xfs: sync lazy sb accounting on quiesce of read-only mounts

xfs_log_sbcount() syncs the superblock specifically to accumulate
the in-core percpu superblock counters and commit them to disk. This
is required to maintain filesystem consistency across quiesce
(freeze, read-only mount/remount) or unmount when lazy superblock
accounting is enabled because individual transactions do not update
the superblock directly.

This mechanism works as expected for writable mounts, but
xfs_log_sbcount() skips the update for read-only mounts. Read-only
mounts otherwise still allow log recovery and write out an unmount
record during log quiesce. If a read-only mount performs log
recovery, it can modify the in-core superblock counters and write an
unmount record when the filesystem unmounts without ever syncing the
in-core counters. This leaves the filesystem with a clean log but in
an inconsistent state with regard to lazy sb counters.

Update xfs_log_sbcount() to use the same logic
xfs_log_unmount_write() uses to determine when to write an unmount
record. This ensures that lazy accounting is always synced before
the log is cleaned. Refactor this logic into a new helper to
distinguish between a writable filesystem and a writable log.
Specifically, the log is writable unless the filesystem is mounted
with the norecovery mount option, the underlying log device is
read-only, or the filesystem is shutdown. Drop the freeze state
check because the update is already allowed during the freezing
process and no context calls this function on an already frozen fs.
Also, retain the shutdown check in xfs_log_unmount_write() to catch
the case where the preceding log force might have triggered a
shutdown.

Signed-off-by: Brian Foster <bfoster@redhat.com>
Reviewed-by: Gao Xiang <hsiangkao@redhat.com>
Reviewed-by: Allison Henderson <allison.henderson@oracle.com>
Reviewed-by: Darrick J. Wong <darrick.wong@oracle.com>
Reviewed-by: Bill O'Donnell <billodo@redhat.com>
Reviewed-by: Darrick J. Wong <djwong@kernel.org>
Signed-off-by: Darrick J. Wong <djwong@kernel.org>

diff --git a/fs/xfs/xfs_log.c b/fs/xfs/xfs_log.c
index 46ea4017fceccf71c141f9d51b18c4aa4163fd80..62bcdaa07dc9b047f016f6610fdf432143a6f82b 100644 (file)
--- a/fs/xfs/xfs_log.c
+++ b/fs/xfs/xfs_log.c
@@ -347,6 +347,25 @@ xlog_tic_add_region(xlog_ticket_t *tic, uint len, uint type)
        tic->t_res_num++;
 }
 
+bool
+xfs_log_writable(
+       struct xfs_mount        *mp)
+{
+       /*
+        * Never write to the log on norecovery mounts, if the block device is
+        * read-only, or if the filesystem is shutdown. Read-only mounts still
+        * allow internal writes for log recovery and unmount purposes, so don't
+        * restrict that case here.
+        */
+       if (mp->m_flags & XFS_MOUNT_NORECOVERY)
+               return false;
+       if (xfs_readonly_buftarg(mp->m_log->l_targ))
+               return false;
+       if (XFS_FORCED_SHUTDOWN(mp))
+               return false;
+       return true;
+}
+
 /*
  * Replenish the byte reservation required by moving the grant write head.
  */
@@ -886,15 +905,8 @@ xfs_log_unmount_write(
 {
        struct xlog             *log = mp->m_log;
 
-       /*
-        * Don't write out unmount record on norecovery mounts or ro devices.
-        * Or, if we are doing a forced umount (typically because of IO errors).
-        */
-       if (mp->m_flags & XFS_MOUNT_NORECOVERY ||
-           xfs_readonly_buftarg(log->l_targ)) {
-               ASSERT(mp->m_flags & XFS_MOUNT_RDONLY);
+       if (!xfs_log_writable(mp))
                return;
-       }
 
        xfs_log_force(mp, XFS_LOG_SYNC);
 

diff --git a/fs/xfs/xfs_log.h b/fs/xfs/xfs_log.h
index 58c3fcbec94a2a7ab445299cd40e6fa0a516af82..98c913da7587eb5014eeeb245ecaf7e4303a21c6 100644 (file)
--- a/fs/xfs/xfs_log.h
+++ b/fs/xfs/xfs_log.h
@@ -127,6 +127,7 @@ int   xfs_log_reserve(struct xfs_mount *mp,
 int      xfs_log_regrant(struct xfs_mount *mp, struct xlog_ticket *tic);
 void      xfs_log_unmount(struct xfs_mount *mp);
 int      xfs_log_force_umount(struct xfs_mount *mp, int logerror);
+bool   xfs_log_writable(struct xfs_mount *mp);
 
 struct xlog_ticket *xfs_log_ticket_get(struct xlog_ticket *ticket);
 void     xfs_log_ticket_put(struct xlog_ticket *ticket);

diff --git a/fs/xfs/xfs_mount.c b/fs/xfs/xfs_mount.c
index 29a553f0877d75040c4dc8e556682ae8d164d38d..8c24e1ee63ec652ad04c3980dcce8aa7b7c65849 100644 (file)
--- a/fs/xfs/xfs_mount.c
+++ b/fs/xfs/xfs_mount.c
@@ -1176,8 +1176,7 @@ xfs_fs_writable(
 int
 xfs_log_sbcount(xfs_mount_t *mp)
 {
-       /* allow this to proceed during the freeze sequence... */
-       if (!xfs_fs_writable(mp, SB_FREEZE_COMPLETE))
+       if (!xfs_log_writable(mp))
                return 0;
 
        /*