From nobody Sun Aug 20 04:28:21 2023 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4RT2fZ1bkhz4qgXw; Sun, 20 Aug 2023 04:28:22 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4RT2fZ0qWXz4Q3h; Sun, 20 Aug 2023 04:28:22 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1692505702; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=If/C8IhTUG2/0QZiY8APhC8t5WGLSlx9DTF0JYkzhls=; b=qPvr2KNZdWNa6gFWoP1WK+Q5W7wRutdo1DQO7xDYFxEX/4JmqLV8DrRdhEZse9eILd57bf m3AQzIErIg3d7+5o8GJU+zOkiHRsE54iSUwQQhA2uLhihAda2HqyV68PhPiYFcixRJMruU oG0gWRh51s75X+ZhujvPfzZT8CbjRuNVFRsYab3VIAstQXu35lN9US3HIEHD6EXFQ3Dz0g igTsaUEAHeWh+RxLaPK1OudTiZnni6kXA3BJlwIycEc0O3p7CgbA9N5TUWCkwfRrSE4LAy mTIH8TrEUJnZaiy+cDN1vXAjjTlhhLdAOVIjOykCE2BtClPI3C2EW9aLLD+3SQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1692505702; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=If/C8IhTUG2/0QZiY8APhC8t5WGLSlx9DTF0JYkzhls=; b=Zm0wwNxmzJ9k9X28VVqmtVZ5tk80Fy8ENFnPnDIBWyYzFinzJ36Pvu/XkgEpLWxcUl1Tga dDTHO+uNFN8uqXM7RySDK8G43r011B0itqmqlpg8Qn78wJVDJFdP/QWXoP3DlGtoIxWk72 Gi8hrAllAK/CxEyz7ra8NvRA2HukYpwi2j8t4XyHLJLvWTqSLRQwuprtZMt9bKurGOYCTW dP/X4RtoNBLeKdvZc791URCdyaH8HBYD8MlSDeM3XL8zjy2fEr/+Nzq/Luv8hDSccbkxRp xYjSumhnR/lBfkqf9qPt9BgxhsDkrypYVUTkoz4le5w0bLdQlDOrw5OZHBGNAQ== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1692505702; a=rsa-sha256; cv=none; b=KYDLNkpEtx6N5ZUK+HGwnSIL7kAoSir5dcrzKXOsIz8H4UOHGT5TDJeQIKdkH7bmfQM23E aD7xB3EYcw2sTu9BF/BrRtNU4ZJulllXU6Yv8BCoFMrg3K3pwZR+unHNTW2toNbJkEIk/6 Zaw4ezT5+T1WdxcSRK2JhEFOGpzW39Zun4MEmN6mspXHfg8HiA5DCUjppCSEsQa0THGKn0 rRXR/Lq0gqQ/RnArehgYsF6Q3q4UEaMMUAxKG2PhesADo9ZlHLuy7r8/H2q4GWspQ7R+sh D7vVnXra+V5NUm6X7AaT94SYI8lE9ZMUm41fPkQv2NHxkM2NBt6kavn5tcQEzQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4RT2fY6tJmz9KT; Sun, 20 Aug 2023 04:28:21 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 37K4SLNt033478; Sun, 20 Aug 2023 04:28:21 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 37K4SLO0033475; Sun, 20 Aug 2023 04:28:21 GMT (envelope-from git) Date: Sun, 20 Aug 2023 04:28:21 GMT Message-Id: <202308200428.37K4SLO0033475@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Kirk McKusick Subject: git: 3085e04892e2 - stable/13 - Handle UFS/FFS file deletion from cylinder groups with check-hash failure. List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-branches@freebsd.org X-BeenThere: dev-commits-src-branches@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: mckusick X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: 3085e04892e23158f346bc10828d9b7a78c6490b Auto-Submitted: auto-generated The branch stable/13 has been updated by mckusick: URL: https://cgit.FreeBSD.org/src/commit/?id=3085e04892e23158f346bc10828d9b7a78c6490b commit 3085e04892e23158f346bc10828d9b7a78c6490b Author: Kirk McKusick AuthorDate: 2023-08-07 23:27:39 +0000 Commit: Kirk McKusick CommitDate: 2023-08-20 04:27:37 +0000 Handle UFS/FFS file deletion from cylinder groups with check-hash failure. Reported-by: Peter Holm Tested-by: Peter Holm Sponsored-by: The FreeBSD Foundation (cherry picked from commit d4a8f5bf133956e71c05edff6fa20b156e5f1bbf) --- sys/ufs/ffs/ffs_alloc.c | 27 ++++++++++++++------ sys/ufs/ffs/ffs_extern.h | 4 +-- sys/ufs/ffs/ffs_softdep.c | 65 +++++++++++++++++++++++++---------------------- 3 files changed, 55 insertions(+), 41 deletions(-) diff --git a/sys/ufs/ffs/ffs_alloc.c b/sys/ufs/ffs/ffs_alloc.c index 36181263876c..44c07bb776b7 100644 --- a/sys/ufs/ffs/ffs_alloc.c +++ b/sys/ufs/ffs/ffs_alloc.c @@ -2295,9 +2295,14 @@ ffs_blkfree_cg(struct ufsmount *ump, return; } if ((error = ffs_getcg(fs, devvp, cg, GB_CVTENXIO, &bp, &cgp)) != 0) { - if (!ffs_fsfail_cleanup(ump, error) || - !MOUNTEDSOFTDEP(UFSTOVFS(ump)) || devvp->v_type != VCHR) + if (!MOUNTEDSOFTDEP(UFSTOVFS(ump)) || devvp->v_type != VCHR) return; + /* + * Would like to just downgrade to read-only. Until that + * capability is available, just toss the cylinder group + * update and mark the filesystem as needing to run fsck. + */ + fs->fs_flags |= FS_NEEDSFSCK; if (devvp->v_type == VREG) dbn = fragstoblks(fs, cgtod(fs, cg)); else @@ -2305,7 +2310,7 @@ ffs_blkfree_cg(struct ufsmount *ump, error = getblkx(devvp, dbn, dbn, fs->fs_cgsize, 0, 0, 0, &bp); KASSERT(error == 0, ("getblkx failed")); softdep_setup_blkfree(UFSTOVFS(ump), bp, bno, - numfrags(fs, size), dephd); + numfrags(fs, size), dephd, true); bp->b_flags |= B_RELBUF | B_NOCACHE; bp->b_flags &= ~B_CACHE; bawrite(bp); @@ -2380,7 +2385,7 @@ ffs_blkfree_cg(struct ufsmount *ump, mp = UFSTOVFS(ump); if (MOUNTEDSOFTDEP(mp) && devvp->v_type == VCHR) softdep_setup_blkfree(UFSTOVFS(ump), bp, bno, - numfrags(fs, size), dephd); + numfrags(fs, size), dephd, false); bdwrite(bp); } @@ -2841,16 +2846,21 @@ ffs_freefile(struct ufsmount *ump, panic("ffs_freefile: range: dev = %s, ino = %ju, fs = %s", devtoname(dev), (uintmax_t)ino, fs->fs_fsmnt); if ((error = ffs_getcg(fs, devvp, cg, GB_CVTENXIO, &bp, &cgp)) != 0) { - if (!ffs_fsfail_cleanup(ump, error) || - !MOUNTEDSOFTDEP(UFSTOVFS(ump)) || devvp->v_type != VCHR) + if (!MOUNTEDSOFTDEP(UFSTOVFS(ump)) || devvp->v_type != VCHR) return (error); + /* + * Would like to just downgrade to read-only. Until that + * capability is available, just toss the cylinder group + * update and mark the filesystem as needing to run fsck. + */ + fs->fs_flags |= FS_NEEDSFSCK; if (devvp->v_type == VREG) dbn = fragstoblks(fs, cgtod(fs, cg)); else dbn = fsbtodb(fs, cgtod(fs, cg)); error = getblkx(devvp, dbn, dbn, fs->fs_cgsize, 0, 0, 0, &bp); KASSERT(error == 0, ("getblkx failed")); - softdep_setup_inofree(UFSTOVFS(ump), bp, ino, wkhd); + softdep_setup_inofree(UFSTOVFS(ump), bp, ino, wkhd, true); bp->b_flags |= B_RELBUF | B_NOCACHE; bp->b_flags &= ~B_CACHE; bawrite(bp); @@ -2880,7 +2890,7 @@ ffs_freefile(struct ufsmount *ump, ACTIVECLEAR(fs, cg); UFS_UNLOCK(ump); if (MOUNTEDSOFTDEP(UFSTOVFS(ump)) && devvp->v_type == VCHR) - softdep_setup_inofree(UFSTOVFS(ump), bp, ino, wkhd); + softdep_setup_inofree(UFSTOVFS(ump), bp, ino, wkhd, false); bdwrite(bp); return (0); } @@ -2888,6 +2898,7 @@ ffs_freefile(struct ufsmount *ump, /* * Check to see if a file is free. * Used to check for allocated files in snapshots. + * Return 1 if file is free. */ int ffs_checkfreefile(struct fs *fs, diff --git a/sys/ufs/ffs/ffs_extern.h b/sys/ufs/ffs/ffs_extern.h index fb448abe4e5e..68253781863c 100644 --- a/sys/ufs/ffs/ffs_extern.h +++ b/sys/ufs/ffs/ffs_extern.h @@ -198,9 +198,9 @@ void softdep_setup_allocindir_meta(struct buf *, struct inode *, void softdep_setup_allocindir_page(struct inode *, ufs_lbn_t, struct buf *, int, ufs2_daddr_t, ufs2_daddr_t, struct buf *); void softdep_setup_blkfree(struct mount *, struct buf *, ufs2_daddr_t, int, - struct workhead *); + struct workhead *, bool); void softdep_setup_inofree(struct mount *, struct buf *, ino_t, - struct workhead *); + struct workhead *, bool); void softdep_setup_sbupdate(struct ufsmount *, struct fs *, struct buf *); void softdep_fsync_mountdev(struct vnode *); int softdep_sync_metadata(struct vnode *); diff --git a/sys/ufs/ffs/ffs_softdep.c b/sys/ufs/ffs/ffs_softdep.c index 6ac3f92fb330..dba316b32655 100644 --- a/sys/ufs/ffs/ffs_softdep.c +++ b/sys/ufs/ffs/ffs_softdep.c @@ -300,7 +300,8 @@ softdep_setup_blkfree(struct mount *mp, struct buf *bp, ufs2_daddr_t blkno, int frags, - struct workhead *wkhd) + struct workhead *wkhd, + bool doingrecovery) { panic("%s called", __FUNCTION__); @@ -310,7 +311,8 @@ void softdep_setup_inofree(struct mount *mp, struct buf *bp, ino_t ino, - struct workhead *wkhd) + struct workhead *wkhd, + bool doingrecovery) { panic("%s called", __FUNCTION__); @@ -10926,30 +10928,26 @@ void softdep_setup_inofree(struct mount *mp, struct buf *bp, ino_t ino, - struct workhead *wkhd) + struct workhead *wkhd, + bool doingrecovery) { struct worklist *wk, *wkn; - struct inodedep *inodedep; struct ufsmount *ump; - uint8_t *inosused; - struct cg *cgp; - struct fs *fs; +#ifdef INVARIANTS + struct inodedep *inodedep; +#endif KASSERT(MOUNTEDSOFTDEP(mp) != 0, ("softdep_setup_inofree called on non-softdep filesystem")); ump = VFSTOUFS(mp); ACQUIRE_LOCK(ump); - if (!ffs_fsfail_cleanup(ump, 0)) { - fs = ump->um_fs; - cgp = (struct cg *)bp->b_data; - inosused = cg_inosused(cgp); - if (isset(inosused, ino % fs->fs_ipg)) - panic("softdep_setup_inofree: inode %ju not freed.", - (uintmax_t)ino); - } - if (inodedep_lookup(mp, ino, 0, &inodedep)) - panic("softdep_setup_inofree: ino %ju has existing inodedep %p", - (uintmax_t)ino, inodedep); + KASSERT(doingrecovery || ffs_fsfail_cleanup(ump, 0) || + isclr(cg_inosused((struct cg *)bp->b_data), + ino % ump->um_fs->fs_ipg), + ("softdep_setup_inofree: inode %ju not freed.", (uintmax_t)ino)); + KASSERT(inodedep_lookup(mp, ino, 0, &inodedep) == 0, + ("softdep_setup_inofree: ino %ju has existing inodedep %p", + (uintmax_t)ino, inodedep)); if (wkhd) { LIST_FOREACH_SAFE(wk, wkhd, wk_list, wkn) { if (wk->wk_type != D_JADDREF) @@ -10980,7 +10978,8 @@ softdep_setup_blkfree( struct buf *bp, ufs2_daddr_t blkno, int frags, - struct workhead *wkhd) + struct workhead *wkhd, + bool doingrecovery) { struct bmsafemap *bmsafemap; struct jnewblk *jnewblk; @@ -11027,18 +11026,22 @@ softdep_setup_blkfree( KASSERT(jnewblk->jn_state & GOINGAWAY, ("softdep_setup_blkfree: jnewblk not canceled.")); #ifdef INVARIANTS - /* - * Assert that this block is free in the bitmap - * before we discard the jnewblk. - */ - cgp = (struct cg *)bp->b_data; - blksfree = cg_blksfree(cgp); - bno = dtogd(fs, jnewblk->jn_blkno); - for (i = jnewblk->jn_oldfrags; - i < jnewblk->jn_frags; i++) { - if (isset(blksfree, bno + i)) - continue; - panic("softdep_setup_blkfree: not free"); + if (!doingrecovery && !ffs_fsfail_cleanup(ump, 0)) { + /* + * Assert that this block is free in the + * bitmap before we discard the jnewblk. + */ + cgp = (struct cg *)bp->b_data; + blksfree = cg_blksfree(cgp); + bno = dtogd(fs, jnewblk->jn_blkno); + for (i = jnewblk->jn_oldfrags; + i < jnewblk->jn_frags; i++) { + if (isset(blksfree, bno + i)) + continue; + panic("softdep_setup_blkfree: block " + "%ju not freed.", + (uintmax_t)jnewblk->jn_blkno); + } } #endif /*