UFS: panic rather than forcibly unmount the root fs

If the root fs is forcibly unmounted then basically every process will die with a SEGV as soon as it tries to run again because libc.so is gone, which leaves the system basically hung. It seems better to just panic instead, so let's do that. Requested-by: karels Reviewed-by: imp, mckusick, karels Sponsored-by: Netflix Differential Revision: https://reviews.freebsd.org/D41387
2024-07-22 10:48:02 +00:00 · 2023-08-10 09:55:47 -07:00 · 2023-08-10 09:55:47 -07:00 · 60a41168d1
parent aa79573457
commit 60a41168d1
1 changed files with 3 additions and 0 deletions
--- a/sys/ufs/ffs/ffs_vfsops.c
+++ b/sys/ufs/ffs/ffs_vfsops.c
@ -303,6 +303,9 @@ ffs_fsfail_cleanup_locked(struct ufsmount *ump, int error)
 	mtx_assert(UFS_MTX(ump), MA_OWNED);
 	if (error == ENXIO && (ump->um_flags & UM_FSFAIL_CLEANUP) == 0) {
 		ump->um_flags |= UM_FSFAIL_CLEANUP;
+		if (ump->um_mountp == rootvnode->v_mount)
+			panic("UFS: root fs would be forcibly unmounted");
+
 		/*
 		 * Queue an async forced unmount.
 		 */