summaryrefslogtreecommitdiffstats
path: root/fs
diff options
context:
space:
mode:
authorHidehiro Kawai <hidehiro.kawai.ez@hitachi.com>2008-10-12 16:39:16 -0400
committerTheodore Ts'o <tytso@mit.edu>2008-10-12 16:39:16 -0400
commit77e841de8abac4755cc83ca224fdf71418d65380 (patch)
tree937694b6bfb13b2ef6e154e8ab25f5f7200159fb /fs
parentfd048088306656824958e7783ffcee27e241b361 (diff)
downloadkernel-crypto-77e841de8abac4755cc83ca224fdf71418d65380.tar.gz
kernel-crypto-77e841de8abac4755cc83ca224fdf71418d65380.tar.xz
kernel-crypto-77e841de8abac4755cc83ca224fdf71418d65380.zip
jbd2: abort when failed to log metadata buffers
If we failed to write metadata buffers to the journal space and succeeded to write the commit record, stale data can be written back to the filesystem as metadata in the recovery phase. To avoid this, when we failed to write out metadata buffers, abort the journal before writing the commit record. We can also avoid this kind of corruption by using the journal checksum feature because it can detect invalid metadata blocks in the journal and avoid them from being replayed. So we don't need to care about asynchronous commit record writeout with a checksum. Signed-off-by: Hidehiro Kawai <hidehiro.kawai.ez@hitachi.com> Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Diffstat (limited to 'fs')
-rw-r--r--fs/jbd2/commit.c3
1 files changed, 3 insertions, 0 deletions
diff --git a/fs/jbd2/commit.c b/fs/jbd2/commit.c
index 0d3814a35ed..78e4da93412 100644
--- a/fs/jbd2/commit.c
+++ b/fs/jbd2/commit.c
@@ -783,6 +783,9 @@ wait_for_iobuf:
/* AKPM: bforget here */
}
+ if (err)
+ jbd2_journal_abort(journal, err);
+
jbd_debug(3, "JBD: commit phase 5\n");
if (!JBD2_HAS_INCOMPAT_FEATURE(journal,