git: 60a41168d195 - main - UFS: panic rather than forcibly unmount the root fs
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Thu, 10 Aug 2023 17:05:04 UTC
The branch main has been updated by chs:
URL: https://cgit.FreeBSD.org/src/commit/?id=60a41168d195cc09f7351c2c2bcafc389ed52406
commit 60a41168d195cc09f7351c2c2bcafc389ed52406
Author: Chuck Silvers <chs@FreeBSD.org>
AuthorDate: 2023-08-10 16:55:47 +0000
Commit: Chuck Silvers <chs@FreeBSD.org>
CommitDate: 2023-08-10 16:59:06 +0000
UFS: panic rather than forcibly unmount the root fs
If the root fs is forcibly unmounted then basically every process
will die with a SEGV as soon as it tries to run again because libc.so
is gone, which leaves the system basically hung. It seems better
to just panic instead, so let's do that.
Requested-by: karels
Reviewed-by: imp, mckusick, karels
Sponsored-by: Netflix
Differential Revision: https://reviews.freebsd.org/D41387
---
sys/ufs/ffs/ffs_vfsops.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/sys/ufs/ffs/ffs_vfsops.c b/sys/ufs/ffs/ffs_vfsops.c
index 64236d4e98d9..b2cd2d30bc04 100644
--- a/sys/ufs/ffs/ffs_vfsops.c
+++ b/sys/ufs/ffs/ffs_vfsops.c
@@ -303,6 +303,9 @@ ffs_fsfail_cleanup_locked(struct ufsmount *ump, int error)
mtx_assert(UFS_MTX(ump), MA_OWNED);
if (error == ENXIO && (ump->um_flags & UM_FSFAIL_CLEANUP) == 0) {
ump->um_flags |= UM_FSFAIL_CLEANUP;
+ if (ump->um_mountp == rootvnode->v_mount)
+ panic("UFS: root fs would be forcibly unmounted");
+
/*
* Queue an async forced unmount.
*/