Subject: Patch to disallow mounts of unclean FFS unless forced
To: None <tech-kern@netbsd.org>
From: Jason Thorpe <thorpej@wasabisystems.com>
List: tech-kern
Date: 10/13/2003 11:09:28
--Apple-Mail-7--285461211
Content-Transfer-Encoding: 7bit
Content-Type: text/plain;
	charset=US-ASCII;
	format=flowed

The following patch changes the FFS code to disallow mounts of unclean 
file systems unless the mount is forced.  Mounts can be forced by root 
using the -f flag to mount(8).  Non-root users are not allowed to force 
mounts (this is enforced by sys_mount()).  The initial mount of the 
root file system is always forced.

Comments?

         -- Jason R. Thorpe <thorpej@wasabisystems.com>

--Apple-Mail-7--285461211
Content-Disposition: attachment;
	filename=ffs-force-patch.txt
Content-Transfer-Encoding: 7bit
Content-Type: text/plain;
	x-unix-mode=0644;
	name="ffs-force-patch.txt"

? ID
Index: ffs_vfsops.c
===================================================================
RCS file: /cvsroot/src/sys/ufs/ffs/ffs_vfsops.c,v
retrieving revision 1.123
diff -u -p -r1.123 ffs_vfsops.c
--- ffs_vfsops.c	25 Sep 2003 23:39:17 -0000	1.123
+++ ffs_vfsops.c	13 Oct 2003 18:02:42 -0000
@@ -151,6 +151,11 @@ ffs_mountroot()
 		vrele(rootvp);
 		return (error);
 	}
+
+	/*
+	 * We always need to be able to mount the root file system.
+	 */
+	mp->mnt_flag |= MNT_FORCE;
 	if ((error = ffs_mountfs(rootvp, mp, p)) != 0) {
 		mp->mnt_op->vfs_refcount--;
 		vfs_unbusy(mp);
@@ -158,6 +163,7 @@ ffs_mountroot()
 		vrele(rootvp);
 		return (error);
 	}
+	mp->mnt_flag &= ~MNT_FORCE;
 	simple_lock(&mountlist_slock);
 	CIRCLEQ_INSERT_TAIL(&mountlist, mp, mnt_list);
 	simple_unlock(&mountlist_slock);
@@ -827,6 +833,17 @@ next_sblock:
 		goto out;
 	}
 #endif
+
+	/*
+	 * If the file system is not clean, don't allow it to be mounted
+	 * unless MNT_FORCE is specified.  (Note: MNT_FORCE is always set
+	 * for the root file system.)
+	 */
+	if ((fs->fs_clean & FS_ISCLEAN) == 0 &&
+	    (mp->mnt_flag & MNT_FORCE) == 0) {
+		error = EPERM;
+		goto out2;
+	}
 
 	/*
 	 * verify that we can access the last block in the fs

--Apple-Mail-7--285461211--