review.tizen.org Git - platform/kernel/linux-rpi.git/commit

author	Zhang Yi <yi.zhang@huawei.com>
	Thu, 10 Jun 2021 11:24:34 +0000 (19:24 +0800)
committer	Theodore Ts'o <tytso@mit.edu>
	Thu, 24 Jun 2021 14:33:49 +0000 (10:33 -0400)
commit	fcf37549ae19e904bc6a5eadf5c25eca36100c5e
tree	ebf28dd880ff6385014c42b7b04e4c7a46d678ee	tree \| snapshot
parent	1866cba842437f3e7a5a8ee5b558744d9ae844d0	commit \| diff

jbd2: ensure abort the journal if detect IO error when writing original buffer back

Although we merged c044f3d8360 ("jbd2: abort journal if free a async
write error metadata buffer"), there is a race between
jbd2_journal_try_to_free_buffers() and jbd2_journal_destroy(), so the
jbd2_log_do_checkpoint() may still fail to detect the buffer write
io error flag which may lead to filesystem inconsistency.

jbd2_journal_try_to_free_buffers()     ext4_put_super()
                                        jbd2_journal_destroy()
  __jbd2_journal_remove_checkpoint()
  detect buffer write error              jbd2_log_do_checkpoint()
                                         jbd2_cleanup_journal_tail()
                                           <--- lead to inconsistency
  jbd2_journal_abort()

Fix this issue by introducing a new atomic flag which only have one
JBD2_CHECKPOINT_IO_ERROR bit now, and set it in
__jbd2_journal_remove_checkpoint() when freeing a checkpoint buffer
which has write_io_error flag. Then jbd2_journal_destroy() will detect
this mark and abort the journal to prevent updating log tail.

Signed-off-by: Zhang Yi <yi.zhang@huawei.com>
Reviewed-by: Jan Kara <jack@suse.cz>
Link: https://lore.kernel.org/r/20210610112440.3438139-3-yi.zhang@huawei.com
Signed-off-by: Theodore Ts'o <tytso@mit.edu>

fs/jbd2/checkpoint.c		diff \| blob \| history
fs/jbd2/journal.c		diff \| blob \| history
include/linux/jbd2.h		diff \| blob \| history