Subject: Re: kern/29898: mount(2) can corrupt filesystem
To: None <kern-bug-people@netbsd.org, gnats-admin@netbsd.org,>
From: YAMAMOTO Takashi <yamt@mwd.biglobe.ne.jp>
List: netbsd-bugs
Date: 04/07/2005 02:05:03
The following reply was made to PR kern/29898; it has been noted by GNATS.

From: YAMAMOTO Takashi <yamt@mwd.biglobe.ne.jp>
To: christos@zoulas.com
Cc: tech-kern@netbsd.org
Subject: Re: kern/29898: mount(2) can corrupt filesystem
Date: Thu, 07 Apr 2005 11:04:33 +0900

 [ adding Cc: tech-kern@ ]
 
 > On Apr 6, 11:23pm, yamt@mwd.biglobe.ne.jp (YAMAMOTO Takashi) wrote:
 > -- Subject: Re: kern/29898: mount(2) can corrupt filesystem
 > 
 > | hi,
 > | 
 > | > | 	restructure mount related code so that the caller of
 > | > | 	VFS_MOUNT doesn't need to alter mnt_flag/iflag.
 > | > | 	maybe by adding more arguments to VFS_MOUNT to describe the operation.
 > | > 
 > | > Isn't is as simple as doing:
 > | 
 > | well, while i've committed the similar change,
 > | i don't think it's that simple.  it isn't MNT_GETARGS specific.
 > | 
 > | eg. consider updating !MNT_SOFTDEP to MNT_SOFTDEP.
 > | until ffs_mount notices the attempt and prevents it by setting MNT_SOFTDEP,
 > | MNT_SOFTDEP is left cleared.
 > | 
 > | i think either of the following is needed.
 > | - change VFS_MOUNT as i suggested above.
 > 
 > This is too intrusive.
 > 
 > | - don't share mnt_flag between filesystem independent code and
 > |   filesystem code.
 > 
 > I think that this is better because then the filesystem specific
 > code can veto the flag settings before applying them.
 > 
 > christos
 
 i have a different opinion.
 it's sometimes better to fix intrusively and it's the case now.
 there's no good reason to have operational flags like MNT_UPDATE in mnt_flag.
 accumulating kludgy fixes is not the way to go.
 
 YAMAMOTO Takashi