On Mon, Aug 25, 2025 at 05:43:28AM +0100, Al Viro wrote:
> do_add_mount() consumes vfsmount on success; just follow it with
> conditional retain_and_null_ptr() on success and we can switch
> to __free() for mnt and be done with that - unlock_mount() is
> in the very end.
>
> Signed-off-by: Al Viro <viro@xxxxxxxxxxxxxxxxxx>
> ---
> fs/namespace.c | 7 +++----
> 1 file changed, 3 insertions(+), 4 deletions(-)
>
> diff --git a/fs/namespace.c b/fs/namespace.c
> index 99757040a39a..79c87937a7dd 100644
> --- a/fs/namespace.c
> +++ b/fs/namespace.c
> @@ -3694,7 +3694,6 @@ static bool mount_too_revealing(const struct super_block *sb, int *new_mnt_flags
> static int do_new_mount_fc(struct fs_context *fc, struct path *mountpoint,
> unsigned int mnt_flags)
> {
> - struct vfsmount *mnt;
> struct pinned_mountpoint mp = {};
> struct super_block *sb = fc->root->d_sb;
> int error;
> @@ -3710,7 +3709,7 @@ static int do_new_mount_fc(struct fs_context *fc, struct path *mountpoint,
>
> up_write(&sb->s_umount);
>
> - mnt = vfs_create_mount(fc);
> + struct vfsmount *mnt __free(mntput) = vfs_create_mount(fc);
Ugh, can we please not start declaring variables in the middle of a
scope.
> if (IS_ERR(mnt))
> return PTR_ERR(mnt);
>
> @@ -3720,10 +3719,10 @@ static int do_new_mount_fc(struct fs_context *fc, struct path *mountpoint,
> if (!error) {
> error = do_add_mount(real_mount(mnt), mp.mp,
> mountpoint, mnt_flags);
> + if (!error)
> + retain_and_null_ptr(mnt); // consumed on success
> unlock_mount(&mp);
> }
> - if (error < 0)
> - mntput(mnt);
> return error;
> }
>
> --
> 2.47.2
>
