From 23d6dd1f1032af47d9a8cc7e9ecc1ec7a9b95718 Mon Sep 17 00:00:00 2001 From: "Darrick J. Wong" Date: Fri, 18 Jul 2014 15:53:11 -0700 Subject: [PATCH] e2fsck: fix inode coherency issue when iterating an inode's blocks When we're about to iterate the blocks of a block-map file, we need to write the inode out to disk if it's dirty because block_iterate3() will re-read the inode from disk. (In practice this won't happen because nothing dirties block-mapped inodes before the iterate call, but we can program defensively). More importantly, we need to re-read the inode after the iterate() operation because it's possible that mappings were changed (or erased) during the iteration. If we then dirty or clear the inode, we'll mistakenly write the old inode values back out to disk! Signed-off-by: Darrick J. Wong Signed-off-by: Theodore Ts'o --- e2fsck/pass1.c | 25 ++++++++++++++++++++++++- 1 file changed, 24 insertions(+), 1 deletion(-) diff --git a/e2fsck/pass1.c b/e2fsck/pass1.c index 1269a12..784195a 100644 --- a/e2fsck/pass1.c +++ b/e2fsck/pass1.c @@ -80,7 +80,8 @@ static void adjust_extattr_refcount(e2fsck_t ctx, ext2_refcount_t refcount, struct process_block_struct { ext2_ino_t ino; unsigned is_dir:1, is_reg:1, clear:1, suppress:1, - fragmented:1, compressed:1, bbcheck:1; + fragmented:1, compressed:1, bbcheck:1, + inode_modified:1; blk64_t num_blocks; blk64_t max_blocks; e2_blkcnt_t last_block; @@ -1837,6 +1838,7 @@ report_problem: continue; } e2fsck_read_bitmaps(ctx); + pb->inode_modified = 1; pctx->errcode = ext2fs_extent_delete(ehandle, 0); if (pctx->errcode) { @@ -1884,6 +1886,7 @@ report_problem: pctx->num = e_info.curr_level - 1; problem = PR_1_EXTENT_INDEX_START_INVALID; if (fix_problem(ctx, problem, pctx)) { + pb->inode_modified = 1; pctx->errcode = ext2fs_extent_fix_parents(ehandle); if (pctx->errcode) { @@ -2060,6 +2063,7 @@ static void check_blocks(e2fsck_t ctx, struct problem_context *pctx, pb.inode = inode; pb.pctx = pctx; pb.ctx = ctx; + pb.inode_modified = 0; pctx->ino = ino; pctx->errcode = 0; @@ -2089,6 +2093,15 @@ static void check_blocks(e2fsck_t ctx, struct problem_context *pctx, if (extent_fs && (inode->i_flags & EXT4_EXTENTS_FL)) check_blocks_extents(ctx, pctx, &pb); else { + /* + * If we've modified the inode, write it out before + * iterate() tries to use it. + */ + if (dirty_inode) { + e2fsck_write_inode(ctx, ino, inode, + "check_blocks"); + dirty_inode = 0; + } pctx->errcode = ext2fs_block_iterate3(fs, ino, pb.is_dir ? BLOCK_FLAG_HOLE : 0, block_buf, process_block, &pb); @@ -2097,6 +2110,15 @@ static void check_blocks(e2fsck_t ctx, struct problem_context *pctx, * files. */ pb.last_init_lblock = pb.last_block; + /* + * If iterate() changed a block mapping, we have to + * re-read the inode. If we decide to clear the + * inode after clearing some stuff, we'll re-write the + * bad mappings into the inode! + */ + if (pb.inode_modified) + e2fsck_read_inode(ctx, ino, inode, + "check_blocks"); } } end_problem_latch(ctx, PR_LATCH_BLOCK); @@ -2383,6 +2405,7 @@ static int process_block(ext2_filsys fs, if (fix_problem(ctx, problem, pctx)) { blk = *block_nr = 0; ret_code = BLOCK_CHANGED; + p->inode_modified = 1; goto mark_dir; } else return 0; -- 1.8.3.1