2 * journal.c --- code for handling the "ext3" journal
4 * Copyright (C) 2000 Andreas Dilger
5 * Copyright (C) 2000 Theodore Ts'o
7 * Parts of the code are based on fs/jfs/journal.c by Stephen C. Tweedie
8 * Copyright (C) 1999 Red Hat Software
10 * This file may be redistributed under the terms of the
11 * GNU General Public License version 2 or at your discretion
15 #ifdef HAVE_SYS_MOUNT_H
16 #include <sys/mount.h>
17 #define MNT_FL (MS_MGC_VAL | MS_RDONLY)
19 #ifdef HAVE_SYS_STAT_H
23 #define E2FSCK_INCLUDE_INLINE_FUNCS
26 #include "uuid/uuid.h"
28 #ifdef JFS_DEBUG /* Enabled by configure --enable-jfs-debug */
29 static int bh_count = 0;
30 int journal_enable_debug = 2;
33 /* Kernel compatibility functions for handling the journal. These allow us
34 * to use the recovery.c file virtually unchanged from the kernel, so we
35 * don't have to do much to keep kernel and user recovery in sync.
37 int bmap(struct inode *inode, int block)
42 retval = ext2fs_bmap(inode->i_ctx->fs, inode->i_ino, &inode->i_ext2,
43 NULL, 0, block, &phys);
46 com_err(inode->i_ctx->device_name, retval,
47 _("bmap journal inode %ld, block %d\n"),
53 struct buffer_head *getblk(e2fsck_t ctx, blk_t blocknr, int blocksize)
55 struct buffer_head *bh;
57 bh = e2fsck_allocate_memory(ctx, sizeof(*bh), "block buffer");
61 jfs_debug(4, "getblk for block %lu (%d bytes)(total %d)\n",
62 (unsigned long) blocknr, blocksize, ++bh_count);
65 bh->b_size = blocksize;
66 bh->b_blocknr = blocknr;
71 void ll_rw_block(int rw, int nr, struct buffer_head *bhp[])
74 struct buffer_head *bh;
76 for (; nr > 0; --nr) {
78 if (rw == READ && !bh->b_uptodate) {
79 jfs_debug(3, "reading block %lu/%p\n",
80 (unsigned long) bh->b_blocknr, (void *) bh);
81 retval = io_channel_read_blk(bh->b_ctx->journal_io,
85 com_err(bh->b_ctx->device_name, retval,
86 "while reading block %ld\n",
92 } else if (rw == WRITE && bh->b_dirty) {
93 jfs_debug(3, "writing block %lu/%p\n",
94 (unsigned long) bh->b_blocknr, (void *) bh);
95 retval = io_channel_write_blk(bh->b_ctx->journal_io,
99 com_err(bh->b_ctx->device_name, retval,
100 "while writing block %ld\n",
108 jfs_debug(3, "no-op %s for block %lu\n",
109 rw == READ ? "read" : "write",
110 (unsigned long) bh->b_blocknr);
114 void mark_buffer_dirty(struct buffer_head *bh, int dummy)
116 bh->b_dirty = dummy | 1; /* use dummy to avoid unused variable */
119 static void mark_buffer_clean(struct buffer_head * bh)
124 void brelse(struct buffer_head *bh)
127 ll_rw_block(WRITE, 1, &bh);
128 jfs_debug(3, "freeing block %lu/%p (total %d)\n",
129 (unsigned long) bh->b_blocknr, (void *) bh, --bh_count);
130 ext2fs_free_mem((void **) &bh);
133 int buffer_uptodate(struct buffer_head *bh)
135 return bh->b_uptodate;
138 void mark_buffer_uptodate(struct buffer_head *bh, int val)
140 bh->b_uptodate = val;
143 void wait_on_buffer(struct buffer_head *bh)
146 ll_rw_block(READ, 1, &bh);
150 static void e2fsck_clear_recover(e2fsck_t ctx, int error)
152 ctx->fs->super->s_feature_incompat &= ~EXT3_FEATURE_INCOMPAT_RECOVER;
154 /* if we had an error doing journal recovery, we need a full fsck */
156 ctx->fs->super->s_state &= ~EXT2_VALID_FS;
157 ext2fs_mark_super_dirty(ctx->fs);
160 static errcode_t e2fsck_journal_init_inode(e2fsck_t ctx,
161 struct ext2_super_block *s,
165 struct buffer_head *bh;
169 jfs_debug(1, "Using journal inode %u\n", s->s_journal_inum);
170 *journal = e2fsck_allocate_memory(ctx, sizeof(journal_t), "journal");
172 return EXT2_ET_NO_MEMORY;
175 inode = e2fsck_allocate_memory(ctx, sizeof(*inode), "journal inode");
177 retval = EXT2_ET_NO_MEMORY;
182 inode->i_ino = s->s_journal_inum;
183 retval = ext2fs_read_inode(ctx->fs, s->s_journal_inum, &inode->i_ext2);
187 (*journal)->j_dev = ctx;
188 (*journal)->j_inode = inode;
189 (*journal)->j_blocksize = ctx->fs->blocksize;
190 (*journal)->j_maxlen = inode->i_ext2.i_size / (*journal)->j_blocksize;
191 ctx->journal_io = ctx->fs->io;
193 if (!inode->i_ext2.i_links_count ||
194 !LINUX_S_ISREG(inode->i_ext2.i_mode) ||
195 (*journal)->j_maxlen < JFS_MIN_JOURNAL_BLOCKS ||
196 (start = bmap(inode, 0)) == 0) {
197 retval = EXT2_ET_BAD_INODE_NUM;
201 bh = getblk(ctx, start, (*journal)->j_blocksize);
203 retval = EXT2_ET_NO_MEMORY;
206 (*journal)->j_sb_buffer = bh;
207 (*journal)->j_superblock = (journal_superblock_t *)bh->b_data;
212 ext2fs_free_mem((void **)&inode);
214 ext2fs_free_mem((void **)journal);
219 static errcode_t e2fsck_journal_init_dev(e2fsck_t ctx,
220 struct ext2_super_block *s,
223 struct buffer_head *bh;
227 int blocksize = ctx->fs->blocksize;
228 struct ext2_super_block jsuper;
229 struct problem_context pctx;
230 const char *journal_name;
232 clear_problem_context(&pctx);
233 journal_name = ctx->journal_name;
235 journal_name = ext2fs_find_block_device(s->s_journal_dev);
238 fix_problem(ctx, PR_0_CANT_FIND_JOURNAL, &pctx);
239 return EXT2_ET_LOAD_EXT_JOURNAL;
242 jfs_debug(1, "Using journal file %s\n", journal_name);
245 io_ptr = unix_io_manager;
247 io_ptr = test_io_manager;
248 test_io_backing_manager = unix_io_manager;
250 retval = io_ptr->open(journal_name, IO_FLAG_RW, &ctx->journal_io);
251 if (!ctx->journal_name)
252 free((void *) journal_name);
256 io_channel_set_blksize(ctx->journal_io, blocksize);
257 start = (blocksize == 1024) ? 1 : 0;
258 bh = getblk(ctx, start, blocksize);
260 return EXT2_ET_NO_MEMORY;
261 ll_rw_block(READ, 1, &bh);
264 memcpy(&jsuper, start ? bh->b_data : bh->b_data + 1024,
267 #ifdef EXT2FS_ENABLE_SWAPFS
268 if (jsuper.s_magic == ext2fs_swab16(EXT2_SUPER_MAGIC))
269 ext2fs_swap_super(&jsuper);
271 if (jsuper.s_magic != EXT2_SUPER_MAGIC ||
272 !(jsuper.s_feature_incompat & EXT3_FEATURE_INCOMPAT_JOURNAL_DEV)) {
273 fix_problem(ctx, PR_0_EXT_JOURNAL_BAD_SUPER, &pctx);
274 return EXT2_ET_LOAD_EXT_JOURNAL;
276 /* Make sure the journal UUID is correct */
277 if (memcmp(jsuper.s_uuid, ctx->fs->super->s_journal_uuid,
278 sizeof(jsuper.s_uuid))) {
279 fix_problem(ctx, PR_0_JOURNAL_BAD_UUID, &pctx);
280 return EXT2_ET_LOAD_EXT_JOURNAL;
283 *journal = e2fsck_allocate_memory(ctx, sizeof(journal_t), "journal");
285 return EXT2_ET_NO_MEMORY;
288 (*journal)->j_dev = ctx;
289 (*journal)->j_inode = NULL;
290 (*journal)->j_blocksize = ctx->fs->blocksize;
291 (*journal)->j_maxlen = jsuper.s_blocks_count;
293 bh = getblk(ctx, start+1, (*journal)->j_blocksize);
295 retval = EXT2_ET_NO_MEMORY;
298 (*journal)->j_sb_buffer = bh;
299 (*journal)->j_superblock = (journal_superblock_t *)bh->b_data;
304 ext2fs_free_mem((void **)journal);
308 static errcode_t e2fsck_get_journal(e2fsck_t ctx, journal_t **journal)
310 struct ext2_super_block *sb = ctx->fs->super;
312 if (uuid_is_null(sb->s_journal_uuid)) {
313 if (!sb->s_journal_inum)
314 return EXT2_ET_BAD_INODE_NUM;
315 return e2fsck_journal_init_inode(ctx, sb, journal);
317 return e2fsck_journal_init_dev(ctx, sb, journal);
321 static errcode_t e2fsck_journal_fix_bad_inode(e2fsck_t ctx,
322 struct problem_context *pctx)
324 struct ext2_super_block *sb = ctx->fs->super;
325 int recover = ctx->fs->super->s_feature_incompat &
326 EXT3_FEATURE_INCOMPAT_RECOVER;
327 int has_journal = ctx->fs->super->s_feature_compat &
328 EXT3_FEATURE_COMPAT_HAS_JOURNAL;
330 if (has_journal || sb->s_journal_inum) {
331 /* The journal inode is bogus, remove and force full fsck */
332 pctx->ino = sb->s_journal_inum;
333 if (fix_problem(ctx, PR_0_JOURNAL_BAD_INODE, pctx)) {
334 if (has_journal && sb->s_journal_inum)
335 printf("*** ext3 journal has been deleted - "
336 "filesystem is now ext2 only ***\n\n");
337 sb->s_feature_compat &= ~EXT3_FEATURE_COMPAT_HAS_JOURNAL;
338 sb->s_journal_inum = 0;
339 ctx->flags |= E2F_FLAG_JOURNAL_INODE; /* FIXME: todo */
340 e2fsck_clear_recover(ctx, 1);
343 return EXT2_ET_BAD_INODE_NUM;
344 } else if (recover) {
345 if (fix_problem(ctx, PR_0_JOURNAL_RECOVER_SET, pctx)) {
346 e2fsck_clear_recover(ctx, 1);
349 return EXT2_ET_UNSUPP_FEATURE;
354 static errcode_t e2fsck_journal_load(journal_t *journal)
356 e2fsck_t ctx = journal->j_dev;
357 journal_superblock_t *jsb;
358 struct buffer_head *jbh = journal->j_sb_buffer;
359 struct problem_context pctx;
361 clear_problem_context(&pctx);
363 ll_rw_block(READ, 1, &jbh);
365 com_err(ctx->device_name, jbh->b_err,
366 _("reading journal superblock\n"));
370 jsb = journal->j_superblock;
371 /* If we don't even have JFS_MAGIC, we probably have a wrong inode */
372 if (jsb->s_header.h_magic != htonl(JFS_MAGIC_NUMBER))
373 return e2fsck_journal_fix_bad_inode(ctx, &pctx);
375 switch (ntohl(jsb->s_header.h_blocktype)) {
376 case JFS_SUPERBLOCK_V1:
377 journal->j_format_version = 1;
380 case JFS_SUPERBLOCK_V2:
381 journal->j_format_version = 2;
382 if (ntohl(jsb->s_nr_users) > 1) {
383 fix_problem(ctx, PR_0_JOURNAL_UNSUPP_MULTIFS, &pctx);
384 return EXT2_ET_JOURNAL_UNSUPP_VERSION;
389 * These should never appear in a journal super block, so if
390 * they do, the journal is badly corrupted.
392 case JFS_DESCRIPTOR_BLOCK:
393 case JFS_COMMIT_BLOCK:
394 case JFS_REVOKE_BLOCK:
395 return EXT2_ET_CORRUPT_SUPERBLOCK;
397 /* If we don't understand the superblock major type, but there
398 * is a magic number, then it is likely to be a new format we
399 * just don't understand, so leave it alone. */
401 return EXT2_ET_JOURNAL_UNSUPP_VERSION;
404 if (JFS_HAS_INCOMPAT_FEATURE(journal, ~JFS_KNOWN_INCOMPAT_FEATURES))
405 return EXT2_ET_UNSUPP_FEATURE;
407 if (JFS_HAS_RO_COMPAT_FEATURE(journal, ~JFS_KNOWN_ROCOMPAT_FEATURES))
408 return EXT2_ET_RO_UNSUPP_FEATURE;
410 /* We have now checked whether we know enough about the journal
411 * format to be able to proceed safely, so any other checks that
412 * fail we should attempt to recover from. */
413 if (jsb->s_blocksize != htonl(journal->j_blocksize)) {
414 com_err(ctx->program_name, EXT2_ET_CORRUPT_SUPERBLOCK,
415 _("%s: no valid journal superblock found\n"),
417 return EXT2_ET_CORRUPT_SUPERBLOCK;
420 if (ntohl(jsb->s_maxlen) < journal->j_maxlen)
421 journal->j_maxlen = ntohl(jsb->s_maxlen);
422 else if (ntohl(jsb->s_maxlen) > journal->j_maxlen) {
423 com_err(ctx->program_name, EXT2_ET_CORRUPT_SUPERBLOCK,
424 _("%s: journal too short\n"),
426 return EXT2_ET_CORRUPT_SUPERBLOCK;
429 journal->j_tail_sequence = ntohl(jsb->s_sequence);
430 journal->j_transaction_sequence = journal->j_tail_sequence;
431 journal->j_tail = ntohl(jsb->s_start);
432 journal->j_first = ntohl(jsb->s_first);
433 journal->j_last = ntohl(jsb->s_maxlen);
438 static void e2fsck_journal_reset_super(e2fsck_t ctx, journal_superblock_t *jsb,
449 /* Leave a valid existing V1 superblock signature alone.
450 * Anything unrecognisable we overwrite with a new V2
453 if (jsb->s_header.h_magic != htonl(JFS_MAGIC_NUMBER) ||
454 jsb->s_header.h_blocktype != htonl(JFS_SUPERBLOCK_V1)) {
455 jsb->s_header.h_magic = htonl(JFS_MAGIC_NUMBER);
456 jsb->s_header.h_blocktype = htonl(JFS_SUPERBLOCK_V2);
459 /* Zero out everything else beyond the superblock header */
461 p = ((char *) jsb) + sizeof(journal_header_t);
462 memset (p, 0, ctx->fs->blocksize-sizeof(journal_header_t));
464 jsb->s_blocksize = htonl(ctx->fs->blocksize);
465 jsb->s_maxlen = htonl(journal->j_maxlen);
466 jsb->s_first = htonl(1);
468 /* Initialize the journal sequence number so that there is "no"
469 * chance we will find old "valid" transactions in the journal.
470 * This avoids the need to zero the whole journal (slow to do,
471 * and risky when we are just recovering the filesystem).
473 uuid_generate(u.uuid);
474 for (i = 0; i < 4; i ++)
476 jsb->s_sequence = htonl(new_seq);
478 mark_buffer_dirty(journal->j_sb_buffer, 1);
479 ll_rw_block(WRITE, 1, &journal->j_sb_buffer);
482 static errcode_t e2fsck_journal_fix_corrupt_super(e2fsck_t ctx,
484 struct problem_context *pctx)
486 struct ext2_super_block *sb = ctx->fs->super;
487 int recover = ctx->fs->super->s_feature_incompat &
488 EXT3_FEATURE_INCOMPAT_RECOVER;
490 pctx->num = journal->j_inode->i_ino;
492 if (sb->s_feature_compat & EXT3_FEATURE_COMPAT_HAS_JOURNAL) {
493 if (fix_problem(ctx, PR_0_JOURNAL_BAD_SUPER, pctx)) {
494 e2fsck_journal_reset_super(ctx, journal->j_superblock,
496 journal->j_transaction_sequence = 1;
497 e2fsck_clear_recover(ctx, recover);
500 return EXT2_ET_CORRUPT_SUPERBLOCK;
501 } else if (e2fsck_journal_fix_bad_inode(ctx, pctx))
502 return EXT2_ET_CORRUPT_SUPERBLOCK;
507 static void e2fsck_journal_release(e2fsck_t ctx, journal_t *journal,
510 journal_superblock_t *jsb;
513 mark_buffer_clean(journal->j_sb_buffer);
514 else if (!(ctx->options & E2F_OPT_READONLY)) {
515 jsb = journal->j_superblock;
516 jsb->s_sequence = htonl(journal->j_transaction_sequence);
518 jsb->s_start = 0; /* this marks the journal as empty */
519 mark_buffer_dirty(journal->j_sb_buffer, 1);
521 brelse(journal->j_sb_buffer);
523 if (ctx->journal_io) {
524 if (ctx->fs && ctx->fs->io != ctx->journal_io)
525 io_channel_close(ctx->journal_io);
529 if (journal->j_inode)
530 ext2fs_free_mem((void **)&journal->j_inode);
531 ext2fs_free_mem((void **)&journal);
535 * This function makes sure that the superblock fields regarding the
536 * journal are consistent.
538 int e2fsck_check_ext3_journal(e2fsck_t ctx)
540 struct ext2_super_block *sb = ctx->fs->super;
542 int recover = ctx->fs->super->s_feature_incompat &
543 EXT3_FEATURE_INCOMPAT_RECOVER;
544 struct problem_context pctx;
545 int reset = 0, force_fsck = 0;
548 /* If we don't have any journal features, don't do anything more */
549 if (!(sb->s_feature_compat & EXT3_FEATURE_COMPAT_HAS_JOURNAL) &&
550 !recover && sb->s_journal_inum == 0 && sb->s_journal_dev == 0 &&
551 uuid_is_null(sb->s_journal_uuid))
554 clear_problem_context(&pctx);
555 pctx.num = sb->s_journal_inum;
557 retval = e2fsck_get_journal(ctx, &journal);
559 if (retval == EXT2_ET_BAD_INODE_NUM)
560 return e2fsck_journal_fix_bad_inode(ctx, &pctx);
564 retval = e2fsck_journal_load(journal);
566 if ((retval == EXT2_ET_CORRUPT_SUPERBLOCK) ||
567 ((retval == EXT2_ET_UNSUPP_FEATURE) &&
568 (!fix_problem(ctx, PR_0_JOURNAL_UNSUPP_INCOMPAT,
570 ((retval == EXT2_ET_RO_UNSUPP_FEATURE) &&
571 (!fix_problem(ctx, PR_0_JOURNAL_UNSUPP_ROCOMPAT,
573 ((retval == EXT2_ET_JOURNAL_UNSUPP_VERSION) &&
574 (!fix_problem(ctx, PR_0_JOURNAL_UNSUPP_VERSION, &pctx))))
575 retval = e2fsck_journal_fix_corrupt_super(ctx, journal,
577 e2fsck_journal_release(ctx, journal, 0, 1);
582 * We want to make the flags consistent here. We will not leave with
583 * needs_recovery set but has_journal clear. We can't get in a loop
584 * with -y, -n, or -p, only if a user isn't making up their mind.
587 if (!(sb->s_feature_compat & EXT3_FEATURE_COMPAT_HAS_JOURNAL)) {
588 recover = sb->s_feature_incompat & EXT3_FEATURE_INCOMPAT_RECOVER;
590 if (fix_problem(ctx, PR_0_JOURNAL_HAS_JOURNAL, &pctx)) {
592 !fix_problem(ctx, PR_0_JOURNAL_RECOVER_SET, &pctx))
595 * Need a full fsck if we are releasing a
596 * journal stored on a reserved inode.
598 force_fsck = recover ||
599 (sb->s_journal_inum < EXT2_FIRST_INODE(sb));
600 /* Clear all of the journal fields */
601 sb->s_journal_inum = 0;
602 sb->s_journal_dev = 0;
603 memset(sb->s_journal_uuid, 0,
604 sizeof(sb->s_journal_uuid));
605 e2fsck_clear_recover(ctx, force_fsck);
606 } else if (!(ctx->options & E2F_OPT_READONLY)) {
607 sb->s_feature_compat |= EXT3_FEATURE_COMPAT_HAS_JOURNAL;
608 ext2fs_mark_super_dirty(ctx->fs);
612 if (sb->s_feature_compat & EXT3_FEATURE_COMPAT_HAS_JOURNAL &&
613 !(sb->s_feature_incompat & EXT3_FEATURE_INCOMPAT_RECOVER) &&
614 journal->j_superblock->s_start != 0) {
615 if (fix_problem(ctx, PR_0_JOURNAL_RESET_JOURNAL, &pctx)) {
617 sb->s_state &= ~EXT2_VALID_FS;
618 ext2fs_mark_super_dirty(ctx->fs);
621 * If the user answers no to the above question, we
622 * ignore the fact that journal apparently has data;
623 * accidentally replaying over valid data would be far
624 * worse than skipping a questionable recovery.
626 * XXX should we abort with a fatal error here? What
627 * will the ext3 kernel code do if a filesystem with
628 * !NEEDS_RECOVERY but with a non-zero
629 * journal->j_superblock->s_start is mounted?
633 e2fsck_journal_release(ctx, journal, reset, 0);
637 static errcode_t recover_ext3_journal(e2fsck_t ctx)
642 retval = e2fsck_get_journal(ctx, &journal);
646 retval = e2fsck_journal_load(journal);
650 retval = journal_init_revoke(journal, 1024);
654 retval = -journal_recover(journal);
658 if (journal->j_superblock->s_errno) {
659 ctx->fs->super->s_state |= EXT2_ERROR_FS;
660 ext2fs_mark_super_dirty(ctx->fs);
661 journal->j_superblock->s_errno = 0;
662 mark_buffer_dirty(journal->j_sb_buffer, 1);
666 e2fsck_journal_release(ctx, journal, 1, 0);
670 int e2fsck_run_ext3_journal(e2fsck_t ctx)
672 io_manager io_ptr = ctx->fs->io->manager;
673 int blocksize = ctx->fs->blocksize;
674 errcode_t retval, recover_retval;
676 printf(_("%s: recovering journal\n"), ctx->device_name);
677 if (ctx->options & E2F_OPT_READONLY) {
678 printf(_("%s: won't do journal recovery while read-only\n"),
680 return EXT2_ET_FILE_RO;
683 if (ctx->fs->flags & EXT2_FLAG_DIRTY)
684 ext2fs_flush(ctx->fs); /* Force out any modifications */
686 recover_retval = recover_ext3_journal(ctx);
689 * Reload the filesystem context to get up-to-date data from disk
690 * because journal recovery will change the filesystem under us.
692 ext2fs_close(ctx->fs);
693 retval = ext2fs_open(ctx->filesystem_name, EXT2_FLAG_RW,
694 ctx->superblock, blocksize, io_ptr,
698 com_err(ctx->program_name, retval,
699 _("while trying to re-open %s"),
703 ctx->fs->priv_data = ctx;
705 /* Set the superblock flags */
706 e2fsck_clear_recover(ctx, recover_retval);
707 return recover_retval;
git://git.whamcloud.com / tools / e2fsprogs.git / blob