From: Dave Chinner <david@fromorbit.com>
To: xfs@oss.sgi.com
Subject: [PATCH 10/19] xfs: verify dquot blocks as they are read from disk
Date: Tue, 9 Oct 2012 14:51:01 +1100 [thread overview]
Message-ID: <1349754670-32009-11-git-send-email-david@fromorbit.com> (raw)
In-Reply-To: <1349754670-32009-1-git-send-email-david@fromorbit.com>
From: Dave Chinner <dchinner@redhat.com>
Add a dquot buffer verify callback function and pass it into the
buffer read functions. This checks all the dquots in a buffer, but
cannot completely verify the dquot ids are correct. Also, errors
cannot be repaired, so an additional function is added to repair bad
dquots in the buffer if such an error is detected in a context where
repair is allowed.
Signed-off-by: Dave Chinner <dchinner@redhat.com>
---
fs/xfs/xfs_dquot.c | 117 ++++++++++++++++++++++++++++++++++++++++++----------
1 file changed, 95 insertions(+), 22 deletions(-)
diff --git a/fs/xfs/xfs_dquot.c b/fs/xfs/xfs_dquot.c
index e95f800..2e18382 100644
--- a/fs/xfs/xfs_dquot.c
+++ b/fs/xfs/xfs_dquot.c
@@ -360,6 +360,89 @@ xfs_qm_dqalloc(
return (error);
}
+STATIC void
+xfs_dquot_read_verify(
+ struct xfs_buf *bp)
+{
+ struct xfs_mount *mp = bp->b_target->bt_mount;
+ struct xfs_dqblk *d = (struct xfs_dqblk *)bp->b_addr;
+ struct xfs_disk_dquot *ddq;
+ xfs_dqid_t id = 0;
+ int i;
+
+ /*
+ * On the first read of the buffer, verify that each dquot is valid.
+ * We don't know what the id of the dquot is supposed to be, just that
+ * they should be increasing monotonically within the buffer. If the
+ * first id is corrupt, then it will fail on the second dquot in the
+ * buffer so corruptions could point to the wrong dquot in this case.
+ */
+ for (i = 0; i < mp->m_quotainfo->qi_dqperchunk; i++) {
+ int error;
+
+ ddq = &d[i].dd_diskdq;
+
+ if (i == 0)
+ id = be32_to_cpu(ddq->d_id);
+
+ error = xfs_qm_dqcheck(mp, ddq, id + i, 0, XFS_QMOPT_DOWARN,
+ "xfs_dquot_read_verify");
+ if (error) {
+ XFS_CORRUPTION_ERROR("xfs_dquot_read_verify",
+ XFS_ERRLEVEL_LOW, mp, d);
+ xfs_buf_ioerror(bp, EFSCORRUPTED);
+ break;
+ }
+ }
+ bp->b_iodone = NULL;
+ xfs_buf_ioend(bp, 0);
+}
+
+STATIC int
+xfs_qm_dqrepair(
+ struct xfs_mount *mp,
+ struct xfs_trans *tp,
+ struct xfs_dquot *dqp,
+ xfs_dqid_t firstid,
+ struct xfs_buf **bpp)
+{
+ int error;
+ struct xfs_disk_dquot *ddq;
+ struct xfs_dqblk *d;
+ int i;
+
+ /*
+ * Read the buffer without verification so we get the corrupted
+ * buffer returned to us.
+ */
+ error = xfs_trans_read_buf(mp, tp, mp->m_ddev_targp, dqp->q_blkno,
+ mp->m_quotainfo->qi_dqchunklen,
+ 0, bpp, NULL);
+
+ if (error) {
+ ASSERT(*bpp == NULL);
+ return XFS_ERROR(error);
+ }
+
+ ASSERT(xfs_buf_islocked(*bpp));
+ d = (struct xfs_dqblk *)(*bpp)->b_addr;
+
+ /* Do the actual repair of dquots in this buffer */
+ for (i = 0; i < mp->m_quotainfo->qi_dqperchunk; i++) {
+ ddq = &d[i].dd_diskdq;
+ error = xfs_qm_dqcheck(mp, ddq, firstid + i,
+ dqp->dq_flags & XFS_DQ_ALLTYPES,
+ XFS_QMOPT_DQREPAIR, "xfs_qm_dqrepair");
+ if (error) {
+ /* repair failed, we're screwed */
+ xfs_trans_brelse(tp, *bpp);
+ return XFS_ERROR(EIO);
+ }
+ }
+
+ return 0;
+}
+
/*
* Maps a dquot to the buffer containing its on-disk version.
* This returns a ptr to the buffer containing the on-disk dquot
@@ -378,7 +461,6 @@ xfs_qm_dqtobp(
xfs_buf_t *bp;
xfs_inode_t *quotip = XFS_DQ_TO_QIP(dqp);
xfs_mount_t *mp = dqp->q_mount;
- xfs_disk_dquot_t *ddq;
xfs_dqid_t id = be32_to_cpu(dqp->q_core.d_id);
xfs_trans_t *tp = (tpp ? *tpp : NULL);
@@ -439,33 +521,24 @@ xfs_qm_dqtobp(
error = xfs_trans_read_buf(mp, tp, mp->m_ddev_targp,
dqp->q_blkno,
mp->m_quotainfo->qi_dqchunklen,
- 0, &bp, NULL);
- if (error || !bp)
- return XFS_ERROR(error);
- }
+ 0, &bp, xfs_dquot_read_verify);
- ASSERT(xfs_buf_islocked(bp));
-
- /*
- * calculate the location of the dquot inside the buffer.
- */
- ddq = bp->b_addr + dqp->q_bufoffset;
+ if (error == EFSCORRUPTED && (flags & XFS_QMOPT_DQREPAIR)) {
+ xfs_dqid_t firstid = (xfs_dqid_t)map.br_startoff *
+ mp->m_quotainfo->qi_dqperchunk;
+ ASSERT(bp == NULL);
+ error = xfs_qm_dqrepair(mp, tp, dqp, firstid, &bp);
+ }
- /*
- * A simple sanity check in case we got a corrupted dquot...
- */
- error = xfs_qm_dqcheck(mp, ddq, id, dqp->dq_flags & XFS_DQ_ALLTYPES,
- flags & (XFS_QMOPT_DQREPAIR|XFS_QMOPT_DOWARN),
- "dqtobp");
- if (error) {
- if (!(flags & XFS_QMOPT_DQREPAIR)) {
- xfs_trans_brelse(tp, bp);
- return XFS_ERROR(EIO);
+ if (error) {
+ ASSERT(bp == NULL);
+ return XFS_ERROR(error);
}
}
+ ASSERT(xfs_buf_islocked(bp));
*O_bpp = bp;
- *O_ddpp = ddq;
+ *O_ddpp = bp->b_addr + dqp->q_bufoffset;
return (0);
}
--
1.7.10
_______________________________________________
xfs mailing list
xfs@oss.sgi.com
http://oss.sgi.com/mailman/listinfo/xfs
next prev parent reply other threads:[~2012-10-09 3:50 UTC|newest]
Thread overview: 38+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-10-09 3:50 [PATCH 00/19] xfs: buffer read verifier infrastructure Dave Chinner
2012-10-09 3:50 ` [PATCH 01/19] xfs: growfs: don't read garbage for new secondary superblocks Dave Chinner
2012-10-11 21:34 ` Christoph Hellwig
2012-10-09 3:50 ` [PATCH 02/19] xfs: make buffer read verication an IO completion function Dave Chinner
2012-10-11 21:36 ` Christoph Hellwig
2012-10-09 3:50 ` [PATCH 03/19] xfs: uncached buffer reads need to return an error Dave Chinner
2012-10-11 21:38 ` Christoph Hellwig
2012-10-11 22:11 ` Dave Chinner
2012-10-12 2:28 ` Dave Chinner
2012-10-09 3:50 ` [PATCH 04/19] xfs: verify superblocks as they are read from disk Dave Chinner
2012-10-11 21:41 ` Christoph Hellwig
2012-10-11 22:28 ` Dave Chinner
2012-10-09 3:50 ` [PATCH 05/19] xfs: verify AGF blocks " Dave Chinner
2012-10-11 21:42 ` Christoph Hellwig
2012-10-09 3:50 ` [PATCH 06/19] xfs: verify AGI " Dave Chinner
2012-10-11 21:43 ` Christoph Hellwig
2012-10-09 3:50 ` [PATCH 07/19] xfs: verify AGFL " Dave Chinner
2012-10-11 21:44 ` Christoph Hellwig
2012-10-11 21:52 ` Dave Chinner
2012-10-09 3:50 ` [PATCH 08/19] xfs: verify inode buffers " Dave Chinner
2012-10-11 21:45 ` Christoph Hellwig
2012-10-11 21:55 ` Dave Chinner
2012-10-09 3:51 ` [PATCH 09/19] xfs: verify btree blocks " Dave Chinner
2012-10-09 3:51 ` Dave Chinner [this message]
2012-10-11 21:48 ` [PATCH 10/19] xfs: verify dquot " Christoph Hellwig
2012-10-11 22:08 ` Dave Chinner
2012-10-09 3:51 ` [PATCH 11/19] xfs: add verifier callback to directorry read code Dave Chinner
2012-10-11 21:48 ` Christoph Hellwig
2012-10-09 3:51 ` [PATCH 12/19] xfs: factor dir2 block read operations Dave Chinner
2012-10-09 3:51 ` [PATCH 13/19] xfs: verify dir2 block format buffers Dave Chinner
2012-10-09 3:51 ` [PATCH 14/19] xfs: factor dir2 free block reading Dave Chinner
2012-10-09 3:51 ` [PATCH 15/19] xfs: factor out dir2 data " Dave Chinner
2012-10-09 3:51 ` [PATCH 16/19] xfs: factor dir2 leaf read Dave Chinner
2012-10-09 3:51 ` [PATCH 17/19] xfs: factor and verify attr leaf reads Dave Chinner
2012-10-09 3:51 ` [PATCH 18/19] xfs: add xfs_da_node verification Dave Chinner
2012-10-09 3:51 ` [PATCH 19/19] xfs: Add verifiers to dir2 data readahead Dave Chinner
2012-10-11 12:09 ` [PATCH 00/19] xfs: buffer read verifier infrastructure Mark Tinguely
2012-10-11 21:42 ` Dave Chinner
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1349754670-32009-11-git-send-email-david@fromorbit.com \
--to=david@fromorbit.com \
--cc=xfs@oss.sgi.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox