summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorTheodore Ts'o <tytso@mit.edu>2009-11-15 15:31:37 -0500
committerTheodore Ts'o <tytso@mit.edu>2009-11-15 15:31:37 -0500
commite6a47428de84e19fda52f21ab73fde2906c40d09 (patch)
tree7e6b7974861793f767a6e1cc73047d51197e29df
parent567f3e9a70d71e5c9be03701b8578be77857293b (diff)
downloadlwn-e6a47428de84e19fda52f21ab73fde2906c40d09.tar.gz
lwn-e6a47428de84e19fda52f21ab73fde2906c40d09.zip
jbd2: don't wipe the journal on a failed journal checksum
If there is a failed journal checksum, don't reset the journal. This allows for userspace programs to decide how to recover from this situation. It may be that ignoring the journal checksum failure might be a better way of recovering the file system. Once we add per-block checksums, we can definitely do better. Until then, a system administrator can try backing up the file system image (or taking a snapshot) and and trying to determine experimentally whether ignoring the checksum failure or aborting the journal replay results in less data loss. Signed-off-by: "Theodore Ts'o" <tytso@mit.edu> Cc: stable@kernel.org
-rw-r--r--fs/jbd2/journal.c7
1 files changed, 7 insertions, 0 deletions
diff --git a/fs/jbd2/journal.c b/fs/jbd2/journal.c
index fed85388ee86..af60d98ddd22 100644
--- a/fs/jbd2/journal.c
+++ b/fs/jbd2/journal.c
@@ -1248,6 +1248,13 @@ int jbd2_journal_load(journal_t *journal)
if (jbd2_journal_recover(journal))
goto recovery_error;
+ if (journal->j_failed_commit) {
+ printk(KERN_ERR "JBD2: journal transaction %u on %s "
+ "is corrupt.\n", journal->j_failed_commit,
+ journal->j_devname);
+ return -EIO;
+ }
+
/* OK, we've finished with the dynamic journal bits:
* reinitialise the dynamic contents of the superblock in memory
* and reset them on disk. */