• Jan Kara's avatar
    jbd2: issue cache flush after checkpointing even with internal journal · a3ceb229
    Jan Kara authored
    commit 79feb521 upstream.
    
    When we reach jbd2_cleanup_journal_tail(), there is no guarantee that
    checkpointed buffers are on a stable storage - especially if buffers were
    written out by jbd2_log_do_checkpoint(), they are likely to be only in disk's
    caches. Thus when we update journal superblock effectively removing old
    transaction from journal, this write of superblock can get to stable storage
    before those checkpointed buffers which can result in filesystem corruption
    after a crash. Thus we must unconditionally issue a cache flush before we
    update journal superblock in these cases.
    
    A similar problem can also occur if journal superblock is written only in
    disk's caches, other transaction starts reusing space of the transaction
    cleaned from the log and power failure happens. Subsequent journal replay would
    still try to replay the old transaction but some of it's blocks may be already
    overwritten by the new transaction. For this reason we must use WRITE_FUA when
    updating log tail and we must first write new log tail to disk and update
    in-memory information only after that.
    Signed-off-by: default avatarJan Kara <jack@suse.cz>
    Signed-off-by: default avatar"Theodore Ts'o" <tytso@mit.edu>
    [bwh: Prerequisite for "jbd2: fix ocfs2 corrupt when updating journal
     superblock fails".
     Backported to 3.2:
     - Adjust context
     - Drop changes to jbd2_journal_update_sb_log_tail trace event]
    Signed-off-by: default avatarBen Hutchings <ben@decadent.org.uk>
    a3ceb229
recovery.c 18.7 KB