Commit 77e841de authored by Hidehiro Kawai's avatar Hidehiro Kawai Committed by Theodore Ts'o

jbd2: abort when failed to log metadata buffers

If we failed to write metadata buffers to the journal space and
succeeded to write the commit record, stale data can be written
back to the filesystem as metadata in the recovery phase.

To avoid this, when we failed to write out metadata buffers,
abort the journal before writing the commit record.

We can also avoid this kind of corruption by using the journal
checksum feature because it can detect invalid metadata blocks in the
journal and avoid them from being replayed.  So we don't need to care
about asynchronous commit record writeout with a checksum.
Signed-off-by: default avatarHidehiro Kawai <hidehiro.kawai.ez@hitachi.com>
Signed-off-by: default avatarTheodore Ts'o <tytso@mit.edu>
parent fd048088
...@@ -783,6 +783,9 @@ void jbd2_journal_commit_transaction(journal_t *journal) ...@@ -783,6 +783,9 @@ void jbd2_journal_commit_transaction(journal_t *journal)
/* AKPM: bforget here */ /* AKPM: bforget here */
} }
if (err)
jbd2_journal_abort(journal, err);
jbd_debug(3, "JBD: commit phase 5\n"); jbd_debug(3, "JBD: commit phase 5\n");
if (!JBD2_HAS_INCOMPAT_FEATURE(journal, if (!JBD2_HAS_INCOMPAT_FEATURE(journal,
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment