aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorHidehiro Kawai <hidehiro.kawai.ez@hitachi.com>2008-10-10 22:12:43 -0400
committerTheodore Ts'o <tytso@mit.edu>2008-10-10 22:12:43 -0400
commit5bf5683a33f3584da6eced480967c4f7e11515a8 (patch)
tree4986ba3932d9f259fa1bc674deff3e35f689b243
parent7ad7445f60fe4d46c4c9d2a9463db180d2a3b270 (diff)
ext4: add an option to control error handling on file data
If the journal doesn't abort when it gets an IO error in file data blocks, the file data corruption will spread silently. Because most of applications and commands do buffered writes without fsync(), they don't notice the IO error. It's scary for mission critical systems. On the other hand, if the journal aborts whenever it gets an IO error in file data blocks, the system will easily become inoperable. So this patch introduces a filesystem option to determine whether it aborts the journal or just call printk() when it gets an IO error in file data. If you mount an ext4 fs with data_err=abort option, it aborts on file data write error. If you mount it with data_err=ignore, it doesn't abort, just call printk(). data_err=ignore is the default. Here is the corresponding patch of the ext3 version: http://kerneltrap.org/mailarchive/linux-kernel/2008/9/9/3239374 Signed-off-by: Hidehiro Kawai <hidehiro.kawai.ez@hitachi.com> Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Diffstat
-rw-r--r--Documentation/filesystems/ext4.txt5
-rw-r--r--fs/ext4/ext4.h2
-rw-r--r--fs/ext4/super.c16
-rw-r--r--fs/jbd2/commit.c2
-rw-r--r--include/linux/jbd2.h3
5 files changed, 28 insertions, 0 deletions
diff --git a/Documentation/filesystems/ext4.txt b/Documentation/filesystems/ext4.txt
index 74484e696405..eb154ef36c2a 100644
--- a/Documentation/filesystems/ext4.txt
+++ b/Documentation/filesystems/ext4.txt
@@ -223,6 +223,11 @@ errors=remount-ro(*) Remount the filesystem read-only on an error.
223errors=continue Keep going on a filesystem error. 223errors=continue Keep going on a filesystem error.
224errors=panic Panic and halt the machine if an error occurs. 224errors=panic Panic and halt the machine if an error occurs.
225 225
226data_err=ignore(*) Just print an error message if an error occurs
227 in a file data buffer in ordered mode.
228data_err=abort Abort the journal if an error occurs in a file
229 data buffer in ordered mode.
230
226grpid Give objects the same group ID as their creator. 231grpid Give objects the same group ID as their creator.
227bsdgroups 232bsdgroups
228 233
diff --git a/fs/ext4/ext4.h b/fs/ext4/ext4.h
index f46a513a5157..6690a41cdd9f 100644
--- a/fs/ext4/ext4.h
+++ b/fs/ext4/ext4.h
@@ -540,6 +540,8 @@ do { \
540#define EXT4_MOUNT_JOURNAL_ASYNC_COMMIT 0x1000000 /* Journal Async Commit */ 540#define EXT4_MOUNT_JOURNAL_ASYNC_COMMIT 0x1000000 /* Journal Async Commit */
541#define EXT4_MOUNT_I_VERSION 0x2000000 /* i_version support */ 541#define EXT4_MOUNT_I_VERSION 0x2000000 /* i_version support */
542#define EXT4_MOUNT_DELALLOC 0x8000000 /* Delalloc support */ 542#define EXT4_MOUNT_DELALLOC 0x8000000 /* Delalloc support */
543#define EXT4_MOUNT_DATA_ERR_ABORT 0x10000000 /* Abort on file data write */
544
543/* Compatibility, for having both ext2_fs.h and ext4_fs.h included at once */ 545/* Compatibility, for having both ext2_fs.h and ext4_fs.h included at once */
544#ifndef _LINUX_EXT2_FS_H 546#ifndef _LINUX_EXT2_FS_H
545#define clear_opt(o, opt) o &= ~EXT4_MOUNT_##opt 547#define clear_opt(o, opt) o &= ~EXT4_MOUNT_##opt
diff --git a/fs/ext4/super.c b/fs/ext4/super.c
index 79bd3989e84f..014677b8e224 100644
--- a/fs/ext4/super.c
+++ b/fs/ext4/super.c
@@ -778,6 +778,9 @@ static int ext4_show_options(struct seq_file *seq, struct vfsmount *vfs)
778 seq_printf(seq, ",inode_readahead_blks=%u", 778 seq_printf(seq, ",inode_readahead_blks=%u",
779 sbi->s_inode_readahead_blks); 779 sbi->s_inode_readahead_blks);
780 780
781 if (test_opt(sb, DATA_ERR_ABORT))
782 seq_puts(seq, ",data_err=abort");
783
781 ext4_show_quota_options(seq, sb); 784 ext4_show_quota_options(seq, sb);
782 return 0; 785 return 0;
783} 786}
@@ -907,6 +910,7 @@ enum {
907 Opt_commit, Opt_journal_update, Opt_journal_inum, Opt_journal_dev, 910 Opt_commit, Opt_journal_update, Opt_journal_inum, Opt_journal_dev,
908 Opt_journal_checksum, Opt_journal_async_commit, 911 Opt_journal_checksum, Opt_journal_async_commit,
909 Opt_abort, Opt_data_journal, Opt_data_ordered, Opt_data_writeback, 912 Opt_abort, Opt_data_journal, Opt_data_ordered, Opt_data_writeback,
913 Opt_data_err_abort, Opt_data_err_ignore,
910 Opt_usrjquota, Opt_grpjquota, Opt_offusrjquota, Opt_offgrpjquota, 914 Opt_usrjquota, Opt_grpjquota, Opt_offusrjquota, Opt_offgrpjquota,
911 Opt_jqfmt_vfsold, Opt_jqfmt_vfsv0, Opt_quota, Opt_noquota, 915 Opt_jqfmt_vfsold, Opt_jqfmt_vfsv0, Opt_quota, Opt_noquota,
912 Opt_ignore, Opt_barrier, Opt_err, Opt_resize, Opt_usrquota, 916 Opt_ignore, Opt_barrier, Opt_err, Opt_resize, Opt_usrquota,
@@ -953,6 +957,8 @@ static match_table_t tokens = {
953 {Opt_data_journal, "data=journal"}, 957 {Opt_data_journal, "data=journal"},
954 {Opt_data_ordered, "data=ordered"}, 958 {Opt_data_ordered, "data=ordered"},
955 {Opt_data_writeback, "data=writeback"}, 959 {Opt_data_writeback, "data=writeback"},
960 {Opt_data_err_abort, "data_err=abort"},
961 {Opt_data_err_ignore, "data_err=ignore"},
956 {Opt_offusrjquota, "usrjquota="}, 962 {Opt_offusrjquota, "usrjquota="},
957 {Opt_usrjquota, "usrjquota=%s"}, 963 {Opt_usrjquota, "usrjquota=%s"},
958 {Opt_offgrpjquota, "grpjquota="}, 964 {Opt_offgrpjquota, "grpjquota="},
@@ -1187,6 +1193,12 @@ static int parse_options(char *options, struct super_block *sb,
1187 sbi->s_mount_opt |= data_opt; 1193 sbi->s_mount_opt |= data_opt;
1188 } 1194 }
1189 break; 1195 break;
1196 case Opt_data_err_abort:
1197 set_opt(sbi->s_mount_opt, DATA_ERR_ABORT);
1198 break;
1199 case Opt_data_err_ignore:
1200 clear_opt(sbi->s_mount_opt, DATA_ERR_ABORT);
1201 break;
1190#ifdef CONFIG_QUOTA 1202#ifdef CONFIG_QUOTA
1191 case Opt_usrjquota: 1203 case Opt_usrjquota:
1192 qtype = USRQUOTA; 1204 qtype = USRQUOTA;
@@ -2535,6 +2547,10 @@ static void ext4_init_journal_params(struct super_block *sb, journal_t *journal)
2535 journal->j_flags |= JBD2_BARRIER; 2547 journal->j_flags |= JBD2_BARRIER;
2536 else 2548 else
2537 journal->j_flags &= ~JBD2_BARRIER; 2549 journal->j_flags &= ~JBD2_BARRIER;
2550 if (test_opt(sb, DATA_ERR_ABORT))
2551 journal->j_flags |= JBD2_ABORT_ON_SYNCDATA_ERR;
2552 else
2553 journal->j_flags &= ~JBD2_ABORT_ON_SYNCDATA_ERR;
2538 spin_unlock(&journal->j_state_lock); 2554 spin_unlock(&journal->j_state_lock);
2539} 2555}
2540 2556
diff --git a/fs/jbd2/commit.c b/fs/jbd2/commit.c
index 849f10496cea..0abe02c4242a 100644
--- a/fs/jbd2/commit.c
+++ b/fs/jbd2/commit.c
@@ -684,6 +684,8 @@ start_journal_io:
684 printk(KERN_WARNING 684 printk(KERN_WARNING
685 "JBD2: Detected IO errors while flushing file data " 685 "JBD2: Detected IO errors while flushing file data "
686 "on %s\n", journal->j_devname); 686 "on %s\n", journal->j_devname);
687 if (journal->j_flags & JBD2_ABORT_ON_SYNCDATA_ERR)
688 jbd2_journal_abort(journal, err);
687 err = 0; 689 err = 0;
688 } 690 }
689 691
diff --git a/include/linux/jbd2.h b/include/linux/jbd2.h
index c9e7d781db31..d2e91ea998fd 100644
--- a/include/linux/jbd2.h
+++ b/include/linux/jbd2.h
@@ -967,6 +967,9 @@ struct journal_s
967#define JBD2_FLUSHED 0x008 /* The journal superblock has been flushed */ 967#define JBD2_FLUSHED 0x008 /* The journal superblock has been flushed */
968#define JBD2_LOADED 0x010 /* The journal superblock has been loaded */ 968#define JBD2_LOADED 0x010 /* The journal superblock has been loaded */
969#define JBD2_BARRIER 0x020 /* Use IDE barriers */ 969#define JBD2_BARRIER 0x020 /* Use IDE barriers */
970#define JBD2_ABORT_ON_SYNCDATA_ERR 0x040 /* Abort the journal on file
971 * data write error in ordered
972 * mode */
970 973
971/* 974/*
972 * Function declarations for the journaling transaction and buffer 975 * Function declarations for the journaling transaction and buffer
generated by cgit v1.2.2 (git 2.25.0) at 2024-09-20 20:15:31 -0400