mirror of
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
synced 2024-09-12 21:57:43 +00:00
a05d3c9153
[BACKGROUND] There is an incident report that, one user hibernated the system, with one btrfs on removable device still mounted. Then by some incident, the btrfs got mounted and modified by another system/OS, then back to the hibernated system. After resuming from the hibernation, new write happened into the victim btrfs. Now the fs is completely broken, since the underlying btrfs is no longer the same one before the hibernation, and the user lost their data due to various transid mismatch. [REPRODUCER] We can emulate the situation using the following small script: truncate -s 1G $dev mkfs.btrfs -f $dev mount $dev $mnt fsstress -w -d $mnt -n 500 sync xfs_freeze -f $mnt cp $dev $dev.backup # There is no way to mount the same cloned fs on the same system, # as the conflicting fsid will be rejected by btrfs. # Thus here we have to wipe the fs using a different btrfs. mkfs.btrfs -f $dev.backup dd if=$dev.backup of=$dev bs=1M xfs_freeze -u $mnt fsstress -w -d $mnt -n 20 umount $mnt btrfs check $dev The final fsck will fail due to some tree blocks has incorrect fsid. This is enough to emulate the problem hit by the unfortunate user. [ENHANCEMENT] Although such case should not be that common, it can still happen from time to time. From the view of btrfs, we can detect any unexpected super block change, and if there is any unexpected change, we just mark the fs read-only, and thaw the fs. By this we can limit the damage to minimal, and I hope no one would lose their data by this anymore. Suggested-by: Goffredo Baroncelli <kreijack@libero.it> Link: https://lore.kernel.org/linux-btrfs/83bf3b4b-7f4c-387a-b286-9251e3991e34@bluemole.com/ Reviewed-by: Anand Jain <anand.jain@oracle.com> Signed-off-by: Qu Wenruo <wqu@suse.com> Signed-off-by: David Sterba <dsterba@suse.com>
142 lines
5.6 KiB
C
142 lines
5.6 KiB
C
/* SPDX-License-Identifier: GPL-2.0 */
|
|
/*
|
|
* Copyright (C) 2007 Oracle. All rights reserved.
|
|
*/
|
|
|
|
#ifndef BTRFS_DISK_IO_H
|
|
#define BTRFS_DISK_IO_H
|
|
|
|
#define BTRFS_SUPER_MIRROR_MAX 3
|
|
#define BTRFS_SUPER_MIRROR_SHIFT 12
|
|
|
|
/*
|
|
* Fixed blocksize for all devices, applies to specific ways of reading
|
|
* metadata like superblock. Must meet the set_blocksize requirements.
|
|
*
|
|
* Do not change.
|
|
*/
|
|
#define BTRFS_BDEV_BLOCKSIZE (4096)
|
|
|
|
static inline u64 btrfs_sb_offset(int mirror)
|
|
{
|
|
u64 start = SZ_16K;
|
|
if (mirror)
|
|
return start << (BTRFS_SUPER_MIRROR_SHIFT * mirror);
|
|
return BTRFS_SUPER_INFO_OFFSET;
|
|
}
|
|
|
|
struct btrfs_device;
|
|
struct btrfs_fs_devices;
|
|
|
|
void btrfs_check_leaked_roots(struct btrfs_fs_info *fs_info);
|
|
void btrfs_init_fs_info(struct btrfs_fs_info *fs_info);
|
|
int btrfs_verify_level_key(struct extent_buffer *eb, int level,
|
|
struct btrfs_key *first_key, u64 parent_transid);
|
|
struct extent_buffer *read_tree_block(struct btrfs_fs_info *fs_info, u64 bytenr,
|
|
u64 owner_root, u64 parent_transid,
|
|
int level, struct btrfs_key *first_key);
|
|
struct extent_buffer *btrfs_find_create_tree_block(
|
|
struct btrfs_fs_info *fs_info,
|
|
u64 bytenr, u64 owner_root,
|
|
int level);
|
|
void btrfs_clean_tree_block(struct extent_buffer *buf);
|
|
void btrfs_clear_oneshot_options(struct btrfs_fs_info *fs_info);
|
|
int btrfs_start_pre_rw_mount(struct btrfs_fs_info *fs_info);
|
|
int __cold open_ctree(struct super_block *sb,
|
|
struct btrfs_fs_devices *fs_devices,
|
|
char *options);
|
|
void __cold close_ctree(struct btrfs_fs_info *fs_info);
|
|
int btrfs_validate_super(struct btrfs_fs_info *fs_info,
|
|
struct btrfs_super_block *sb, int mirror_num);
|
|
int write_all_supers(struct btrfs_fs_info *fs_info, int max_mirrors);
|
|
struct btrfs_super_block *btrfs_read_dev_super(struct block_device *bdev);
|
|
struct btrfs_super_block *btrfs_read_dev_one_super(struct block_device *bdev,
|
|
int copy_num, bool drop_cache);
|
|
int btrfs_commit_super(struct btrfs_fs_info *fs_info);
|
|
struct btrfs_root *btrfs_read_tree_root(struct btrfs_root *tree_root,
|
|
struct btrfs_key *key);
|
|
int btrfs_insert_fs_root(struct btrfs_fs_info *fs_info,
|
|
struct btrfs_root *root);
|
|
void btrfs_free_fs_roots(struct btrfs_fs_info *fs_info);
|
|
|
|
struct btrfs_root *btrfs_get_fs_root(struct btrfs_fs_info *fs_info,
|
|
u64 objectid, bool check_ref);
|
|
struct btrfs_root *btrfs_get_new_fs_root(struct btrfs_fs_info *fs_info,
|
|
u64 objectid, dev_t anon_dev);
|
|
struct btrfs_root *btrfs_get_fs_root_commit_root(struct btrfs_fs_info *fs_info,
|
|
struct btrfs_path *path,
|
|
u64 objectid);
|
|
int btrfs_global_root_insert(struct btrfs_root *root);
|
|
void btrfs_global_root_delete(struct btrfs_root *root);
|
|
struct btrfs_root *btrfs_global_root(struct btrfs_fs_info *fs_info,
|
|
struct btrfs_key *key);
|
|
struct btrfs_root *btrfs_csum_root(struct btrfs_fs_info *fs_info, u64 bytenr);
|
|
struct btrfs_root *btrfs_extent_root(struct btrfs_fs_info *fs_info, u64 bytenr);
|
|
|
|
void btrfs_free_fs_info(struct btrfs_fs_info *fs_info);
|
|
int btrfs_cleanup_fs_roots(struct btrfs_fs_info *fs_info);
|
|
void btrfs_btree_balance_dirty(struct btrfs_fs_info *fs_info);
|
|
void btrfs_btree_balance_dirty_nodelay(struct btrfs_fs_info *fs_info);
|
|
void btrfs_drop_and_free_fs_root(struct btrfs_fs_info *fs_info,
|
|
struct btrfs_root *root);
|
|
int btrfs_validate_metadata_buffer(struct btrfs_bio *bbio,
|
|
struct page *page, u64 start, u64 end,
|
|
int mirror);
|
|
void btrfs_submit_metadata_bio(struct inode *inode, struct bio *bio, int mirror_num);
|
|
#ifdef CONFIG_BTRFS_FS_RUN_SANITY_TESTS
|
|
struct btrfs_root *btrfs_alloc_dummy_root(struct btrfs_fs_info *fs_info);
|
|
#endif
|
|
|
|
/*
|
|
* This function is used to grab the root, and avoid it is freed when we
|
|
* access it. But it doesn't ensure that the tree is not dropped.
|
|
*
|
|
* If you want to ensure the whole tree is safe, you should use
|
|
* fs_info->subvol_srcu
|
|
*/
|
|
static inline struct btrfs_root *btrfs_grab_root(struct btrfs_root *root)
|
|
{
|
|
if (!root)
|
|
return NULL;
|
|
if (refcount_inc_not_zero(&root->refs))
|
|
return root;
|
|
return NULL;
|
|
}
|
|
|
|
static inline struct btrfs_root *btrfs_block_group_root(struct btrfs_fs_info *fs_info)
|
|
{
|
|
if (btrfs_fs_incompat(fs_info, EXTENT_TREE_V2))
|
|
return fs_info->block_group_root;
|
|
return btrfs_extent_root(fs_info, 0);
|
|
}
|
|
|
|
void btrfs_put_root(struct btrfs_root *root);
|
|
void btrfs_mark_buffer_dirty(struct extent_buffer *buf);
|
|
int btrfs_buffer_uptodate(struct extent_buffer *buf, u64 parent_transid,
|
|
int atomic);
|
|
int btrfs_read_extent_buffer(struct extent_buffer *buf, u64 parent_transid,
|
|
int level, struct btrfs_key *first_key);
|
|
bool btrfs_wq_submit_bio(struct inode *inode, struct bio *bio, int mirror_num,
|
|
u64 dio_file_offset,
|
|
extent_submit_bio_start_t *submit_bio_start);
|
|
blk_status_t btrfs_submit_bio_done(void *private_data, struct bio *bio,
|
|
int mirror_num);
|
|
int btrfs_alloc_log_tree_node(struct btrfs_trans_handle *trans,
|
|
struct btrfs_root *root);
|
|
int btrfs_init_log_root_tree(struct btrfs_trans_handle *trans,
|
|
struct btrfs_fs_info *fs_info);
|
|
int btrfs_add_log_tree(struct btrfs_trans_handle *trans,
|
|
struct btrfs_root *root);
|
|
void btrfs_cleanup_dirty_bgs(struct btrfs_transaction *trans,
|
|
struct btrfs_fs_info *fs_info);
|
|
void btrfs_cleanup_one_transaction(struct btrfs_transaction *trans,
|
|
struct btrfs_fs_info *fs_info);
|
|
struct btrfs_root *btrfs_create_tree(struct btrfs_trans_handle *trans,
|
|
u64 objectid);
|
|
int btree_lock_page_hook(struct page *page, void *data,
|
|
void (*flush_fn)(void *));
|
|
int btrfs_get_num_tolerated_disk_barrier_failures(u64 flags);
|
|
int btrfs_get_free_objectid(struct btrfs_root *root, u64 *objectid);
|
|
int btrfs_init_root_free_objectid(struct btrfs_root *root);
|
|
|
|
#endif
|