[prev in list] [next in list] [prev in thread] [next in thread] 

List:       openbsd-bugs
Subject:    Re: Reproducible kernel panic on 6.0: "mount -o async,nosoftdep -u /home; tar xfz base60.tgz"
From:       Carlin Bingham <cb () viennan ! net>
Date:       2017-04-08 1:29:39
Message-ID: 20170408012939.ahn46gil5arnoewq () vorpal ! my ! domain
[Download RAW message or body]

On Fri, Feb 03, 2017 at 04:43:15PM +0800, Tinker wrote:
> Reproduction script:
> 
> Boot your OpenBSD 6.0 MP machine which has /home mounted as softdep, and do:
> 
> mount -o async,nosoftdep -u /home
> 
> mkdir /home/exploit; cd /home/exploit
> 
> tar xfz /YOUR/INSTALLER/DIR/base60.tgz
> 
> tar xfz /YOUR/INSTALLER/DIR/base60.tgz
> 
> Outcome: The kernel will go into panic with the error "panic:
> softdep_update_inodeblock: update failed".
> 

The problem is that changing softdep with mount -u doesn't work on rw
volumes, per the man page:

	This option is ignored when
	using the -u flag and a file system is already mounted
	read/write.

But this means async,nosoftdep causes the volume to end up with both
async and softdep.

This patch should prevent that from happening.


-- 
Carlin


Index: sys/ufs/ffs/ffs_vfsops.c
===================================================================
RCS file: /cvs/src/sys/ufs/ffs/ffs_vfsops.c,v
retrieving revision 1.164
diff -u -p -u -r1.164 ffs_vfsops.c
--- sys/ufs/ffs/ffs_vfsops.c	15 Sep 2016 02:00:18 -0000	1.164
+++ sys/ufs/ffs/ffs_vfsops.c	8 Apr 2017 01:22:42 -0000
@@ -279,6 +279,8 @@ ffs_mount(struct mount *mp, const char *
 				flags |= FORCECLOSE;
 			error = softdep_flushfiles(mp, flags, p);
 #elif FFS_SOFTUPDATES
+			if (mp->mnt_flag & MNT_ASYNC)
+				return (EINVAL);
 			mp->mnt_flag |= MNT_SOFTDEP;
 #endif
 		}

[prev in list] [next in list] [prev in thread] [next in thread]