1. Patchew
  2. linux
  3. View series

[PATCH] ext4: forbid commit inconsistent quota data when errors=remount-ro

Ye Bin posted 1 patch 1 year, 11 months ago 
fs/ext4/super.c | 12 ++++++++++++
1 file changed, 12 insertions(+)
[PATCH] ext4: forbid commit inconsistent quota data when errors=remount-ro
Posted by Ye Bin 1 year, 11 months ago 
There's issue as follows When do IO fault injection test:
Quota error (device dm-3): find_block_dqentry: Quota for id 101 referenced but not present
Quota error (device dm-3): qtree_read_dquot: Can't read quota structure for id 101
Quota error (device dm-3): do_check_range: Getting block 2021161007 out of range 1-186
Quota error (device dm-3): qtree_read_dquot: Can't read quota structure for id 661

Now, ext4_write_dquot()/ext4_acquire_dquot()/ext4_release_dquot() may commit
inconsistent quota data even if process failed. This may lead to filesystem
corruption.
To ensure filesystem consistent when errors=remount-ro there is need to call
ext4_handle_error() to abort journal.

Signed-off-by: Ye Bin <yebin10@huawei.com>
---
 fs/ext4/super.c | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/fs/ext4/super.c b/fs/ext4/super.c
index 0980845c8b8f..ef41b452173e 100644
--- a/fs/ext4/super.c
+++ b/fs/ext4/super.c
@@ -6873,6 +6873,10 @@ static int ext4_write_dquot(struct dquot *dquot)
 	if (IS_ERR(handle))
 		return PTR_ERR(handle);
 	ret = dquot_commit(dquot);
+	if (ret < 0)
+		ext4_error_err(dquot->dq_sb, -ret,
+			       "Failed to commit dquot type %d",
+			       dquot->dq_id.type);
 	err = ext4_journal_stop(handle);
 	if (!ret)
 		ret = err;
@@ -6889,6 +6893,10 @@ static int ext4_acquire_dquot(struct dquot *dquot)
 	if (IS_ERR(handle))
 		return PTR_ERR(handle);
 	ret = dquot_acquire(dquot);
+	if (ret < 0)
+		ext4_error_err(dquot->dq_sb, -ret,
+			      "Failed to acquire dquot type %d",
+			      dquot->dq_id.type);
 	err = ext4_journal_stop(handle);
 	if (!ret)
 		ret = err;
@@ -6908,6 +6916,10 @@ static int ext4_release_dquot(struct dquot *dquot)
 		return PTR_ERR(handle);
 	}
 	ret = dquot_release(dquot);
+	if (ret < 0)
+		ext4_error_err(dquot->dq_sb, -ret,
+			       "Failed to release dquot type %d",
+			       dquot->dq_id.type);
 	err = ext4_journal_stop(handle);
 	if (!ret)
 		ret = err;
-- 
2.31.1
Re: [PATCH] ext4: forbid commit inconsistent quota data when errors=remount-ro
Posted by Theodore Ts'o 1 year, 10 months ago 
On Fri, 19 Jan 2024 14:29:08 +0800, Ye Bin wrote:
> There's issue as follows When do IO fault injection test:
> Quota error (device dm-3): find_block_dqentry: Quota for id 101 referenced but not present
> Quota error (device dm-3): qtree_read_dquot: Can't read quota structure for id 101
> Quota error (device dm-3): do_check_range: Getting block 2021161007 out of range 1-186
> Quota error (device dm-3): qtree_read_dquot: Can't read quota structure for id 661
> 
> Now, ext4_write_dquot()/ext4_acquire_dquot()/ext4_release_dquot() may commit
> inconsistent quota data even if process failed. This may lead to filesystem
> corruption.
> To ensure filesystem consistent when errors=remount-ro there is need to call
> ext4_handle_error() to abort journal.
> 
> [...]

Applied, thanks!

[1/1] ext4: forbid commit inconsistent quota data when errors=remount-ro
      commit: d8b945fa475f13d787df00c26a6dc45a3e2e1d1d

Best regards,
-- 
Theodore Ts'o <tytso@mit.edu>
Re: [PATCH] ext4: forbid commit inconsistent quota data when errors=remount-ro
Posted by Jan Kara 1 year, 11 months ago 
On Fri 19-01-24 14:29:08, Ye Bin wrote:
> There's issue as follows When do IO fault injection test:
> Quota error (device dm-3): find_block_dqentry: Quota for id 101 referenced but not present
> Quota error (device dm-3): qtree_read_dquot: Can't read quota structure for id 101
> Quota error (device dm-3): do_check_range: Getting block 2021161007 out of range 1-186
> Quota error (device dm-3): qtree_read_dquot: Can't read quota structure for id 661
> 
> Now, ext4_write_dquot()/ext4_acquire_dquot()/ext4_release_dquot() may commit
> inconsistent quota data even if process failed. This may lead to filesystem
> corruption.
> To ensure filesystem consistent when errors=remount-ro there is need to call
> ext4_handle_error() to abort journal.
> 
> Signed-off-by: Ye Bin <yebin10@huawei.com>

After thinking about this for a while I agree. Feel free to add:

Reviewed-by: Jan Kara <jack@suse.cz>

								Honza

> ---
>  fs/ext4/super.c | 12 ++++++++++++
>  1 file changed, 12 insertions(+)
> 
> diff --git a/fs/ext4/super.c b/fs/ext4/super.c
> index 0980845c8b8f..ef41b452173e 100644
> --- a/fs/ext4/super.c
> +++ b/fs/ext4/super.c
> @@ -6873,6 +6873,10 @@ static int ext4_write_dquot(struct dquot *dquot)
>  	if (IS_ERR(handle))
>  		return PTR_ERR(handle);
>  	ret = dquot_commit(dquot);
> +	if (ret < 0)
> +		ext4_error_err(dquot->dq_sb, -ret,
> +			       "Failed to commit dquot type %d",
> +			       dquot->dq_id.type);
>  	err = ext4_journal_stop(handle);
>  	if (!ret)
>  		ret = err;
> @@ -6889,6 +6893,10 @@ static int ext4_acquire_dquot(struct dquot *dquot)
>  	if (IS_ERR(handle))
>  		return PTR_ERR(handle);
>  	ret = dquot_acquire(dquot);
> +	if (ret < 0)
> +		ext4_error_err(dquot->dq_sb, -ret,
> +			      "Failed to acquire dquot type %d",
> +			      dquot->dq_id.type);
>  	err = ext4_journal_stop(handle);
>  	if (!ret)
>  		ret = err;
> @@ -6908,6 +6916,10 @@ static int ext4_release_dquot(struct dquot *dquot)
>  		return PTR_ERR(handle);
>  	}
>  	ret = dquot_release(dquot);
> +	if (ret < 0)
> +		ext4_error_err(dquot->dq_sb, -ret,
> +			       "Failed to release dquot type %d",
> +			       dquot->dq_id.type);
>  	err = ext4_journal_stop(handle);
>  	if (!ret)
>  		ret = err;
> -- 
> 2.31.1
> 
-- 
Jan Kara <jack@suse.com>
SUSE Labs, CR

Patchew 2.1-devel-b67e4c2

© 2016 - 2025 Red Hat, Inc.