Remove kernel.mounts.

We can get the mount namespace from the CreateProcessArgs in all cases where we need it. This also gets rid of kernel.Destroy method, since the only thing it was doing was DecRefing the mounts. Removing the need to call kernel.SetRootMountNamespace also allowed for some more simplifications in the container fs setup code. PiperOrigin-RevId: 261357060
author: Nicolas Lacasse <nlacasse@google.com> 2019-08-02 11:21:50 -0700
committer: gVisor bot <gvisor-bot@google.com> 2019-08-02 11:23:11 -0700
commit: aaaefdf9cadf033fa281b612315c3227f5ab1c7a (patch)
tree: c595502de931176a803ae917095fc552f133ed3a /pkg/sentry/fs/mounts.go
parent: 6a1ac3407743adf7c0493ab9da97a1dff4e4b2ac (diff)
1 files changed, 11 insertions, 0 deletions
diff --git a/pkg/sentry/fs/mounts.go b/pkg/sentry/fs/mounts.go
index 728575864..9b713e785 100644
--- a/pkg/sentry/fs/mounts.go
+++ b/pkg/sentry/fs/mounts.go
@@ -219,6 +219,13 @@ func (mns *MountNamespace) flushMountSourceRefsLocked() {
 		}
 	}
 
+	if mns.root == nil {
+		// No root? This MountSource must have already been destroyed.
+		// This can happen when a Save is triggered while a process is
+		// exiting. There is nothing to flush.
+		return
+	}
+
 	// Flush root's MountSource references.
 	mns.root.Inode.MountSource.FlushDirentRefs()
 }
@@ -249,6 +256,10 @@ func (mns *MountNamespace) destroy() {
 	// Drop reference on the root.
 	mns.root.DecRef()
 
+	// Ensure that root cannot be accessed via this MountNamespace any
+	// more.
+	mns.root = nil
+
 	// Wait for asynchronous work (queued by dropping Dirent references
 	// above) to complete before destroying this MountNamespace.
 	AsyncBarrier()
author	Nicolas Lacasse <nlacasse@google.com>	2019-08-02 11:21:50 -0700
committer	gVisor bot <gvisor-bot@google.com>	2019-08-02 11:23:11 -0700
commit	aaaefdf9cadf033fa281b612315c3227f5ab1c7a (patch)
tree	c595502de931176a803ae917095fc552f133ed3a /pkg/sentry/fs/mounts.go
parent	6a1ac3407743adf7c0493ab9da97a1dff4e4b2ac (diff)