[Devel,rh7] ve: remove ve->root_path

Submitted by Andrei Vagin on Sept. 17, 2017, 4:53 p.m.

Details

Message ID 20170917165318.4625-1-avagin@openvz.org
State New
Series "ve: remove ve->root_path"
Headers show

Commit Message

Andrei Vagin Sept. 17, 2017, 4:53 p.m.
It was added a long time ago, when a container was executed in a host
mount namespace. Now ve->root_path is used only in one place
follow_dotdot(), but event there it looks useless, if we run a container
in a separate mount namespace.

ve->root_path can holds a mount tree and now it is impossible to umount
it, when a container changes its root (pivot_root())

https://jira.sw.ru/browse/PSBM-71414
Reported-by: Vasily Averin <vvs@virtuozzo.com>
Cc: Vasily Averin <vvs@virtuozzo.com>
Signed-off-by: Andrei Vagin <avagin@openvz.org>
---
 fs/namei.c          |  6 ------
 include/linux/ve.h  |  3 ---
 kernel/ve/ve.c      |  4 ----
 kernel/ve/veowner.c | 11 -----------
 4 files changed, 24 deletions(-)

Patch hide | download patch | download mbox

diff --git a/fs/namei.c b/fs/namei.c
index 4dac2e6..14f17ec 100644
--- a/fs/namei.c
+++ b/fs/namei.c
@@ -1298,12 +1298,6 @@  static int follow_dotdot(struct nameidata *nd)
 		    nd->path.mnt == nd->root.mnt) {
 			break;
 		}
-#ifdef CONFIG_VE
-		if (nd->path.dentry == get_exec_env()->root_path.dentry &&
-			nd->path.mnt == get_exec_env()->root_path.mnt) {
-			break;
-		}
-#endif
 		if (nd->path.dentry != nd->path.mnt->mnt_root) {
 			/* rare case of legitimate dget_parent()... */
 			nd->path.dentry = dget_parent(nd->path.dentry);
diff --git a/include/linux/ve.h b/include/linux/ve.h
index d63edee..7999746 100644
--- a/include/linux/ve.h
+++ b/include/linux/ve.h
@@ -56,9 +56,6 @@  struct ve_struct {
 	struct task_struct	*ve_umh_task;
 	struct kthread_worker	ve_umh_worker;
 
-/* VE's root */
-	struct path		root_path;
-
 	struct super_block	*dev_sb;
 	struct super_block	*devpts_sb;
 
diff --git a/kernel/ve/ve.c b/kernel/ve/ve.c
index 0a835f3..b0188c3 100644
--- a/kernel/ve/ve.c
+++ b/kernel/ve/ve.c
@@ -436,16 +436,12 @@  static void ve_grab_context(struct ve_struct *ve)
 	ve->init_cred = (struct cred *)get_current_cred();
 	rcu_assign_pointer(ve->ve_ns, get_nsproxy(tsk->nsproxy));
 	ve->ve_netns =  get_net(ve->ve_ns->net_ns);
-	get_fs_root(tsk->fs, &ve->root_path);
 	synchronize_rcu();
 }
 
 static void ve_drop_context(struct ve_struct *ve)
 {
 	struct nsproxy *ve_ns = ve->ve_ns;
-	path_put(&ve->root_path);
-	ve->root_path.mnt = NULL;
-	ve->root_path.dentry = NULL;
 
 	put_net(ve->ve_netns);
 	ve->ve_netns = NULL;
diff --git a/kernel/ve/veowner.c b/kernel/ve/veowner.c
index a7fe9cc..bb2b6fb 100644
--- a/kernel/ve/veowner.c
+++ b/kernel/ve/veowner.c
@@ -124,17 +124,6 @@  static void prepare_sysctl(void)
 
 void init_ve_system(void)
 {
-	struct task_struct *init_entry;
-	struct ve_struct *ve;
-	struct path root;
-
-	ve = get_ve0();
-
-	init_entry = init_pid_ns.child_reaper;
-
-	get_fs_root(init_entry->fs, &root);
-	ve->root_path = root;
-
 #ifdef CONFIG_PROC_FS
 	prepare_proc();
 #endif

Comments

Vasily Averin Sept. 18, 2017, 7:48 a.m.
On 2017-09-17 19:53, Andrei Vagin wrote:
> It was added a long time ago, when a container was executed in a host
> mount namespace. Now ve->root_path is used only in one place
> follow_dotdot(), but event there it looks useless, if we run a container
> in a separate mount namespace.
> 
> ve->root_path can holds a mount tree and now it is impossible to umount
> it, when a container changes its root (pivot_root())
> 
> https://jira.sw.ru/browse/PSBM-71414
> Reported-by: Vasily Averin <vvs@virtuozzo.com>
> Cc: Vasily Averin <vvs@virtuozzo.com>
> Signed-off-by: Andrei Vagin <avagin@openvz.org>

Reviewed-by:	Vasily Averin <vvs@virtuozzo.com>

> ---
>  fs/namei.c          |  6 ------
>  include/linux/ve.h  |  3 ---
>  kernel/ve/ve.c      |  4 ----
>  kernel/ve/veowner.c | 11 -----------
>  4 files changed, 24 deletions(-)
> 
> diff --git a/fs/namei.c b/fs/namei.c
> index 4dac2e6..14f17ec 100644
> --- a/fs/namei.c
> +++ b/fs/namei.c
> @@ -1298,12 +1298,6 @@ static int follow_dotdot(struct nameidata *nd)
>  		    nd->path.mnt == nd->root.mnt) {
>  			break;
>  		}
> -#ifdef CONFIG_VE
> -		if (nd->path.dentry == get_exec_env()->root_path.dentry &&
> -			nd->path.mnt == get_exec_env()->root_path.mnt) {
> -			break;
> -		}
> -#endif
>  		if (nd->path.dentry != nd->path.mnt->mnt_root) {
>  			/* rare case of legitimate dget_parent()... */
>  			nd->path.dentry = dget_parent(nd->path.dentry);
> diff --git a/include/linux/ve.h b/include/linux/ve.h
> index d63edee..7999746 100644
> --- a/include/linux/ve.h
> +++ b/include/linux/ve.h
> @@ -56,9 +56,6 @@ struct ve_struct {
>  	struct task_struct	*ve_umh_task;
>  	struct kthread_worker	ve_umh_worker;
>  
> -/* VE's root */
> -	struct path		root_path;
> -
>  	struct super_block	*dev_sb;
>  	struct super_block	*devpts_sb;
>  
> diff --git a/kernel/ve/ve.c b/kernel/ve/ve.c
> index 0a835f3..b0188c3 100644
> --- a/kernel/ve/ve.c
> +++ b/kernel/ve/ve.c
> @@ -436,16 +436,12 @@ static void ve_grab_context(struct ve_struct *ve)
>  	ve->init_cred = (struct cred *)get_current_cred();
>  	rcu_assign_pointer(ve->ve_ns, get_nsproxy(tsk->nsproxy));
>  	ve->ve_netns =  get_net(ve->ve_ns->net_ns);
> -	get_fs_root(tsk->fs, &ve->root_path);
>  	synchronize_rcu();
>  }
>  
>  static void ve_drop_context(struct ve_struct *ve)
>  {
>  	struct nsproxy *ve_ns = ve->ve_ns;
> -	path_put(&ve->root_path);
> -	ve->root_path.mnt = NULL;
> -	ve->root_path.dentry = NULL;
>  
>  	put_net(ve->ve_netns);
>  	ve->ve_netns = NULL;
> diff --git a/kernel/ve/veowner.c b/kernel/ve/veowner.c
> index a7fe9cc..bb2b6fb 100644
> --- a/kernel/ve/veowner.c
> +++ b/kernel/ve/veowner.c
> @@ -124,17 +124,6 @@ static void prepare_sysctl(void)
>  
>  void init_ve_system(void)
>  {
> -	struct task_struct *init_entry;
> -	struct ve_struct *ve;
> -	struct path root;
> -
> -	ve = get_ve0();
> -
> -	init_entry = init_pid_ns.child_reaper;
> -
> -	get_fs_root(init_entry->fs, &root);
> -	ve->root_path = root;
> -
>  #ifdef CONFIG_PROC_FS
>  	prepare_proc();
>  #endif
>