On Thu, Apr 17, 2025 at 05:12:26PM +0200, Christian Brauner wrote: > (2) If a userspace task is dealing with e.g., a broken NFS server and > does a umount(MNT_DETACH) and that NFS server blocks indefinitely > then right now it will be the task's problem that called the umount. > It will simply hang and pay the price. > > With your patch however, that cleanup_mnt() and the > deactivate_super() call it entails will be done from > delayed_mntput_work... > > So if there's some userspace process with a broken NFS server and it > does umount(MNT_DETACH) it will end up hanging every other > umount(MNT_DETACH) on the system because the dealyed_mntput_work > workqueue (to my understanding) cannot make progress. > > So in essence this patch to me seems like handing a DOS vector for > MNT_DETACH to userspace. (3) Somebody does umount -l and a few minutes later proceeds to reboot. All filesystems involved are pinned only by mounts, but the very first victim happens to be an NFS mount from a slow server. No indication of the problem, just a bunch of local filesystems that got a dirty shutdown...
