diff options
author | NeilBrown <neilb@suse.de> | 2011-10-26 10:31:04 +1100 |
---|---|---|
committer | Greg Kroah-Hartman <gregkh@suse.de> | 2011-11-11 09:35:53 -0800 |
commit | a847627709b3402163d99f7c6fda4a77bcd6b51b (patch) | |
tree | e89e09e41858afe7f317fa7ef467180ec4a46db9 /drivers/md | |
parent | e747500485ddef175ac6694dcff4fd8088e62071 (diff) | |
download | lwn-a847627709b3402163d99f7c6fda4a77bcd6b51b.tar.gz lwn-a847627709b3402163d99f7c6fda4a77bcd6b51b.zip |
md/raid5: fix bug that could result in reads from a failed device.
commit 355840e7a7e56bb2834fd3b0da64da5465f8aeaa upstream.
This bug was introduced in 415e72d034c50520ddb7ff79e7d1792c1306f0c9
which was in 2.6.36.
There is a small window of time between when a device fails and when
it is removed from the array. During this time we might still read
from it, but we won't write to it - so it is possible that we could
read stale data.
We didn't need the test of 'Faulty' before because the test on
In_sync is sufficient. Since we started allowing reads from the early
part of non-In_sync devices we need a test on Faulty too.
This is suitable for any kernel from 2.6.36 onwards, though the patch
might need a bit of tweaking in 3.0 and earlier.
Signed-off-by: NeilBrown <neilb@suse.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
Diffstat (limited to 'drivers/md')
-rw-r--r-- | drivers/md/raid5.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/drivers/md/raid5.c b/drivers/md/raid5.c index 2581ba127354..e509147318e6 100644 --- a/drivers/md/raid5.c +++ b/drivers/md/raid5.c @@ -3369,7 +3369,7 @@ static void handle_stripe6(struct stripe_head *sh) /* Not in-sync */; else if (test_bit(In_sync, &rdev->flags)) set_bit(R5_Insync, &dev->flags); - else { + else if (!test_bit(Faulty, &rdev->flags)) { /* in sync if before recovery_offset */ if (sh->sector + STRIPE_SECTORS <= rdev->recovery_offset) set_bit(R5_Insync, &dev->flags); |