diff options
author | Eric Mei <eric.mei@seagate.com> | 2015-01-06 09:35:02 -0800 |
---|---|---|
committer | NeilBrown <neilb@suse.de> | 2015-02-25 11:38:26 +1100 |
commit | 16d9cfab930bb6f4946cff8ba7429701fd15b414 (patch) | |
tree | a1a31cbe4685b2d49eebd883a402cb0727685391 /drivers/md | |
parent | d1901ef099c38afd11add4cfb3312c02ef21ec4a (diff) | |
download | op-kernel-dev-16d9cfab930bb6f4946cff8ba7429701fd15b414.zip op-kernel-dev-16d9cfab930bb6f4946cff8ba7429701fd15b414.tar.gz |
raid5: check faulty flag for array status during recovery.
When we have more than 1 drive failure, it's possible we start
rebuild one drive while leaving another faulty drive in array.
To determine whether array will be optimal after building, current
code only check whether a drive is missing, which could potentially
lead to data corruption. This patch is to add checking Faulty flag.
Signed-off-by: NeilBrown <neilb@suse.de>
Diffstat (limited to 'drivers/md')
-rw-r--r-- | drivers/md/raid5.c | 13 |
1 files changed, 9 insertions, 4 deletions
diff --git a/drivers/md/raid5.c b/drivers/md/raid5.c index e75d48c..cd2f96b 100644 --- a/drivers/md/raid5.c +++ b/drivers/md/raid5.c @@ -5121,12 +5121,17 @@ static inline sector_t sync_request(struct mddev *mddev, sector_t sector_nr, int schedule_timeout_uninterruptible(1); } /* Need to check if array will still be degraded after recovery/resync - * We don't need to check the 'failed' flag as when that gets set, - * recovery aborts. + * Note in case of > 1 drive failures it's possible we're rebuilding + * one drive while leaving another faulty drive in array. */ - for (i = 0; i < conf->raid_disks; i++) - if (conf->disks[i].rdev == NULL) + rcu_read_lock(); + for (i = 0; i < conf->raid_disks; i++) { + struct md_rdev *rdev = ACCESS_ONCE(conf->disks[i].rdev); + + if (rdev == NULL || test_bit(Faulty, &rdev->flags)) still_degraded = 1; + } + rcu_read_unlock(); bitmap_start_sync(mddev->bitmap, sector_nr, &sync_blocks, still_degraded); |