2008-04-18 13:29:57

by Hidehiro Kawai

[permalink] [raw]
Subject: [PATCH 0/4] jbd: possible filesystem corruption fixes

Subject: [PATCH 0/4] jbd: possible filesystem corruption fixes

The current JBD is not sufficient for I/O error handling. It can
cause filesystem corruption. An example scenario:

1. fail to write a metadata buffer to block B in the journal
2. succeed to write the commit record
3. the system crashes, reboots and mount the filesystem
4. in the recovery phase, succeed to read data from block B
5. write back the read data to the filesystem, but it is a stale
6. lose some files and directories!

This scenario is a rare case, but it (temporal I/O error)
can occur. If we abort the journal between 1. and 2., this
tragedy can be avoided.

This patch set fixes several error handling problems to protect
from filesystem corruption caused by I/O errors. It has been
done only for JBD and ext3 parts.

This patch is against 2.6.25

[PATCH 1/4] jbd: strictly check for write errors on data buffers
[PATCH 2/4] jbd: ordered data integrity fix
[PATCH 3/4] jbd: abort when failed to log metadata buffers
[PATCH 4/4] jbd: fix error handling for checkpoint io

Hidehiro Kawai
Hitachi, Systems Development Laboratory
Linux Technology Center