[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
kern/37706: Forced unmount of file systems is unsafe
>Synopsis: Forced unmount of file systems is unsafe
>Arrival-Date: Sun Jan 06 13:10:00 +0000 2008
>Originator: Andrew Doran
The NetBSD Project
- Reference counting is not done for struct mount and it can disappear
out from underneath code that is using it.
- Modification of vnode_t::v_op while v_usecount != 0 is unsafe because
it's not known whether deadfs or the original file system code will
be called. Additionally the original fs code could be unloaded from
For struct mount:
- Add reference counting to struct mount. Make struct mount
persist until all references are removed.
- Replace lockmgr() 'handoff' trick used to access struct mount with
reference counting and a rwlock.
- Have vnodes take references to struct mount.
- Have mounts reference the underlying file system type to prevent
fs code from being unloaded.
- Have vfs_busy() return ENOENT for file systems in purgatory (this
is done already in a slightly different way).
- Push locking back into file systems and store locks in the inode.
- Make VOP_RECLAIM() preserve the in-core inode structure if
v_usecount > 1, but mark the structure as 'gone'.
- Make file system locks/gates return ENOENT if the inode is 'gone'.
Main Index |
Thread Index |