btrfs: refuse to remount read-write after abort
authorDavid Sterba <dsterba@suse.cz>
Fri, 13 Sep 2013 15:41:20 +0000 (17:41 +0200)
committerChris Mason <chris.mason@fusionio.com>
Sat, 21 Sep 2013 15:05:30 +0000 (11:05 -0400)
It's still possible to flip the filesystem into RW mode after it's
remounted RO due to an abort. There are lots of places that check for
the superblock error bit and will not write data, but we should not let
the filesystem appear read-write.

Signed-off-by: David Sterba <dsterba@suse.cz>
Signed-off-by: Josef Bacik <jbacik@fusionio.com>
Signed-off-by: Chris Mason <chris.mason@fusionio.com>
fs/btrfs/super.c

index b341da3ee3ee0d94119172c7e19770c2b33be37b..6ab0df59b6c4225c996e45b6358ddb2625b33aa0 100644 (file)
@@ -1340,6 +1340,12 @@ static int btrfs_remount(struct super_block *sb, int *flags, char *data)
                if (ret)
                        goto restore;
        } else {
+               if (test_bit(BTRFS_FS_STATE_ERROR, &root->fs_info->fs_state)) {
+                       btrfs_err(fs_info,
+                               "Remounting read-write after error is not allowed\n");
+                       ret = -EINVAL;
+                       goto restore;
+               }
                if (fs_info->fs_devices->rw_devices == 0) {
                        ret = -EACCES;
                        goto restore;