfsmount *mnt, int flags) 5851da177e4SLinus Torvalds { 5861da177e4SLinus Torvalds struct super_block *sb = mnt->mnt_sb; 5871da177e4SLinus Torvalds int retval; 58870fbcdf4SRam Pai LIST_HEAD(umount_list); 5891da177e4SLinus Torvalds 5901da177e4SLinus Torvalds retval = security_sb_umount(mnt, flags); 5911da177e4SLinus Torvalds if (retval) 5921da177e4SLinus Torvalds return retval; 5931da177e4SLinus Torvalds 5941da177e4SLinus Torvalds /* 5951da177e4SLinus Torvalds * Allow userspace to request a mountpoint be expired rather than 5961da177e4SLinus Torvalds * unmounting unconditionally. Unmount only happens if: 5971da177e4SLinus Torvalds * (1) the mark is already set (the mark is cleared by mntput()) 5981da177e4SLinus Torvalds * (2) the usage count == 1 [parent vfsmount] + 1 [sys_umount] 5991da177e4SLinus Torvalds */ 6001da177e4SLinus Torvalds if (flags & MNT_EXPIRE) { 6016ac08c39SJan Blunck if (mnt == current->fs->root.mnt || 6021da177e4SLinus Torvalds flags & (MNT_FORCE | MNT_DETACH)) 6031da177e4SLinus Torvalds return -EINVAL; 6041da177e4SLinus Torvalds 6051da177e4SLinus Torvalds if (atomic_read(&mnt->mnt_count) != 2) 6061da177e4SLinus Torvalds return -EBUSY; 6071da177e4SLinus Torvalds 6081da177e4SLinus Torvalds if (!xchg(&mnt->mnt_expiry_mark, 1)) 6091da177e4SLinus Torvalds return -EAGAIN; 6101da177e4SLinus Torvalds } 6111da177e4SLinus Torvalds 6121da177e4SLinus Torvalds /* 6131da177e4SLinus Torvalds * If we may have to abort operations to get out of this 6141da177e4SLinus Torvalds * mount, and they will themselves hold resources we must 6151da177e4SLinus Torvalds * allow the fs to do things. In the Unix tradition of 6161da177e4SLinus Torvalds * 'Gee thats tricky lets do it in userspace' the umount_begin 6171da177e4SLinus Torvalds * might fail to complete on the first run through as other tasks 6181da177e4SLinus Torvalds * must return, and the like. Thats for the mount program to worry 6191da177e4SLinus Torvalds * about for the moment. 6201da177e4SLinus Torvalds */ 6211da177e4SLinus Torvalds 6221da177e4SLinus Torvalds lock_kernel(); 6238b512d9aSTrond Myklebust if (sb->s_op->umount_begin) 6248b512d9aSTrond Myklebust sb->s_op->umount_begin(mnt, flags); 6251da177e4SLinus Torvalds unlock_kernel(); 6261da177e4SLinus Torvalds 6271da177e4SLinus Torvalds /* 6281da177e4SLinus Torvalds * No sense to grab the lock for this test, but test itself looks 6291da177e4SLinus Torvalds * somewhat bogus. Suggestions for better replacement? 6301da177e4SLinus Torvalds * Ho-hum... In principle, we might treat that as umount + switch 6311da177e4SLinus Torvalds * to rootfs. GC would eventually take care of the old vfsmount. 6321da177e4SLinus Torvalds * Actually it makes sense, especially if rootfs would contain a 6331da177e4SLinus Torvalds * /reboot - static binary that would close all descriptors and 6341da177e4SLinus Torvalds * call reboot(9). Then init(8) could umount root and exec /reboot. 6351da177e4SLinus Torvalds */ 6366ac08c39SJan Blunck if (mnt == current->fs->root.mnt && !(flags & MNT_DETACH)) { 6371da177e4SLinus Torvalds /* 6381da177e4SLinus Torvalds * Special case for "unmounting" root ... 6391da177e4SLinus Torvalds * we just try to remount it readonly. 6401da177e4SLinus Torvalds */ 6411da177e4SLinus Torvalds down_write(&sb->s_umount); 6421da177e4SLinus Torvalds if (!(sb->s_flags & MS_RDONLY)) { 6431da177e4SLinus Torvalds lock_kernel(); 6441da177e4SLinus Torvalds DQUOT_OFF(sb); 6451da177e4SLinus Torvalds retval = do_remount_sb(sb, MS_RDONLY, NULL, 0); 6461da177e4SLinus Torvalds unlock_kernel(); 6471da177e4SLinus Torvalds } 6481da177e4SLinus Torvalds up_write(&sb->s_umount); 6491da177e4SLinus Torvalds return retval; 6501da177e4SLinus Torvalds } 6511da177e4SLinus Torvalds 652390c6843SRam Pai down_write(&namespace_sem); 6531da177e4SLinus Torvalds spin_lock(&vfsmount_lock); 6545addc5ddSAl Viro event++; 6551da177e4SLinus Torvalds 6561da177e4SLinus Torvalds retval = -EBUSY; 657a05964f3SRam Pai if (flags & MNT_DETACH || !propagate_mount_busy(mnt, 2)) { 6581da177e4SLinus Torvalds if (!list_empty(&mnt->mnt_list)) 659a05964f3SRam Pai umount_tree(mnt, 1, &umount_list); 6601da177e4SLinus Torvalds retval = 0; 6611da177e4SLinus Torvalds } 6621da177e4SLinus Torvalds spin_unlock(&vfsmount_lock); 6631da177e4SLinus Torvalds if (retval) 6641da177e4SLinus Torvalds security_sb_umount_busy(mnt); 665390c6843SRam Pai up_write(&namespace_sem); 66670fbcdf4SRam Pai release_mounts(&umount_list); 6671da177e4SLinus Torvalds return retval; 6681da177e4SLinus Torvalds } 6691da177e4SLinus Torvalds 6701da177e4SLinus Torvalds /* 6711da177e4SLinus Torvalds * Now umount can handle mount points as well as block devices. 6721da177e4SLinus Torvalds * This is important for filesystems which use unnamed block devices. 6731da177e4SLinus Torvalds * 6741da177e4SLinus Torvalds * We now support a flag for forced unmount like the other 'big iron' 6751da177e4SLinus Torvalds * unixes. Our API is identical to OSF/1 to avoid making a mess of AMD 6761da177e4SLinus Torvalds */ 6771da177e4SLinus Torvalds 6781da177e4SLinus Torvalds asmlinkage long sys_umount(char __user * name, int flags) 6791da177e4SLinus Torvalds { 6801da177e4SLinus Torvalds struct nameidata nd; 6811da177e4SLinus Torvalds int retval; 6821da177e4SLinus Torvalds 6831da177e4SLinus Torvalds retval = __user_walk(name, LOOKUP_FOLLOW, &nd); 6841da177e4SLinus Torvalds if (retval) 6851da177e4SLinus Torvalds goto out; 6861da177e4SLinus Torvalds retval = -EINVAL; 6874ac91378SJan Blunck if (nd.path.dentry != nd.path.mnt->mnt_root) 6881da177e4SLinus Torvalds goto dput_and_out; 6894ac91378SJan Blunck if (!check_mnt(nd.path.mnt)) 6901da177e4SLinus Torvalds goto dput_and_out; 6911da177e4SLinus Torvalds 6921da177e4SLinus Torvalds retval = -EPERM; 6931da177e4SLinus Torvalds if (!capable(CAP_SYS_ADMIN)) 6941da177e4SLinus Torvalds goto dput_and_out; 6951da177e4SLinus Torvalds 6964ac91378SJan Blunck retval = do_umount(nd.path.mnt, flags); 6971da177e4SLinus Torvalds dput_and_out: 698429731b1SJan Blunck /* we mustn't call path_put() as that would clear mnt_expiry_mark */ 6994ac91378SJan Blunck dput(nd.path.dentry); 7004ac91378SJan Blunck mntput_no_expire(nd.path.mnt); 7011da177e4SLinus Torvalds out: 7021da177e4SLinus Torvalds return retval; 7031da177e4SLinus Torvalds } 7041da177e4SLinus Torvalds 7051da177e4SLinus Torvalds #ifdef __ARCH_WANT_SYS_OLDUMOUNT 7061da177e4SLinus Torvalds 7071da177e4SLinus Torvalds /* 7081da177e4SLinus Torvalds * The 2.0 compatible umount. No flags. 7091da177e4SLinus Torvalds */ 7101da177e4SLinus Torvalds asmlinkage long sys_oldumount(char __user * name) 7111da177e4SLinus Torvalds { 7121da177e4SLinus Torvalds return sys_umount(name, 0); 7131da177e4SLinus Torvalds } 7141da177e4SLinus Torvalds 7151da177e4SLinus Torvalds #endif 7161da177e4SLinus Torvalds 7171da177e4SLinus Torvalds static int mount_is_safe(struct nameidata *nd) 7181da177e4SLinus Torvalds { 7191da177e4SLinus Torvalds if (capable(CAP_SYS_ADMIN)) 7201da177e4SLinus Torvalds return 0; 7211da177e4SLinus Torvalds return -EPERM; 7221da177e4SLinus Torvalds #ifdef notyet 7234ac91378SJan Blunck if (S_ISLNK(nd->path.dentry->d_inode->i_mode)) 7241da177e4SLinus Torvalds return -EPERM; 7254ac91378SJan Blunck if (nd->path.dentry->d_inode->i_mode & S_ISVTX) { 7264ac91378SJan Blunck if (current->uid != nd->path.dentry->d_inode->i_uid) 7271da177e4SLinus Torvalds return -EPERM; 7281da177e4SLinus Torvalds } 729e4543eddSChristoph Hellwig if (vfs_permission(nd, MAY_WRITE)) 7301da177e4SLinus Torvalds return -EPERM; 7311da177e4SLinus Torvalds return 0; 7321da177e4SLinus Torvalds #endif 7331da177e4SLinus Torvalds } 7341da177e4SLinus Torvalds 735b58fed8bSRam Pai static int lives_below_in_same_fs(struct dentry *d, struct dentry *dentry) 7361da177e4SLinus Torvalds { 7371da177e4SLinus Torvalds while (1) { 7381da177e4SLinus Torvalds if (d == dentry) 7391da177e4SLinus Torvalds return 1; 7401da177e4SLinus Torvalds if (d == NULL || d == d->d_parent) 7411da177e4SLinus Torvalds return 0; 7421da177e4SLinus Torvalds d = d->d_parent; 7431da177e4SLinus Torvalds } 7441da177e4SLinus Torvalds } 7451da177e4SLinus Torvalds 746b90fa9aeSRam Pai struct vfsmount *copy_tree(struct vfsmount *mnt, struct dentry *dentry, 74736341f64SRam Pai int flag) 7481da177e4SLinus Torvalds { 7491da177e4SLinus Torvalds struct vfsmount *res, *p, *q, *r, *s; 7501a390689SAl Viro struct path path; 7511da177e4SLinus Torvalds 7529676f0c6SRam Pai if (!(flag & CL_COPY_ALL) && IS_MNT_UNBINDABLE(mnt)) 7539676f0c6SRam Pai return NULL; 7549676f0c6SRam Pai 75536341f64SRam Pai res = q = clone_mnt(mnt, dentry, flag); 7561da177e4SLinus Torvalds if (!q) 7571da177e4SLinus Torvalds goto Enomem; 7581da177e4SLinus Torvalds q->mnt_mountpoint = mnt->mnt_mountpoint; 7591da177e4SLinus Torvalds 7601da177e4SLinus Torvalds p = mnt; 761fdadd65fSDomen Puncer list_for_each_entry(r, &mnt->mnt_mounts, mnt_child) { 7621da177e4SLinus Torvalds if (!lives_below_in_same_fs(r->mnt_mountpoint, dentry)) 7631da177e4SLinus Torvalds continue; 7641da177e4SLinus Torvalds 7651da177e4SLinus Torvalds for (s = r; s; s = next_mnt(s, r)) { 7669676f0c6SRam Pai if (!(flag & CL_COPY_ALL) && IS_MNT_UNBINDABLE(s)) { 7679676f0c6SRam Pai s = skip_mnt_tree(s); 7689676f0c6SRam Pai continue; 7699676f0c6SRam Pai } 7701da177e4SLinus Torvalds while (p != s->mnt_parent) { 7711da177e4SLinus Torvalds p = p->mnt_parent; 7721da177e4SLinus Torvalds q = q->mnt_parent; 7731da177e4SLinus Torvalds } 7741da177e4SLinus Torvalds p = s; 7751a390689SAl Viro path.mnt = q; 7761a390689SAl Viro path.dentry = p->mnt_mountpoint; 77736341f64SRam Pai q = clone_mnt(p, p->mnt_root, flag); 7781da177e4SLinus Torvalds if (!q) 7791da177e4SLinus Torvalds goto Enomem; 7801da177e4SLinus Torvalds spin_lock(&vfsmount_lock); 7811da177e4SLinus Torvalds list_add_tail(&q->mnt_list, &res->mnt_list); 7821a390689SAl Viro attach_mnt(q, &path); 7831da177e4SLinus Torvalds spin_unlock(&vfsmount_lock); 7841da177e4SLinus Torvalds } 7851da177e4SLinus Torvalds } 7861da177e4SLinus Torvalds return res; 7871da177e4SLinus Torvalds Enomem: 7881da177e4SLinus Torvalds if (res) { 78970fbcdf4SRam Pai LIST_HEAD(umount_list); 7901da177e4SLinus Torvalds spin_lock(&vfsmount_lock); 791a05964f3SRam Pai umount_tree(res, 0, &umount_list); 7921da177e4SLinus Torvalds spin_unlock(&vfsmount_lock); 79370fbcdf4SRam Pai release_mounts(&umount_list); 7941da177e4SLinus Torvalds } 7951da177e4SLinus Torvalds return NULL; 7961da177e4SLinus Torvalds } 7971da177e4SLinus Torvalds 7988aec0809SAl Viro struct vfsmount *collect_mounts(struct vfsmount *mnt, struct dentry *dentry) 7998aec0809SAl Viro { 8008aec0809SAl Viro struct vfsmount *tree; 8018aec0809SAl Viro down_read(&namespace_sem); 8028aec0809SAl Viro tree = copy_tree(mnt, dentry, CL_COPY_ALL | CL_PRIVATE); 8038aec0809SAl Viro up_read(&namespace_sem); 8048aec0809SAl Viro return tree; 8058aec0809SAl Viro } 8068aec0809SAl Viro 8078aec0809SAl Viro void drop_collected_mounts(struct vfsmount *mnt) 8088aec0809SAl Viro { 8098aec0809SAl Viro LIST_HEAD(umount_list); 8108aec0809SAl Viro down_read(&namespace_sem); 8118aec0809SAl Viro spin_lock(&vfsmount_lock); 8128aec0809SAl Viro umount_tree(mnt, 0, &umount_list); 8138aec0809SAl Viro spin_unlock(&vfsmount_lock); 8148aec0809SAl Viro up_read(&namespace_sem); 8158aec0809SAl Viro release_mounts(&umount_list); 8168aec0809SAl Viro } 8178aec0809SAl Viro 818b90fa9aeSRam Pai /* 819b90fa9aeSRam Pai * @source_mnt : mount tree to be attached 820b90fa9aeSRam Pai * @nd : place the mount tree @source_mnt is attached 82121444403SRam Pai * @parent_nd : if non-null, detach the source_mnt from its parent and 82221444403SRam Pai * store the parent mount and mountpoint dentry. 82321444403SRam Pai * (done when source_mnt is moved) 824b90fa9aeSRam Pai * 825b90fa9aeSRam Pai * NOTE: in the table below explains the semantics when a source mount 826b90fa9aeSRam Pai * of a given type is attached to a destination mount of a given type. 8279676f0c6SRam Pai * --------------------------------------------------------------------------- 828b90fa9aeSRam Pai * | BIND MOUNT OPERATION | 8299676f0c6SRam Pai * |************************************************************************** 8309676f0c6SRam Pai * | source-->| shared | private | slave | unbindable | 8319676f0c6SRam Pai * | dest | | | | | 8329676f0c6SRam Pai * | | | | | | | 8339676f0c6SRam Pai * | v | | | | | 8349676f0c6SRam Pai * |************************************************************************** 8359676f0c6SRam Pai * | shared | shared (++) | shared (+) | shared(+++)| invalid | 8365afe0022SRam Pai * | | | | | | 8379676f0c6SRam Pai * |non-shared| shared (+) | private | slave (*) | invalid | 8389676f0c6SRam Pai * *************************************************************************** 839b90fa9aeSRam Pai * A bind operation clones the source mount and mounts the clone on the 840b90fa9aeSRam Pai * destination mount. 841b90fa9aeSRam Pai * 842b90fa9aeSRam Pai * (++) the cloned mount is propagated to all the mounts in the propagation 843b90fa9aeSRam Pai * tree of the destination mount and the cloned mount is added to 844b90fa9aeSRam Pai * the peer group of the source mount. 845b90fa9aeSRam Pai * (+) the cloned mount is created under the destination mount and is marked 846b90fa9aeSRam Pai * as shared. The cloned mount is added to the peer group of the source 847b90fa9aeSRam Pai * mount. 8485afe0022SRam Pai * (+++) the mount is propagated to all the mounts in the propagation tree 8495afe0022SRam Pai * of the destination mount and the cloned mount is made slave 8505afe0022SRam Pai * of the same master as that of the source mount. The cloned mount 8515afe0022SRam Pai * is marked as 'shared and slave'. 8525afe0022SRam Pai * (*) the cloned mount is made a slave of the same master as that of the 8535afe0022SRam Pai * source mount. 8545afe0022SRam Pai * 8559676f0c6SRam Pai * --------------------------------------------------------------------------- 85621444403SRam Pai * | MOVE MOUNT OPERATION | 8579676f0c6SRam Pai * |************************************************************************** 8589676f0c6SRam Pai * | source-->| shared | private | slave | unbindable | 8599676f0c6SRam Pai * | dest | | | | | 8609676f0c6SRam Pai * | | | | | | | 8619676f0c6SRam Pai * | v | | | | | 8629676f0c6SRam Pai * |************************************************************************** 8639676f0c6SRam Pai * | shared | shared (+) | shared (+) | shared(+++) | invalid | 8645afe0022SRam Pai * | | | | | | 8659676f0c6SRam Pai * |non-shared| shared (+*) | private | slave (*) | unbindable | 8669676f0c6SRam Pai * *************************************************************************** 8675afe0022SRam Pai * 8685afe0022SRam Pai * (+) the mount is moved to the destination. And is then propagated to 8695afe0022SRam Pai * all the mounts in the propagation tree of the destination mount. 87021444403SRam Pai * (+*) the mount is moved to the destination. 8715afe0022SRam Pai * (+++) the mount is moved to the destination and is then propagated to 8725afe0022SRam Pai * all the mounts belonging to the destination mount's propagation tree. 8735afe0022SRam Pai * the mount is marked as 'shared and slave'. 8745afe0022SRam Pai * (*) the mount continues to be a slave at the new location. 875b90fa9aeSRam Pai * 876b90fa9aeSRam Pai * if the source mount is a tree, the operations explained above is 877b90fa9aeSRam Pai * applied to each mount in the tree. 878b90fa9aeSRam Pai * Must be called without spinlocks held, since this function can sleep 879b90fa9aeSRam Pai * in allocations. 880b90fa9aeSRam Pai */ 881b90fa9aeSRam Pai static int attach_recursive_mnt(struct vfsmount *source_mnt, 8821a390689SAl Viro struct path *path, struct path *parent_path) 883b90fa9aeSRam Pai { 884b90fa9aeSRam Pai LIST_HEAD(tree_list); 8851a390689SAl Viro struct vfsmount *dest_mnt = path->mnt; 8861a390689SAl Viro struct dentry *dest_dentry = path->dentry; 887b90fa9aeSRam Pai struct vfsmount *child, *p; 888b90fa9aeSRam Pai 889b90fa9aeSRam Pai if (propagate_mnt(dest_mnt, dest_dentry, source_mnt, &tree_list)) 890b90fa9aeSRam Pai return -EINVAL; 891b90fa9aeSRam Pai 892b90fa9aeSRam Pai if (IS_MNT_SHARED(dest_mnt)) { 893b90fa9aeSRam Pai for (p = source_mnt; p; p = next_mnt(p, source_mnt)) 894b90fa9aeSRam Pai set_mnt_shared(p); 895b90fa9aeSRam Pai } 896b90fa9aeSRam Pai 897b90fa9aeSRam Pai spin_lock(&vfsmount_lock); 8981a390689SAl Viro if (parent_path) { 8991a390689SAl Viro detach_mnt(source_mnt, parent_path); 9001a390689SAl Viro attach_mnt(source_mnt, path); 9016b3286edSKirill Korotaev touch_mnt_namespace(current->nsproxy->mnt_ns); 90221444403SRam Pai } else { 903b90fa9aeSRam Pai mnt_set_mountpoint(dest_mnt, dest_dentry, source_mnt); 904b90fa9aeSRam Pai commit_tree(source_mnt); 90521444403SRam Pai } 906b90fa9aeSRam Pai 907b90fa9aeSRam Pai list_for_each_entry_safe(child, p, &tree_list, mnt_hash) { 908b90fa9aeSRam Pai list_del_init(&child->mnt_hash); 909b90fa9aeSRam Pai commit_tree(child); 910b90fa9aeSRam Pai } 911b90fa9aeSRam Pai spin_unlock(&vfsmount_lock); 912b90fa9aeSRam Pai return 0; 913b90fa9aeSRam Pai } 914b90fa9aeSRam Pai 9151da177e4SLinus Torvalds static int graft_tree(struct vfsmount *mnt, struct nameidata *nd) 9161da177e4SLinus Torvalds { 9171da177e4SLinus Torvalds int err; 9181da177e4SLinus Torvalds if (mnt->mnt_sb->s_flags & MS_NOUSER) 9191da177e4SLinus Torvalds return -EINVAL; 9201da177e4SLinus Torvalds 9214ac91378SJan Blunck if (S_ISDIR(nd->path.dentry->d_inode->i_mode) != 9221da177e4SLinus Torvalds S_ISDIR(mnt->mnt_root->d_inode->i_mode)) 9231da177e4SLinus Torvalds return -ENOTDIR; 9241da177e4SLinus Torvalds 9251da177e4SLinus Torvalds err = -ENOENT; 9264ac91378SJan Blunck mutex_lock(&nd->path.dentry->d_inode->i_mutex); 9274ac91378SJan Blunck if (IS_DEADDIR(nd->path.dentry->d_inode)) 9281da177e4SLinus Torvalds goto out_unlock; 9291da177e4SLinus Torvalds 9301da177e4SLinus Torvalds err = security_sb_check_sb(mnt, nd); 9311da177e4SLinus Torvalds if (err) 9321da177e4SLinus Torvalds goto out_unlock; 9331da177e4SLinus Torvalds 9341da177e4SLinus Torvalds err = -ENOENT; 9354ac91378SJan Blunck if (IS_ROOT(nd->path.dentry) || !d_unhashed(nd->path.dentry)) 9361a390689SAl Viro err = attach_recursive_mnt(mnt, &nd->path, NULL); 9371da177e4SLinus Torvalds out_unlock: 9384ac91378SJan Blunck mutex_unlock(&nd->path.dentry->d_inode->i_mutex); 9391da177e4SLinus Torvalds if (!err) 9401da177e4SLinus Torvalds security_sb_post_addmount(mnt, nd); 9411da177e4SLinus Torvalds return err; 9421da177e4SLinus Torvalds } 9431da177e4SLinus Torvalds 9441da177e4SLinus Torvalds /* 94507b20889SRam Pai * recursively change the type of the mountpoint. 9462dafe1c4SEric Sandeen * noinline this do_mount helper to save do_mount stack space. 94707b20889SRam Pai */ 9482dafe1c4SEric Sandeen static noinline int do_change_type(struct nameidata *nd, int flag) 94907b20889SRam Pai { 9504ac91378SJan Blunck struct vfsmount *m, *mnt = nd->path.mnt; 95107b20889SRam Pai int recurse = flag & MS_REC; 95207b20889SRam Pai int type = flag & ~MS_REC; 95307b20889SRam Pai 954ee6f9582SMiklos Szeredi if (!capable(CAP_SYS_ADMIN)) 955ee6f9582SMiklos Szeredi return -EPERM; 956ee6f9582SMiklos Szeredi 9574ac91378SJan Blunck if (nd->path.dentry != nd->path.mnt->mnt_root) 95807b20889SRam Pai return -EINVAL; 95907b20889SRam Pai 96007b20889SRam Pai down_write(&namespace_sem); 96107b20889SRam Pai spin_lock(&vfsmount_lock); 96207b20889SRam Pai for (m = mnt; m; m = (recurse ? next_mnt(m, mnt) : NULL)) 96307b20889SRam Pai change_mnt_propagation(m, type); 96407b20889SRam Pai spin_unlock(&vfsmount_lock); 96507b20889SRam Pai up_write(&namespace_sem); 96607b20889SRam Pai return 0; 96707b20889SRam Pai } 96807b20889SRam Pai 96907b20889SRam Pai /* 9701da177e4SLinus Torvalds * do loopback mount. 9712dafe1c4SEric Sandeen * noinline this do_mount helper to save do_mount stack space. 9721da177e4SLinus Torvalds */ 9732dafe1c4SEric Sandeen static noinline int do_loopback(struct nameidata *nd, char *old_name, 9742dafe1c4SEric Sandeen int recurse) 9751da177e4SLinus Torvalds { 9761da177e4SLinus Torvalds struct nameidata old_nd; 9771da177e4SLinus Torvalds struct vfsmount *mnt = NULL; 9781da177e4SLinus Torvalds int err = mount_is_safe(nd); 9791da177e4SLinus Torvalds if (err) 9801da177e4SLinus Torvalds return err; 9811da177e4SLinus Torvalds if (!old_name || !*old_name) 9821da177e4SLinus Torvalds return -EINVAL; 9831da177e4SLinus Torvalds err = path_lookup(old_name, LOOKUP_FOLLOW, &old_nd); 9841da177e4SLinus Torvalds if (err) 9851da177e4SLinus Torvalds return err; 9861da177e4SLinus Torvalds 987390c6843SRam Pai down_write(&namespace_sem); 9881da177e4SLinus Torvalds err = -EINVAL; 9894ac91378SJan Blunck if (IS_MNT_UNBINDABLE(old_nd.path.mnt)) 9909676f0c6SRam Pai goto out; 9919676f0c6SRam Pai 9924ac91378SJan Blunck if (!check_mnt(nd->path.mnt) || !check_mnt(old_nd.path.mnt)) 993ccd48bc7SAl Viro goto out; 994ccd48bc7SAl Viro 9951da177e4SLinus Torvalds err = -ENOMEM; 9961da177e4SLinus Torvalds if (recurse) 9974ac91378SJan Blunck mnt = copy_tree(old_nd.path.mnt, old_nd.path.dentry, 0); 9981da177e4SLinus Torvalds else 9994ac91378SJan Blunck mnt = clone_mnt(old_nd.path.mnt, old_nd.path.dentry, 0); 10001da177e4SLinus Torvalds 1001ccd48bc7SAl Viro if (!mnt) 1002ccd48bc7SAl Viro goto out; 1003ccd48bc7SAl Viro 10041da177e4SLinus Torvalds err = graft_tree(mnt, nd); 10051da177e4SLinus Torvalds if (err) { 100670fbcdf4SRam Pai LIST_HEAD(umount_list); 10071da177e4SLinus Torvalds spin_lock(&vfsmount_lock); 1008a05964f3SRam Pai umount_tree(mnt, 0, &umount_list); 10091da177e4SLinus Torvalds spin_unlock(&vfsmount_lock); 101070fbcdf4SRam Pai release_mounts(&umount_list); 10115b83d2c5SRam Pai } 10121da177e4SLinus Torvalds 1013ccd48bc7SAl Viro out: 1014390c6843SRam Pai up_write(&namespace_sem); 10151d957f9bSJan Blunck path_put(&old_nd.path); 10161da177e4SLinus Torvalds return err; 10171da177e4SLinus Torvalds } 10181da177e4SLinus Torvalds 10191da177e4SLinus Torvalds /* 10201da177e4SLinus Torvalds * change filesystem flags. dir should be a physical root of filesystem. 10211da177e4SLinus Torvalds * If you've mounted a non-root directory somewhere and want to do remount 10221da177e4SLinus Torvalds * on it - tough luck. 10232dafe1c4SEric Sandeen * noinline this do_mount helper to save do_mount stack space. 10241da177e4SLinus Torvalds */ 10252dafe1c4SEric Sandeen static noinline int do_remount(struct nameidata *nd, int flags, int mnt_flags, 10261da177e4SLinus Torvalds void *data) 10271da177e4SLinus Torvalds { 10281da177e4SLinus Torvalds int err; 10294ac91378SJan Blunck struct super_block *sb = nd->path.mnt->mnt_sb; 10301da177e4SLinus Torvalds 10311da177e4SLinus Torvalds if (!capable(CAP_SYS_ADMIN)) 10321da177e4SLinus Torvalds return -EPERM; 10331da177e4SLinus Torvalds 10344ac91378SJan Blunck if (!check_mnt(nd->path.mnt)) 10351da177e4SLinus Torvalds return -EINVAL; 10361da177e4SLinus Torvalds 10374ac91378SJan Blunck if (nd->path.dentry != nd->path.mnt->mnt_root) 10381da177e4SLinus Torvalds return -EINVAL; 10391da177e4SLinus Torvalds 10401da177e4SLinus Torvalds down_write(&sb->s_umount); 10411da177e4SLinus Torvalds err = do_remount_sb(sb, flags, data, 0); 10421da177e4SLinus Torvalds if (!err) 10434ac91378SJan Blunck nd->path.mnt->mnt_flags = mnt_flags; 10441da177e4SLinus Torvalds up_write(&sb->s_umount); 10451da177e4SLinus Torvalds if (!err) 10464ac91378SJan Blunck security_sb_post_remount(nd->path.mnt, flags, data); 10471da177e4SLinus Torvalds return err; 10481da177e4SLinus Torvalds } 10491da177e4SLinus Torvalds 10509676f0c6SRam Pai static inline int tree_contains_unbindable(struct vfsmount *mnt) 10519676f0c6SRam Pai { 10529676f0c6SRam Pai struct vfsmount *p; 10539676f0c6SRam Pai for (p = mnt; p; p = next_mnt(p, mnt)) { 10549676f0c6SRam Pai if (IS_MNT_UNBINDABLE(p)) 10559676f0c6SRam Pai return 1; 10569676f0c6SRam Pai } 10579676f0c6SRam Pai return 0; 10589676f0c6SRam Pai } 10599676f0c6SRam Pai 10602dafe1c4SEric Sandeen /* 10612dafe1c4SEric Sandeen * noinline this do_mount helper to save do_mount stack space. 10622dafe1c4SEric Sandeen */ 10632dafe1c4SEric Sandeen static noinline int do_move_mount(struct nameidata *nd, char *old_name) 10641da177e4SLinus Torvalds { 10651a390689SAl Viro struct nameidata old_nd; 10661a390689SAl Viro struct path parent_path; 10671da177e4SLinus Torvalds struct vfsmount *p; 10681da177e4SLinus Torvalds int err = 0; 10691da177e4SLinus Torvalds if (!capable(CAP_SYS_ADMIN)) 10701da177e4SLinus Torvalds return -EPERM; 10711da177e4SLinus Torvalds if (!old_name || !*old_name) 10721da177e4SLinus Torvalds return -EINVAL; 10731da177e4SLinus Torvalds err = path_lookup(old_name, LOOKUP_FOLLOW, &old_nd); 10741da177e4SLinus Torvalds if (err) 10751da177e4SLinus Torvalds return err; 10761da177e4SLinus Torvalds 1077390c6843SRam Pai down_write(&namespace_sem); 10784ac91378SJan Blunck while (d_mountpoint(nd->path.dentry) && 10794ac91378SJan Blunck follow_down(&nd->path.mnt, &nd->path.dentry)) 10801da177e4SLinus Torvalds ; 10811da177e4SLinus Torvalds err = -EINVAL; 10824ac91378SJan Blunck if (!check_mnt(nd->path.mnt) || !check_mnt(old_nd.path.mnt)) 10831da177e4SLinus Torvalds goto out; 10841da177e4SLinus Torvalds 10851da177e4SLinus Torvalds err = -ENOENT; 10864ac91378SJan Blunck mutex_lock(&nd->path.dentry->d_inode->i_mutex); 10874ac91378SJan Blunck if (IS_DEADDIR(nd->path.dentry->d_inode)) 10881da177e4SLinus Torvalds goto out1; 10891da177e4SLinus Torvalds 10904ac91378SJan Blunck if (!IS_ROOT(nd->path.dentry) && d_unhashed(nd->path.dentry)) 109121444403SRam Pai goto out1; 10921da177e4SLinus Torvalds 10931da177e4SLinus Torvalds err = -EINVAL; 10944ac91378SJan Blunck if (old_nd.path.dentry != old_nd.path.mnt->mnt_root) 109521444403SRam Pai goto out1; 10961da177e4SLinus Torvalds 10974ac91378SJan Blunck if (old_nd.path.mnt == old_nd.path.mnt->mnt_parent) 109821444403SRam Pai goto out1; 10991da177e4SLinus Torvalds 11004ac91378SJan Blunck if (S_ISDIR(nd->path.dentry->d_inode->i_mode) != 11014ac91378SJan Blunck S_ISDIR(old_nd.path.dentry->d_inode->i_mode)) 110221444403SRam Pai goto out1; 110321444403SRam Pai /* 110421444403SRam Pai * Don't move a mount residing in a shared parent. 110521444403SRam Pai */ 11064ac91378SJan Blunck if (old_nd.path.mnt->mnt_parent && 11074ac91378SJan Blunck IS_MNT_SHARED(old_nd.path.mnt->mnt_parent)) 110821444403SRam Pai goto out1; 11099676f0c6SRam Pai /* 11109676f0c6SRam Pai * Don't move a mount tree containing unbindable mounts to a destination 11119676f0c6SRam Pai * mount which is shared. 11129676f0c6SRam Pai */ 11134ac91378SJan Blunck if (IS_MNT_SHARED(nd->path.mnt) && 11144ac91378SJan Blunck tree_contains_unbindable(old_nd.path.mnt)) 11159676f0c6SRam Pai goto out1; 11161da177e4SLinus Torvalds err = -ELOOP; 11174ac91378SJan Blunck for (p = nd->path.mnt; p->mnt_parent != p; p = p->mnt_parent) 11184ac91378SJan Blunck if (p == old_nd.path.mnt) 111921444403SRam Pai goto out1; 11201da177e4SLinus Torvalds 11211a390689SAl Viro err = attach_recursive_mnt(old_nd.path.mnt, &nd->path, &parent_path); 11224ac91378SJan Blunck if (err) 112321444403SRam Pai goto out1; 11241da177e4SLinus Torvalds 112521444403SRam Pai spin_lock(&vfsmount_lock); 11261da177e4SLinus Torvalds /* if the mount is moved, it should no longer be expire 11271da177e4SLinus Torvalds * automatically */ 11284ac91378SJan Blunck list_del_init(&old_nd.path.mnt->mnt_expire); 11291da177e4SLinus Torvalds spin_unlock(&vfsmount_lock); 11301da177e4SLinus Torvalds out1: 11314ac91378SJan Blunck mutex_unlock(&nd->path.dentry->d_inode->i_mutex); 11321da177e4SLinus Torvalds out: 1133390c6843SRam Pai up_write(&namespace_sem); 11341da177e4SLinus Torvalds if (!err) 11351a390689SAl Viro path_put(&parent_path); 11361d957f9bSJan Blunck path_put(&old_nd.path); 11371da177e4SLinus Torvalds return err; 11381da177e4SLinus Torvalds } 11391da177e4SLinus Torvalds 11401da177e4SLinus Torvalds /* 11411da177e4SLinus Torvalds * create a new mount for userspace and request it to be added into the 11421da177e4SLinus Torvalds * namespace's tree 11432dafe1c4SEric Sandeen * noinline this do_mount helper to save do_mount stack space. 11441da177e4SLinus Torvalds */ 11452dafe1c4SEric Sandeen static noinline int do_new_mount(struct nameidata *nd, char *type, int flags, 11461da177e4SLinus Torvalds int mnt_flags, char *name, void *data) 11471da177e4SLinus Torvalds { 11481da177e4SLinus Torvalds struct vfsmount *mnt; 11491da177e4SLinus Torvalds 11501da177e4SLinus Torvalds if (!type || !memchr(type, 0, PAGE_SIZE)) 11511da177e4SLinus Torvalds return -EINVAL; 11521da177e4SLinus Torvalds 11531da177e4SLinus Torvalds /* we need capabilities... */ 11541da177e4SLinus Torvalds if (!capable(CAP_SYS_ADMIN)) 11551da177e4SLinus Torvalds return -EPERM; 11561da177e4SLinus Torvalds 11571da177e4SLinus Torvalds mnt = do_kern_mount(type, flags, name, data); 11581da177e4SLinus Torvalds if (IS_ERR(mnt)) 11591da177e4SLinus Torvalds return PTR_ERR(mnt); 11601da177e4SLinus Torvalds 11611da177e4SLinus Torvalds return do_add_mount(mnt, nd, mnt_flags, NULL); 11621da177e4SLinus Torvalds } 11631da177e4SLinus Torvalds 11641da177e4SLinus Torvalds /* 11651da177e4SLinus Torvalds * add a mount into a namespace's mount tree 11661da177e4SLinus Torvalds * - provide the option of adding the new mount to an expiration list 11671da177e4SLinus Torvalds */ 11681da177e4SLinus Torvalds int do_add_mount(struct vfsmount *newmnt, struct nameidata *nd, 11691da177e4SLinus Torvalds int mnt_flags, struct list_head *fslist) 11701da177e4SLinus Torvalds { 11711da177e4SLinus Torvalds int err; 11721da177e4SLinus Torvalds 1173390c6843SRam Pai down_write(&namespace_sem); 11741da177e4SLinus Torvalds /* Something was mounted here while we slept */ 11754ac91378SJan Blunck while (d_mountpoint(nd->path.dentry) && 11764ac91378SJan Blunck follow_down(&nd->path.mnt, &nd->path.dentry)) 11771da177e4SLinus Torvalds ; 11781da177e4SLinus Torvalds err = -EINVAL; 11794ac91378SJan Blunck if (!check_mnt(nd->path.mnt)) 11801da177e4SLinus Torvalds goto unlock; 11811da177e4SLinus Torvalds 11821da177e4SLinus Torvalds /* Refuse the same filesystem on the same mount point */ 11831da177e4SLinus Torvalds err = -EBUSY; 11844ac91378SJan Blunck if (nd->path.mnt->mnt_sb == newmnt->mnt_sb && 11854ac91378SJan Blunck nd->path.mnt->mnt_root == nd->path.dentry) 11861da177e4SLinus Torvalds goto unlock; 11871da177e4SLinus Torvalds 11881da177e4SLinus Torvalds err = -EINVAL; 11891da177e4SLinus Torvalds if (S_ISLNK(newmnt->mnt_root->d_inode->i_mode)) 11901da177e4SLinus Torvalds goto unlock; 11911da177e4SLinus Torvalds 11921da177e4SLinus Torvalds newmnt->mnt_flags = mnt_flags; 11935b83d2c5SRam Pai if ((err = graft_tree(newmnt, nd))) 11945b83d2c5SRam Pai goto unlock; 11951da177e4SLinus Torvalds 11965b83d2c5SRam Pai if (fslist) { 11971da177e4SLinus Torvalds /* add to the specified expiration list */ 11981da177e4SLinus Torvalds spin_lock(&vfsmount_lock); 119955e700b9SMiklos Szeredi list_add_tail(&newmnt->mnt_expire, fslist); 12001da177e4SLinus Torvalds spin_unlock(&vfsmount_lock); 12011da177e4SLinus Torvalds } 1202390c6843SRam Pai up_write(&namespace_sem); 12035b83d2c5SRam Pai return 0; 12041da177e4SLinus Torvalds 12051da177e4SLinus Torvalds unlock: 1206390c6843SRam Pai up_write(&namespace_sem); 12071da177e4SLinus Torvalds mntput(newmnt); 12081da177e4SLinus Torvalds return err; 12091da177e4SLinus Torvalds } 12101da177e4SLinus Torvalds 12111da177e4SLinus Torvalds EXPORT_SYMBOL_GPL(do_add_mount); 12121da177e4SLinus Torvalds 12135528f911STrond Myklebust /* 12141da177e4SLinus Torvalds * process a list of expirable mountpoints with the intent of discarding any 12151da177e4SLinus Torvalds * mountpoints that aren't in use and haven't been touched since last we came 12161da177e4SLinus Torvalds * here 12171da177e4SLinus Torvalds */ 12181da177e4SLinus Torvalds void mark_mounts_for_expiry(struct list_head *mounts) 12191da177e4SLinus Torvalds { 12201da177e4SLinus Torvalds struct vfsmount *mnt, *next; 12211da177e4SLinus Torvalds LIST_HEAD(graveyard); 1222*bcc5c7d2SAl Viro LIST_HEAD(umounts); 12231da177e4SLinus Torvalds 12241da177e4SLinus Torvalds if (list_empty(mounts)) 12251da177e4SLinus Torvalds return; 12261da177e4SLinus Torvalds 1227*bcc5c7d2SAl Viro down_write(&namespace_sem); 12281da177e4SLinus Torvalds spin_lock(&vfsmount_lock); 12291da177e4SLinus Torvalds 12301da177e4SLinus Torvalds /* extract from the expiration list every vfsmount that matches the 12311da177e4SLinus Torvalds * following criteria: 12321da177e4SLinus Torvalds * - only referenced by its parent vfsmount 12331da177e4SLinus Torvalds * - still marked for expiry (marked on the last call here; marks are 12341da177e4SLinus Torvalds * cleared by mntput()) 12351da177e4SLinus Torvalds */ 123655e700b9SMiklos Szeredi list_for_each_entry_safe(mnt, next, mounts, mnt_expire) { 12371da177e4SLinus Torvalds if (!xchg(&mnt->mnt_expiry_mark, 1) || 1238*bcc5c7d2SAl Viro propagate_mount_busy(mnt, 1)) 12391da177e4SLinus Torvalds continue; 124055e700b9SMiklos Szeredi list_move(&mnt->mnt_expire, &graveyard); 12411da177e4SLinus Torvalds } 1242*bcc5c7d2SAl Viro while (!list_empty(&graveyard)) { 1243*bcc5c7d2SAl Viro mnt = list_first_entry(&graveyard, struct vfsmount, mnt_expire); 1244*bcc5c7d2SAl Viro touch_mnt_namespace(mnt->mnt_ns); 1245*bcc5c7d2SAl Viro umount_tree(mnt, 1, &umounts); 1246*bcc5c7d2SAl Viro } 12471da177e4SLinus Torvalds spin_unlock(&vfsmount_lock); 1248*bcc5c7d2SAl Viro up_write(&namespace_sem); 1249*bcc5c7d2SAl Viro 1250*bcc5c7d2SAl Viro release_mounts(&umounts); 12511da177e4SLinus Torvalds } 12521da177e4SLinus Torvalds 12531da177e4SLinus Torvalds EXPORT_SYMBOL_GPL(mark_mounts_for_expiry); 12541da177e4SLinus Torvalds 12551da177e4SLinus Torvalds /* 12565528f911STrond Myklebust * Ripoff of 'select_parent()' 12575528f911STrond Myklebust * 12585528f911STrond Myklebust * search the list of submounts for a given mountpoint, and move any 12595528f911STrond Myklebust * shrinkable submounts to the 'graveyard' list. 12605528f911STrond Myklebust */ 12615528f911STrond Myklebust static int select_submounts(struct vfsmount *parent, struct list_head *graveyard) 12625528f911STrond Myklebust { 12635528f911STrond Myklebust struct vfsmount *this_parent = parent; 12645528f911STrond Myklebust struct list_head *next; 12655528f911STrond Myklebust int found = 0; 12665528f911STrond Myklebust 12675528f911STrond Myklebust repeat: 12685528f911STrond Myklebust next = this_parent->mnt_mounts.next; 12695528f911STrond Myklebust resume: 12705528f911STrond Myklebust while (next != &this_parent->mnt_mounts) { 12715528f911STrond Myklebust struct list_head *tmp = next; 12725528f911STrond Myklebust struct vfsmount *mnt = list_entry(tmp, struct vfsmount, mnt_child); 12735528f911STrond Myklebust 12745528f911STrond Myklebust next = tmp->next; 12755528f911STrond Myklebust if (!(mnt->mnt_flags & MNT_SHRINKABLE)) 12765528f911STrond Myklebust continue; 12775528f911STrond Myklebust /* 12785528f911STrond Myklebust * Descend a level if the d_mounts list is non-empty. 12795528f911STrond Myklebust */ 12805528f911STrond Myklebust if (!list_empty(&mnt->mnt_mounts)) { 12815528f911STrond Myklebust this_parent = mnt; 12825528f911STrond Myklebust goto repeat; 12835528f911STrond Myklebust } 12845528f911STrond Myklebust 12855528f911STrond Myklebust if (!propagate_mount_busy(mnt, 1)) { 12865528f911STrond Myklebust list_move_tail(&mnt->mnt_expire, graveyard); 12875528f911STrond Myklebust found++; 12885528f911STrond Myklebust } 12895528f911STrond Myklebust } 12905528f911STrond Myklebust /* 12915528f911STrond Myklebust * All done at this level ... ascend and resume the search 12925528f911STrond Myklebust */ 12935528f911STrond Myklebust if (this_parent != parent) { 12945528f911STrond Myklebust next = this_parent->mnt_child.next; 12955528f911STrond Myklebust this_parent = this_parent->mnt_parent; 12965528f911STrond Myklebust goto resume; 12975528f911STrond Myklebust } 12985528f911STrond Myklebust return found; 12995528f911STrond Myklebust } 13005528f911STrond Myklebust 13015528f911STrond Myklebust /* 13025528f911STrond Myklebust * process a list of expirable mountpoints with the intent of discarding any 13035528f911STrond Myklebust * submounts of a specific parent mountpoint 13045528f911STrond Myklebust */ 13055528f911STrond Myklebust void shrink_submounts(struct vfsmount *mountpoint, struct list_head *mounts) 13065528f911STrond Myklebust { 13075528f911STrond Myklebust LIST_HEAD(graveyard); 1308*bcc5c7d2SAl Viro LIST_HEAD(umounts); 1309*bcc5c7d2SAl Viro struct vfsmount *mnt; 13105528f911STrond Myklebust 1311*bcc5c7d2SAl Viro down_write(&namespace_sem); 13125528f911STrond Myklebust spin_lock(&vfsmount_lock); 13135528f911STrond Myklebust /* extract submounts of 'mountpoint' from the expiration list */ 1314*bcc5c7d2SAl Viro while (select_submounts(mountpoint, &graveyard)) { 1315*bcc5c7d2SAl Viro while (!list_empty(&graveyard)) { 1316*bcc5c7d2SAl Viro mnt = list_first_entry(&graveyard, struct vfsmount, 1317*bcc5c7d2SAl Viro mnt_expire); 1318*bcc5c7d2SAl Viro touch_mnt_namespace(mnt->mnt_ns); 1319*bcc5c7d2SAl Viro umount_tree(mnt, 1, &umounts); 1320*bcc5c7d2SAl Viro } 1321*bcc5c7d2SAl Viro } 13225528f911STrond Myklebust spin_unlock(&vfsmount_lock); 1323*bcc5c7d2SAl Viro up_write(&namespace_sem); 1324*bcc5c7d2SAl Viro release_mounts(&umounts); 13255528f911STrond Myklebust } 13265528f911STrond Myklebust 13275528f911STrond Myklebust EXPORT_SYMBOL_GPL(shrink_submounts); 13285528f911STrond Myklebust 13295528f911STrond Myklebust /* 13301da177e4SLinus Torvalds * Some copy_from_user() implementations do not return the exact number of 13311da177e4SLinus Torvalds * bytes remaining to copy on a fault. But copy_mount_options() requires that. 13321da177e4SLinus Torvalds * Note that this function differs from copy_from_user() in that it will oops 13331da177e4SLinus Torvalds * on bad values of `to', rather than returning a short copy. 13341da177e4SLinus Torvalds */ 1335b58fed8bSRam Pai static long exact_copy_from_user(void *to, const void __user * from, 1336b58fed8bSRam Pai unsigned long n) 13371da177e4SLinus Torvalds { 13381da177e4SLinus Torvalds char *t = to; 13391da177e4SLinus Torvalds const char __user *f = from; 13401da177e4SLinus Torvalds char c; 13411da177e4SLinus Torvalds 13421da177e4SLinus Torvalds if (!access_ok(VERIFY_READ, from, n)) 13431da177e4SLinus Torvalds return n; 13441da177e4SLinus Torvalds 13451da177e4SLinus Torvalds while (n) { 13461da177e4SLinus Torvalds if (__get_user(c, f)) { 13471da177e4SLinus Torvalds memset(t, 0, n); 13481da177e4SLinus Torvalds break; 13491da177e4SLinus Torvalds } 13501da177e4SLinus Torvalds *t++ = c; 13511da177e4SLinus Torvalds f++; 13521da177e4SLinus Torvalds n--; 13531da177e4SLinus Torvalds } 13541da177e4SLinus Torvalds return n; 13551da177e4SLinus Torvalds } 13561da177e4SLinus Torvalds 13571da177e4SLinus Torvalds int copy_mount_options(const void __user * data, unsigned long *where) 13581da177e4SLinus Torvalds { 13591da177e4SLinus Torvalds int i; 13601da177e4SLinus Torvalds unsigned long page; 13611da177e4SLinus Torvalds unsigned long size; 13621da177e4SLinus Torvalds 13631da177e4SLinus Torvalds *where = 0; 13641da177e4SLinus Torvalds if (!data) 13651da177e4SLinus Torvalds return 0; 13661da177e4SLinus Torvalds 13671da177e4SLinus Torvalds if (!(page = __get_free_page(GFP_KERNEL))) 13681da177e4SLinus Torvalds return -ENOMEM; 13691da177e4SLinus Torvalds 13701da177e4SLinus Torvalds /* We only care that *some* data at the address the user 13711da177e4SLinus Torvalds * gave us is valid. Just in case, we'll zero 13721da177e4SLinus Torvalds * the remainder of the page. 13731da177e4SLinus Torvalds */ 13741da177e4SLinus Torvalds /* copy_from_user cannot cross TASK_SIZE ! */ 13751da177e4SLinus Torvalds size = TASK_SIZE - (unsigned long)data; 13761da177e4SLinus Torvalds if (size > PAGE_SIZE) 13771da177e4SLinus Torvalds size = PAGE_SIZE; 13781da177e4SLinus Torvalds 13791da177e4SLinus Torvalds i = size - exact_copy_from_user((void *)page, data, size); 13801da177e4SLinus Torvalds if (!i) { 13811da177e4SLinus Torvalds free_page(page); 13821da177e4SLinus Torvalds return -EFAULT; 13831da177e4SLinus Torvalds } 13841da177e4SLinus Torvalds if (i != PAGE_SIZE) 13851da177e4SLinus Torvalds memset((char *)page + i, 0, PAGE_SIZE - i); 13861da177e4SLinus Torvalds *where = page; 13871da177e4SLinus Torvalds return 0; 13881da177e4SLinus Torvalds } 13891da177e4SLinus Torvalds 13901da177e4SLinus Torvalds /* 13911da177e4SLinus Torvalds * Flags is a 32-bit value that allows up to 31 non-fs dependent flags to 13921da177e4SLinus Torvalds * be given to the mount() call (ie: read-only, no-dev, no-suid etc). 13931da177e4SLinus Torvalds * 13941da177e4SLinus Torvalds * data is a (void *) that can point to any structure up to 13951da177e4SLinus Torvalds * PAGE_SIZE-1 bytes, which can contain arbitrary fs-dependent 13961da177e4SLinus Torvalds * information (or be NULL). 13971da177e4SLinus Torvalds * 13981da177e4SLinus Torvalds * Pre-0.97 versions of mount() didn't have a flags word. 13991da177e4SLinus Torvalds * When the flags word was introduced its top half was required 14001da177e4SLinus Torvalds * to have the magic value 0xC0ED, and this remained so until 2.4.0-test9. 14011da177e4SLinus Torvalds * Therefore, if this magic number is present, it carries no information 14021da177e4SLinus Torvalds * and must be discarded. 14031da177e4SLinus Torvalds */ 14041da177e4SLinus Torvalds long do_mount(char *dev_name, char *dir_name, char *type_page, 14051da177e4SLinus Torvalds unsigned long flags, void *data_page) 14061da177e4SLinus Torvalds { 14071da177e4SLinus Torvalds struct nameidata nd; 14081da177e4SLinus Torvalds int retval = 0; 14091da177e4SLinus Torvalds int mnt_flags = 0; 14101da177e4SLinus Torvalds 14111da177e4SLinus Torvalds /* Discard magic */ 14121da177e4SLinus Torvalds if ((flags & MS_MGC_MSK) == MS_MGC_VAL) 14131da177e4SLinus Torvalds flags &= ~MS_MGC_MSK; 14141da177e4SLinus Torvalds 14151da177e4SLinus Torvalds /* Basic sanity checks */ 14161da177e4SLinus Torvalds 14171da177e4SLinus Torvalds if (!dir_name || !*dir_name || !memchr(dir_name, 0, PAGE_SIZE)) 14181da177e4SLinus Torvalds return -EINVAL; 14191da177e4SLinus Torvalds if (dev_name && !memchr(dev_name, 0, PAGE_SIZE)) 14201da177e4SLinus Torvalds return -EINVAL; 14211da177e4SLinus Torvalds 14221da177e4SLinus Torvalds if (data_page) 14231da177e4SLinus Torvalds ((char *)data_page)[PAGE_SIZE - 1] = 0; 14241da177e4SLinus Torvalds 14251da177e4SLinus Torvalds /* Separate the per-mountpoint flags */ 14261da177e4SLinus Torvalds if (flags & MS_NOSUID) 14271da177e4SLinus Torvalds mnt_flags |= MNT_NOSUID; 14281da177e4SLinus Torvalds if (flags & MS_NODEV) 14291da177e4SLinus Torvalds mnt_flags |= MNT_NODEV; 14301da177e4SLinus Torvalds if (flags & MS_NOEXEC) 14311da177e4SLinus Torvalds mnt_flags |= MNT_NOEXEC; 1432fc33a7bbSChristoph Hellwig if (flags & MS_NOATIME) 1433fc33a7bbSChristoph Hellwig mnt_flags |= MNT_NOATIME; 1434fc33a7bbSChristoph Hellwig if (flags & MS_NODIRATIME) 1435fc33a7bbSChristoph Hellwig mnt_flags |= MNT_NODIRATIME; 143647ae32d6SValerie Henson if (flags & MS_RELATIME) 143747ae32d6SValerie Henson mnt_flags |= MNT_RELATIME; 1438fc33a7bbSChristoph Hellwig 1439fc33a7bbSChristoph Hellwig flags &= ~(MS_NOSUID | MS_NOEXEC | MS_NODEV | MS_ACTIVE | 14408bf9725cSPavel Emelyanov MS_NOATIME | MS_NODIRATIME | MS_RELATIME| MS_KERNMOUNT); 14411da177e4SLinus Torvalds 14421da177e4SLinus Torvalds /* ... and get the mountpoint */ 14431da177e4SLinus Torvalds retval = path_lookup(dir_name, LOOKUP_FOLLOW, &nd); 14441da177e4SLinus Torvalds if (retval) 14451da177e4SLinus Torvalds return retval; 14461da177e4SLinus Torvalds 14471da177e4SLinus Torvalds retval = security_sb_mount(dev_name, &nd, type_page, flags, data_page); 14481da177e4SLinus Torvalds if (retval) 14491da177e4SLinus Torvalds goto dput_out; 14501da177e4SLinus Torvalds 14511da177e4SLinus Torvalds if (flags & MS_REMOUNT) 14521da177e4SLinus Torvalds retval = do_remount(&nd, flags & ~MS_REMOUNT, mnt_flags, 14531da177e4SLinus Torvalds data_page); 14541da177e4SLinus Torvalds else if (flags & MS_BIND) 1455eee391a6SAndrew Morton retval = do_loopback(&nd, dev_name, flags & MS_REC); 14569676f0c6SRam Pai else if (flags & (MS_SHARED | MS_PRIVATE | MS_SLAVE | MS_UNBINDABLE)) 145707b20889SRam Pai retval = do_change_type(&nd, flags); 14581da177e4SLinus Torvalds else if (flags & MS_MOVE) 14591da177e4SLinus Torvalds retval = do_move_mount(&nd, dev_name); 14601da177e4SLinus Torvalds else 14611da177e4SLinus Torvalds retval = do_new_mount(&nd, type_page, flags, mnt_flags, 14621da177e4SLinus Torvalds dev_name, data_page); 14631da177e4SLinus Torvalds dput_out: 14641d957f9bSJan Blunck path_put(&nd.path); 14651da177e4SLinus Torvalds return retval; 14661da177e4SLinus Torvalds } 14671da177e4SLinus Torvalds 1468741a2951SJANAK DESAI /* 1469741a2951SJANAK DESAI * Allocate a new namespace structure and populate it with contents 1470741a2951SJANAK DESAI * copied from the namespace of the passed in task structure. 1471741a2951SJANAK DESAI */ 1472e3222c4eSBadari Pulavarty static struct mnt_namespace *dup_mnt_ns(struct mnt_namespace *mnt_ns, 14736b3286edSKirill Korotaev struct fs_struct *fs) 14741da177e4SLinus Torvalds { 14756b3286edSKirill Korotaev struct mnt_namespace *new_ns; 14761da177e4SLinus Torvalds struct vfsmount *rootmnt = NULL, *pwdmnt = NULL, *altrootmnt = NULL; 14771da177e4SLinus Torvalds struct vfsmount *p, *q; 14781da177e4SLinus Torvalds 14796b3286edSKirill Korotaev new_ns = kmalloc(sizeof(struct mnt_namespace), GFP_KERNEL); 14801da177e4SLinus Torvalds if (!new_ns) 1481467e9f4bSCedric Le Goater return ERR_PTR(-ENOMEM); 14821da177e4SLinus Torvalds 14831da177e4SLinus Torvalds atomic_set(&new_ns->count, 1); 14841da177e4SLinus Torvalds INIT_LIST_HEAD(&new_ns->list); 14855addc5ddSAl Viro init_waitqueue_head(&new_ns->poll); 14865addc5ddSAl Viro new_ns->event = 0; 14871da177e4SLinus Torvalds 1488390c6843SRam Pai down_write(&namespace_sem); 14891da177e4SLinus Torvalds /* First pass: copy the tree topology */ 14906b3286edSKirill Korotaev new_ns->root = copy_tree(mnt_ns->root, mnt_ns->root->mnt_root, 14919676f0c6SRam Pai CL_COPY_ALL | CL_EXPIRE); 14921da177e4SLinus Torvalds if (!new_ns->root) { 1493390c6843SRam Pai up_write(&namespace_sem); 14941da177e4SLinus Torvalds kfree(new_ns); 1495467e9f4bSCedric Le Goater return ERR_PTR(-ENOMEM);; 14961da177e4SLinus Torvalds } 14971da177e4SLinus Torvalds spin_lock(&vfsmount_lock); 14981da177e4SLinus Torvalds list_add_tail(&new_ns->list, &new_ns->root->mnt_list); 14991da177e4SLinus Torvalds spin_unlock(&vfsmount_lock); 15001da177e4SLinus Torvalds 15011da177e4SLinus Torvalds /* 15021da177e4SLinus Torvalds * Second pass: switch the tsk->fs->* elements and mark new vfsmounts 15031da177e4SLinus Torvalds * as belonging to new namespace. We have already acquired a private 15041da177e4SLinus Torvalds * fs_struct, so tsk->fs->lock is not needed. 15051da177e4SLinus Torvalds */ 15066b3286edSKirill Korotaev p = mnt_ns->root; 15071da177e4SLinus Torvalds q = new_ns->root; 15081da177e4SLinus Torvalds while (p) { 15096b3286edSKirill Korotaev q->mnt_ns = new_ns; 15101da177e4SLinus Torvalds if (fs) { 15116ac08c39SJan Blunck if (p == fs->root.mnt) { 15121da177e4SLinus Torvalds rootmnt = p; 15136ac08c39SJan Blunck fs->root.mnt = mntget(q); 15141da177e4SLinus Torvalds } 15156ac08c39SJan Blunck if (p == fs->pwd.mnt) { 15161da177e4SLinus Torvalds pwdmnt = p; 15176ac08c39SJan Blunck fs->pwd.mnt = mntget(q); 15181da177e4SLinus Torvalds } 15196ac08c39SJan Blunck if (p == fs->altroot.mnt) { 15201da177e4SLinus Torvalds altrootmnt = p; 15216ac08c39SJan Blunck fs->altroot.mnt = mntget(q); 15221da177e4SLinus Torvalds } 15231da177e4SLinus Torvalds } 15246b3286edSKirill Korotaev p = next_mnt(p, mnt_ns->root); 15251da177e4SLinus Torvalds q = next_mnt(q, new_ns->root); 15261da177e4SLinus Torvalds } 1527390c6843SRam Pai up_write(&namespace_sem); 15281da177e4SLinus Torvalds 15291da177e4SLinus Torvalds if (rootmnt) 15301da177e4SLinus Torvalds mntput(rootmnt); 15311da177e4SLinus Torvalds if (pwdmnt) 15321da177e4SLinus Torvalds mntput(pwdmnt); 15331da177e4SLinus Torvalds if (altrootmnt) 15341da177e4SLinus Torvalds mntput(altrootmnt); 15351da177e4SLinus Torvalds 1536741a2951SJANAK DESAI return new_ns; 1537741a2951SJANAK DESAI } 1538741a2951SJANAK DESAI 1539213dd266SEric W. Biederman struct mnt_namespace *copy_mnt_ns(unsigned long flags, struct mnt_namespace *ns, 1540e3222c4eSBadari Pulavarty struct fs_struct *new_fs) 1541741a2951SJANAK DESAI { 15426b3286edSKirill Korotaev struct mnt_namespace *new_ns; 1543741a2951SJANAK DESAI 1544e3222c4eSBadari Pulavarty BUG_ON(!ns); 15456b3286edSKirill Korotaev get_mnt_ns(ns); 1546741a2951SJANAK DESAI 1547741a2951SJANAK DESAI if (!(flags & CLONE_NEWNS)) 1548e3222c4eSBadari Pulavarty return ns; 1549741a2951SJANAK DESAI 1550e3222c4eSBadari Pulavarty new_ns = dup_mnt_ns(ns, new_fs); 1551741a2951SJANAK DESAI 15526b3286edSKirill Korotaev put_mnt_ns(ns); 1553e3222c4eSBadari Pulavarty return new_ns; 15541da177e4SLinus Torvalds } 15551da177e4SLinus Torvalds 15561da177e4SLinus Torvalds asmlinkage long sys_mount(char __user * dev_name, char __user * dir_name, 15571da177e4SLinus Torvalds char __user * type, unsigned long flags, 15581da177e4SLinus Torvalds void __user * data) 15591da177e4SLinus Torvalds { 15601da177e4SLinus Torvalds int retval; 15611da177e4SLinus Torvalds unsigned long data_page; 15621da177e4SLinus Torvalds unsigned long type_page; 15631da177e4SLinus Torvalds unsigned long dev_page; 15641da177e4SLinus Torvalds char *dir_page; 15651da177e4SLinus Torvalds 15661da177e4SLinus Torvalds retval = copy_mount_options(type, &type_page); 15671da177e4SLinus Torvalds if (retval < 0) 15681da177e4SLinus Torvalds return retval; 15691da177e4SLinus Torvalds 15701da177e4SLinus Torvalds dir_page = getname(dir_name); 15711da177e4SLinus Torvalds retval = PTR_ERR(dir_page); 15721da177e4SLinus Torvalds if (IS_ERR(dir_page)) 15731da177e4SLinus Torvalds goto out1; 15741da177e4SLinus Torvalds 15751da177e4SLinus Torvalds retval = copy_mount_options(dev_name, &dev_page); 15761da177e4SLinus Torvalds if (retval < 0) 15771da177e4SLinus Torvalds goto out2; 15781da177e4SLinus Torvalds 15791da177e4SLinus Torvalds retval = copy_mount_options(data, &data_page); 15801da177e4SLinus Torvalds if (retval < 0) 15811da177e4SLinus Torvalds goto out3; 15821da177e4SLinus Torvalds 15831da177e4SLinus Torvalds lock_kernel(); 15841da177e4SLinus Torvalds retval = do_mount((char *)dev_page, dir_page, (char *)type_page, 15851da177e4SLinus Torvalds flags, (void *)data_page); 15861da177e4SLinus Torvalds unlock_kernel(); 15871da177e4SLinus Torvalds free_page(data_page); 15881da177e4SLinus Torvalds 15891da177e4SLinus Torvalds out3: 15901da177e4SLinus Torvalds free_page(dev_page); 15911da177e4SLinus Torvalds out2: 15921da177e4SLinus Torvalds putname(dir_page); 15931da177e4SLinus Torvalds out1: 15941da177e4SLinus Torvalds free_page(type_page); 15951da177e4SLinus Torvalds return retval; 15961da177e4SLinus Torvalds } 15971da177e4SLinus Torvalds 15981da177e4SLinus Torvalds /* 15991da177e4SLinus Torvalds * Replace the fs->{rootmnt,root} with {mnt,dentry}. Put the old values. 16001da177e4SLinus Torvalds * It can block. Requires the big lock held. 16011da177e4SLinus Torvalds */ 1602ac748a09SJan Blunck void set_fs_root(struct fs_struct *fs, struct path *path) 16031da177e4SLinus Torvalds { 16046ac08c39SJan Blunck struct path old_root; 16056ac08c39SJan Blunck 16061da177e4SLinus Torvalds write_lock(&fs->lock); 16071da177e4SLinus Torvalds old_root = fs->root; 1608ac748a09SJan Blunck fs->root = *path; 1609ac748a09SJan Blunck path_get(path); 16101da177e4SLinus Torvalds write_unlock(&fs->lock); 16116ac08c39SJan Blunck if (old_root.dentry) 16126ac08c39SJan Blunck path_put(&old_root); 16131da177e4SLinus Torvalds } 16141da177e4SLinus Torvalds 16151da177e4SLinus Torvalds /* 16161da177e4SLinus Torvalds * Replace the fs->{pwdmnt,pwd} with {mnt,dentry}. Put the old values. 16171da177e4SLinus Torvalds * It can block. Requires the big lock held. 16181da177e4SLinus Torvalds */ 1619ac748a09SJan Blunck void set_fs_pwd(struct fs_struct *fs, struct path *path) 16201da177e4SLinus Torvalds { 16216ac08c39SJan Blunck struct path old_pwd; 16221da177e4SLinus Torvalds 16231da177e4SLinus Torvalds write_lock(&fs->lock); 16241da177e4SLinus Torvalds old_pwd = fs->pwd; 1625ac748a09SJan Blunck fs->pwd = *path; 1626ac748a09SJan Blunck path_get(path); 16271da177e4SLinus Torvalds write_unlock(&fs->lock); 16281da177e4SLinus Torvalds 16296ac08c39SJan Blunck if (old_pwd.dentry) 16306ac08c39SJan Blunck path_put(&old_pwd); 16311da177e4SLinus Torvalds } 16321da177e4SLinus Torvalds 16331a390689SAl Viro static void chroot_fs_refs(struct path *old_root, struct path *new_root) 16341da177e4SLinus Torvalds { 16351da177e4SLinus Torvalds struct task_struct *g, *p; 16361da177e4SLinus Torvalds struct fs_struct *fs; 16371da177e4SLinus Torvalds 16381da177e4SLinus Torvalds read_lock(&tasklist_lock); 16391da177e4SLinus Torvalds do_each_thread(g, p) { 16401da177e4SLinus Torvalds task_lock(p); 16411da177e4SLinus Torvalds fs = p->fs; 16421da177e4SLinus Torvalds if (fs) { 16431da177e4SLinus Torvalds atomic_inc(&fs->count); 16441da177e4SLinus Torvalds task_unlock(p); 16451a390689SAl Viro if (fs->root.dentry == old_root->dentry 16461a390689SAl Viro && fs->root.mnt == old_root->mnt) 16471a390689SAl Viro set_fs_root(fs, new_root); 16481a390689SAl Viro if (fs->pwd.dentry == old_root->dentry 16491a390689SAl Viro && fs->pwd.mnt == old_root->mnt) 16501a390689SAl Viro set_fs_pwd(fs, new_root); 16511da177e4SLinus Torvalds put_fs_struct(fs); 16521da177e4SLinus Torvalds } else 16531da177e4SLinus Torvalds task_unlock(p); 16541da177e4SLinus Torvalds } while_each_thread(g, p); 16551da177e4SLinus Torvalds read_unlock(&tasklist_lock); 16561da177e4SLinus Torvalds } 16571da177e4SLinus Torvalds 16581da177e4SLinus Torvalds /* 16591da177e4SLinus Torvalds * pivot_root Semantics: 16601da177e4SLinus Torvalds * Moves the root file system of the current process to the directory put_old, 16611da177e4SLinus Torvalds * makes new_root as the new root file system of the current process, and sets 16621da177e4SLinus Torvalds * root/cwd of all processes which had them on the current root to new_root. 16631da177e4SLinus Torvalds * 16641da177e4SLinus Torvalds * Restrictions: 16651da177e4SLinus Torvalds * The new_root and put_old must be directories, and must not be on the 16661da177e4SLinus Torvalds * same file system as the current process root. The put_old must be 16671da177e4SLinus Torvalds * underneath new_root, i.e. adding a non-zero number of /.. to the string 16681da177e4SLinus Torvalds * pointed to by put_old must yield the same directory as new_root. No other 16691da177e4SLinus Torvalds * file system may be mounted on put_old. After all, new_root is a mountpoint. 16701da177e4SLinus Torvalds * 16714a0d11faSNeil Brown * Also, the current root cannot be on the 'rootfs' (initial ramfs) filesystem. 16724a0d11faSNeil Brown * See Documentation/filesystems/ramfs-rootfs-initramfs.txt for alternatives 16734a0d11faSNeil Brown * in this situation. 16744a0d11faSNeil Brown * 16751da177e4SLinus Torvalds * Notes: 16761da177e4SLinus Torvalds * - we don't move root/cwd if they are not at the root (reason: if something 16771da177e4SLinus Torvalds * cared enough to change them, it's probably wrong to force them elsewhere) 16781da177e4SLinus Torvalds * - it's okay to pick a root that isn't the root of a file system, e.g. 16791da177e4SLinus Torvalds * /nfs/my_root where /nfs is the mount point. It must be a mountpoint, 16801da177e4SLinus Torvalds * though, so you may need to say mount --bind /nfs/my_root /nfs/my_root 16811da177e4SLinus Torvalds * first. 16821da177e4SLinus Torvalds */ 1683b58fed8bSRam Pai asmlinkage long sys_pivot_root(const char __user * new_root, 1684b58fed8bSRam Pai const char __user * put_old) 16851da177e4SLinus Torvalds { 16861da177e4SLinus Torvalds struct vfsmount *tmp; 16871a390689SAl Viro struct nameidata new_nd, old_nd, user_nd; 16881a390689SAl Viro struct path parent_path, root_parent; 16891da177e4SLinus Torvalds int error; 16901da177e4SLinus Torvalds 16911da177e4SLinus Torvalds if (!capable(CAP_SYS_ADMIN)) 16921da177e4SLinus Torvalds return -EPERM; 16931da177e4SLinus Torvalds 16941da177e4SLinus Torvalds lock_kernel(); 16951da177e4SLinus Torvalds 1696b58fed8bSRam Pai error = __user_walk(new_root, LOOKUP_FOLLOW | LOOKUP_DIRECTORY, 1697b58fed8bSRam Pai &new_nd); 16981da177e4SLinus Torvalds if (error) 16991da177e4SLinus Torvalds goto out0; 17001da177e4SLinus Torvalds error = -EINVAL; 17014ac91378SJan Blunck if (!check_mnt(new_nd.path.mnt)) 17021da177e4SLinus Torvalds goto out1; 17031da177e4SLinus Torvalds 17041da177e4SLinus Torvalds error = __user_walk(put_old, LOOKUP_FOLLOW | LOOKUP_DIRECTORY, &old_nd); 17051da177e4SLinus Torvalds if (error) 17061da177e4SLinus Torvalds goto out1; 17071da177e4SLinus Torvalds 17081da177e4SLinus Torvalds error = security_sb_pivotroot(&old_nd, &new_nd); 17091da177e4SLinus Torvalds if (error) { 17101d957f9bSJan Blunck path_put(&old_nd.path); 17111da177e4SLinus Torvalds goto out1; 17121da177e4SLinus Torvalds } 17131da177e4SLinus Torvalds 17141da177e4SLinus Torvalds read_lock(¤t->fs->lock); 17156ac08c39SJan Blunck user_nd.path = current->fs->root; 17166ac08c39SJan Blunck path_get(¤t->fs->root); 17171da177e4SLinus Torvalds read_unlock(¤t->fs->lock); 1718390c6843SRam Pai down_write(&namespace_sem); 17194ac91378SJan Blunck mutex_lock(&old_nd.path.dentry->d_inode->i_mutex); 17201da177e4SLinus Torvalds error = -EINVAL; 17214ac91378SJan Blunck if (IS_MNT_SHARED(old_nd.path.mnt) || 17224ac91378SJan Blunck IS_MNT_SHARED(new_nd.path.mnt->mnt_parent) || 17234ac91378SJan Blunck IS_MNT_SHARED(user_nd.path.mnt->mnt_parent)) 172421444403SRam Pai goto out2; 17254ac91378SJan Blunck if (!check_mnt(user_nd.path.mnt)) 17261da177e4SLinus Torvalds goto out2; 17271da177e4SLinus Torvalds error = -ENOENT; 17284ac91378SJan Blunck if (IS_DEADDIR(new_nd.path.dentry->d_inode)) 17291da177e4SLinus Torvalds goto out2; 17304ac91378SJan Blunck if (d_unhashed(new_nd.path.dentry) && !IS_ROOT(new_nd.path.dentry)) 17311da177e4SLinus Torvalds goto out2; 17324ac91378SJan Blunck if (d_unhashed(old_nd.path.dentry) && !IS_ROOT(old_nd.path.dentry)) 17331da177e4SLinus Torvalds goto out2; 17341da177e4SLinus Torvalds error = -EBUSY; 17354ac91378SJan Blunck if (new_nd.path.mnt == user_nd.path.mnt || 17364ac91378SJan Blunck old_nd.path.mnt == user_nd.path.mnt) 17371da177e4SLinus Torvalds goto out2; /* loop, on the same file system */ 17381da177e4SLinus Torvalds error = -EINVAL; 17394ac91378SJan Blunck if (user_nd.path.mnt->mnt_root != user_nd.path.dentry) 17401da177e4SLinus Torvalds goto out2; /* not a mountpoint */ 17414ac91378SJan Blunck if (user_nd.path.mnt->mnt_parent == user_nd.path.mnt) 17420bb6fcc1SMiklos Szeredi goto out2; /* not attached */ 17434ac91378SJan Blunck if (new_nd.path.mnt->mnt_root != new_nd.path.dentry) 17441da177e4SLinus Torvalds goto out2; /* not a mountpoint */ 17454ac91378SJan Blunck if (new_nd.path.mnt->mnt_parent == new_nd.path.mnt) 17460bb6fcc1SMiklos Szeredi goto out2; /* not attached */ 17474ac91378SJan Blunck /* make sure we can reach put_old from new_root */ 17484ac91378SJan Blunck tmp = old_nd.path.mnt; 17491da177e4SLinus Torvalds spin_lock(&vfsmount_lock); 17504ac91378SJan Blunck if (tmp != new_nd.path.mnt) { 17511da177e4SLinus Torvalds for (;;) { 17521da177e4SLinus Torvalds if (tmp->mnt_parent == tmp) 17531da177e4SLinus Torvalds goto out3; /* already mounted on put_old */ 17544ac91378SJan Blunck if (tmp->mnt_parent == new_nd.path.mnt) 17551da177e4SLinus Torvalds break; 17561da177e4SLinus Torvalds tmp = tmp->mnt_parent; 17571da177e4SLinus Torvalds } 17584ac91378SJan Blunck if (!is_subdir(tmp->mnt_mountpoint, new_nd.path.dentry)) 17591da177e4SLinus Torvalds goto out3; 17604ac91378SJan Blunck } else if (!is_subdir(old_nd.path.dentry, new_nd.path.dentry)) 17611da177e4SLinus Torvalds goto out3; 17621a390689SAl Viro detach_mnt(new_nd.path.mnt, &parent_path); 17634ac91378SJan Blunck detach_mnt(user_nd.path.mnt, &root_parent); 17644ac91378SJan Blunck /* mount old root on put_old */ 17651a390689SAl Viro attach_mnt(user_nd.path.mnt, &old_nd.path); 17664ac91378SJan Blunck /* mount new_root on / */ 17674ac91378SJan Blunck attach_mnt(new_nd.path.mnt, &root_parent); 17686b3286edSKirill Korotaev touch_mnt_namespace(current->nsproxy->mnt_ns); 17691da177e4SLinus Torvalds spin_unlock(&vfsmount_lock); 17701a390689SAl Viro chroot_fs_refs(&user_nd.path, &new_nd.path); 17711da177e4SLinus Torvalds security_sb_post_pivotroot(&user_nd, &new_nd); 17721da177e4SLinus Torvalds error = 0; 17731a390689SAl Viro path_put(&root_parent); 17741a390689SAl Viro path_put(&parent_path); 17751da177e4SLinus Torvalds out2: 17764ac91378SJan Blunck mutex_unlock(&old_nd.path.dentry->d_inode->i_mutex); 1777390c6843SRam Pai up_write(&namespace_sem); 17781d957f9bSJan Blunck path_put(&user_nd.path); 17791d957f9bSJan Blunck path_put(&old_nd.path); 17801da177e4SLinus Torvalds out1: 17811d957f9bSJan Blunck path_put(&new_nd.path); 17821da177e4SLinus Torvalds out0: 17831da177e4SLinus Torvalds unlock_kernel(); 17841da177e4SLinus Torvalds return error; 17851da177e4SLinus Torvalds out3: 17861da177e4SLinus Torvalds spin_unlock(&vfsmount_lock); 17871da177e4SLinus Torvalds goto out2; 17881da177e4SLinus Torvalds } 17891da177e4SLinus Torvalds 17901da177e4SLinus Torvalds static void __init init_mount_tree(void) 17911da177e4SLinus Torvalds { 17921da177e4SLinus Torvalds struct vfsmount *mnt; 17936b3286edSKirill Korotaev struct mnt_namespace *ns; 1794ac748a09SJan Blunck struct path root; 17951da177e4SLinus Torvalds 17961da177e4SLinus Torvalds mnt = do_kern_mount("rootfs", 0, "rootfs", NULL); 17971da177e4SLinus Torvalds if (IS_ERR(mnt)) 17981da177e4SLinus Torvalds panic("Can't create rootfs"); 17996b3286edSKirill Korotaev ns = kmalloc(sizeof(*ns), GFP_KERNEL); 18006b3286edSKirill Korotaev if (!ns) 18011da177e4SLinus Torvalds panic("Can't allocate initial namespace"); 18026b3286edSKirill Korotaev atomic_set(&ns->count, 1); 18036b3286edSKirill Korotaev INIT_LIST_HEAD(&ns->list); 18046b3286edSKirill Korotaev init_waitqueue_head(&ns->poll); 18056b3286edSKirill Korotaev ns->event = 0; 18066b3286edSKirill Korotaev list_add(&mnt->mnt_list, &ns->list); 18076b3286edSKirill Korotaev ns->root = mnt; 18086b3286edSKirill Korotaev mnt->mnt_ns = ns; 18091da177e4SLinus Torvalds 18106b3286edSKirill Korotaev init_task.nsproxy->mnt_ns = ns; 18116b3286edSKirill Korotaev get_mnt_ns(ns); 18121da177e4SLinus Torvalds 1813ac748a09SJan Blunck root.mnt = ns->root; 1814ac748a09SJan Blunck root.dentry = ns->root->mnt_root; 1815ac748a09SJan Blunck 1816ac748a09SJan Blunck set_fs_pwd(current->fs, &root); 1817ac748a09SJan Blunck set_fs_root(current->fs, &root); 18181da177e4SLinus Torvalds } 18191da177e4SLinus Torvalds 182074bf17cfSDenis Cheng void __init mnt_init(void) 18211da177e4SLinus Torvalds { 182213f14b4dSEric Dumazet unsigned u; 182315a67dd8SRandy Dunlap int err; 18241da177e4SLinus Torvalds 1825390c6843SRam Pai init_rwsem(&namespace_sem); 1826390c6843SRam Pai 18271da177e4SLinus Torvalds mnt_cache = kmem_cache_create("mnt_cache", sizeof(struct vfsmount), 182820c2df83SPaul Mundt 0, SLAB_HWCACHE_ALIGN | SLAB_PANIC, NULL); 18291da177e4SLinus Torvalds 1830b58fed8bSRam Pai mount_hashtable = (struct list_head *)__get_free_page(GFP_ATOMIC); 18311da177e4SLinus Torvalds 18321da177e4SLinus Torvalds if (!mount_hashtable) 18331da177e4SLinus Torvalds panic("Failed to allocate mount hash table\n"); 18341da177e4SLinus Torvalds 183513f14b4dSEric Dumazet printk("Mount-cache hash table entries: %lu\n", HASH_SIZE); 18361da177e4SLinus Torvalds 183713f14b4dSEric Dumazet for (u = 0; u < HASH_SIZE; u++) 183813f14b4dSEric Dumazet INIT_LIST_HEAD(&mount_hashtable[u]); 18391da177e4SLinus Torvalds 184015a67dd8SRandy Dunlap err = sysfs_init(); 184115a67dd8SRandy Dunlap if (err) 184215a67dd8SRandy Dunlap printk(KERN_WARNING "%s: sysfs_init error: %d\n", 184315a67dd8SRandy Dunlap __FUNCTION__, err); 184400d26666SGreg Kroah-Hartman fs_kobj = kobject_create_and_add("fs", NULL); 184500d26666SGreg Kroah-Hartman if (!fs_kobj) 184600d26666SGreg Kroah-Hartman printk(KERN_WARNING "%s: kobj create error\n", __FUNCTION__); 18471da177e4SLinus Torvalds init_rootfs(); 18481da177e4SLinus Torvalds init_mount_tree(); 18491da177e4SLinus Torvalds } 18501da177e4SLinus Torvalds 18516b3286edSKirill Korotaev void __put_mnt_ns(struct mnt_namespace *ns) 18521da177e4SLinus Torvalds { 18536b3286edSKirill Korotaev struct vfsmount *root = ns->root; 185470fbcdf4SRam Pai LIST_HEAD(umount_list); 18556b3286edSKirill Korotaev ns->root = NULL; 18561ce88cf4SMiklos Szeredi spin_unlock(&vfsmount_lock); 1857390c6843SRam Pai down_write(&namespace_sem); 18581da177e4SLinus Torvalds spin_lock(&vfsmount_lock); 1859a05964f3SRam Pai umount_tree(root, 0, &umount_list); 18601da177e4SLinus Torvalds spin_unlock(&vfsmount_lock); 1861390c6843SRam Pai up_write(&namespace_sem); 186270fbcdf4SRam Pai release_mounts(&umount_list); 18636b3286edSKirill Korotaev kfree(ns); 18641da177e4SLinus Torvalds } 1865