From 752514bd1c8eaae487d25116dc59853552f77d12 Mon Sep 17 00:00:00 2001
From: Andrew Deason <adeason@sinenomine.net>
Date: Tue, 18 Dec 2012 18:49:49 -0600
Subject: [PATCH] viced: Sanity check file link count during CoW

A few ihandle bugs in the past have caused the CopyOnWrite code to
open cached file handles for files which have been deleted. When we
CoW, both of the files we're dealing with had better actually be on
disk, so bail out and flag an error if either of them appear unlinked.

FIXES 131530

Change-Id: I478871bb1b9b43fc0161bb4a255dd7b77d2a28ae
Reviewed-on: http://gerrit.openafs.org/8839
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
---
 src/viced/afsfileprocs.c | 34 ++++++++++++++++++++++++++++++++++
 1 file changed, 34 insertions(+)

diff --git a/src/viced/afsfileprocs.c b/src/viced/afsfileprocs.c
index 0bb0ea3593..39a534216f 100644
--- a/src/viced/afsfileprocs.c
+++ b/src/viced/afsfileprocs.c
@@ -1220,6 +1220,26 @@ RXStore_AccessList(Vnode * targetptr, struct AFSOpaque *AccessList)
 
 }				/*RXStore_AccessList */
 
+static int
+CheckLink(Volume *volptr, FdHandle_t *fdP, const char *descr)
+{
+    int code;
+    afs_ino_str_t ino;
+
+    code = FDH_ISUNLINKED(fdP);
+    if (code < 0) {
+	ViceLog(0, ("CopyOnWrite: error fstating volume %u inode %s (%s), errno %d\n",
+	            V_id(volptr), PrintInode(ino, fdP->fd_ih->ih_ino), descr, errno));
+	return -1;
+    }
+    if (code) {
+	ViceLog(0, ("CopyOnWrite corruption prevention: detected zero nlink for "
+	            "volume %u inode %s (%s), forcing volume offline\n",
+	            V_id(volptr), PrintInode(ino, fdP->fd_ih->ih_ino), descr));
+	return -1;
+    }
+    return 0;
+}
 
 /* In our current implementation, each successive data store (new file
  * data version) creates a new inode. This function creates the new
@@ -1300,6 +1320,20 @@ CopyOnWrite(Vnode * targetptr, Volume * volptr, afs_foff_t off, afs_fsize_t len)
     newFdP = IH_OPEN(newH);
     opr_Assert(newFdP != NULL);
 
+    rc = CheckLink(volptr, targFdP, "source");
+    if (!rc) {
+	rc = CheckLink(volptr, newFdP, "dest");
+    }
+    if (rc) {
+	FDH_REALLYCLOSE(newFdP);
+	IH_RELEASE(newH);
+	FDH_REALLYCLOSE(targFdP);
+	IH_DEC(V_linkHandle(volptr), ino, V_parentId(volptr));
+	free(buff);
+	VTakeOffline(volptr);
+	return VSALVAGE;
+    }
+
     done = off;
     while (size > 0) {
 	if (size > COPYBUFFSIZE) {	/* more than a buffer */