fs: fix superblock iteration race
[linux-3.10.git] / fs / super.c
index 60b1e50..938119a 100644 (file)
  *  Added kerneld support: Jacques Gelinas and Bjorn Ekwall
  *  Added change_root: Werner Almesberger & Hans Lermen, Feb '96
  *  Added options to /proc/mounts:
- *    Torbjörn Lindh (torbjorn.lindh@gopta.se), April 14, 1996.
+ *    Torbjörn Lindh (torbjorn.lindh@gopta.se), April 14, 1996.
  *  Added devfs support: Richard Gooch <rgooch@atnf.csiro.au>, 13-JAN-1998
  *  Heavily rewritten for 'one fs - one tree' dcache architecture. AV, Mar 2000
  */
 
 #include <linux/module.h>
 #include <linux/slab.h>
-#include <linux/init.h>
-#include <linux/smp_lock.h>
 #include <linux/acct.h>
 #include <linux/blkdev.h>
-#include <linux/quotaops.h>
-#include <linux/namei.h>
-#include <linux/buffer_head.h>         /* for fsync_super() */
 #include <linux/mount.h>
 #include <linux/security.h>
-#include <linux/syscalls.h>
-#include <linux/vfs.h>
 #include <linux/writeback.h>           /* for the emergency remount stuff */
 #include <linux/idr.h>
-#include <linux/kobject.h>
 #include <linux/mutex.h>
-#include <asm/uaccess.h>
+#include <linux/backing-dev.h>
+#include "internal.h"
 
 
-void get_filesystem(struct file_system_type *fs);
-void put_filesystem(struct file_system_type *fs);
-struct file_system_type *get_fs_type(const char *name);
-
 LIST_HEAD(super_blocks);
 DEFINE_SPINLOCK(sb_lock);
 
@@ -57,7 +46,7 @@ DEFINE_SPINLOCK(sb_lock);
 static struct super_block *alloc_super(struct file_system_type *type)
 {
        struct super_block *s = kzalloc(sizeof(struct super_block),  GFP_USER);
-       static struct super_operations default_op;
+       static const struct super_operations default_op;
 
        if (s) {
                if (security_sb_alloc(s)) {
@@ -65,12 +54,11 @@ static struct super_block *alloc_super(struct file_system_type *type)
                        s = NULL;
                        goto out;
                }
-               INIT_LIST_HEAD(&s->s_dirty);
-               INIT_LIST_HEAD(&s->s_io);
                INIT_LIST_HEAD(&s->s_files);
                INIT_LIST_HEAD(&s->s_instances);
                INIT_HLIST_HEAD(&s->s_anon);
                INIT_LIST_HEAD(&s->s_inodes);
+               INIT_LIST_HEAD(&s->s_dentry_lru);
                init_rwsem(&s->s_umount);
                mutex_init(&s->s_lock);
                lockdep_set_class(&s->s_umount, &type->s_umount_key);
@@ -80,17 +68,31 @@ static struct super_block *alloc_super(struct file_system_type *type)
                 * lock ordering than usbfs:
                 */
                lockdep_set_class(&s->s_lock, &type->s_lock_key);
-               down_write(&s->s_umount);
-               s->s_count = S_BIAS;
+               /*
+                * sget() can have s_umount recursion.
+                *
+                * When it cannot find a suitable sb, it allocates a new
+                * one (this one), and tries again to find a suitable old
+                * one.
+                *
+                * In case that succeeds, it will acquire the s_umount
+                * lock of the old one. Since these are clearly distrinct
+                * locks, and this object isn't exposed yet, there's no
+                * risk of deadlocks.
+                *
+                * Annotate this by putting this lock in a different
+                * subclass.
+                */
+               down_write_nested(&s->s_umount, SINGLE_DEPTH_NESTING);
+               s->s_count = 1;
                atomic_set(&s->s_active, 1);
                mutex_init(&s->s_vfs_rename_mutex);
+               lockdep_set_class(&s->s_vfs_rename_mutex, &type->s_vfs_rename_key);
                mutex_init(&s->s_dquot.dqio_mutex);
                mutex_init(&s->s_dquot.dqonoff_mutex);
                init_rwsem(&s->s_dquot.dqptr_sem);
                init_waitqueue_head(&s->s_wait_unfrozen);
                s->s_maxbytes = MAX_NON_LFS;
-               s->dq_op = sb_dquot_ops;
-               s->s_qcop = sb_quotactl_ops;
                s->s_op = &default_op;
                s->s_time_gran = 1000000000;
        }
@@ -107,45 +109,22 @@ out:
 static inline void destroy_super(struct super_block *s)
 {
        security_sb_free(s);
+       kfree(s->s_subtype);
+       kfree(s->s_options);
        kfree(s);
 }
 
 /* Superblock refcounting  */
 
 /*
- * Drop a superblock's refcount.  Returns non-zero if the superblock was
- * destroyed.  The caller must hold sb_lock.
+ * Drop a superblock's refcount.  The caller must hold sb_lock.
  */
-int __put_super(struct super_block *sb)
+void __put_super(struct super_block *sb)
 {
-       int ret = 0;
-
        if (!--sb->s_count) {
+               list_del_init(&sb->s_list);
                destroy_super(sb);
-               ret = 1;
        }
-       return ret;
-}
-
-/*
- * Drop a superblock's refcount.
- * Returns non-zero if the superblock is about to be destroyed and
- * at least is already removed from super_blocks list, so if we are
- * making a loop through super blocks then we need to restart.
- * The caller must hold sb_lock.
- */
-int __put_super_and_need_restart(struct super_block *sb)
-{
-       /* check for race with generic_shutdown_super() */
-       if (list_empty(&sb->s_list)) {
-               /* super block is removed, need to restart... */
-               __put_super(sb);
-               return 1;
-       }
-       /* can't be the last, since s_list is still in use */
-       sb->s_count--;
-       BUG_ON(sb->s_count == 0);
-       return 0;
 }
 
 /**
@@ -155,7 +134,7 @@ int __put_super_and_need_restart(struct super_block *sb)
  *     Drops a temporary reference, frees superblock if there's no
  *     references left.
  */
-static void put_super(struct super_block *sb)
+void put_super(struct super_block *sb)
 {
        spin_lock(&sb_lock);
        __put_super(sb);
@@ -164,25 +143,43 @@ static void put_super(struct super_block *sb)
 
 
 /**
- *     deactivate_super        -       drop an active reference to superblock
+ *     deactivate_locked_super -       drop an active reference to superblock
  *     @s: superblock to deactivate
  *
- *     Drops an active reference to superblock, acquiring a temprory one if
- *     there is no active references left.  In that case we lock superblock,
+ *     Drops an active reference to superblock, converting it into a temprory
+ *     one if there is no other active references left.  In that case we
  *     tell fs driver to shut it down and drop the temporary reference we
  *     had just acquired.
+ *
+ *     Caller holds exclusive lock on superblock; that lock is released.
  */
-void deactivate_super(struct super_block *s)
+void deactivate_locked_super(struct super_block *s)
 {
        struct file_system_type *fs = s->s_type;
-       if (atomic_dec_and_lock(&s->s_active, &sb_lock)) {
-               s->s_count -= S_BIAS-1;
-               spin_unlock(&sb_lock);
-               DQUOT_OFF(s);
-               down_write(&s->s_umount);
+       if (atomic_dec_and_test(&s->s_active)) {
                fs->kill_sb(s);
                put_filesystem(fs);
                put_super(s);
+       } else {
+               up_write(&s->s_umount);
+       }
+}
+
+EXPORT_SYMBOL(deactivate_locked_super);
+
+/**
+ *     deactivate_super        -       drop an active reference to superblock
+ *     @s: superblock to deactivate
+ *
+ *     Variant of deactivate_locked_super(), except that superblock is *not*
+ *     locked by caller.  If we are going to drop the final active reference,
+ *     lock will be acquired prior to that.
+ */
+void deactivate_super(struct super_block *s)
+{
+        if (!atomic_add_unless(&s->s_active, -1, 1)) {
+               down_write(&s->s_umount);
+               deactivate_locked_super(s);
        }
 }
 
@@ -201,22 +198,17 @@ EXPORT_SYMBOL(deactivate_super);
  */
 static int grab_super(struct super_block *s) __releases(sb_lock)
 {
+       if (atomic_inc_not_zero(&s->s_active)) {
+               spin_unlock(&sb_lock);
+               return 1;
+       }
+       /* it's going away */
        s->s_count++;
        spin_unlock(&sb_lock);
+       /* wait for it to die */
        down_write(&s->s_umount);
-       if (s->s_root) {
-               spin_lock(&sb_lock);
-               if (s->s_count > S_BIAS) {
-                       atomic_inc(&s->s_active);
-                       s->s_count--;
-                       spin_unlock(&sb_lock);
-                       return 1;
-               }
-               spin_unlock(&sb_lock);
-       }
        up_write(&s->s_umount);
        put_super(s);
-       yield();
        return 0;
 }
 
@@ -238,37 +230,6 @@ void unlock_super(struct super_block * sb)
 EXPORT_SYMBOL(lock_super);
 EXPORT_SYMBOL(unlock_super);
 
-/*
- * Write out and wait upon all dirty data associated with this
- * superblock.  Filesystem data as well as the underlying block
- * device.  Takes the superblock lock.  Requires a second blkdev
- * flush by the caller to complete the operation.
- */
-void __fsync_super(struct super_block *sb)
-{
-       sync_inodes_sb(sb, 0);
-       DQUOT_SYNC(sb);
-       lock_super(sb);
-       if (sb->s_dirt && sb->s_op->write_super)
-               sb->s_op->write_super(sb);
-       unlock_super(sb);
-       if (sb->s_op->sync_fs)
-               sb->s_op->sync_fs(sb, 1);
-       sync_blockdev(sb->s_bdev);
-       sync_inodes_sb(sb, 1);
-}
-
-/*
- * Write out and wait upon all dirty data associated with this
- * superblock.  Filesystem data as well as the underlying block
- * device.  Takes the superblock lock.
- */
-int fsync_super(struct super_block *sb)
-{
-       __fsync_super(sb);
-       return sync_blockdev(sb->s_bdev);
-}
-
 /**
  *     generic_shutdown_super  -       common helper for ->kill_sb()
  *     @sb: superblock to kill
@@ -287,17 +248,16 @@ void generic_shutdown_super(struct super_block *sb)
 {
        const struct super_operations *sop = sb->s_op;
 
+
        if (sb->s_root) {
                shrink_dcache_for_umount(sb);
-               fsync_super(sb);
-               lock_super(sb);
+               sync_filesystem(sb);
+               get_fs_excl();
                sb->s_flags &= ~MS_ACTIVE;
+
                /* bad name - it should be evict_inodes() */
                invalidate_inodes(sb);
-               lock_kernel();
 
-               if (sop->write_super && sb->s_dirt)
-                       sop->write_super(sb);
                if (sop->put_super)
                        sop->put_super(sb);
 
@@ -307,14 +267,11 @@ void generic_shutdown_super(struct super_block *sb)
                           "Self-destruct in 5 seconds.  Have a nice day...\n",
                           sb->s_id);
                }
-
-               unlock_kernel();
-               unlock_super(sb);
+               put_fs_excl();
        }
        spin_lock(&sb_lock);
        /* should be initialized for __put_super_and_need_restart() */
-       list_del_init(&sb->s_list);
-       list_del(&sb->s_instances);
+       list_del_init(&sb->s_instances);
        spin_unlock(&sb_lock);
        up_write(&sb->s_umount);
 }
@@ -334,21 +291,24 @@ struct super_block *sget(struct file_system_type *type,
                        void *data)
 {
        struct super_block *s = NULL;
-       struct list_head *p;
+       struct super_block *old;
        int err;
 
 retry:
        spin_lock(&sb_lock);
-       if (test) list_for_each(p, &type->fs_supers) {
-               struct super_block *old;
-               old = list_entry(p, struct super_block, s_instances);
-               if (!test(old, data))
-                       continue;
-               if (!grab_super(old))
-                       goto retry;
-               if (s)
-                       destroy_super(s);
-               return old;
+       if (test) {
+               list_for_each_entry(old, &type->fs_supers, s_instances) {
+                       if (!test(old, data))
+                               continue;
+                       if (!grab_super(old))
+                               goto retry;
+                       if (s) {
+                               up_write(&s->s_umount);
+                               destroy_super(s);
+                       }
+                       down_write(&old->s_umount);
+                       return old;
+               }
        }
        if (!s) {
                spin_unlock(&sb_lock);
@@ -361,6 +321,7 @@ retry:
        err = set(s, data);
        if (err) {
                spin_unlock(&sb_lock);
+               up_write(&s->s_umount);
                destroy_super(s);
                return ERR_PTR(err);
        }
@@ -383,92 +344,74 @@ void drop_super(struct super_block *sb)
 
 EXPORT_SYMBOL(drop_super);
 
-static inline void write_super(struct super_block *sb)
-{
-       lock_super(sb);
-       if (sb->s_root && sb->s_dirt)
-               if (sb->s_op->write_super)
-                       sb->s_op->write_super(sb);
-       unlock_super(sb);
-}
-
-/*
+/**
+ * sync_supers - helper for periodic superblock writeback
+ *
+ * Call the write_super method if present on all dirty superblocks in
+ * the system.  This is for the periodic writeback used by most older
+ * filesystems.  For data integrity superblock writeback use
+ * sync_filesystems() instead.
+ *
  * Note: check the dirty flag before waiting, so we don't
  * hold up the sync while mounting a device. (The newly
  * mounted device won't need syncing.)
  */
 void sync_supers(void)
 {
-       struct super_block *sb;
+       struct super_block *sb, *n;
 
        spin_lock(&sb_lock);
-restart:
-       list_for_each_entry(sb, &super_blocks, s_list) {
-               if (sb->s_dirt) {
+       list_for_each_entry_safe(sb, n, &super_blocks, s_list) {
+               if (list_empty(&sb->s_instances))
+                       continue;
+               if (sb->s_op->write_super && sb->s_dirt) {
                        sb->s_count++;
                        spin_unlock(&sb_lock);
+
                        down_read(&sb->s_umount);
-                       write_super(sb);
+                       if (sb->s_root && sb->s_dirt)
+                               sb->s_op->write_super(sb);
                        up_read(&sb->s_umount);
+
                        spin_lock(&sb_lock);
-                       if (__put_super_and_need_restart(sb))
-                               goto restart;
+                       /* lock was dropped, must reset next */
+                       list_safe_reset_next(sb, n, s_list);
+                       __put_super(sb);
                }
        }
        spin_unlock(&sb_lock);
 }
 
-/*
- * Call the ->sync_fs super_op against all filesytems which are r/w and
- * which implement it.
- *
- * This operation is careful to avoid the livelock which could easily happen
- * if two or more filesystems are being continuously dirtied.  s_need_sync_fs
- * is used only here.  We set it against all filesystems and then clear it as
- * we sync them.  So redirtied filesystems are skipped.
- *
- * But if process A is currently running sync_filesytems and then process B
- * calls sync_filesystems as well, process B will set all the s_need_sync_fs
- * flags again, which will cause process A to resync everything.  Fix that with
- * a local mutex.
+/**
+ *     iterate_supers - call function for all active superblocks
+ *     @f: function to call
+ *     @arg: argument to pass to it
  *
- * (Fabian) Avoid sync_fs with clean fs & wait mode 0
+ *     Scans the superblock list and calls given function, passing it
+ *     locked superblock and given argument.
  */
-void sync_filesystems(int wait)
+void iterate_supers(void (*f)(struct super_block *, void *), void *arg)
 {
-       struct super_block *sb;
-       static DEFINE_MUTEX(mutex);
+       struct super_block *sb, *n;
 
-       mutex_lock(&mutex);             /* Could be down_interruptible */
        spin_lock(&sb_lock);
-       list_for_each_entry(sb, &super_blocks, s_list) {
-               if (!sb->s_op->sync_fs)
-                       continue;
-               if (sb->s_flags & MS_RDONLY)
-                       continue;
-               sb->s_need_sync_fs = 1;
-       }
-
-restart:
-       list_for_each_entry(sb, &super_blocks, s_list) {
-               if (!sb->s_need_sync_fs)
+       list_for_each_entry_safe(sb, n, &super_blocks, s_list) {
+               if (list_empty(&sb->s_instances))
                        continue;
-               sb->s_need_sync_fs = 0;
-               if (sb->s_flags & MS_RDONLY)
-                       continue;       /* hm.  Was remounted r/o meanwhile */
                sb->s_count++;
                spin_unlock(&sb_lock);
+
                down_read(&sb->s_umount);
-               if (sb->s_root && (wait || sb->s_dirt))
-                       sb->s_op->sync_fs(sb, wait);
+               if (sb->s_root)
+                       f(sb, arg);
                up_read(&sb->s_umount);
-               /* restart only when sb is no longer on the list */
+
                spin_lock(&sb_lock);
-               if (__put_super_and_need_restart(sb))
-                       goto restart;
+               /* lock was dropped, must reset next */
+               list_safe_reset_next(sb, n, s_list);
+               __put_super(sb);
        }
        spin_unlock(&sb_lock);
-       mutex_unlock(&mutex);
 }
 
 /**
@@ -479,7 +422,7 @@ restart:
  *     mounted on the device given. %NULL is returned if no match is found.
  */
 
-struct super_block * get_super(struct block_device *bdev)
+struct super_block *get_super(struct block_device *bdev)
 {
        struct super_block *sb;
 
@@ -489,17 +432,20 @@ struct super_block * get_super(struct block_device *bdev)
        spin_lock(&sb_lock);
 rescan:
        list_for_each_entry(sb, &super_blocks, s_list) {
+               if (list_empty(&sb->s_instances))
+                       continue;
                if (sb->s_bdev == bdev) {
                        sb->s_count++;
                        spin_unlock(&sb_lock);
                        down_read(&sb->s_umount);
+                       /* still alive? */
                        if (sb->s_root)
                                return sb;
                        up_read(&sb->s_umount);
-                       /* restart only when sb is no longer on the list */
+                       /* nope, got unmounted */
                        spin_lock(&sb_lock);
-                       if (__put_super_and_need_restart(sb))
-                               goto rescan;
+                       __put_super(sb);
+                       goto rescan;
                }
        }
        spin_unlock(&sb_lock);
@@ -507,75 +453,65 @@ rescan:
 }
 
 EXPORT_SYMBOL(get_super);
+
+/**
+ * get_active_super - get an active reference to the superblock of a device
+ * @bdev: device to get the superblock for
+ *
+ * Scans the superblock list and finds the superblock of the file system
+ * mounted on the device given.  Returns the superblock with an active
+ * reference or %NULL if none was found.
+ */
+struct super_block *get_active_super(struct block_device *bdev)
+{
+       struct super_block *sb;
+
+       if (!bdev)
+               return NULL;
+
+restart:
+       spin_lock(&sb_lock);
+       list_for_each_entry(sb, &super_blocks, s_list) {
+               if (list_empty(&sb->s_instances))
+                       continue;
+               if (sb->s_bdev == bdev) {
+                       if (grab_super(sb)) /* drops sb_lock */
+                               return sb;
+                       else
+                               goto restart;
+               }
+       }
+       spin_unlock(&sb_lock);
+       return NULL;
+}
  
-struct super_block * user_get_super(dev_t dev)
+struct super_block *user_get_super(dev_t dev)
 {
        struct super_block *sb;
 
        spin_lock(&sb_lock);
 rescan:
        list_for_each_entry(sb, &super_blocks, s_list) {
+               if (list_empty(&sb->s_instances))
+                       continue;
                if (sb->s_dev ==  dev) {
                        sb->s_count++;
                        spin_unlock(&sb_lock);
                        down_read(&sb->s_umount);
+                       /* still alive? */
                        if (sb->s_root)
                                return sb;
                        up_read(&sb->s_umount);
-                       /* restart only when sb is no longer on the list */
+                       /* nope, got unmounted */
                        spin_lock(&sb_lock);
-                       if (__put_super_and_need_restart(sb))
-                               goto rescan;
+                       __put_super(sb);
+                       goto rescan;
                }
        }
        spin_unlock(&sb_lock);
        return NULL;
 }
 
-asmlinkage long sys_ustat(unsigned dev, struct ustat __user * ubuf)
-{
-        struct super_block *s;
-        struct ustat tmp;
-        struct kstatfs sbuf;
-       int err = -EINVAL;
-
-        s = user_get_super(new_decode_dev(dev));
-        if (s == NULL)
-                goto out;
-       err = vfs_statfs(s->s_root, &sbuf);
-       drop_super(s);
-       if (err)
-               goto out;
-
-        memset(&tmp,0,sizeof(struct ustat));
-        tmp.f_tfree = sbuf.f_bfree;
-        tmp.f_tinode = sbuf.f_ffree;
-
-        err = copy_to_user(ubuf,&tmp,sizeof(struct ustat)) ? -EFAULT : 0;
-out:
-       return err;
-}
-
-/**
- *     mark_files_ro
- *     @sb: superblock in question
- *
- *     All files are marked read/only.  We don't care about pending
- *     delete files so this should be used in 'force' mode only
- */
-
-static void mark_files_ro(struct super_block *sb)
-{
-       struct file *f;
-
-       file_list_lock();
-       list_for_each_entry(f, &sb->s_files, f_u.fu_list) {
-               if (S_ISREG(f->f_path.dentry->d_inode->i_mode) && file_count(f))
-                       f->f_mode &= ~FMODE_WRITE;
-       }
-       file_list_unlock();
-}
-
 /**
  *     do_remount_sb - asks filesystem to change mount options.
  *     @sb:    superblock in question
@@ -588,19 +524,26 @@ static void mark_files_ro(struct super_block *sb)
 int do_remount_sb(struct super_block *sb, int flags, void *data, int force)
 {
        int retval;
-       
+       int remount_ro;
+
+       if (sb->s_frozen != SB_UNFROZEN)
+               return -EBUSY;
+
 #ifdef CONFIG_BLOCK
        if (!(flags & MS_RDONLY) && bdev_read_only(sb->s_bdev))
                return -EACCES;
 #endif
+
        if (flags & MS_RDONLY)
                acct_auto_close(sb);
        shrink_dcache_sb(sb);
-       fsync_super(sb);
+       sync_filesystem(sb);
+
+       remount_ro = (flags & MS_RDONLY) && !(sb->s_flags & MS_RDONLY);
 
        /* If we are remounting RDONLY and current sb is read/write,
           make sure there are no rw files opened */
-       if ((flags & MS_RDONLY) && !(sb->s_flags & MS_RDONLY)) {
+       if (remount_ro) {
                if (force)
                        mark_files_ro(sb);
                else if (!fs_may_remount_ro(sb))
@@ -608,45 +551,62 @@ int do_remount_sb(struct super_block *sb, int flags, void *data, int force)
        }
 
        if (sb->s_op->remount_fs) {
-               lock_super(sb);
                retval = sb->s_op->remount_fs(sb, &flags, data);
-               unlock_super(sb);
                if (retval)
                        return retval;
        }
        sb->s_flags = (sb->s_flags & ~MS_RMT_MASK) | (flags & MS_RMT_MASK);
+
+       /*
+        * Some filesystems modify their metadata via some other path than the
+        * bdev buffer cache (eg. use a private mapping, or directories in
+        * pagecache, etc). Also file data modifications go via their own
+        * mappings. So If we try to mount readonly then copy the filesystem
+        * from bdev, we could get stale data, so invalidate it to give a best
+        * effort at coherency.
+        */
+       if (remount_ro && sb->s_bdev)
+               invalidate_bdev(sb->s_bdev);
        return 0;
 }
 
-static void do_emergency_remount(unsigned long foo)
+static void do_emergency_remount(struct work_struct *work)
 {
-       struct super_block *sb;
+       struct super_block *sb, *n;
 
        spin_lock(&sb_lock);
-       list_for_each_entry(sb, &super_blocks, s_list) {
+       list_for_each_entry_safe(sb, n, &super_blocks, s_list) {
+               if (list_empty(&sb->s_instances))
+                       continue;
                sb->s_count++;
                spin_unlock(&sb_lock);
-               down_read(&sb->s_umount);
+               down_write(&sb->s_umount);
                if (sb->s_root && sb->s_bdev && !(sb->s_flags & MS_RDONLY)) {
                        /*
-                        * ->remount_fs needs lock_kernel().
-                        *
                         * What lock protects sb->s_flags??
                         */
-                       lock_kernel();
                        do_remount_sb(sb, MS_RDONLY, NULL, 1);
-                       unlock_kernel();
                }
-               drop_super(sb);
+               up_write(&sb->s_umount);
                spin_lock(&sb_lock);
+               /* lock was dropped, must reset next */
+               list_safe_reset_next(sb, n, s_list);
+               __put_super(sb);
        }
        spin_unlock(&sb_lock);
+       kfree(work);
        printk("Emergency Remount complete\n");
 }
 
 void emergency_remount(void)
 {
-       pdflush_operation(do_emergency_remount, 0);
+       struct work_struct *work;
+
+       work = kmalloc(sizeof(*work), GFP_ATOMIC);
+       if (work) {
+               INIT_WORK(work, do_emergency_remount);
+               schedule_work(work);
+       }
 }
 
 /*
@@ -654,8 +614,9 @@ void emergency_remount(void)
  * filesystems which don't use real block-devices.  -- jrs
  */
 
-static struct idr unnamed_dev_idr;
+static DEFINE_IDA(unnamed_dev_ida);
 static DEFINE_SPINLOCK(unnamed_dev_lock);/* protects the above */
+static int unnamed_dev_start = 0; /* don't bother trying below it */
 
 int set_anon_super(struct super_block *s, void *data)
 {
@@ -663,10 +624,12 @@ int set_anon_super(struct super_block *s, void *data)
        int error;
 
  retry:
-       if (idr_pre_get(&unnamed_dev_idr, GFP_ATOMIC) == 0)
+       if (ida_pre_get(&unnamed_dev_ida, GFP_ATOMIC) == 0)
                return -ENOMEM;
        spin_lock(&unnamed_dev_lock);
-       error = idr_get_new(&unnamed_dev_idr, NULL, &dev);
+       error = ida_get_new_above(&unnamed_dev_ida, unnamed_dev_start, &dev);
+       if (!error)
+               unnamed_dev_start = dev + 1;
        spin_unlock(&unnamed_dev_lock);
        if (error == -EAGAIN)
                /* We raced and lost with another CPU. */
@@ -676,11 +639,14 @@ int set_anon_super(struct super_block *s, void *data)
 
        if ((dev & MAX_ID_MASK) == (1 << MINORBITS)) {
                spin_lock(&unnamed_dev_lock);
-               idr_remove(&unnamed_dev_idr, dev);
+               ida_remove(&unnamed_dev_ida, dev);
+               if (unnamed_dev_start > dev)
+                       unnamed_dev_start = dev;
                spin_unlock(&unnamed_dev_lock);
                return -EMFILE;
        }
        s->s_dev = MKDEV(0, dev & MINORMASK);
+       s->s_bdi = &noop_backing_dev_info;
        return 0;
 }
 
@@ -692,17 +658,14 @@ void kill_anon_super(struct super_block *sb)
 
        generic_shutdown_super(sb);
        spin_lock(&unnamed_dev_lock);
-       idr_remove(&unnamed_dev_idr, slot);
+       ida_remove(&unnamed_dev_ida, slot);
+       if (slot < unnamed_dev_start)
+               unnamed_dev_start = slot;
        spin_unlock(&unnamed_dev_lock);
 }
 
 EXPORT_SYMBOL(kill_anon_super);
 
-void __init unnamed_dev_init(void)
-{
-       idr_init(&unnamed_dev_idr);
-}
-
 void kill_litter_super(struct super_block *sb)
 {
        if (sb->s_root)
@@ -712,11 +675,56 @@ void kill_litter_super(struct super_block *sb)
 
 EXPORT_SYMBOL(kill_litter_super);
 
+static int ns_test_super(struct super_block *sb, void *data)
+{
+       return sb->s_fs_info == data;
+}
+
+static int ns_set_super(struct super_block *sb, void *data)
+{
+       sb->s_fs_info = data;
+       return set_anon_super(sb, NULL);
+}
+
+int get_sb_ns(struct file_system_type *fs_type, int flags, void *data,
+       int (*fill_super)(struct super_block *, void *, int),
+       struct vfsmount *mnt)
+{
+       struct super_block *sb;
+
+       sb = sget(fs_type, ns_test_super, ns_set_super, data);
+       if (IS_ERR(sb))
+               return PTR_ERR(sb);
+
+       if (!sb->s_root) {
+               int err;
+               sb->s_flags = flags;
+               err = fill_super(sb, data, flags & MS_SILENT ? 1 : 0);
+               if (err) {
+                       deactivate_locked_super(sb);
+                       return err;
+               }
+
+               sb->s_flags |= MS_ACTIVE;
+       }
+
+       simple_set_mnt(mnt, sb);
+       return 0;
+}
+
+EXPORT_SYMBOL(get_sb_ns);
+
 #ifdef CONFIG_BLOCK
 static int set_bdev_super(struct super_block *s, void *data)
 {
        s->s_bdev = data;
        s->s_dev = s->s_bdev->bd_dev;
+
+       /*
+        * We set the bdi here to the queue backing, file systems can
+        * overwrite this in ->fill_super()
+        */
+       s->s_bdi = &bdev_get_queue(s->s_bdev)->backing_dev_info;
        return 0;
 }
 
@@ -725,16 +733,6 @@ static int test_bdev_super(struct super_block *s, void *data)
        return (void *)s->s_bdev == data;
 }
 
-static void bdev_uevent(struct block_device *bdev, enum kobject_action action)
-{
-       if (bdev->bd_disk) {
-               if (bdev->bd_part)
-                       kobject_uevent(&bdev->bd_part->kobj, action);
-               else
-                       kobject_uevent(&bdev->bd_disk->kobj, action);
-       }
-}
-
 int get_sb_bdev(struct file_system_type *fs_type,
        int flags, const char *dev_name, void *data,
        int (*fill_super)(struct super_block *, void *, int),
@@ -742,9 +740,13 @@ int get_sb_bdev(struct file_system_type *fs_type,
 {
        struct block_device *bdev;
        struct super_block *s;
+       fmode_t mode = FMODE_READ;
        int error = 0;
 
-       bdev = open_bdev_excl(dev_name, flags, fs_type);
+       if (!(flags & MS_RDONLY))
+               mode |= FMODE_WRITE;
+
+       bdev = open_bdev_exclusive(dev_name, mode, fs_type);
        if (IS_ERR(bdev))
                return PTR_ERR(bdev);
 
@@ -753,44 +755,49 @@ int get_sb_bdev(struct file_system_type *fs_type,
         * will protect the lockfs code from trying to start a snapshot
         * while we are mounting
         */
-       down(&bdev->bd_mount_sem);
+       mutex_lock(&bdev->bd_fsfreeze_mutex);
+       if (bdev->bd_fsfreeze_count > 0) {
+               mutex_unlock(&bdev->bd_fsfreeze_mutex);
+               error = -EBUSY;
+               goto error_bdev;
+       }
        s = sget(fs_type, test_bdev_super, set_bdev_super, bdev);
-       up(&bdev->bd_mount_sem);
+       mutex_unlock(&bdev->bd_fsfreeze_mutex);
        if (IS_ERR(s))
                goto error_s;
 
        if (s->s_root) {
                if ((flags ^ s->s_flags) & MS_RDONLY) {
-                       up_write(&s->s_umount);
-                       deactivate_super(s);
+                       deactivate_locked_super(s);
                        error = -EBUSY;
                        goto error_bdev;
                }
 
-               close_bdev_excl(bdev);
+               close_bdev_exclusive(bdev, mode);
        } else {
                char b[BDEVNAME_SIZE];
 
                s->s_flags = flags;
+               s->s_mode = mode;
                strlcpy(s->s_id, bdevname(bdev, b), sizeof(s->s_id));
                sb_set_blocksize(s, block_size(bdev));
                error = fill_super(s, data, flags & MS_SILENT ? 1 : 0);
                if (error) {
-                       up_write(&s->s_umount);
-                       deactivate_super(s);
+                       deactivate_locked_super(s);
                        goto error;
                }
 
                s->s_flags |= MS_ACTIVE;
-               bdev_uevent(bdev, KOBJ_MOUNT);
+               bdev->bd_super = s;
        }
 
-       return simple_set_mnt(mnt, s);
+       simple_set_mnt(mnt, s);
+       return 0;
 
 error_s:
        error = PTR_ERR(s);
 error_bdev:
-       close_bdev_excl(bdev);
+       close_bdev_exclusive(bdev, mode);
 error:
        return error;
 }
@@ -800,11 +807,12 @@ EXPORT_SYMBOL(get_sb_bdev);
 void kill_block_super(struct super_block *sb)
 {
        struct block_device *bdev = sb->s_bdev;
+       fmode_t mode = sb->s_mode;
 
-       bdev_uevent(bdev, KOBJ_UMOUNT);
+       bdev->bd_super = NULL;
        generic_shutdown_super(sb);
        sync_blockdev(bdev);
-       close_bdev_excl(bdev);
+       close_bdev_exclusive(bdev, mode);
 }
 
 EXPORT_SYMBOL(kill_block_super);
@@ -825,12 +833,12 @@ int get_sb_nodev(struct file_system_type *fs_type,
 
        error = fill_super(s, data, flags & MS_SILENT ? 1 : 0);
        if (error) {
-               up_write(&s->s_umount);
-               deactivate_super(s);
+               deactivate_locked_super(s);
                return error;
        }
        s->s_flags |= MS_ACTIVE;
-       return simple_set_mnt(mnt, s);
+       simple_set_mnt(mnt, s);
+       return 0;
 }
 
 EXPORT_SYMBOL(get_sb_nodev);
@@ -855,14 +863,15 @@ int get_sb_single(struct file_system_type *fs_type,
                s->s_flags = flags;
                error = fill_super(s, data, flags & MS_SILENT ? 1 : 0);
                if (error) {
-                       up_write(&s->s_umount);
-                       deactivate_super(s);
+                       deactivate_locked_super(s);
                        return error;
                }
                s->s_flags |= MS_ACTIVE;
+       } else {
+               do_remount_sb(s, flags, data, 0);
        }
-       do_remount_sb(s, flags, data, 0);
-       return simple_set_mnt(mnt, s);
+       simple_set_mnt(mnt, s);
+       return 0;
 }
 
 EXPORT_SYMBOL(get_sb_single);
@@ -882,12 +891,15 @@ vfs_kern_mount(struct file_system_type *type, int flags, const char *name, void
        if (!mnt)
                goto out;
 
-       if (data) {
+       if (flags & MS_KERNMOUNT)
+               mnt->mnt_flags = MNT_INTERNAL;
+
+       if (data && !(type->fs_flags & FS_BINARY_MOUNTDATA)) {
                secdata = alloc_secdata();
                if (!secdata)
                        goto out_mnt;
 
-               error = security_sb_copy_data(type, data, secdata);
+               error = security_sb_copy_data(data, secdata);
                if (error)
                        goto out_free_secdata;
        }
@@ -895,10 +907,22 @@ vfs_kern_mount(struct file_system_type *type, int flags, const char *name, void
        error = type->get_sb(type, flags, name, data, mnt);
        if (error < 0)
                goto out_free_secdata;
+       BUG_ON(!mnt->mnt_sb);
+       WARN_ON(!mnt->mnt_sb->s_bdi);
 
-       error = security_sb_kern_mount(mnt->mnt_sb, secdata);
-       if (error)
-               goto out_sb;
+       error = security_sb_kern_mount(mnt->mnt_sb, flags, secdata);
+       if (error)
+               goto out_sb;
+
+       /*
+        * filesystems should never set s_maxbytes larger than MAX_LFS_FILESIZE
+        * but s_maxbytes was an unsigned long long for many releases. Throw
+        * this warning for a little while to try and catch filesystems that
+        * violate this rule. This warning should be either removed or
+        * converted to a BUG() in 2.6.34.
+        */
+       WARN((mnt->mnt_sb->s_maxbytes < 0), "%s set sb->s_maxbytes to "
+               "negative value (%lld)\n", type->name, mnt->mnt_sb->s_maxbytes);
 
        mnt->mnt_mountpoint = mnt->mnt_root;
        mnt->mnt_parent = mnt;
@@ -907,8 +931,7 @@ vfs_kern_mount(struct file_system_type *type, int flags, const char *name, void
        return mnt;
 out_sb:
        dput(mnt->mnt_root);
-       up_write(&mnt->mnt_sb->s_umount);
-       deactivate_super(mnt->mnt_sb);
+       deactivate_locked_super(mnt->mnt_sb);
 out_free_secdata:
        free_secdata(secdata);
 out_mnt:
@@ -919,6 +942,119 @@ out:
 
 EXPORT_SYMBOL_GPL(vfs_kern_mount);
 
+/**
+ * freeze_super - lock the filesystem and force it into a consistent state
+ * @sb: the super to lock
+ *
+ * Syncs the super to make sure the filesystem is consistent and calls the fs's
+ * freeze_fs.  Subsequent calls to this without first thawing the fs will return
+ * -EBUSY.
+ */
+int freeze_super(struct super_block *sb)
+{
+       int ret;
+
+       atomic_inc(&sb->s_active);
+       down_write(&sb->s_umount);
+       if (sb->s_frozen) {
+               deactivate_locked_super(sb);
+               return -EBUSY;
+       }
+
+       if (sb->s_flags & MS_RDONLY) {
+               sb->s_frozen = SB_FREEZE_TRANS;
+               smp_wmb();
+               up_write(&sb->s_umount);
+               return 0;
+       }
+
+       sb->s_frozen = SB_FREEZE_WRITE;
+       smp_wmb();
+
+       sync_filesystem(sb);
+
+       sb->s_frozen = SB_FREEZE_TRANS;
+       smp_wmb();
+
+       sync_blockdev(sb->s_bdev);
+       if (sb->s_op->freeze_fs) {
+               ret = sb->s_op->freeze_fs(sb);
+               if (ret) {
+                       printk(KERN_ERR
+                               "VFS:Filesystem freeze failed\n");
+                       sb->s_frozen = SB_UNFROZEN;
+                       deactivate_locked_super(sb);
+                       return ret;
+               }
+       }
+       up_write(&sb->s_umount);
+       return 0;
+}
+EXPORT_SYMBOL(freeze_super);
+
+/**
+ * thaw_super -- unlock filesystem
+ * @sb: the super to thaw
+ *
+ * Unlocks the filesystem and marks it writeable again after freeze_super().
+ */
+int thaw_super(struct super_block *sb)
+{
+       int error;
+
+       down_write(&sb->s_umount);
+       if (sb->s_frozen == SB_UNFROZEN) {
+               up_write(&sb->s_umount);
+               return -EINVAL;
+       }
+
+       if (sb->s_flags & MS_RDONLY)
+               goto out;
+
+       if (sb->s_op->unfreeze_fs) {
+               error = sb->s_op->unfreeze_fs(sb);
+               if (error) {
+                       printk(KERN_ERR
+                               "VFS:Filesystem thaw failed\n");
+                       sb->s_frozen = SB_FREEZE_TRANS;
+                       up_write(&sb->s_umount);
+                       return error;
+               }
+       }
+
+out:
+       sb->s_frozen = SB_UNFROZEN;
+       smp_wmb();
+       wake_up(&sb->s_wait_unfrozen);
+       deactivate_locked_super(sb);
+
+       return 0;
+}
+EXPORT_SYMBOL(thaw_super);
+
+static struct vfsmount *fs_set_subtype(struct vfsmount *mnt, const char *fstype)
+{
+       int err;
+       const char *subtype = strchr(fstype, '.');
+       if (subtype) {
+               subtype++;
+               err = -EINVAL;
+               if (!subtype[0])
+                       goto err;
+       } else
+               subtype = "";
+
+       mnt->mnt_sb->s_subtype = kstrdup(subtype, GFP_KERNEL);
+       err = -ENOMEM;
+       if (!mnt->mnt_sb->s_subtype)
+               goto err;
+       return mnt;
+
+ err:
+       mntput(mnt);
+       return ERR_PTR(err);
+}
+
 struct vfsmount *
 do_kern_mount(const char *fstype, int flags, const char *name, void *data)
 {
@@ -927,13 +1063,17 @@ do_kern_mount(const char *fstype, int flags, const char *name, void *data)
        if (!type)
                return ERR_PTR(-ENODEV);
        mnt = vfs_kern_mount(type, flags, name, data);
+       if (!IS_ERR(mnt) && (type->fs_flags & FS_HAS_SUBTYPE) &&
+           !mnt->mnt_sb->s_subtype)
+               mnt = fs_set_subtype(mnt, fstype);
        put_filesystem(type);
        return mnt;
 }
+EXPORT_SYMBOL_GPL(do_kern_mount);
 
-struct vfsmount *kern_mount(struct file_system_type *type)
+struct vfsmount *kern_mount_data(struct file_system_type *type, void *data)
 {
-       return vfs_kern_mount(type, 0, type->name, NULL);
+       return vfs_kern_mount(type, MS_KERNMOUNT, type->name, data);
 }
 
-EXPORT_SYMBOL(kern_mount);
+EXPORT_SYMBOL_GPL(kern_mount_data);