From: Al Viro <viro@zeniv.linux.org.uk>
Date: Tue, 12 May 2015 16:22:47 +0000 (-0400)
Subject: namei: be careful with mountpoint crossings in follow_dotdot_rcu()
X-Git-Tag: omap-for-v4.3/legacy-v2-signed~213^2~15
X-Git-Url: http://git.openpandora.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=aed434ada68573549d9f5106cde26b94c48e51c2;p=pandora-kernel.git

namei: be careful with mountpoint crossings in follow_dotdot_rcu()

Otherwise we are risking a hard error where nonlazy restart would be the right
thing to do; it's a very narrow race with mount --move and most of the time it
ends up being completely harmless, but it's possible to construct a case when
we'll get a bogus hard error instead of falling back to non-lazy walk...

For one thing, when crossing _into_ overmount of parent we need to check for
mount_lock bumps when we get NULL from __lookup_mnt() as well.

For another, and less exotically, we need to make sure that the data fetched
in follow_up_rcu() had been consistent.  ->mnt_mountpoint is pinned for as
long as it is a mountpoint, but we need to check mount_lock after fetching
to verify that.

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
---

Reading git-diff-tree failed