2020-04-15 06:50:23

by Theodore Ts'o

[permalink] [raw]
Subject: [PATCH] ext4: increase wait time needed before reuse of deleted inode numbers

Current wait times have proven to be too short to protect against inode
reuses that lead to metadata inconsistencies.

Now that we will retry the inode allocation if we can't find any
recently deleted inodes, it's a lot safer to increase the recently
deleted time from 5 seconds to a minute.

Google-Bug-Id: 36602237
Signed-off-by: Theodore Ts'o <[email protected]>
---
fs/ext4/ialloc.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/fs/ext4/ialloc.c b/fs/ext4/ialloc.c
index 9faaf32be5cc..4b8c9a9bdf0c 100644
--- a/fs/ext4/ialloc.c
+++ b/fs/ext4/ialloc.c
@@ -662,7 +662,7 @@ static int find_group_other(struct super_block *sb, struct inode *parent,
* block has been written back to disk. (Yes, these values are
* somewhat arbitrary...)
*/
-#define RECENTCY_MIN 5
+#define RECENTCY_MIN 60
#define RECENTCY_DIRTY 300

static int recently_deleted(struct super_block *sb, ext4_group_t group, int ino)
--
2.24.1


2020-04-22 15:54:31

by Jan Kara

[permalink] [raw]
Subject: Re: [PATCH] ext4: increase wait time needed before reuse of deleted inode numbers

On Mon 13-04-20 22:39:25, Theodore Ts'o wrote:
> Current wait times have proven to be too short to protect against inode
> reuses that lead to metadata inconsistencies.
>
> Now that we will retry the inode allocation if we can't find any
> recently deleted inodes, it's a lot safer to increase the recently
> deleted time from 5 seconds to a minute.
>
> Google-Bug-Id: 36602237
> Signed-off-by: Theodore Ts'o <[email protected]>

Looks good to me. You can add:

Reviewed-by: Jan Kara <[email protected]>

Honza

> ---
> fs/ext4/ialloc.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/fs/ext4/ialloc.c b/fs/ext4/ialloc.c
> index 9faaf32be5cc..4b8c9a9bdf0c 100644
> --- a/fs/ext4/ialloc.c
> +++ b/fs/ext4/ialloc.c
> @@ -662,7 +662,7 @@ static int find_group_other(struct super_block *sb, struct inode *parent,
> * block has been written back to disk. (Yes, these values are
> * somewhat arbitrary...)
> */
> -#define RECENTCY_MIN 5
> +#define RECENTCY_MIN 60
> #define RECENTCY_DIRTY 300
>
> static int recently_deleted(struct super_block *sb, ext4_group_t group, int ino)
> --
> 2.24.1
>
--
Jan Kara <[email protected]>
SUSE Labs, CR