Commit ad694821 authored by Joseph Qi's avatar Joseph Qi Committed by Linus Torvalds

ocfs2: fix race between crashed dio and rm

There is a race case between crashed dio and rm, which will lead to
OCFS2_VALID_FL not set read-only.

  N1                              N2
  ------------------------------------------------------------------------
  dd with direct flag
                                  rm file
  crashed with an dio entry left
  in orphan dir
                                  clear OCFS2_VALID_FL in
                                  ocfs2_remove_inode
                                  recover N1 and read the corrupted inode,
                                  and set filesystem read-only

So we skip the inode deletion this time and wait for dio entry recovered
first.
Signed-off-by: default avatarJoseph Qi <joseph.qi@huawei.com>
Reviewed-by: default avatarMark Fasheh <mfasheh@suse.de>
Cc: Joel Becker <jlbec@evilplan.org>
Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
parent f57a22dd
...@@ -971,6 +971,7 @@ static void ocfs2_delete_inode(struct inode *inode) ...@@ -971,6 +971,7 @@ static void ocfs2_delete_inode(struct inode *inode)
int wipe, status; int wipe, status;
sigset_t oldset; sigset_t oldset;
struct buffer_head *di_bh = NULL; struct buffer_head *di_bh = NULL;
struct ocfs2_dinode *di = NULL;
trace_ocfs2_delete_inode(inode->i_ino, trace_ocfs2_delete_inode(inode->i_ino,
(unsigned long long)OCFS2_I(inode)->ip_blkno, (unsigned long long)OCFS2_I(inode)->ip_blkno,
...@@ -1025,6 +1026,14 @@ static void ocfs2_delete_inode(struct inode *inode) ...@@ -1025,6 +1026,14 @@ static void ocfs2_delete_inode(struct inode *inode)
goto bail_unlock_nfs_sync; goto bail_unlock_nfs_sync;
} }
di = (struct ocfs2_dinode *)di_bh->b_data;
/* Skip inode deletion and wait for dio orphan entry recovered
* first */
if (unlikely(di->i_flags & cpu_to_le32(OCFS2_DIO_ORPHANED_FL))) {
ocfs2_cleanup_delete_inode(inode, 0);
goto bail_unlock_inode;
}
/* Query the cluster. This will be the final decision made /* Query the cluster. This will be the final decision made
* before we go ahead and wipe the inode. */ * before we go ahead and wipe the inode. */
status = ocfs2_query_inode_wipe(inode, di_bh, &wipe); status = ocfs2_query_inode_wipe(inode, di_bh, &wipe);
......
...@@ -2210,7 +2210,9 @@ static int ocfs2_recover_orphans(struct ocfs2_super *osb, ...@@ -2210,7 +2210,9 @@ static int ocfs2_recover_orphans(struct ocfs2_super *osb,
* ocfs2_delete_inode. */ * ocfs2_delete_inode. */
oi->ip_flags |= OCFS2_INODE_MAYBE_ORPHANED; oi->ip_flags |= OCFS2_INODE_MAYBE_ORPHANED;
spin_unlock(&oi->ip_lock); spin_unlock(&oi->ip_lock);
} else if ((orphan_reco_type == ORPHAN_NEED_TRUNCATE) && }
if ((orphan_reco_type == ORPHAN_NEED_TRUNCATE) &&
(di->i_flags & cpu_to_le32(OCFS2_DIO_ORPHANED_FL))) { (di->i_flags & cpu_to_le32(OCFS2_DIO_ORPHANED_FL))) {
ret = ocfs2_truncate_file(inode, di_bh, ret = ocfs2_truncate_file(inode, di_bh,
i_size_read(inode)); i_size_read(inode));
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment