linux/fs/jbd
Jan Kara 1e9fd53b78 jbd: Fix a race between checkpointing code and journal_get_write_access()
The following race can happen:

  CPU1                          CPU2
                                checkpointing code checks the buffer, adds
                                  it to an array for writeback
do_get_write_access()
  ...
  lock_buffer()
  unlock_buffer()
                                  flush_batch() submits the buffer for IO
  __jbd_journal_file_buffer()

  So a buffer under writeout is returned from do_get_write_access(). Since
the filesystem code relies on the fact that journaled buffers cannot be
written out, it does not take the buffer lock and so it can modify buffer
while it is under writeout. That can lead to a filesystem corruption
if we crash at the right moment. The similar problem can happen with
the journal_get_create_access() path.
  We fix the problem by clearing the buffer dirty bit under buffer_lock
even if the buffer is on BJ_None list. Actually, we clear the dirty bit
regardless the list the buffer is in and warn about the fact if
the buffer is already journalled.

Thanks for spotting the problem goes to dingdinghua <dingdinghua85@gmail.com>.

Reported-by: dingdinghua <dingdinghua85@gmail.com>
Signed-off-by: Jan Kara <jack@suse.cz>
2009-07-15 21:30:07 +02:00
..
checkpoint.c jbd: don't give up looking for space so easily in __log_wait_for_space 2008-11-06 22:37:59 -05:00
commit.c jbd: fix race in buffer processing in commit code 2009-06-09 16:59:03 -07:00
journal.c jbd: Fail to load a journal if it is too short 2009-07-15 21:26:23 +02:00
Kconfig fs/Kconfig: move ext2, ext3, ext4, JBD, JBD2 out 2008-10-20 11:43:59 -07:00
Makefile
recovery.c jbd: fix error handling for checkpoint io 2008-10-23 08:55:01 -07:00
revoke.c Merge branch 'for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tytso/ext4 2009-04-24 08:37:40 -07:00
transaction.c jbd: Fix a race between checkpointing code and journal_get_write_access() 2009-07-15 21:30:07 +02:00