[XFS] Catch errors when turning off quotas.
authorDavid Chinner <dgc@sgi.com>
Thu, 10 Apr 2008 02:20:45 +0000 (12:20 +1000)
committerLachlan McIlroy <lachlan@redback.melbourne.sgi.com>
Fri, 18 Apr 2008 01:57:26 +0000 (11:57 +1000)
When turning off quota, we need to write various transactions to the log
to ensure that they are cleanly removed in the case of a crash. We need to
check that the transactions hit the disk correctly. If we fail to write
the final quota off transaction, we are corrupt in memory and so the only
option is to shut the filesystem down at this point.

SGI-PV: 980084
SGI-Modid: xfs-linux-melb:xfs-kern:30790a

Signed-off-by: David Chinner <dgc@sgi.com>
Signed-off-by: Niv Sardi <xaiki@sgi.com>
Signed-off-by: Lachlan McIlroy <lachlan@sgi.com>
fs/xfs/quota/xfs_qm_syscalls.c

index 3dc161f39d13936605cf41f537f0a5abbcd90ba7..61cf68df547e83789e34d44dfa2d538e249bcf8a 100644 (file)
@@ -279,9 +279,12 @@ xfs_qm_scall_quotaoff(
 
        /*
         * Write the LI_QUOTAOFF log record, and do SB changes atomically,
-        * and synchronously.
+        * and synchronously. If we fail to write, we should abort the
+        * operation as it cannot be recovered safely if we crash.
         */
-       xfs_qm_log_quotaoff(mp, &qoffstart, flags);
+       error = xfs_qm_log_quotaoff(mp, &qoffstart, flags);
+       if (error)
+               goto out_error;
 
        /*
         * Next we clear the XFS_MOUNT_*DQ_ACTIVE bit(s) in the mount struct
@@ -337,7 +340,12 @@ xfs_qm_scall_quotaoff(
         * So, we have QUOTAOFF start and end logitems; the start
         * logitem won't get overwritten until the end logitem appears...
         */
-       xfs_qm_log_quotaoff_end(mp, qoffstart, flags);
+       error = xfs_qm_log_quotaoff_end(mp, qoffstart, flags);
+       if (error) {
+               /* We're screwed now. Shutdown is the only option. */
+               xfs_force_shutdown(mp, SHUTDOWN_CORRUPT_INCORE);
+               goto out_error;
+       }
 
        /*
         * If quotas is completely disabled, close shop.
@@ -361,6 +369,7 @@ xfs_qm_scall_quotaoff(
                XFS_PURGE_INODE(XFS_QI_GQIP(mp));
                XFS_QI_GQIP(mp) = NULL;
        }
+out_error:
        mutex_unlock(&(XFS_QI_QOFFLOCK(mp)));
 
        return (error);