From: Jan Kara <jack@suse.cz>
To: libaokun@huaweicloud.com
Cc: linux-ext4@vger.kernel.org, tytso@mit.edu,
adilger.kernel@dilger.ca, jack@suse.cz,
linux-kernel@vger.kernel.org, yi.zhang@huawei.com,
yangerkun@huawei.com, Baokun Li <libaokun1@huawei.com>
Subject: Re: [PATCH 2/5] ext4: do not convert the unwritten extents if data writeback fails
Date: Fri, 20 Dec 2024 11:28:04 +0100 [thread overview]
Message-ID: <20241220102804.m2a4zkiypahqbuvz@quack3> (raw)
In-Reply-To: <20241220060757.1781418-3-libaokun@huaweicloud.com>
On Fri 20-12-24 14:07:54, libaokun@huaweicloud.com wrote:
> From: Baokun Li <libaokun1@huawei.com>
>
> When dioread_nolock is turned on (the default), it will convert unwritten
> extents to written at ext4_end_io_end(), even if the data writeback fails.
>
> It leads to the possibility that stale data may be exposed when the
> physical block corresponding to the file data is read-only (i.e., writes
> return -EIO, but reads are normal).
>
> Therefore a new ext4_io_end->flags EXT4_IO_END_FAILED is added, which
> indicates that some bio write-back failed in the current ext4_io_end.
> When this flag is set, the unwritten to written conversion is no longer
> performed. Users can read the data normally until the caches are dropped,
> after that, the failed extents can only be read to all 0.
>
> Signed-off-by: Baokun Li <libaokun1@huawei.com>
Looks good. Feel free to add:
Reviewed-by: Jan Kara <jack@suse.cz>
Honza
> ---
> fs/ext4/ext4.h | 3 ++-
> fs/ext4/page-io.c | 16 ++++++++++++++--
> 2 files changed, 16 insertions(+), 3 deletions(-)
>
> diff --git a/fs/ext4/ext4.h b/fs/ext4/ext4.h
> index 4e7de7eaa374..9da0e32af02a 100644
> --- a/fs/ext4/ext4.h
> +++ b/fs/ext4/ext4.h
> @@ -278,7 +278,8 @@ struct ext4_system_blocks {
> /*
> * Flags for ext4_io_end->flags
> */
> -#define EXT4_IO_END_UNWRITTEN 0x0001
> +#define EXT4_IO_END_UNWRITTEN 0x0001
> +#define EXT4_IO_END_FAILED 0x0002
>
> struct ext4_io_end_vec {
> struct list_head list; /* list of io_end_vec */
> diff --git a/fs/ext4/page-io.c b/fs/ext4/page-io.c
> index f53b018ea259..6054ec27fb48 100644
> --- a/fs/ext4/page-io.c
> +++ b/fs/ext4/page-io.c
> @@ -181,14 +181,25 @@ static int ext4_end_io_end(ext4_io_end_t *io_end)
> "list->prev 0x%p\n",
> io_end, inode->i_ino, io_end->list.next, io_end->list.prev);
>
> - io_end->handle = NULL; /* Following call will use up the handle */
> - ret = ext4_convert_unwritten_io_end_vec(handle, io_end);
> + /*
> + * Do not convert the unwritten extents if data writeback fails,
> + * or stale data may be exposed.
> + */
> + io_end->handle = NULL; /* Following call will use up the handle */
> + if (unlikely(io_end->flag & EXT4_IO_END_FAILED)) {
> + ret = -EIO;
> + if (handle)
> + jbd2_journal_free_reserved(handle);
> + } else {
> + ret = ext4_convert_unwritten_io_end_vec(handle, io_end);
> + }
> if (ret < 0 && !ext4_forced_shutdown(inode->i_sb)) {
> ext4_msg(inode->i_sb, KERN_EMERG,
> "failed to convert unwritten extents to written "
> "extents -- potential data loss! "
> "(inode %lu, error %d)", inode->i_ino, ret);
> }
> +
> ext4_clear_io_unwritten_flag(io_end);
> ext4_release_io_end(io_end);
> return ret;
> @@ -339,6 +350,7 @@ static void ext4_end_bio(struct bio *bio)
> bio->bi_status, inode->i_ino,
> (unsigned long long)
> bi_sector >> (inode->i_blkbits - 9));
> + io_end->flag |= EXT4_IO_END_FAILED;
> mapping_set_error(inode->i_mapping,
> blk_status_to_errno(bio->bi_status));
> }
> --
> 2.46.1
>
--
Jan Kara <jack@suse.com>
SUSE Labs, CR
next prev parent reply other threads:[~2024-12-20 10:28 UTC|newest]
Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-12-20 6:07 [PATCH 0/5] ext4: fix issues caused by data write-back failures libaokun
2024-12-20 6:07 ` [PATCH 1/5] ext4: replace opencoded ext4_end_io_end() in ext4_put_io_end() libaokun
2024-12-20 10:22 ` Markus Elfring
2024-12-20 10:26 ` Jan Kara
2024-12-20 6:07 ` [PATCH 2/5] ext4: do not convert the unwritten extents if data writeback fails libaokun
2024-12-20 10:28 ` Jan Kara [this message]
2024-12-20 6:07 ` [PATCH 3/5] ext4: abort journal on data writeback failure if in data_err=abort mode libaokun
2024-12-20 10:36 ` Jan Kara
2024-12-20 13:39 ` Baokun Li
2025-01-06 14:32 ` Jan Kara
2025-01-08 3:43 ` Baokun Li
2025-01-08 13:43 ` Jan Kara
2025-01-08 14:44 ` Baokun Li
2025-01-08 15:28 ` Jan Kara
2025-01-09 2:45 ` Baokun Li
2024-12-20 6:07 ` [PATCH 4/5] ext4: remove unused member 'i_unwritten' from 'ext4_inode_info' libaokun
2024-12-20 11:05 ` Jan Kara
2024-12-20 6:07 ` [PATCH 5/5] ext4: pack holes in ext4_inode_info libaokun
2024-12-20 11:06 ` Jan Kara
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20241220102804.m2a4zkiypahqbuvz@quack3 \
--to=jack@suse.cz \
--cc=adilger.kernel@dilger.ca \
--cc=libaokun1@huawei.com \
--cc=libaokun@huaweicloud.com \
--cc=linux-ext4@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=tytso@mit.edu \
--cc=yangerkun@huawei.com \
--cc=yi.zhang@huawei.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox