From d1538d110d9557ee9f9e4b04b6cba258e4f43d3a Mon Sep 17 00:00:00 2001 From: Theo de Raadt Date: Mon, 11 Dec 2017 05:27:41 +0000 Subject: In uvm Chuck decided backing store would not be allocated proactively for blocks re-fetchable from the filesystem. However at reboot time, filesystems are unmounted, and since processes lack backing store they are killed. Since the scheduler is still running, in some cases init is killed... which drops us to ddb [noted by bluhm]. Solution is to convert filesystems to read-only [proposed by kettenis]. The tale follows: sys_reboot() should pass proc * to MD boot() to vfs_shutdown() which completes current IO with vfs_busy VB_WRITE|VB_WAIT, then calls VFS_MOUNT() with MNT_UPDATE | MNT_RDONLY, soon teaching us that *fs_mount() calls a copyin() late... so store the sizes in vfsconflist[] and move the copyin() to sys_mount()... and notice nfs_mount copyin() is size-variant, so kill legacy struct nfs_args3. Next we learn ffs_mount()'s MNT_UPDATE code is sharp and rusty especially wrt softdep, so fix some bugs adn add ~MNT_SOFTDEP to the downgrade. Some vnodes need a little more help, so tie them to &dead_vnops. ffs_mount calling DIOCCACHESYNC is causing a bit of grief still but this issue is seperate and will be dealt with in time. couple hundred reboots by bluhm and myself, advice from guenther and others at the hut --- sys/ntfs/ntfs_vfsops.c | 21 ++++++++------------- 1 file changed, 8 insertions(+), 13 deletions(-) (limited to 'sys/ntfs') diff --git a/sys/ntfs/ntfs_vfsops.c b/sys/ntfs/ntfs_vfsops.c index 2083d51ccdc..6ceac5b3288 100644 --- a/sys/ntfs/ntfs_vfsops.c +++ b/sys/ntfs/ntfs_vfsops.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ntfs_vfsops.c,v 1.56 2017/03/20 16:44:03 jca Exp $ */ +/* $OpenBSD: ntfs_vfsops.c,v 1.57 2017/12/11 05:27:40 deraadt Exp $ */ /* $NetBSD: ntfs_vfsops.c,v 1.7 2003/04/24 07:50:19 christos Exp $ */ /*- @@ -119,7 +119,7 @@ ntfs_mount(struct mount *mp, const char *path, void *data, { int err = 0; struct vnode *devvp; - struct ntfs_args args; + struct ntfs_args *args = data; char fname[MNAMELEN]; char fspec[MNAMELEN]; @@ -131,24 +131,19 @@ ntfs_mount(struct mount *mp, const char *path, void *data, *** */ - /* copy in user arguments*/ - err = copyin(data, (caddr_t)&args, sizeof (struct ntfs_args)); - if (err) - goto error_1; /* can't get arguments*/ - /* * If updating, check whether changing from read-only to * read/write; if there is no device name, that's all we do. */ if (mp->mnt_flag & MNT_UPDATE) { /* if not updating name...*/ - if (args.fspec == NULL) { + if (args && args->fspec == NULL) { /* * Process export requests. Jumping to "success" * will return the vfs_export() error code. */ struct ntfsmount *ntm = VFSTONTFS(mp); - err = vfs_export(mp, &ntm->ntm_export, &args.export_info); + err = vfs_export(mp, &ntm->ntm_export, &args->export_info); goto success; } @@ -161,7 +156,7 @@ ntfs_mount(struct mount *mp, const char *path, void *data, * Not an update, or updating the name: look up the name * and verify that it refers to a sensible block device. */ - err = copyinstr(args.fspec, fspec, sizeof(fspec), NULL); + err = copyinstr(args->fspec, fspec, sizeof(fspec), NULL); if (err) goto error_1; @@ -203,7 +198,7 @@ ntfs_mount(struct mount *mp, const char *path, void *data, * Update device name only on success */ if( !err) { - err = set_statfs_info(NULL, UIO_USERSPACE, args.fspec, + err = set_statfs_info(NULL, UIO_USERSPACE, args->fspec, UIO_USERSPACE, mp, p); } #endif @@ -227,9 +222,9 @@ ntfs_mount(struct mount *mp, const char *path, void *data, strlcpy(mp->mnt_stat.f_mntfromname, fname, MNAMELEN); bzero(mp->mnt_stat.f_mntfromspec, MNAMELEN); strlcpy(mp->mnt_stat.f_mntfromspec, fspec, MNAMELEN); - bcopy(&args, &mp->mnt_stat.mount_info.ntfs_args, sizeof(args)); + bcopy(args, &mp->mnt_stat.mount_info.ntfs_args, sizeof(*args)); if ( !err) { - err = ntfs_mountfs(devvp, mp, &args, p); + err = ntfs_mountfs(devvp, mp, args, p); } } if (err) { -- cgit v1.2.3