When pivot_root is called from an init script in an initramfs environment, it causes a circular reference in the mount tree. I was able to see this by adding some debug printk's to the detach_mnt and attach_mnt functions. When pivot_root runs, the output was: detach_mnt: mnt=d7ee3300, old_nd=d7d39ee8 detach_mnt: mnt=d7ee3780, old_nd=d7d39ea8 attach_mnt: mnt=d7ee3780, nd=d7d39f28 mnt->mnt_parent=d7ee3300 attach_mnt: mnt=d7ee3300, nd=d7d39ea8 mnt->mnt_parent=d7ee3780 Notice the mnt_parent assignments in attach_mnt. The effect of this bug can be seen when the user tries to umount the initramfs, or if mount --move is used later. In either case, the kernel gets stuck in an endless loop. The best patch I can come up with for this is below. It passes the WOMM test, and preserves the behavior when pivot_root is used from an initrd (or another filesystem below the rootfs), while fixing the problem when it is the rootfs that is being pivoted. But maybe something needs to be done with current->namespace->root as well in this case? --- linux-2.6.13-rc1/fs/namespace.c.orig 2005-07-03 20:30:18.000000000 +0200 +++ linux-2.6.13-rc1/fs/namespace.c 2005-07-03 20:31:54.000000000 +0200 @@ -1344,6 +1344,9 @@ goto out3; detach_mnt(new_nd.mnt, &parent_nd); detach_mnt(user_nd.mnt, &root_parent); + if (user_nd.mnt == current->namespace->root) { + root_parent.mnt = new_nd.mnt; /* avoid creating a mount loop */ + } attach_mnt(user_nd.mnt, &old_nd); /* mount old root on put_old */ attach_mnt(new_nd.mnt, &root_parent); /* mount new_root on / */ spin_unlock(&vfsmount_lock);
A much better patch should now be in -mm tree: pivot_root-circular-reference-fix-2.patch
It seems that even the idea of using pivot_root from inside initramfs has been vetoed. Current fix in mm (pivot_root-circular-reference-fix-3.patch) simply returns an error if pivot_root is called on unattached mounts. Closing bug, since the functionality will not be supported in any case.