From: Leah Rumancik <leah.rumancik@gmail.com>
To: linux-xfs@vger.kernel.org
Cc: amir73il@gmail.com, chandan.babu@oracle.com, fred@cloudflare.com,
mngyadam@amazon.com, "Darrick J. Wong" <djwong@kernel.org>,
Dave Chinner <dchinner@redhat.com>,
Leah Rumancik <leah.rumancik@gmail.com>
Subject: [PATCH 6.1 CANDIDATE 22/24] xfs: fix log recovery when unknown rocompat bits are set
Date: Fri, 26 Apr 2024 14:55:09 -0700 [thread overview]
Message-ID: <20240426215512.2673806-23-leah.rumancik@gmail.com> (raw)
In-Reply-To: <20240426215512.2673806-1-leah.rumancik@gmail.com>
From: "Darrick J. Wong" <djwong@kernel.org>
[ Upstream commit 74ad4693b6473950e971b3dc525b5ee7570e05d0 ]
Log recovery has always run on read only mounts, even where the primary
superblock advertises unknown rocompat bits. Due to a misunderstanding
between Eric and Darrick back in 2018, we accidentally changed the
superblock write verifier to shutdown the fs over that exact scenario.
As a result, the log cleaning that occurs at the end of the mounting
process fails if there are unknown rocompat bits set.
As we now allow writing of the superblock if there are unknown rocompat
bits set on a RO mount, we no longer want to turn off RO state to allow
log recovery to succeed on a RO mount. Hence we also remove all the
(now unnecessary) RO state toggling from the log recovery path.
Fixes: 9e037cb7972f ("xfs: check for unknown v5 feature bits in superblock write verifier"
Signed-off-by: Darrick J. Wong <djwong@kernel.org>
Reviewed-by: Dave Chinner <dchinner@redhat.com>
Signed-off-by: Leah Rumancik <leah.rumancik@gmail.com>
---
fs/xfs/libxfs/xfs_sb.c | 3 ++-
fs/xfs/xfs_log.c | 17 -----------------
2 files changed, 2 insertions(+), 18 deletions(-)
diff --git a/fs/xfs/libxfs/xfs_sb.c b/fs/xfs/libxfs/xfs_sb.c
index 28c464307817..bf2cca78304e 100644
--- a/fs/xfs/libxfs/xfs_sb.c
+++ b/fs/xfs/libxfs/xfs_sb.c
@@ -266,7 +266,8 @@ xfs_validate_sb_write(
return -EFSCORRUPTED;
}
- if (xfs_sb_has_ro_compat_feature(sbp, XFS_SB_FEAT_RO_COMPAT_UNKNOWN)) {
+ if (!xfs_is_readonly(mp) &&
+ xfs_sb_has_ro_compat_feature(sbp, XFS_SB_FEAT_RO_COMPAT_UNKNOWN)) {
xfs_alert(mp,
"Corruption detected in superblock read-only compatible features (0x%x)!",
(sbp->sb_features_ro_compat &
diff --git a/fs/xfs/xfs_log.c b/fs/xfs/xfs_log.c
index 60b19f6d7077..d9aa5eab02c3 100644
--- a/fs/xfs/xfs_log.c
+++ b/fs/xfs/xfs_log.c
@@ -730,15 +730,7 @@ xfs_log_mount(
* just worked.
*/
if (!xfs_has_norecovery(mp)) {
- /*
- * log recovery ignores readonly state and so we need to clear
- * mount-based read only state so it can write to disk.
- */
- bool readonly = test_and_clear_bit(XFS_OPSTATE_READONLY,
- &mp->m_opstate);
error = xlog_recover(log);
- if (readonly)
- set_bit(XFS_OPSTATE_READONLY, &mp->m_opstate);
if (error) {
xfs_warn(mp, "log mount/recovery failed: error %d",
error);
@@ -787,7 +779,6 @@ xfs_log_mount_finish(
struct xfs_mount *mp)
{
struct xlog *log = mp->m_log;
- bool readonly;
int error = 0;
if (xfs_has_norecovery(mp)) {
@@ -795,12 +786,6 @@ xfs_log_mount_finish(
return 0;
}
- /*
- * log recovery ignores readonly state and so we need to clear
- * mount-based read only state so it can write to disk.
- */
- readonly = test_and_clear_bit(XFS_OPSTATE_READONLY, &mp->m_opstate);
-
/*
* During the second phase of log recovery, we need iget and
* iput to behave like they do for an active filesystem.
@@ -850,8 +835,6 @@ xfs_log_mount_finish(
xfs_buftarg_drain(mp->m_ddev_targp);
clear_bit(XLOG_RECOVERY_NEEDED, &log->l_opstate);
- if (readonly)
- set_bit(XFS_OPSTATE_READONLY, &mp->m_opstate);
/* Make sure the log is dead if we're returning failure. */
ASSERT(!error || xlog_is_shutdown(log));
--
2.44.0.769.g3c40516874-goog
next prev parent reply other threads:[~2024-04-26 21:56 UTC|newest]
Thread overview: 26+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-04-26 21:54 [PATCH 6.1 CANDIDATE 00/24] more backport proposals for linux-6.1.y Leah Rumancik
2024-04-26 21:54 ` [PATCH 6.1 CANDIDATE 01/24] xfs: write page faults in iomap are not buffered writes Leah Rumancik
2024-04-26 21:54 ` [PATCH 6.1 CANDIDATE 02/24] xfs: punching delalloc extents on write failure is racy Leah Rumancik
2024-04-26 21:54 ` [PATCH 6.1 CANDIDATE 03/24] xfs: use byte ranges for write cleanup ranges Leah Rumancik
2024-04-26 21:54 ` [PATCH 6.1 CANDIDATE 04/24] xfs,iomap: move delalloc punching to iomap Leah Rumancik
2024-04-26 21:54 ` [PATCH 6.1 CANDIDATE 05/24] iomap: buffered write failure should not truncate the page cache Leah Rumancik
2024-04-26 21:54 ` [PATCH 6.1 CANDIDATE 06/24] xfs: xfs_bmap_punch_delalloc_range() should take a byte range Leah Rumancik
2024-04-26 21:54 ` [PATCH 6.1 CANDIDATE 07/24] iomap: write iomap validity checks Leah Rumancik
2024-04-26 21:54 ` [PATCH 6.1 CANDIDATE 08/24] xfs: use iomap_valid method to detect stale cached iomaps Leah Rumancik
2024-04-26 21:54 ` [PATCH 6.1 CANDIDATE 09/24] xfs: drop write error injection is unfixable, remove it Leah Rumancik
2024-04-26 21:54 ` [PATCH 6.1 CANDIDATE 10/24] xfs: fix off-by-one-block in xfs_discard_folio() Leah Rumancik
2024-04-26 21:54 ` [PATCH 6.1 CANDIDATE 11/24] xfs: fix incorrect error-out in xfs_remove Leah Rumancik
2024-04-26 21:54 ` [PATCH 6.1 CANDIDATE 12/24] xfs: fix sb write verify for lazysbcount Leah Rumancik
2024-04-26 21:55 ` [PATCH 6.1 CANDIDATE 13/24] xfs: fix incorrect i_nlink caused by inode racing Leah Rumancik
2024-04-26 21:55 ` [PATCH 6.1 CANDIDATE 14/24] xfs: invalidate block device page cache during unmount Leah Rumancik
2024-04-26 21:55 ` [PATCH 6.1 CANDIDATE 15/24] xfs: attach dquots to inode before reading data/cow fork mappings Leah Rumancik
2024-04-26 21:55 ` [PATCH 6.1 CANDIDATE 16/24] xfs: wait iclog complete before tearing down AIL Leah Rumancik
2024-04-26 21:55 ` [PATCH 6.1 CANDIDATE 17/24] xfs: fix super block buf log item UAF during force shutdown Leah Rumancik
2024-04-26 21:55 ` [PATCH 6.1 CANDIDATE 18/24] xfs: hoist refcount record merge predicates Leah Rumancik
2024-04-26 21:55 ` [PATCH 6.1 CANDIDATE 19/24] xfs: estimate post-merge refcounts correctly Leah Rumancik
2024-04-26 21:55 ` [PATCH 6.1 CANDIDATE 20/24] xfs: invalidate xfs_bufs when allocating cow extents Leah Rumancik
2024-04-26 21:55 ` [PATCH 6.1 CANDIDATE 21/24] xfs: allow inode inactivation during a ro mount log recovery Leah Rumancik
2024-04-26 21:55 ` Leah Rumancik [this message]
2024-04-26 21:55 ` [PATCH 6.1 CANDIDATE 23/24] xfs: get root inode correctly at bulkstat Leah Rumancik
2024-04-26 21:55 ` [PATCH 6.1 CANDIDATE 24/24] xfs: short circuit xfs_growfs_data_private() if delta is zero Leah Rumancik
2024-04-26 23:14 ` [PATCH 6.1 CANDIDATE 00/24] more backport proposals for linux-6.1.y Darrick J. Wong
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20240426215512.2673806-23-leah.rumancik@gmail.com \
--to=leah.rumancik@gmail.com \
--cc=amir73il@gmail.com \
--cc=chandan.babu@oracle.com \
--cc=dchinner@redhat.com \
--cc=djwong@kernel.org \
--cc=fred@cloudflare.com \
--cc=linux-xfs@vger.kernel.org \
--cc=mngyadam@amazon.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).