diff options
author | Eric Mei <eric.mei@seagate.com> | 2015-01-06 18:35:02 +0100 |
---|---|---|
committer | NeilBrown <neilb@suse.de> | 2015-02-25 01:38:26 +0100 |
commit | 16d9cfab930bb6f4946cff8ba7429701fd15b414 (patch) | |
tree | a1a31cbe4685b2d49eebd883a402cb0727685391 | |
parent | md/raid1: fix read balance when a drive is write-mostly. (diff) | |
download | linux-16d9cfab930bb6f4946cff8ba7429701fd15b414.tar.xz linux-16d9cfab930bb6f4946cff8ba7429701fd15b414.zip |
raid5: check faulty flag for array status during recovery.
When we have more than 1 drive failure, it's possible we start
rebuild one drive while leaving another faulty drive in array.
To determine whether array will be optimal after building, current
code only check whether a drive is missing, which could potentially
lead to data corruption. This patch is to add checking Faulty flag.
Signed-off-by: NeilBrown <neilb@suse.de>
-rw-r--r-- | drivers/md/raid5.c | 13 |
1 files changed, 9 insertions, 4 deletions
diff --git a/drivers/md/raid5.c b/drivers/md/raid5.c index e75d48c0421a..cd2f96b2c572 100644 --- a/drivers/md/raid5.c +++ b/drivers/md/raid5.c @@ -5121,12 +5121,17 @@ static inline sector_t sync_request(struct mddev *mddev, sector_t sector_nr, int schedule_timeout_uninterruptible(1); } /* Need to check if array will still be degraded after recovery/resync - * We don't need to check the 'failed' flag as when that gets set, - * recovery aborts. + * Note in case of > 1 drive failures it's possible we're rebuilding + * one drive while leaving another faulty drive in array. */ - for (i = 0; i < conf->raid_disks; i++) - if (conf->disks[i].rdev == NULL) + rcu_read_lock(); + for (i = 0; i < conf->raid_disks; i++) { + struct md_rdev *rdev = ACCESS_ONCE(conf->disks[i].rdev); + + if (rdev == NULL || test_bit(Faulty, &rdev->flags)) still_degraded = 1; + } + rcu_read_unlock(); bitmap_start_sync(mddev->bitmap, sector_nr, &sync_blocks, still_degraded); |