• J
    ocfs2: Handle errors while setting external xattr values. · 399ff3a7
    Joel Becker 提交于
    ocfs2 can store extended attribute values as large as a single file.  It
    does this using a standard ocfs2 btree for the large value.  However,
    the previous code did not handle all error cases cleanly.
    
    There are multiple problems to have.
    
    1) We have trouble allocating space for a new xattr.  This leaves us
       with an empty xattr.
    2) We overwrote an existing local xattr with a value root, and now we
       have an error allocating the storage.  This leaves us an empty xattr.
       where there used to be a value.  The value is lost.
    3) We have trouble truncating a reused value.  This leaves us with the
       original entry pointing to the truncated original value.  The value
       is lost.
    4) We have trouble extending the storage on a reused value.  This leaves
       us with the original value safely in place, but with more storage
       allocated when needed.
    
    This doesn't consider storing local xattrs (values that don't require a
    btree).  Those only fail when the journal fails.
    
    Case (1) is easy.  We just remove the xattr we added.  We leak the
    storage because we can't safely remove it, but otherwise everything is
    happy.  We'll print a warning about the leak.
    
    Case (4) is easy.  We still have the original value in place.  We can
    just leave the extra storage attached to this xattr.  We return the
    error, but the old value is untouched.  We print a warning about the
    storage.
    
    Case (2) and (3) are hard because we've lost the original values.  In
    the old code, we ended up with values that could be partially read.
    That's not good.  Instead, we just wipe the xattr entry and leak the
    storage.  It stinks that the original value is lost, but now there isn't
    a partial value to be read.  We'll print a big fat warning.
    Signed-off-by: NJoel Becker <joel.becker@oracle.com>
    399ff3a7
xattr.c 192.9 KB