ext4: abort the filesystem if failed to async write metadata buffer
authorzhangyi (F) <yi.zhang@huawei.com>
Sat, 20 Jun 2020 02:54:23 +0000 (10:54 +0800)
committerTheodore Ts'o <tytso@mit.edu>
Fri, 7 Aug 2020 18:12:34 +0000 (14:12 -0400)
commitbc71726c725767205757821df364acff87f92ac5
tree091fcc3c180953f83a0e6627902ece509e34f109
parentc1d2c7d47e15482bb23cda83a5021e60f624a09c
ext4: abort the filesystem if failed to async write metadata buffer

There is a risk of filesystem inconsistency if we failed to async write
back metadata buffer in the background. Because of current buffer's end
io procedure is handled by end_buffer_async_write() in the block layer,
and it only clear the buffer's uptodate flag and mark the write_io_error
flag, so ext4 cannot detect such failure immediately. In most cases of
getting metadata buffer (e.g. ext4_read_inode_bitmap()), although the
buffer's data is actually uptodate, it may still read data from disk
because the buffer's uptodate flag has been cleared. Finally, it may
lead to on-disk filesystem inconsistency if reading old data from the
disk successfully and write them out again.

This patch detect bdev mapping->wb_err when getting journal's write
access and mark the filesystem error if bdev's mapping->wb_err was
increased, this could prevent further writing and potential
inconsistency.

Signed-off-by: zhangyi (F) <yi.zhang@huawei.com>
Suggested-by: Jan Kara <jack@suse.cz>
Link: https://lore.kernel.org/r/20200620025427.1756360-2-yi.zhang@huawei.com
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
fs/ext4/ext4.h
fs/ext4/ext4_jbd2.c
fs/ext4/super.c