On Wed, Sep 17, 2025 at 09:42:00PM +0100, Al Viro wrote:
On Wed, Sep 17, 2025 at 01:07:45PM +0200, Amir Goldstein wrote:
diff --git a/fs/dcache.c b/fs/dcache.c index 60046ae23d514..8c9d0d6bb0045 100644 --- a/fs/dcache.c +++ b/fs/dcache.c @@ -1999,10 +1999,12 @@ struct dentry *d_make_root(struct inode *root_inode)
if (root_inode) { res = d_alloc_anon(root_inode->i_sb);
if (res)
if (res) {root_inode->i_opflags |= IOP_ROOT; d_instantiate(res, root_inode);Umm... Not a good idea - if nothing else, root may end up being attached someplace (normal with nfs, for example).
But more fundamentally, once we are into ->kill_sb(), let alone generic_shutdown_super(), nobody should be playing silly buggers with the filesystem. Sure, RCU accesses are possible, but messing around with fhandles? ->s_root is not the only thing that might be no longer there.
What the fuck is fsnotify playing at?
PS: there is a whole lot of the logics in e.g. shrink_dcache_for_umount() that relies on nobody else messing with dentry tree by that point.