| Message ID | 20190323003720.GQ1183@magnolia |
|---|---|
| State | Not Applicable |
| Headers | show |
| Series | xfs: prohibit fstrim in norecovery mode | expand |
On 3/22/19 7:37 PM, Darrick J. Wong wrote: > From: Darrick J. Wong <darrick.wong@oracle.com> > > The xfs fstrim implementation uses the free space btrees to find free > space that can be discarded. If we haven't recovered the log, the bnobt > will be stale and we absolutely *cannot* use stale metadata to zap the > underlying storage. > > Signed-off-by: Darrick J. Wong <darrick.wong@oracle.com> > --- > fs/xfs/xfs_discard.c | 8 ++++++++ > 1 file changed, 8 insertions(+) Yikes... Looks good to me (I briefly thought about a norecovery mount with a clean log, but then decided I didn't care about that) Reviewed-by: Eric Sandeen <sandeen@redhat.com> > diff --git a/fs/xfs/xfs_discard.c b/fs/xfs/xfs_discard.c > index 93f07edafd81..9ee2a7d02e70 100644 > --- a/fs/xfs/xfs_discard.c > +++ b/fs/xfs/xfs_discard.c > @@ -161,6 +161,14 @@ xfs_ioc_trim( > return -EPERM; > if (!blk_queue_discard(q)) > return -EOPNOTSUPP; > + > + /* > + * We haven't recovered the log, so we cannot use our bnobt-guided > + * storage zapping commands. > + */ > + if (mp->m_flags & XFS_MOUNT_NORECOVERY) > + return -EROFS; > + > if (copy_from_user(&range, urange, sizeof(range))) > return -EFAULT; > >
diff --git a/fs/xfs/xfs_discard.c b/fs/xfs/xfs_discard.c index 93f07edafd81..9ee2a7d02e70 100644 --- a/fs/xfs/xfs_discard.c +++ b/fs/xfs/xfs_discard.c @@ -161,6 +161,14 @@ xfs_ioc_trim( return -EPERM; if (!blk_queue_discard(q)) return -EOPNOTSUPP; + + /* + * We haven't recovered the log, so we cannot use our bnobt-guided + * storage zapping commands. + */ + if (mp->m_flags & XFS_MOUNT_NORECOVERY) + return -EROFS; + if (copy_from_user(&range, urange, sizeof(range))) return -EFAULT;