From owner-freebsd-geom@FreeBSD.ORG Mon Mar 22 18:41:42 2010 Return-Path: Delivered-To: freebsd-geom@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id D18B8106564A; Mon, 22 Mar 2010 18:41:42 +0000 (UTC) (envelope-from avg@freebsd.org) Received: from citadel.icyb.net.ua (citadel.icyb.net.ua [212.40.38.140]) by mx1.freebsd.org (Postfix) with ESMTP id 7B7858FC18; Mon, 22 Mar 2010 18:41:41 +0000 (UTC) Received: from odyssey.starpoint.kiev.ua (alpha-e.starpoint.kiev.ua [212.40.38.101]) by citadel.icyb.net.ua (8.8.8p3/ICyb-2.3exp) with ESMTP id UAA00928; Mon, 22 Mar 2010 20:41:39 +0200 (EET) (envelope-from avg@freebsd.org) Message-ID: <4BA7B9E3.3080003@freebsd.org> Date: Mon, 22 Mar 2010 20:41:39 +0200 From: Andriy Gapon User-Agent: Thunderbird 2.0.0.23 (X11/20100211) MIME-Version: 1.0 To: freebsd-fs@freebsd.org, freebsd-geom@freebsd.org X-Enigmail-Version: 0.95.7 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Cc: Pawel Jakub Dawidek , Poul-Henning Kamp Subject: geom_vfs: disallow multiple readonly mounts of a device X-BeenThere: freebsd-geom@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: GEOM-specific discussions and implementations List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 22 Mar 2010 18:41:42 -0000 Currently FreeBSD allows multiple readonly mounts of the same device. This feature seems to be introduced along with GEOM. Before that, only one mount of a device was allowed, whether readonly or not. Other (major) BSDs still work that way. Unfortunately, the feature has never really worked correctly because of some architectural/design issues in our buffer cache layer/interface. Multiple shared mounts are allowed to happen but later on, during filesystem access or at unmount time, a system would crash. Because of this, I propose to disable shared mounting feature for time being. In my opinion it is very unlikely that anybody depends on this feature now, but nullfs can be used as its replacement. In fact, it could be even more efficient if the same files are access via different mount points. The proposed patch is a greatly reduced version of a patch by Pawel Jakub Dawidek: http://people.freebsd.org/~pjd/patches/mro_mount.patch Pawel's patch, in fact, fixes the shared mounting feature. Unfortunately, at least one filesystem (FFS) is quite intrusive at what it does with a device vnode (or rather its bufobj) when it attempts mounting. So, in some edge cases (synthetic or accidental) a system may still crash even with the Pawel's patch. So, I think that it should not be committed until after all filesystems in the tree are made to play nice. Otherwise, I like it. As an afterthought, perhaps it is the Pawel's patch that we should actually use with one change - add a sysctl that enables/disables shared mounts and make them disabled by default. Thank you very for the feedback. --- a/sys/geom/geom_vfs.c +++ b/sys/geom/geom_vfs.c @@ -161,6 +161,10 @@ g_vfs_open g_topology_assert(); *cpp = NULL; + bo = &vp->v_bufobj; + if (bo->bo_private != vp) + return (EBUSY); + pp = g_dev_getprovider(vp->v_rdev); if (pp == NULL) return (ENOENT); @@ -176,6 +180,6 @@ g_vfs_open vnode_create_vobject(vp, pp->mediasize, curthread); VFS_UNLOCK_GIANT(vfslocked); *cpp = cp; - bo = &vp->v_bufobj; + cp->private = vp; bo->bo_ops = g_vfs_bufops; bo->bo_private = cp; @@ -196,5 +200,6 @@ g_vfs_close gp = cp->geom; bo = gp->softc; bufobj_invalbuf(bo, V_SAVE, 0, 0); + bo->bo_private = cp->private; g_wither_geom_close(gp, ENXIO); } -- Andriy Gapon