New helper: deactivate_locked_super()
Does equivalent of up_write(&s->s_umount); deactivate_super(s);
However, it does not does not unlock it until it's all over.
As the result, it's safe to use to dispose of new superblock on ->get_sb()
failure exits - nobody will see the sucker until it's all over.
Equivalent using up_write/deactivate_super is safe for that purpose
if superblock is either safe to use or has NULL ->s_root when we unlock.
Normally filesystems take the required precautions, but
a) we do have bugs in that area in some of them.
b) up_write/deactivate_super sequence is extremely common,
so the helper makes sense anyway.
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
diff --git a/fs/super.c b/fs/super.c
index 786fe7d..a9dc4c3 100644
--- a/fs/super.c
+++ b/fs/super.c
@@ -208,6 +208,34 @@
EXPORT_SYMBOL(deactivate_super);
/**
+ * deactivate_locked_super - drop an active reference to superblock
+ * @s: superblock to deactivate
+ *
+ * Equivalent of up_write(&s->s_umount); deactivate_super(s);, except that
+ * it does not unlock it until it's all over. As the result, it's safe to
+ * use to dispose of new superblock on ->get_sb() failure exits - nobody
+ * will see the sucker until it's all over. Equivalent using up_write +
+ * deactivate_super is safe for that purpose only if superblock is either
+ * safe to use or has NULL ->s_root when we unlock.
+ */
+void deactivate_locked_super(struct super_block *s)
+{
+ struct file_system_type *fs = s->s_type;
+ if (atomic_dec_and_lock(&s->s_active, &sb_lock)) {
+ s->s_count -= S_BIAS-1;
+ spin_unlock(&sb_lock);
+ vfs_dq_off(s, 0);
+ fs->kill_sb(s);
+ put_filesystem(fs);
+ put_super(s);
+ } else {
+ up_write(&s->s_umount);
+ }
+}
+
+EXPORT_SYMBOL(deactivate_locked_super);
+
+/**
* grab_super - acquire an active reference
* @s: reference we are trying to make active
*
@@ -797,8 +825,7 @@
sb->s_flags = flags;
err = fill_super(sb, data, flags & MS_SILENT ? 1 : 0);
if (err) {
- up_write(&sb->s_umount);
- deactivate_super(sb);
+ deactivate_locked_super(sb);
return err;
}
@@ -854,8 +881,7 @@
if (s->s_root) {
if ((flags ^ s->s_flags) & MS_RDONLY) {
- up_write(&s->s_umount);
- deactivate_super(s);
+ deactivate_locked_super(s);
error = -EBUSY;
goto error_bdev;
}
@@ -870,8 +896,7 @@
sb_set_blocksize(s, block_size(bdev));
error = fill_super(s, data, flags & MS_SILENT ? 1 : 0);
if (error) {
- up_write(&s->s_umount);
- deactivate_super(s);
+ deactivate_locked_super(s);
goto error;
}
@@ -921,8 +946,7 @@
error = fill_super(s, data, flags & MS_SILENT ? 1 : 0);
if (error) {
- up_write(&s->s_umount);
- deactivate_super(s);
+ deactivate_locked_super(s);
return error;
}
s->s_flags |= MS_ACTIVE;
@@ -952,8 +976,7 @@
s->s_flags = flags;
error = fill_super(s, data, flags & MS_SILENT ? 1 : 0);
if (error) {
- up_write(&s->s_umount);
- deactivate_super(s);
+ deactivate_locked_super(s);
return error;
}
s->s_flags |= MS_ACTIVE;
@@ -1006,8 +1029,7 @@
return mnt;
out_sb:
dput(mnt->mnt_root);
- up_write(&mnt->mnt_sb->s_umount);
- deactivate_super(mnt->mnt_sb);
+ deactivate_locked_super(mnt->mnt_sb);
out_free_secdata:
free_secdata(secdata);
out_mnt:
diff --git a/include/linux/fs.h b/include/linux/fs.h
index 5bed436..11484d0 100644
--- a/include/linux/fs.h
+++ b/include/linux/fs.h
@@ -1775,6 +1775,7 @@
void kill_anon_super(struct super_block *sb);
void kill_litter_super(struct super_block *sb);
void deactivate_super(struct super_block *sb);
+void deactivate_locked_super(struct super_block *sb);
int set_anon_super(struct super_block *s, void *data);
struct super_block *sget(struct file_system_type *type,
int (*test)(struct super_block *,void *),