ext4: prohibit fstrim in norecovery mode
authorDarrick J. Wong <darrick.wong@oracle.com>
Sat, 23 Mar 2019 16:10:29 +0000 (12:10 -0400)
committerTheodore Ts'o <tytso@mit.edu>
Sat, 23 Mar 2019 16:10:29 +0000 (12:10 -0400)
The ext4 fstrim implementation uses the block bitmaps to find free space
that can be discarded.  If we haven't replayed the journal, the bitmaps
will be stale and we absolutely *cannot* use stale metadata to zap the
underlying storage.

Signed-off-by: Darrick J. Wong <darrick.wong@oracle.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
fs/ext4/ioctl.c

index eb8ca8d..7343544 100644 (file)
@@ -1000,6 +1000,13 @@ resizefs_out:
                if (!blk_queue_discard(q))
                        return -EOPNOTSUPP;
 
+               /*
+                * We haven't replayed the journal, so we cannot use our
+                * block-bitmap-guided storage zapping commands.
+                */
+               if (test_opt(sb, NOLOAD) && ext4_has_feature_journal(sb))
+                       return -EROFS;
+
                if (copy_from_user(&range, (struct fstrim_range __user *)arg,
                    sizeof(range)))
                        return -EFAULT;