[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: another seriously corrupt ext3 -- pesky journal



On Mon, Aug 18, 2003 at 02:13:54PM -0400, Theodore Ts'o wrote:
> Given that this sort of failure has been reported at least 2 or 3
> times, now, it's clear we need to address this vulnerability, probably
> by keeping a backup copy of the journal inode (or at least the journal
> data blocks) in the superblock, so it can survive this particular
> lossage mode.

This has been implemented, and it's in the development sources of
e2fsprogs.  Folks who are using debian unstable can get this by
installing version 1.34+1.35-WIP-2003.08.21-2 of e2fsprogs.  Folks who
are willing to compile e2fsprogs from source can grab the
1.35-WIP-2003-08-21 Work In Progress source snapshot from SourceForge,
but they will need to apply the following patch to the snapshot for
maximum safety.

I've tested this feature by creating a filesystem that had the backed
up journal inode, and then trashing the relevant parts of the inode
table.  E2fsck used the backup journal information in the superblock
to synthesize the journal inode, and then replayed the journal.  The
act of replying the journal replaced trashed portions of the critical
metadata, and restored the filesystem back to its original state.  I
expect this should address the unrecoverable filesystem cases
caused by a power failure causing the disk to scrible random crap on
the inode table where the journal inode information is located.

						- Ted

diff -Nru a/e2fsck/ChangeLog b/e2fsck/ChangeLog
--- a/e2fsck/ChangeLog	Thu Aug 21 12:00:49 2003
+++ b/e2fsck/ChangeLog	Thu Aug 21 12:00:49 2003
@@ -1,3 +1,9 @@
+2003-08-21  Theodore Ts'o  <tytso mit edu>
+
+	* journal.c (e2fsck_move_ext3_journal): When moving the journal or
+		backing up the journal inode, make sure it gets written to
+		all the superblocks.
+
 2003-08-20  Theodore Ts'o  <tytso mit edu>
 
 	* journal.c (e2fsck_move_ext3_journal): If the superblock's backup
diff -Nru a/e2fsck/journal.c b/e2fsck/journal.c
--- a/e2fsck/journal.c	Thu Aug 21 12:00:49 2003
+++ b/e2fsck/journal.c	Thu Aug 21 12:00:49 2003
@@ -865,6 +865,7 @@
 			sb->s_jnl_blocks[16] = inode.i_size;
 			sb->s_jnl_backup_type = EXT3_JNL_BACKUP_BLOCKS;
 			ext2fs_mark_super_dirty(fs);
+			fs->flags &= ~EXT2_FLAG_MASTER_SB_ONLY;
 		}
 	}
 
@@ -921,6 +922,7 @@
 		goto err_out;
 	sb->s_journal_inum = EXT2_JOURNAL_INO;
 	ext2fs_mark_super_dirty(fs);
+	fs->flags &= ~EXT2_FLAG_MASTER_SB_ONLY;
 	inode.i_links_count = 0;
 	inode.i_dtime = time(0);
 	if ((retval = ext2fs_write_inode(fs, ino, &inode)) != 0)




[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]