• Hidehiro Kawai's avatar
    ext4: don't read inode block if the buffer has a write error · 9c83a923
    Hidehiro Kawai authored
    A transient I/O error can corrupt inode data.  Here is the scenario:
    
    (1) update inode_A at the block_B
    (2) pdflush writes out new inode_A to the filesystem, but it results
        in write I/O error, at this point, BH_Uptodate flag of the buffer
        for block_B is cleared and BH_Write_EIO is set
    (3) create new inode_C which located at block_B, and
        __ext4_get_inode_loc() tries to read on-disk block_B because the
        buffer is not uptodate
    (4) if it can read on-disk block_B successfully, inode_A is
        overwritten by old data
    
    This patch makes __ext4_get_inode_loc() not read the inode block if the
    buffer has BH_Write_EIO flag.  In this case, the buffer should have the
    latest information, so setting the uptodate flag to the buffer (this
    avoids WARN_ON_ONCE() in mark_buffer_dirty().)
    
    According to this change, we would need to test BH_Write_EIO flag for the
    error checking.  Currently nobody checks write I/O errors on metadata
    buffers, but it will be done in other patches I'm working on.
    Signed-off-by: default avatarHidehiro Kawai <hidehiro.kawai.ez@hitachi.com>
    Cc: sugita <yumiko.sugita.yf@hitachi.com>
    Cc: Satoshi OSHIMA <satoshi.oshima.fk@hitachi.com>
    Cc: Nick Piggin <nickpiggin@yahoo.com.au>
    Cc: Jan Kara <jack@ucw.cz>
    Cc: <linux-ext4@vger.kernel.org>
    Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
    Signed-off-by: default avatarTheodore Ts'o <tytso@mit.edu>
    9c83a923
inode.c 132 KB