[PATCH] namespace.c: fix mnt_namespace zeroing for expired mounts

This patch clears mnt_namespace in an expired mount.

If mnt_namespace is not cleared, it's possible to attach a new mount to the
already detached mount, because check_mnt() can return true.

The effect is a resource leak, since the resulting tree will never be
freed.

Signed-off-by: Miklos Szeredi <miklos@szeredi.hu>
Acked-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>

fs/namespace.c

@@ -847,6 +847,7 @@ static void expire_mount(struct vfsmount *mnt, struct list_head *mounts)
 
 		/* delete from the namespace */
 		list_del_init(&mnt->mnt_list);
+		mnt->mnt_namespace = NULL;
 		detach_mnt(mnt, &old_nd);
 		spin_unlock(&vfsmount_lock);
 		path_release(&old_nd);