jbd2: don't leak modified metadata buffers on an aborted journal

commit e112666b4959b25a8552d63bc564e1059be703e8 upstream.

If the journal has been aborted, we shouldn't mark the underlying
buffer head as dirty, since that will cause the metadata block to get
modified.  And if the journal has been aborted, we shouldn't allow
this since it will almost certainly lead to a corrupted file system.

Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

diff --git a/fs/jbd2/transaction.c b/fs/jbd2/transaction.c
index fa1b8e0dcacfc22ebe42c753767295eca5876e24..a2e724053919b563ede290112b2002ae7c9404d5 100644 (file)
--- a/fs/jbd2/transaction.c
+++ b/fs/jbd2/transaction.c
@@ -1876,7 +1876,9 @@ static void __jbd2_journal_temp_unlink_buffer(struct journal_head *jh)
 
        __blist_del_buffer(list, jh);
        jh->b_jlist = BJ_None;
-       if (test_clear_buffer_jbddirty(bh))
+       if (transaction && is_journal_aborted(transaction->t_journal))
+               clear_buffer_jbddirty(bh);
+       else if (test_clear_buffer_jbddirty(bh))
                mark_buffer_dirty(bh);  /* Expose it to the VM */
 }