diff options
| author | Darrick J. Wong <darrick.wong@oracle.com> | 2014-08-02 22:48:21 -0400 |
|---|---|---|
| committer | Theodore Ts'o <tytso@mit.edu> | 2014-08-02 22:48:21 -0400 |
| commit | 2e9d8391560ecde48e0b21f174fdb7bf3331345a (patch) | |
| tree | 000a88c03ef5a751bdffc0bc15faf182f9aa1ab9 /e2fsck/pass3.c | |
| parent | 68d70624e34b90fd153964950b7a2917b5bb3a8c (diff) | |
| download | e2fsprogs-2e9d8391560ecde48e0b21f174fdb7bf3331345a.tar.gz | |
e2fsck: correctly preserve fs flags when modifying ignore-csum-error flag
When we need to modify the "ignore checksum error" behavior flag to
get us past a library call, it's possible that the library call can
result in other flag bits being changed. Therefore, it is not correct
to restore unconditionally the previous flags value, since this will
have unintended side effects on the other fs->flags; nor is it correct
to assume that we can unconditionally set (or clear) the "ignore csum
error" flag bit. Therefore, we must merge the previous value of the
"ignore csum error" flag with the value of flags after the call.
Note that we want to leave checksum verification on as much as
possible because doing so exposes e2fsck bugs where two metadata
blocks are "sharing" the same disk block, and attempting to fix one
before relocating the other causes major filesystem damage. The
damage is much more obvious when a previously checked piece of
metadata suddenly fails in a subsequent pass.
The modifications to the pass 2, 3, and 3A code are justified as
follows: When e2fsck encounters a block of directory entries and
cannot find the placeholder entry at the end that contains the
checksum, it will try to insert the placeholder. If that fails, it
will schedule the directory for a pass 3A reconstruction. Until that
happens, we don't want directory block writing (pass 2), block
iteration (pass 3), or block reading (pass 3A) to fail due to checksum
errors, because failing to find the placeholder is itself a checksum
verification error, which causes e2fsck to abort without fixing
anything.
The e2fsck call to ext2fs_read_bitmaps must never fail due to a
checksum error because e2fsck subsequently (a) verifies the bitmaps
itself; or (b) decides that they don't match what has been observed,
and rewrites them.
Signed-off-by: Darrick J. Wong <darrick.wong@oracle.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Diffstat (limited to 'e2fsck/pass3.c')
| -rw-r--r-- | e2fsck/pass3.c | 11 |
1 files changed, 8 insertions, 3 deletions
diff --git a/e2fsck/pass3.c b/e2fsck/pass3.c index e6142ad5..0b029613 100644 --- a/e2fsck/pass3.c +++ b/e2fsck/pass3.c @@ -699,6 +699,7 @@ static void fix_dotdot(e2fsck_t ctx, ext2_ino_t ino, ext2_ino_t parent) errcode_t retval; struct fix_dotdot_struct fp; struct problem_context pctx; + int flags, will_rehash; fp.fs = fs; fp.parent = parent; @@ -711,12 +712,16 @@ static void fix_dotdot(e2fsck_t ctx, ext2_ino_t ino, ext2_ino_t parent) clear_problem_context(&pctx); pctx.ino = ino; - if (e2fsck_dir_will_be_rehashed(ctx, ino)) + will_rehash = e2fsck_dir_will_be_rehashed(ctx, ino); + if (will_rehash) { + flags = ctx->fs->flags; ctx->fs->flags |= EXT2_FLAG_IGNORE_CSUM_ERRORS; + } retval = ext2fs_dir_iterate(fs, ino, DIRENT_FLAG_INCLUDE_EMPTY, 0, fix_dotdot_proc, &fp); - if (e2fsck_dir_will_be_rehashed(ctx, ino)) - ctx->fs->flags &= ~EXT2_FLAG_IGNORE_CSUM_ERRORS; + if (will_rehash) + ctx->fs->flags = (flags & EXT2_FLAG_IGNORE_CSUM_ERRORS) | + (ctx->fs->flags & ~EXT2_FLAG_IGNORE_CSUM_ERRORS); if (retval || !fp.done) { pctx.errcode = retval; fix_problem(ctx, retval ? PR_3_FIX_PARENT_ERR : |