diff options
| author |   Theodore Ts'o <tytso@mit.edu> | 2019-11-11 22:18:13 -0500 |
|---|---|---|
| committer | Theodore Ts'o <tytso@mit.edu> | 2019-11-19 12:25:21 -0500 |
| commit | c7df4a1ecb8579838ec8c56b2bb6a6716e974f37 (patch) | |
| tree | 7a66ced22f28d23c280b84e42f9a595886236456 /include/linux/jbd2.h | |
| parent | ext4: add more paranoia checking in ext4_expand_extra_isize handling (diff) | |
| download | wireguard-linux-c7df4a1ecb8579838ec8c56b2bb6a6716e974f37.tar.xz wireguard-linux-c7df4a1ecb8579838ec8c56b2bb6a6716e974f37.zip | |
ext4: work around deleting a file with i_nlink == 0 safely
If the file system is corrupted such that a file's i_links_count is
too small, then it's possible that when unlinking that file, i_nlink
will already be zero. Previously we were working around this kind of
corruption by forcing i_nlink to one; but we were doing this before
trying to delete the directory entry --- and if the file system is
corrupted enough that ext4_delete_entry() fails, then we exit with
i_nlink elevated, and this causes the orphan inode list handling to be
FUBAR'ed, such that when we unmount the file system, the orphan inode
list can get corrupted.
A better way to fix this is to simply skip trying to call drop_nlink()
if i_nlink is already zero, thus moving the check to the place where
it makes the most sense.
https://bugzilla.kernel.org/show_bug.cgi?id=205433
Link: https://lore.kernel.org/r/20191112032903.8828-1-tytso@mit.edu
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Cc: stable@kernel.org
Reviewed-by: Andreas Dilger <adilger@dilger.ca>
Diffstat (limited to 'include/linux/jbd2.h')
0 files changed, 0 insertions, 0 deletions