9fe5c77cbe
Log recovery has it's own buffer write completion handler for buffers that it directly recovers. Convert these to direct calls by flagging these buffers as being log recovery buffers. The flag will get cleared by the log recovery IO completion routine, so it will never leak out of log recovery. Signed-off-by: Dave Chinner <dchinner@redhat.com> Reviewed-by: Brian Foster <bfoster@redhat.com> Reviewed-by: Darrick J. Wong <darrick.wong@oracle.com> Signed-off-by: Darrick J. Wong <darrick.wong@oracle.com>
395 lines
11 KiB
C
395 lines
11 KiB
C
// SPDX-License-Identifier: GPL-2.0
|
|
/*
|
|
* Copyright (c) 2000-2006 Silicon Graphics, Inc.
|
|
* All Rights Reserved.
|
|
*/
|
|
#include "xfs.h"
|
|
#include "xfs_fs.h"
|
|
#include "xfs_shared.h"
|
|
#include "xfs_format.h"
|
|
#include "xfs_log_format.h"
|
|
#include "xfs_trans_resv.h"
|
|
#include "xfs_mount.h"
|
|
#include "xfs_inode.h"
|
|
#include "xfs_trans.h"
|
|
#include "xfs_inode_item.h"
|
|
#include "xfs_trace.h"
|
|
#include "xfs_trans_priv.h"
|
|
#include "xfs_buf_item.h"
|
|
#include "xfs_log.h"
|
|
#include "xfs_error.h"
|
|
#include "xfs_log_priv.h"
|
|
#include "xfs_log_recover.h"
|
|
#include "xfs_icache.h"
|
|
#include "xfs_bmap_btree.h"
|
|
|
|
STATIC void
|
|
xlog_recover_inode_ra_pass2(
|
|
struct xlog *log,
|
|
struct xlog_recover_item *item)
|
|
{
|
|
if (item->ri_buf[0].i_len == sizeof(struct xfs_inode_log_format)) {
|
|
struct xfs_inode_log_format *ilfp = item->ri_buf[0].i_addr;
|
|
|
|
xlog_buf_readahead(log, ilfp->ilf_blkno, ilfp->ilf_len,
|
|
&xfs_inode_buf_ra_ops);
|
|
} else {
|
|
struct xfs_inode_log_format_32 *ilfp = item->ri_buf[0].i_addr;
|
|
|
|
xlog_buf_readahead(log, ilfp->ilf_blkno, ilfp->ilf_len,
|
|
&xfs_inode_buf_ra_ops);
|
|
}
|
|
}
|
|
|
|
/*
|
|
* Inode fork owner changes
|
|
*
|
|
* If we have been told that we have to reparent the inode fork, it's because an
|
|
* extent swap operation on a CRC enabled filesystem has been done and we are
|
|
* replaying it. We need to walk the BMBT of the appropriate fork and change the
|
|
* owners of it.
|
|
*
|
|
* The complexity here is that we don't have an inode context to work with, so
|
|
* after we've replayed the inode we need to instantiate one. This is where the
|
|
* fun begins.
|
|
*
|
|
* We are in the middle of log recovery, so we can't run transactions. That
|
|
* means we cannot use cache coherent inode instantiation via xfs_iget(), as
|
|
* that will result in the corresponding iput() running the inode through
|
|
* xfs_inactive(). If we've just replayed an inode core that changes the link
|
|
* count to zero (i.e. it's been unlinked), then xfs_inactive() will run
|
|
* transactions (bad!).
|
|
*
|
|
* So, to avoid this, we instantiate an inode directly from the inode core we've
|
|
* just recovered. We have the buffer still locked, and all we really need to
|
|
* instantiate is the inode core and the forks being modified. We can do this
|
|
* manually, then run the inode btree owner change, and then tear down the
|
|
* xfs_inode without having to run any transactions at all.
|
|
*
|
|
* Also, because we don't have a transaction context available here but need to
|
|
* gather all the buffers we modify for writeback so we pass the buffer_list
|
|
* instead for the operation to use.
|
|
*/
|
|
|
|
STATIC int
|
|
xfs_recover_inode_owner_change(
|
|
struct xfs_mount *mp,
|
|
struct xfs_dinode *dip,
|
|
struct xfs_inode_log_format *in_f,
|
|
struct list_head *buffer_list)
|
|
{
|
|
struct xfs_inode *ip;
|
|
int error;
|
|
|
|
ASSERT(in_f->ilf_fields & (XFS_ILOG_DOWNER|XFS_ILOG_AOWNER));
|
|
|
|
ip = xfs_inode_alloc(mp, in_f->ilf_ino);
|
|
if (!ip)
|
|
return -ENOMEM;
|
|
|
|
/* instantiate the inode */
|
|
ASSERT(dip->di_version >= 3);
|
|
|
|
error = xfs_inode_from_disk(ip, dip);
|
|
if (error)
|
|
goto out_free_ip;
|
|
|
|
if (in_f->ilf_fields & XFS_ILOG_DOWNER) {
|
|
ASSERT(in_f->ilf_fields & XFS_ILOG_DBROOT);
|
|
error = xfs_bmbt_change_owner(NULL, ip, XFS_DATA_FORK,
|
|
ip->i_ino, buffer_list);
|
|
if (error)
|
|
goto out_free_ip;
|
|
}
|
|
|
|
if (in_f->ilf_fields & XFS_ILOG_AOWNER) {
|
|
ASSERT(in_f->ilf_fields & XFS_ILOG_ABROOT);
|
|
error = xfs_bmbt_change_owner(NULL, ip, XFS_ATTR_FORK,
|
|
ip->i_ino, buffer_list);
|
|
if (error)
|
|
goto out_free_ip;
|
|
}
|
|
|
|
out_free_ip:
|
|
xfs_inode_free(ip);
|
|
return error;
|
|
}
|
|
|
|
STATIC int
|
|
xlog_recover_inode_commit_pass2(
|
|
struct xlog *log,
|
|
struct list_head *buffer_list,
|
|
struct xlog_recover_item *item,
|
|
xfs_lsn_t current_lsn)
|
|
{
|
|
struct xfs_inode_log_format *in_f;
|
|
struct xfs_mount *mp = log->l_mp;
|
|
struct xfs_buf *bp;
|
|
struct xfs_dinode *dip;
|
|
int len;
|
|
char *src;
|
|
char *dest;
|
|
int error;
|
|
int attr_index;
|
|
uint fields;
|
|
struct xfs_log_dinode *ldip;
|
|
uint isize;
|
|
int need_free = 0;
|
|
|
|
if (item->ri_buf[0].i_len == sizeof(struct xfs_inode_log_format)) {
|
|
in_f = item->ri_buf[0].i_addr;
|
|
} else {
|
|
in_f = kmem_alloc(sizeof(struct xfs_inode_log_format), 0);
|
|
need_free = 1;
|
|
error = xfs_inode_item_format_convert(&item->ri_buf[0], in_f);
|
|
if (error)
|
|
goto error;
|
|
}
|
|
|
|
/*
|
|
* Inode buffers can be freed, look out for it,
|
|
* and do not replay the inode.
|
|
*/
|
|
if (xlog_is_buffer_cancelled(log, in_f->ilf_blkno, in_f->ilf_len)) {
|
|
error = 0;
|
|
trace_xfs_log_recover_inode_cancel(log, in_f);
|
|
goto error;
|
|
}
|
|
trace_xfs_log_recover_inode_recover(log, in_f);
|
|
|
|
error = xfs_buf_read(mp->m_ddev_targp, in_f->ilf_blkno, in_f->ilf_len,
|
|
0, &bp, &xfs_inode_buf_ops);
|
|
if (error)
|
|
goto error;
|
|
ASSERT(in_f->ilf_fields & XFS_ILOG_CORE);
|
|
dip = xfs_buf_offset(bp, in_f->ilf_boffset);
|
|
|
|
/*
|
|
* Make sure the place we're flushing out to really looks
|
|
* like an inode!
|
|
*/
|
|
if (XFS_IS_CORRUPT(mp, !xfs_verify_magic16(bp, dip->di_magic))) {
|
|
xfs_alert(mp,
|
|
"%s: Bad inode magic number, dip = "PTR_FMT", dino bp = "PTR_FMT", ino = %Ld",
|
|
__func__, dip, bp, in_f->ilf_ino);
|
|
error = -EFSCORRUPTED;
|
|
goto out_release;
|
|
}
|
|
ldip = item->ri_buf[1].i_addr;
|
|
if (XFS_IS_CORRUPT(mp, ldip->di_magic != XFS_DINODE_MAGIC)) {
|
|
xfs_alert(mp,
|
|
"%s: Bad inode log record, rec ptr "PTR_FMT", ino %Ld",
|
|
__func__, item, in_f->ilf_ino);
|
|
error = -EFSCORRUPTED;
|
|
goto out_release;
|
|
}
|
|
|
|
/*
|
|
* If the inode has an LSN in it, recover the inode only if it's less
|
|
* than the lsn of the transaction we are replaying. Note: we still
|
|
* need to replay an owner change even though the inode is more recent
|
|
* than the transaction as there is no guarantee that all the btree
|
|
* blocks are more recent than this transaction, too.
|
|
*/
|
|
if (dip->di_version >= 3) {
|
|
xfs_lsn_t lsn = be64_to_cpu(dip->di_lsn);
|
|
|
|
if (lsn && lsn != -1 && XFS_LSN_CMP(lsn, current_lsn) >= 0) {
|
|
trace_xfs_log_recover_inode_skip(log, in_f);
|
|
error = 0;
|
|
goto out_owner_change;
|
|
}
|
|
}
|
|
|
|
/*
|
|
* di_flushiter is only valid for v1/2 inodes. All changes for v3 inodes
|
|
* are transactional and if ordering is necessary we can determine that
|
|
* more accurately by the LSN field in the V3 inode core. Don't trust
|
|
* the inode versions we might be changing them here - use the
|
|
* superblock flag to determine whether we need to look at di_flushiter
|
|
* to skip replay when the on disk inode is newer than the log one
|
|
*/
|
|
if (!xfs_sb_version_has_v3inode(&mp->m_sb) &&
|
|
ldip->di_flushiter < be16_to_cpu(dip->di_flushiter)) {
|
|
/*
|
|
* Deal with the wrap case, DI_MAX_FLUSH is less
|
|
* than smaller numbers
|
|
*/
|
|
if (be16_to_cpu(dip->di_flushiter) == DI_MAX_FLUSH &&
|
|
ldip->di_flushiter < (DI_MAX_FLUSH >> 1)) {
|
|
/* do nothing */
|
|
} else {
|
|
trace_xfs_log_recover_inode_skip(log, in_f);
|
|
error = 0;
|
|
goto out_release;
|
|
}
|
|
}
|
|
|
|
/* Take the opportunity to reset the flush iteration count */
|
|
ldip->di_flushiter = 0;
|
|
|
|
if (unlikely(S_ISREG(ldip->di_mode))) {
|
|
if ((ldip->di_format != XFS_DINODE_FMT_EXTENTS) &&
|
|
(ldip->di_format != XFS_DINODE_FMT_BTREE)) {
|
|
XFS_CORRUPTION_ERROR("xlog_recover_inode_pass2(3)",
|
|
XFS_ERRLEVEL_LOW, mp, ldip,
|
|
sizeof(*ldip));
|
|
xfs_alert(mp,
|
|
"%s: Bad regular inode log record, rec ptr "PTR_FMT", "
|
|
"ino ptr = "PTR_FMT", ino bp = "PTR_FMT", ino %Ld",
|
|
__func__, item, dip, bp, in_f->ilf_ino);
|
|
error = -EFSCORRUPTED;
|
|
goto out_release;
|
|
}
|
|
} else if (unlikely(S_ISDIR(ldip->di_mode))) {
|
|
if ((ldip->di_format != XFS_DINODE_FMT_EXTENTS) &&
|
|
(ldip->di_format != XFS_DINODE_FMT_BTREE) &&
|
|
(ldip->di_format != XFS_DINODE_FMT_LOCAL)) {
|
|
XFS_CORRUPTION_ERROR("xlog_recover_inode_pass2(4)",
|
|
XFS_ERRLEVEL_LOW, mp, ldip,
|
|
sizeof(*ldip));
|
|
xfs_alert(mp,
|
|
"%s: Bad dir inode log record, rec ptr "PTR_FMT", "
|
|
"ino ptr = "PTR_FMT", ino bp = "PTR_FMT", ino %Ld",
|
|
__func__, item, dip, bp, in_f->ilf_ino);
|
|
error = -EFSCORRUPTED;
|
|
goto out_release;
|
|
}
|
|
}
|
|
if (unlikely(ldip->di_nextents + ldip->di_anextents > ldip->di_nblocks)){
|
|
XFS_CORRUPTION_ERROR("xlog_recover_inode_pass2(5)",
|
|
XFS_ERRLEVEL_LOW, mp, ldip,
|
|
sizeof(*ldip));
|
|
xfs_alert(mp,
|
|
"%s: Bad inode log record, rec ptr "PTR_FMT", dino ptr "PTR_FMT", "
|
|
"dino bp "PTR_FMT", ino %Ld, total extents = %d, nblocks = %Ld",
|
|
__func__, item, dip, bp, in_f->ilf_ino,
|
|
ldip->di_nextents + ldip->di_anextents,
|
|
ldip->di_nblocks);
|
|
error = -EFSCORRUPTED;
|
|
goto out_release;
|
|
}
|
|
if (unlikely(ldip->di_forkoff > mp->m_sb.sb_inodesize)) {
|
|
XFS_CORRUPTION_ERROR("xlog_recover_inode_pass2(6)",
|
|
XFS_ERRLEVEL_LOW, mp, ldip,
|
|
sizeof(*ldip));
|
|
xfs_alert(mp,
|
|
"%s: Bad inode log record, rec ptr "PTR_FMT", dino ptr "PTR_FMT", "
|
|
"dino bp "PTR_FMT", ino %Ld, forkoff 0x%x", __func__,
|
|
item, dip, bp, in_f->ilf_ino, ldip->di_forkoff);
|
|
error = -EFSCORRUPTED;
|
|
goto out_release;
|
|
}
|
|
isize = xfs_log_dinode_size(mp);
|
|
if (unlikely(item->ri_buf[1].i_len > isize)) {
|
|
XFS_CORRUPTION_ERROR("xlog_recover_inode_pass2(7)",
|
|
XFS_ERRLEVEL_LOW, mp, ldip,
|
|
sizeof(*ldip));
|
|
xfs_alert(mp,
|
|
"%s: Bad inode log record length %d, rec ptr "PTR_FMT,
|
|
__func__, item->ri_buf[1].i_len, item);
|
|
error = -EFSCORRUPTED;
|
|
goto out_release;
|
|
}
|
|
|
|
/* recover the log dinode inode into the on disk inode */
|
|
xfs_log_dinode_to_disk(ldip, dip);
|
|
|
|
fields = in_f->ilf_fields;
|
|
if (fields & XFS_ILOG_DEV)
|
|
xfs_dinode_put_rdev(dip, in_f->ilf_u.ilfu_rdev);
|
|
|
|
if (in_f->ilf_size == 2)
|
|
goto out_owner_change;
|
|
len = item->ri_buf[2].i_len;
|
|
src = item->ri_buf[2].i_addr;
|
|
ASSERT(in_f->ilf_size <= 4);
|
|
ASSERT((in_f->ilf_size == 3) || (fields & XFS_ILOG_AFORK));
|
|
ASSERT(!(fields & XFS_ILOG_DFORK) ||
|
|
(len == in_f->ilf_dsize));
|
|
|
|
switch (fields & XFS_ILOG_DFORK) {
|
|
case XFS_ILOG_DDATA:
|
|
case XFS_ILOG_DEXT:
|
|
memcpy(XFS_DFORK_DPTR(dip), src, len);
|
|
break;
|
|
|
|
case XFS_ILOG_DBROOT:
|
|
xfs_bmbt_to_bmdr(mp, (struct xfs_btree_block *)src, len,
|
|
(struct xfs_bmdr_block *)XFS_DFORK_DPTR(dip),
|
|
XFS_DFORK_DSIZE(dip, mp));
|
|
break;
|
|
|
|
default:
|
|
/*
|
|
* There are no data fork flags set.
|
|
*/
|
|
ASSERT((fields & XFS_ILOG_DFORK) == 0);
|
|
break;
|
|
}
|
|
|
|
/*
|
|
* If we logged any attribute data, recover it. There may or
|
|
* may not have been any other non-core data logged in this
|
|
* transaction.
|
|
*/
|
|
if (in_f->ilf_fields & XFS_ILOG_AFORK) {
|
|
if (in_f->ilf_fields & XFS_ILOG_DFORK) {
|
|
attr_index = 3;
|
|
} else {
|
|
attr_index = 2;
|
|
}
|
|
len = item->ri_buf[attr_index].i_len;
|
|
src = item->ri_buf[attr_index].i_addr;
|
|
ASSERT(len == in_f->ilf_asize);
|
|
|
|
switch (in_f->ilf_fields & XFS_ILOG_AFORK) {
|
|
case XFS_ILOG_ADATA:
|
|
case XFS_ILOG_AEXT:
|
|
dest = XFS_DFORK_APTR(dip);
|
|
ASSERT(len <= XFS_DFORK_ASIZE(dip, mp));
|
|
memcpy(dest, src, len);
|
|
break;
|
|
|
|
case XFS_ILOG_ABROOT:
|
|
dest = XFS_DFORK_APTR(dip);
|
|
xfs_bmbt_to_bmdr(mp, (struct xfs_btree_block *)src,
|
|
len, (struct xfs_bmdr_block *)dest,
|
|
XFS_DFORK_ASIZE(dip, mp));
|
|
break;
|
|
|
|
default:
|
|
xfs_warn(log->l_mp, "%s: Invalid flag", __func__);
|
|
ASSERT(0);
|
|
error = -EFSCORRUPTED;
|
|
goto out_release;
|
|
}
|
|
}
|
|
|
|
out_owner_change:
|
|
/* Recover the swapext owner change unless inode has been deleted */
|
|
if ((in_f->ilf_fields & (XFS_ILOG_DOWNER|XFS_ILOG_AOWNER)) &&
|
|
(dip->di_mode != 0))
|
|
error = xfs_recover_inode_owner_change(mp, dip, in_f,
|
|
buffer_list);
|
|
/* re-generate the checksum. */
|
|
xfs_dinode_calc_crc(log->l_mp, dip);
|
|
|
|
ASSERT(bp->b_mount == mp);
|
|
bp->b_flags |= _XBF_LOGRECOVERY;
|
|
xfs_buf_delwri_queue(bp, buffer_list);
|
|
|
|
out_release:
|
|
xfs_buf_relse(bp);
|
|
error:
|
|
if (need_free)
|
|
kmem_free(in_f);
|
|
return error;
|
|
}
|
|
|
|
const struct xlog_recover_item_ops xlog_inode_item_ops = {
|
|
.item_type = XFS_LI_INODE,
|
|
.ra_pass2 = xlog_recover_inode_ra_pass2,
|
|
.commit_pass2 = xlog_recover_inode_commit_pass2,
|
|
};
|