Wed Sep 24 10:07:19 2008 UTC ()
PR kern/30525 remounting ffs read-only (mount -ur) does not sync metadata

Prevent r/w to r/o downgrade until such time as someone has verified all
the relevant file system code.


(ad)
diff -r1.372 -r1.373 src/sys/kern/vfs_syscalls.c
cvs diff -r1.372 -r1.373 src/sys/kern/vfs_syscalls.c (expand / switch to unified diff)

--- src/sys/kern/vfs_syscalls.c 2008/09/24 09:44:09 1.372
+++ src/sys/kern/vfs_syscalls.c 2008/09/24 10:07:19 1.373
@@ -1,14 +1,14 @@ @@ -1,14 +1,14 @@
1/* $NetBSD: vfs_syscalls.c,v 1.372 2008/09/24 09:44:09 ad Exp $ */ 1/* $NetBSD: vfs_syscalls.c,v 1.373 2008/09/24 10:07:19 ad Exp $ */
2 2
3/*- 3/*-
4 * Copyright (c) 2008 The NetBSD Foundation, Inc. 4 * Copyright (c) 2008 The NetBSD Foundation, Inc.
5 * All rights reserved. 5 * All rights reserved.
6 * 6 *
7 * Redistribution and use in source and binary forms, with or without 7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions 8 * modification, are permitted provided that the following conditions
9 * are met: 9 * are met:
10 * 1. Redistributions of source code must retain the above copyright 10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer. 11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright 12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the 13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution. 14 * documentation and/or other materials provided with the distribution.
@@ -53,27 +53,27 @@ @@ -53,27 +53,27 @@
53 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 53 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
54 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 54 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
55 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 55 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
56 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 56 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
57 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 57 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
58 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 58 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
59 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 59 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
60 * SUCH DAMAGE. 60 * SUCH DAMAGE.
61 * 61 *
62 * @(#)vfs_syscalls.c 8.42 (Berkeley) 7/31/95 62 * @(#)vfs_syscalls.c 8.42 (Berkeley) 7/31/95
63 */ 63 */
64 64
65#include <sys/cdefs.h> 65#include <sys/cdefs.h>
66__KERNEL_RCSID(0, "$NetBSD: vfs_syscalls.c,v 1.372 2008/09/24 09:44:09 ad Exp $"); 66__KERNEL_RCSID(0, "$NetBSD: vfs_syscalls.c,v 1.373 2008/09/24 10:07:19 ad Exp $");
67 67
68#include "opt_compat_netbsd.h" 68#include "opt_compat_netbsd.h"
69#include "opt_compat_43.h" 69#include "opt_compat_43.h"
70#include "opt_fileassoc.h" 70#include "opt_fileassoc.h"
71#include "veriexec.h" 71#include "veriexec.h"
72 72
73#include <sys/param.h> 73#include <sys/param.h>
74#include <sys/systm.h> 74#include <sys/systm.h>
75#include <sys/namei.h> 75#include <sys/namei.h>
76#include <sys/filedesc.h> 76#include <sys/filedesc.h>
77#include <sys/kernel.h> 77#include <sys/kernel.h>
78#include <sys/file.h> 78#include <sys/file.h>
79#include <sys/stat.h> 79#include <sys/stat.h>
@@ -161,29 +161,31 @@ mount_update(struct lwp *l, struct vnode @@ -161,29 +161,31 @@ mount_update(struct lwp *l, struct vnode
161 int error = 0, saved_flags; 161 int error = 0, saved_flags;
162 162
163 mp = vp->v_mount; 163 mp = vp->v_mount;
164 saved_flags = mp->mnt_flag; 164 saved_flags = mp->mnt_flag;
165 165
166 /* We can operate only on VV_ROOT nodes. */ 166 /* We can operate only on VV_ROOT nodes. */
167 if ((vp->v_vflag & VV_ROOT) == 0) { 167 if ((vp->v_vflag & VV_ROOT) == 0) {
168 error = EINVAL; 168 error = EINVAL;
169 goto out; 169 goto out;
170 } 170 }
171 171
172 /* 172 /*
173 * We only allow the filesystem to be reloaded if it 173 * We only allow the filesystem to be reloaded if it
174 * is currently mounted read-only. 174 * is currently mounted read-only. Additionally, we
 175 * prevent read-write to read-only downgrades.
175 */ 176 */
176 if (flags & MNT_RELOAD && !(mp->mnt_flag & MNT_RDONLY)) { 177 if ((flags & (MNT_RELOAD | MNT_RDONLY)) != 0 &&
 178 (mp->mnt_flag & MNT_RDONLY) == 0) {
177 error = EOPNOTSUPP; /* Needs translation */ 179 error = EOPNOTSUPP; /* Needs translation */
178 goto out; 180 goto out;
179 } 181 }
180 182
181 error = kauth_authorize_system(l->l_cred, KAUTH_SYSTEM_MOUNT, 183 error = kauth_authorize_system(l->l_cred, KAUTH_SYSTEM_MOUNT,
182 KAUTH_REQ_SYSTEM_MOUNT_UPDATE, mp, KAUTH_ARG(flags), data); 184 KAUTH_REQ_SYSTEM_MOUNT_UPDATE, mp, KAUTH_ARG(flags), data);
183 if (error) 185 if (error)
184 goto out; 186 goto out;
185 187
186 if (vfs_busy(mp, NULL)) { 188 if (vfs_busy(mp, NULL)) {
187 error = EPERM; 189 error = EPERM;
188 goto out; 190 goto out;
189 } 191 }