tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork atom

Merge tag 'ubifs-for-linus-6.8-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/rw/ubifs

Pull UBI and UBIFS updates from Richard Weinberger:
"UBI:
- Use in-tree fault injection framework and add new injection types
- Fix for a memory leak in the block driver

UBIFS:
- kernel-doc fixes
- Various minor fixes"

* tag 'ubifs-for-linus-6.8-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/rw/ubifs:
ubi: block: fix memleak in ubiblock_create()
ubifs: fix kernel-doc warnings
mtd: Add several functions to the fail_function list
ubi: Reserve sufficient buffer length for the input mask
ubi: Add six fault injection type for testing
ubi: Split io_failures into write_failure and erase_failure
ubi: Use the fault injection framework to enhance the fault injection capability
ubifs: ubifs_symlink: Fix memleak of inode->i_link in error path
ubifs: Check @c->dirty_[n|p]n_cnt and @c->nroot state under @c->lp_mutex
ubifs: describe function parameters
ubifs: auth.c: fix kernel-doc function prototype warning
ubifs: use crypto_shash_tfm_digest() in ubifs_hmac_wkm()

Linus Torvalds 0c6bc372 eebe7582

+558 -107
+5
drivers/mtd/mtdcore.c
··· 30 30 #include <linux/debugfs.h> 31 31 #include <linux/nvmem-provider.h> 32 32 #include <linux/root_dev.h> 33 + #include <linux/error-injection.h> 33 34 34 35 #include <linux/mtd/mtd.h> 35 36 #include <linux/mtd/partitions.h> ··· 1413 1412 return ret; 1414 1413 } 1415 1414 EXPORT_SYMBOL_GPL(mtd_erase); 1415 + ALLOW_ERROR_INJECTION(mtd_erase, ERRNO); 1416 1416 1417 1417 /* 1418 1418 * This stuff for eXecute-In-Place. phys is optional and may be set to NULL. ··· 1513 1511 return ret; 1514 1512 } 1515 1513 EXPORT_SYMBOL_GPL(mtd_read); 1514 + ALLOW_ERROR_INJECTION(mtd_read, ERRNO); 1516 1515 1517 1516 int mtd_write(struct mtd_info *mtd, loff_t to, size_t len, size_t *retlen, 1518 1517 const u_char *buf) ··· 1530 1527 return ret; 1531 1528 } 1532 1529 EXPORT_SYMBOL_GPL(mtd_write); 1530 + ALLOW_ERROR_INJECTION(mtd_write, ERRNO); 1533 1531 1534 1532 /* 1535 1533 * In blackbox flight recorder like scenarios we want to make successful writes ··· 2351 2347 return 0; 2352 2348 } 2353 2349 EXPORT_SYMBOL_GPL(mtd_block_markbad); 2350 + ALLOW_ERROR_INJECTION(mtd_block_markbad, ERRNO); 2354 2351 2355 2352 /* 2356 2353 * default_mtd_writev - the default writev method
+9
drivers/mtd/ubi/Kconfig
··· 104 104 105 105 If in doubt, say "N". 106 106 107 + config MTD_UBI_FAULT_INJECTION 108 + bool "Fault injection capability of UBI device" 109 + default n 110 + depends on FAULT_INJECTION_DEBUG_FS 111 + help 112 + This option enables fault-injection support for UBI devices for 113 + testing purposes. 114 + 115 + If in doubt, say "N". 107 116 endif # MTD_UBI
+1 -1
drivers/mtd/ubi/block.c
··· 434 434 list_del(&dev->list); 435 435 idr_remove(&ubiblock_minor_idr, gd->first_minor); 436 436 out_cleanup_disk: 437 - put_disk(dev->gd); 437 + put_disk(gd); 438 438 out_free_tags: 439 439 blk_mq_free_tag_set(&dev->tag_set); 440 440 out_free_dev:
+100 -8
drivers/mtd/ubi/debug.c
··· 10 10 #include <linux/uaccess.h> 11 11 #include <linux/module.h> 12 12 #include <linux/seq_file.h> 13 + #include <linux/fault-inject.h> 13 14 15 + #ifdef CONFIG_MTD_UBI_FAULT_INJECTION 16 + static DECLARE_FAULT_ATTR(fault_eccerr_attr); 17 + static DECLARE_FAULT_ATTR(fault_bitflips_attr); 18 + static DECLARE_FAULT_ATTR(fault_read_failure_attr); 19 + static DECLARE_FAULT_ATTR(fault_write_failure_attr); 20 + static DECLARE_FAULT_ATTR(fault_erase_failure_attr); 21 + static DECLARE_FAULT_ATTR(fault_power_cut_attr); 22 + static DECLARE_FAULT_ATTR(fault_io_ff_attr); 23 + static DECLARE_FAULT_ATTR(fault_io_ff_bitflips_attr); 24 + static DECLARE_FAULT_ATTR(fault_bad_hdr_attr); 25 + static DECLARE_FAULT_ATTR(fault_bad_hdr_ebadmsg_attr); 26 + 27 + #define FAIL_ACTION(name, fault_attr) \ 28 + bool should_fail_##name(void) \ 29 + { \ 30 + return should_fail(&fault_attr, 1); \ 31 + } 32 + 33 + FAIL_ACTION(eccerr, fault_eccerr_attr) 34 + FAIL_ACTION(bitflips, fault_bitflips_attr) 35 + FAIL_ACTION(read_failure, fault_read_failure_attr) 36 + FAIL_ACTION(write_failure, fault_write_failure_attr) 37 + FAIL_ACTION(erase_failure, fault_erase_failure_attr) 38 + FAIL_ACTION(power_cut, fault_power_cut_attr) 39 + FAIL_ACTION(io_ff, fault_io_ff_attr) 40 + FAIL_ACTION(io_ff_bitflips, fault_io_ff_bitflips_attr) 41 + FAIL_ACTION(bad_hdr, fault_bad_hdr_attr) 42 + FAIL_ACTION(bad_hdr_ebadmsg, fault_bad_hdr_ebadmsg_attr) 43 + #endif 14 44 15 45 /** 16 46 * ubi_dump_flash - dump a region of flash. ··· 242 212 */ 243 213 static struct dentry *dfs_rootdir; 244 214 215 + #ifdef CONFIG_MTD_UBI_FAULT_INJECTION 216 + static void dfs_create_fault_entry(struct dentry *parent) 217 + { 218 + struct dentry *dir; 219 + 220 + dir = debugfs_create_dir("fault_inject", parent); 221 + if (IS_ERR_OR_NULL(dir)) { 222 + int err = dir ? PTR_ERR(dir) : -ENODEV; 223 + 224 + pr_warn("UBI error: cannot create \"fault_inject\" debugfs directory, error %d\n", 225 + err); 226 + return; 227 + } 228 + 229 + fault_create_debugfs_attr("emulate_eccerr", dir, 230 + &fault_eccerr_attr); 231 + 232 + fault_create_debugfs_attr("emulate_read_failure", dir, 233 + &fault_read_failure_attr); 234 + 235 + fault_create_debugfs_attr("emulate_bitflips", dir, 236 + &fault_bitflips_attr); 237 + 238 + fault_create_debugfs_attr("emulate_write_failure", dir, 239 + &fault_write_failure_attr); 240 + 241 + fault_create_debugfs_attr("emulate_erase_failure", dir, 242 + &fault_erase_failure_attr); 243 + 244 + fault_create_debugfs_attr("emulate_power_cut", dir, 245 + &fault_power_cut_attr); 246 + 247 + fault_create_debugfs_attr("emulate_io_ff", dir, 248 + &fault_io_ff_attr); 249 + 250 + fault_create_debugfs_attr("emulate_io_ff_bitflips", dir, 251 + &fault_io_ff_bitflips_attr); 252 + 253 + fault_create_debugfs_attr("emulate_bad_hdr", dir, 254 + &fault_bad_hdr_attr); 255 + 256 + fault_create_debugfs_attr("emulate_bad_hdr_ebadmsg", dir, 257 + &fault_bad_hdr_ebadmsg_attr); 258 + } 259 + #endif 260 + 245 261 /** 246 262 * ubi_debugfs_init - create UBI debugfs directory. 247 263 * ··· 307 231 err); 308 232 return err; 309 233 } 234 + 235 + #ifdef CONFIG_MTD_UBI_FAULT_INJECTION 236 + dfs_create_fault_entry(dfs_rootdir); 237 + #endif 310 238 311 239 return 0; 312 240 } ··· 332 252 struct dentry *dent = file->f_path.dentry; 333 253 struct ubi_device *ubi; 334 254 struct ubi_debug_info *d; 335 - char buf[8]; 255 + char buf[16]; 336 256 int val; 337 257 338 258 ubi = ubi_get_device(ubi_num); ··· 352 272 val = d->emulate_bitflips; 353 273 else if (dent == d->dfs_emulate_io_failures) 354 274 val = d->emulate_io_failures; 355 - else if (dent == d->dfs_emulate_power_cut) { 275 + else if (dent == d->dfs_emulate_failures) { 276 + snprintf(buf, sizeof(buf), "0x%04x\n", d->emulate_failures); 277 + count = simple_read_from_buffer(user_buf, count, ppos, 278 + buf, strlen(buf)); 279 + goto out; 280 + } else if (dent == d->dfs_emulate_power_cut) { 356 281 snprintf(buf, sizeof(buf), "%u\n", d->emulate_power_cut); 357 282 count = simple_read_from_buffer(user_buf, count, ppos, 358 283 buf, strlen(buf)); ··· 372 287 count = simple_read_from_buffer(user_buf, count, ppos, 373 288 buf, strlen(buf)); 374 289 goto out; 375 - } 376 - else { 290 + } else { 377 291 count = -EINVAL; 378 292 goto out; 379 293 } ··· 400 316 struct ubi_device *ubi; 401 317 struct ubi_debug_info *d; 402 318 size_t buf_size; 403 - char buf[8] = {0}; 319 + char buf[16] = {0}; 404 320 int val; 405 321 406 322 ubi = ubi_get_device(ubi_num); ··· 414 330 goto out; 415 331 } 416 332 417 - if (dent == d->dfs_power_cut_min) { 333 + if (dent == d->dfs_emulate_failures) { 334 + if (kstrtouint(buf, 0, &d->emulate_failures) != 0) 335 + count = -EINVAL; 336 + goto out; 337 + } else if (dent == d->dfs_power_cut_min) { 418 338 if (kstrtouint(buf, 0, &d->power_cut_min) != 0) 419 339 count = -EINVAL; 420 340 goto out; ··· 647 559 debugfs_create_file("detailed_erase_block_info", S_IRUSR, d->dfs_dir, 648 560 (void *)ubi_num, &eraseblk_count_fops); 649 561 562 + #ifdef CONFIG_MTD_UBI_FAULT_INJECTION 563 + d->dfs_emulate_failures = debugfs_create_file("emulate_failures", 564 + mode, d->dfs_dir, 565 + (void *)ubi_num, 566 + &dfs_fops); 567 + #endif 650 568 return 0; 651 569 } 652 570 ··· 694 600 if (ubi->dbg.power_cut_counter) 695 601 return 0; 696 602 697 - ubi_msg(ubi, "XXXXXXXXXXXXXXX emulating a power cut XXXXXXXXXXXXXXXX"); 698 - ubi_ro_mode(ubi); 699 603 return 1; 700 604 }
+300 -42
drivers/mtd/ubi/debug.h
··· 53 53 void ubi_debugfs_exit_dev(struct ubi_device *ubi); 54 54 55 55 /** 56 + * The following function is a legacy implementation of UBI fault-injection 57 + * hook. When using more powerful fault injection capabilities, the legacy 58 + * fault injection interface should be retained. 59 + */ 60 + int ubi_dbg_power_cut(struct ubi_device *ubi, int caller); 61 + 62 + static inline int ubi_dbg_bitflip(const struct ubi_device *ubi) 63 + { 64 + if (ubi->dbg.emulate_bitflips) 65 + return !get_random_u32_below(200); 66 + return 0; 67 + } 68 + 69 + static inline int ubi_dbg_write_failure(const struct ubi_device *ubi) 70 + { 71 + if (ubi->dbg.emulate_io_failures) 72 + return !get_random_u32_below(500); 73 + return 0; 74 + } 75 + 76 + static inline int ubi_dbg_erase_failure(const struct ubi_device *ubi) 77 + { 78 + if (ubi->dbg.emulate_io_failures) 79 + return !get_random_u32_below(400); 80 + return 0; 81 + } 82 + 83 + /** 84 + * MASK_XXX: Mask for emulate_failures in ubi_debug_info.The mask is used to 85 + * precisely control the type and process of fault injection. 86 + */ 87 + /* Emulate a power cut when writing EC/VID header */ 88 + #define MASK_POWER_CUT_EC (1 << 0) 89 + #define MASK_POWER_CUT_VID (1 << 1) 90 + /* Emulate a power cut when writing data*/ 91 + #define MASK_POWER_CUT_DATA (1 << 2) 92 + /* Emulate bit-flips */ 93 + #define MASK_BITFLIPS (1 << 3) 94 + /* Emulate ecc error */ 95 + #define MASK_ECCERR (1 << 4) 96 + /* Emulates -EIO during data read */ 97 + #define MASK_READ_FAILURE (1 << 5) 98 + #define MASK_READ_FAILURE_EC (1 << 6) 99 + #define MASK_READ_FAILURE_VID (1 << 7) 100 + /* Emulates -EIO during data write */ 101 + #define MASK_WRITE_FAILURE (1 << 8) 102 + /* Emulates -EIO during erase a PEB*/ 103 + #define MASK_ERASE_FAILURE (1 << 9) 104 + /* Return UBI_IO_FF when reading EC/VID header */ 105 + #define MASK_IO_FF_EC (1 << 10) 106 + #define MASK_IO_FF_VID (1 << 11) 107 + /* Return UBI_IO_FF_BITFLIPS when reading EC/VID header */ 108 + #define MASK_IO_FF_BITFLIPS_EC (1 << 12) 109 + #define MASK_IO_FF_BITFLIPS_VID (1 << 13) 110 + /* Return UBI_IO_BAD_HDR when reading EC/VID header */ 111 + #define MASK_BAD_HDR_EC (1 << 14) 112 + #define MASK_BAD_HDR_VID (1 << 15) 113 + /* Return UBI_IO_BAD_HDR_EBADMSG when reading EC/VID header */ 114 + #define MASK_BAD_HDR_EBADMSG_EC (1 << 16) 115 + #define MASK_BAD_HDR_EBADMSG_VID (1 << 17) 116 + 117 + #ifdef CONFIG_MTD_UBI_FAULT_INJECTION 118 + 119 + extern bool should_fail_eccerr(void); 120 + extern bool should_fail_bitflips(void); 121 + extern bool should_fail_read_failure(void); 122 + extern bool should_fail_write_failure(void); 123 + extern bool should_fail_erase_failure(void); 124 + extern bool should_fail_power_cut(void); 125 + extern bool should_fail_io_ff(void); 126 + extern bool should_fail_io_ff_bitflips(void); 127 + extern bool should_fail_bad_hdr(void); 128 + extern bool should_fail_bad_hdr_ebadmsg(void); 129 + 130 + static inline bool ubi_dbg_fail_bitflip(const struct ubi_device *ubi) 131 + { 132 + if (ubi->dbg.emulate_failures & MASK_BITFLIPS) 133 + return should_fail_bitflips(); 134 + return false; 135 + } 136 + 137 + static inline bool ubi_dbg_fail_write(const struct ubi_device *ubi) 138 + { 139 + if (ubi->dbg.emulate_failures & MASK_WRITE_FAILURE) 140 + return should_fail_write_failure(); 141 + return false; 142 + } 143 + 144 + static inline bool ubi_dbg_fail_erase(const struct ubi_device *ubi) 145 + { 146 + if (ubi->dbg.emulate_failures & MASK_ERASE_FAILURE) 147 + return should_fail_erase_failure(); 148 + return false; 149 + } 150 + 151 + static inline bool ubi_dbg_fail_power_cut(const struct ubi_device *ubi, 152 + unsigned int caller) 153 + { 154 + if (ubi->dbg.emulate_failures & caller) 155 + return should_fail_power_cut(); 156 + return false; 157 + } 158 + 159 + static inline bool ubi_dbg_fail_read(const struct ubi_device *ubi, 160 + unsigned int caller) 161 + { 162 + if (ubi->dbg.emulate_failures & caller) 163 + return should_fail_read_failure(); 164 + return false; 165 + } 166 + 167 + static inline bool ubi_dbg_fail_eccerr(const struct ubi_device *ubi) 168 + { 169 + if (ubi->dbg.emulate_failures & MASK_ECCERR) 170 + return should_fail_eccerr(); 171 + return false; 172 + } 173 + 174 + static inline bool ubi_dbg_fail_ff(const struct ubi_device *ubi, 175 + unsigned int caller) 176 + { 177 + if (ubi->dbg.emulate_failures & caller) 178 + return should_fail_io_ff(); 179 + return false; 180 + } 181 + 182 + static inline bool ubi_dbg_fail_ff_bitflips(const struct ubi_device *ubi, 183 + unsigned int caller) 184 + { 185 + if (ubi->dbg.emulate_failures & caller) 186 + return should_fail_io_ff_bitflips(); 187 + return false; 188 + } 189 + 190 + static inline bool ubi_dbg_fail_bad_hdr(const struct ubi_device *ubi, 191 + unsigned int caller) 192 + { 193 + if (ubi->dbg.emulate_failures & caller) 194 + return should_fail_bad_hdr(); 195 + return false; 196 + } 197 + 198 + static inline bool ubi_dbg_fail_bad_hdr_ebadmsg(const struct ubi_device *ubi, 199 + unsigned int caller) 200 + { 201 + if (ubi->dbg.emulate_failures & caller) 202 + return should_fail_bad_hdr_ebadmsg(); 203 + return false; 204 + } 205 + #else /* CONFIG_MTD_UBI_FAULT_INJECTION */ 206 + 207 + #define ubi_dbg_fail_bitflip(u) false 208 + #define ubi_dbg_fail_write(u) false 209 + #define ubi_dbg_fail_erase(u) false 210 + #define ubi_dbg_fail_power_cut(u, c) false 211 + #define ubi_dbg_fail_read(u, c) false 212 + #define ubi_dbg_fail_eccerr(u) false 213 + #define ubi_dbg_fail_ff(u, c) false 214 + #define ubi_dbg_fail_ff_bitflips(u, v) false 215 + #define ubi_dbg_fail_bad_hdr(u, c) false 216 + #define ubi_dbg_fail_bad_hdr_ebadmsg(u, c) false 217 + 218 + #endif 219 + 220 + /** 221 + * ubi_dbg_is_power_cut - if it is time to emulate power cut. 222 + * @ubi: UBI device description object 223 + * 224 + * Returns true if power cut should be emulated, otherwise returns false. 225 + */ 226 + static inline bool ubi_dbg_is_power_cut(struct ubi_device *ubi, 227 + unsigned int caller) 228 + { 229 + if (ubi_dbg_power_cut(ubi, caller)) 230 + return true; 231 + return ubi_dbg_fail_power_cut(ubi, caller); 232 + } 233 + 234 + /** 235 + * ubi_dbg_is_bitflip - if it is time to emulate a bit-flip. 236 + * @ubi: UBI device description object 237 + * 238 + * Returns true if a bit-flip should be emulated, otherwise returns false. 239 + */ 240 + static inline bool ubi_dbg_is_bitflip(const struct ubi_device *ubi) 241 + { 242 + if (ubi_dbg_bitflip(ubi)) 243 + return true; 244 + return ubi_dbg_fail_bitflip(ubi); 245 + } 246 + 247 + /** 248 + * ubi_dbg_is_write_failure - if it is time to emulate a write failure. 249 + * @ubi: UBI device description object 250 + * 251 + * Returns true if a write failure should be emulated, otherwise returns 252 + * false. 253 + */ 254 + static inline bool ubi_dbg_is_write_failure(const struct ubi_device *ubi) 255 + { 256 + if (ubi_dbg_write_failure(ubi)) 257 + return true; 258 + return ubi_dbg_fail_write(ubi); 259 + } 260 + 261 + /** 262 + * ubi_dbg_is_erase_failure - if its time to emulate an erase failure. 263 + * @ubi: UBI device description object 264 + * 265 + * Returns true if an erase failure should be emulated, otherwise returns 266 + * false. 267 + */ 268 + static inline bool ubi_dbg_is_erase_failure(const struct ubi_device *ubi) 269 + { 270 + if (ubi_dbg_erase_failure(ubi)) 271 + return true; 272 + return ubi_dbg_fail_erase(ubi); 273 + } 274 + 275 + /** 276 + * ubi_dbg_is_eccerr - if it is time to emulate ECC error. 277 + * @ubi: UBI device description object 278 + * 279 + * Returns true if a ECC error should be emulated, otherwise returns false. 280 + */ 281 + static inline bool ubi_dbg_is_eccerr(const struct ubi_device *ubi) 282 + { 283 + return ubi_dbg_fail_eccerr(ubi); 284 + } 285 + 286 + /** 287 + * ubi_dbg_is_read_failure - if it is time to emulate a read failure. 288 + * @ubi: UBI device description object 289 + * 290 + * Returns true if a read failure should be emulated, otherwise returns 291 + * false. 292 + */ 293 + static inline bool ubi_dbg_is_read_failure(const struct ubi_device *ubi, 294 + unsigned int caller) 295 + { 296 + return ubi_dbg_fail_read(ubi, caller); 297 + } 298 + 299 + /** 300 + * ubi_dbg_is_ff - if it is time to emulate that read region is only 0xFF. 301 + * @ubi: UBI device description object 302 + * 303 + * Returns true if read region should be emulated 0xFF, otherwise 304 + * returns false. 305 + */ 306 + static inline bool ubi_dbg_is_ff(const struct ubi_device *ubi, 307 + unsigned int caller) 308 + { 309 + return ubi_dbg_fail_ff(ubi, caller); 310 + } 311 + 312 + /** 313 + * ubi_dbg_is_ff_bitflips - if it is time to emulate that read region is only 0xFF 314 + * with error reported by the MTD driver 315 + * 316 + * @ubi: UBI device description object 317 + * 318 + * Returns true if read region should be emulated 0xFF and error 319 + * reported by the MTD driver, otherwise returns false. 320 + */ 321 + static inline bool ubi_dbg_is_ff_bitflips(const struct ubi_device *ubi, 322 + unsigned int caller) 323 + { 324 + return ubi_dbg_fail_ff_bitflips(ubi, caller); 325 + } 326 + 327 + /** 328 + * ubi_dbg_is_bad_hdr - if it is time to emulate a bad header 329 + * @ubi: UBI device description object 330 + * 331 + * Returns true if a bad header error should be emulated, otherwise 332 + * returns false. 333 + */ 334 + static inline bool ubi_dbg_is_bad_hdr(const struct ubi_device *ubi, 335 + unsigned int caller) 336 + { 337 + return ubi_dbg_fail_bad_hdr(ubi, caller); 338 + } 339 + 340 + /** 341 + * ubi_dbg_is_bad_hdr_ebadmsg - if it is time to emulate a bad header with 342 + * ECC error. 343 + * 344 + * @ubi: UBI device description object 345 + * 346 + * Returns true if a bad header with ECC error should be emulated, otherwise 347 + * returns false. 348 + */ 349 + static inline bool ubi_dbg_is_bad_hdr_ebadmsg(const struct ubi_device *ubi, 350 + unsigned int caller) 351 + { 352 + return ubi_dbg_fail_bad_hdr_ebadmsg(ubi, caller); 353 + } 354 + 355 + /** 56 356 * ubi_dbg_is_bgt_disabled - if the background thread is disabled. 57 357 * @ubi: UBI device description object 58 358 * ··· 362 62 static inline int ubi_dbg_is_bgt_disabled(const struct ubi_device *ubi) 363 63 { 364 64 return ubi->dbg.disable_bgt; 365 - } 366 - 367 - /** 368 - * ubi_dbg_is_bitflip - if it is time to emulate a bit-flip. 369 - * @ubi: UBI device description object 370 - * 371 - * Returns non-zero if a bit-flip should be emulated, otherwise returns zero. 372 - */ 373 - static inline int ubi_dbg_is_bitflip(const struct ubi_device *ubi) 374 - { 375 - if (ubi->dbg.emulate_bitflips) 376 - return !get_random_u32_below(200); 377 - return 0; 378 - } 379 - 380 - /** 381 - * ubi_dbg_is_write_failure - if it is time to emulate a write failure. 382 - * @ubi: UBI device description object 383 - * 384 - * Returns non-zero if a write failure should be emulated, otherwise returns 385 - * zero. 386 - */ 387 - static inline int ubi_dbg_is_write_failure(const struct ubi_device *ubi) 388 - { 389 - if (ubi->dbg.emulate_io_failures) 390 - return !get_random_u32_below(500); 391 - return 0; 392 - } 393 - 394 - /** 395 - * ubi_dbg_is_erase_failure - if its time to emulate an erase failure. 396 - * @ubi: UBI device description object 397 - * 398 - * Returns non-zero if an erase failure should be emulated, otherwise returns 399 - * zero. 400 - */ 401 - static inline int ubi_dbg_is_erase_failure(const struct ubi_device *ubi) 402 - { 403 - if (ubi->dbg.emulate_io_failures) 404 - return !get_random_u32_below(400); 405 - return 0; 406 65 } 407 66 408 67 static inline int ubi_dbg_chk_io(const struct ubi_device *ubi) ··· 384 125 ubi->dbg.chk_fastmap = 1; 385 126 } 386 127 387 - int ubi_dbg_power_cut(struct ubi_device *ubi, int caller); 388 128 #endif /* !__UBI_DEBUG_H__ */
+81 -5
drivers/mtd/ubi/io.c
··· 195 195 196 196 if (ubi_dbg_is_bitflip(ubi)) { 197 197 dbg_gen("bit-flip (emulated)"); 198 - err = UBI_IO_BITFLIPS; 198 + return UBI_IO_BITFLIPS; 199 + } 200 + 201 + if (ubi_dbg_is_read_failure(ubi, MASK_READ_FAILURE)) { 202 + ubi_warn(ubi, "cannot read %d bytes from PEB %d:%d (emulated)", 203 + len, pnum, offset); 204 + return -EIO; 205 + } 206 + 207 + if (ubi_dbg_is_eccerr(ubi)) { 208 + ubi_warn(ubi, "ECC error (emulated) while reading %d bytes from PEB %d:%d, read %zd bytes", 209 + len, pnum, offset, read); 210 + return -EBADMSG; 199 211 } 200 212 } 201 213 ··· 794 782 * If there was %-EBADMSG, but the header CRC is still OK, report about 795 783 * a bit-flip to force scrubbing on this PEB. 796 784 */ 797 - return read_err ? UBI_IO_BITFLIPS : 0; 785 + if (read_err) 786 + return UBI_IO_BITFLIPS; 787 + 788 + if (ubi_dbg_is_read_failure(ubi, MASK_READ_FAILURE_EC)) { 789 + ubi_warn(ubi, "cannot read EC header from PEB %d (emulated)", 790 + pnum); 791 + return -EIO; 792 + } 793 + 794 + if (ubi_dbg_is_ff(ubi, MASK_IO_FF_EC)) { 795 + ubi_warn(ubi, "bit-all-ff (emulated)"); 796 + return UBI_IO_FF; 797 + } 798 + 799 + if (ubi_dbg_is_ff_bitflips(ubi, MASK_IO_FF_BITFLIPS_EC)) { 800 + ubi_warn(ubi, "bit-all-ff with error reported by MTD driver (emulated)"); 801 + return UBI_IO_FF_BITFLIPS; 802 + } 803 + 804 + if (ubi_dbg_is_bad_hdr(ubi, MASK_BAD_HDR_EC)) { 805 + ubi_warn(ubi, "bad_hdr (emulated)"); 806 + return UBI_IO_BAD_HDR; 807 + } 808 + 809 + if (ubi_dbg_is_bad_hdr_ebadmsg(ubi, MASK_BAD_HDR_EBADMSG_EC)) { 810 + ubi_warn(ubi, "bad_hdr with ECC error (emulated)"); 811 + return UBI_IO_BAD_HDR_EBADMSG; 812 + } 813 + 814 + return 0; 798 815 } 799 816 800 817 /** ··· 862 821 if (err) 863 822 return err; 864 823 865 - if (ubi_dbg_power_cut(ubi, POWER_CUT_EC_WRITE)) 824 + if (ubi_dbg_is_power_cut(ubi, MASK_POWER_CUT_EC)) { 825 + ubi_warn(ubi, "emulating a power cut when writing EC header"); 826 + ubi_ro_mode(ubi); 866 827 return -EROFS; 828 + } 867 829 868 830 err = ubi_io_write(ubi, ec_hdr, pnum, 0, ubi->ec_hdr_alsize); 869 831 return err; ··· 1073 1029 return -EINVAL; 1074 1030 } 1075 1031 1076 - return read_err ? UBI_IO_BITFLIPS : 0; 1032 + if (read_err) 1033 + return UBI_IO_BITFLIPS; 1034 + 1035 + if (ubi_dbg_is_read_failure(ubi, MASK_READ_FAILURE_VID)) { 1036 + ubi_warn(ubi, "cannot read VID header from PEB %d (emulated)", 1037 + pnum); 1038 + return -EIO; 1039 + } 1040 + 1041 + if (ubi_dbg_is_ff(ubi, MASK_IO_FF_VID)) { 1042 + ubi_warn(ubi, "bit-all-ff (emulated)"); 1043 + return UBI_IO_FF; 1044 + } 1045 + 1046 + if (ubi_dbg_is_ff_bitflips(ubi, MASK_IO_FF_BITFLIPS_VID)) { 1047 + ubi_warn(ubi, "bit-all-ff with error reported by MTD driver (emulated)"); 1048 + return UBI_IO_FF_BITFLIPS; 1049 + } 1050 + 1051 + if (ubi_dbg_is_bad_hdr(ubi, MASK_BAD_HDR_VID)) { 1052 + ubi_warn(ubi, "bad_hdr (emulated)"); 1053 + return UBI_IO_BAD_HDR; 1054 + } 1055 + 1056 + if (ubi_dbg_is_bad_hdr_ebadmsg(ubi, MASK_BAD_HDR_EBADMSG_VID)) { 1057 + ubi_warn(ubi, "bad_hdr with ECC error (emulated)"); 1058 + return UBI_IO_BAD_HDR_EBADMSG; 1059 + } 1060 + 1061 + return 0; 1077 1062 } 1078 1063 1079 1064 /** ··· 1144 1071 if (err) 1145 1072 return err; 1146 1073 1147 - if (ubi_dbg_power_cut(ubi, POWER_CUT_VID_WRITE)) 1074 + if (ubi_dbg_is_power_cut(ubi, MASK_POWER_CUT_VID)) { 1075 + ubi_warn(ubi, "emulating a power cut when writing VID header"); 1076 + ubi_ro_mode(ubi); 1148 1077 return -EROFS; 1078 + } 1149 1079 1150 1080 err = ubi_io_write(ubi, p, pnum, ubi->vid_hdr_aloffset, 1151 1081 ubi->vid_hdr_alsize);
+22 -23
drivers/mtd/ubi/ubi.h
··· 145 145 UBI_BAD_FASTMAP, 146 146 }; 147 147 148 - /* 149 - * Flags for emulate_power_cut in ubi_debug_info 150 - * 151 - * POWER_CUT_EC_WRITE: Emulate a power cut when writing an EC header 152 - * POWER_CUT_VID_WRITE: Emulate a power cut when writing a VID header 153 - */ 154 - enum { 155 - POWER_CUT_EC_WRITE = 0x01, 156 - POWER_CUT_VID_WRITE = 0x02, 157 - }; 158 - 159 148 /** 160 149 * struct ubi_vid_io_buf - VID buffer used to read/write VID info to/from the 161 150 * flash. ··· 393 404 * @power_cut_counter: count down for writes left until emulated power cut 394 405 * @power_cut_min: minimum number of writes before emulating a power cut 395 406 * @power_cut_max: maximum number of writes until emulating a power cut 407 + * @emulate_failures: emulate failures for testing purposes 396 408 * @dfs_dir_name: name of debugfs directory containing files of this UBI device 397 409 * @dfs_dir: direntry object of the UBI device debugfs directory 398 410 * @dfs_chk_gen: debugfs knob to enable UBI general extra checks ··· 405 415 * @dfs_emulate_power_cut: debugfs knob to emulate power cuts 406 416 * @dfs_power_cut_min: debugfs knob for minimum writes before power cut 407 417 * @dfs_power_cut_max: debugfs knob for maximum writes until power cut 418 + * @dfs_emulate_failures: debugfs entry to control the fault injection type 408 419 */ 409 420 struct ubi_debug_info { 410 421 unsigned int chk_gen:1; ··· 418 427 unsigned int power_cut_counter; 419 428 unsigned int power_cut_min; 420 429 unsigned int power_cut_max; 430 + unsigned int emulate_failures; 421 431 char dfs_dir_name[UBI_DFS_DIR_LEN + 1]; 422 432 struct dentry *dfs_dir; 423 433 struct dentry *dfs_chk_gen; ··· 430 438 struct dentry *dfs_emulate_power_cut; 431 439 struct dentry *dfs_power_cut_min; 432 440 struct dentry *dfs_power_cut_max; 441 + struct dentry *dfs_emulate_failures; 433 442 }; 434 443 435 444 /** ··· 1123 1130 return vidb->hdr; 1124 1131 } 1125 1132 1133 + /** 1134 + * ubi_ro_mode - switch to read-only mode. 1135 + * @ubi: UBI device description object 1136 + */ 1137 + static inline void ubi_ro_mode(struct ubi_device *ubi) 1138 + { 1139 + if (!ubi->ro_mode) { 1140 + ubi->ro_mode = 1; 1141 + ubi_warn(ubi, "switch to read-only mode"); 1142 + dump_stack(); 1143 + } 1144 + } 1145 + 1126 1146 /* 1127 1147 * This function is equivalent to 'ubi_io_read()', but @offset is relative to 1128 1148 * the beginning of the logical eraseblock, not to the beginning of the ··· 1157 1151 int pnum, int offset, int len) 1158 1152 { 1159 1153 ubi_assert(offset >= 0); 1160 - return ubi_io_write(ubi, buf, pnum, offset + ubi->leb_start, len); 1161 - } 1162 1154 1163 - /** 1164 - * ubi_ro_mode - switch to read-only mode. 1165 - * @ubi: UBI device description object 1166 - */ 1167 - static inline void ubi_ro_mode(struct ubi_device *ubi) 1168 - { 1169 - if (!ubi->ro_mode) { 1170 - ubi->ro_mode = 1; 1171 - ubi_warn(ubi, "switch to read-only mode"); 1172 - dump_stack(); 1155 + if (ubi_dbg_power_cut(ubi, MASK_POWER_CUT_DATA)) { 1156 + ubi_warn(ubi, "XXXXX emulating a power cut when writing data XXXXX"); 1157 + ubi_ro_mode(ubi); 1158 + return -EROFS; 1173 1159 } 1160 + return ubi_io_write(ubi, buf, pnum, offset + ubi->leb_start, len); 1174 1161 } 1175 1162 1176 1163 /**
+3 -18
fs/ubifs/auth.c
··· 18 18 #include "ubifs.h" 19 19 20 20 /** 21 - * ubifs_node_calc_hash - calculate the hash of a UBIFS node 21 + * __ubifs_node_calc_hash - calculate the hash of a UBIFS node 22 22 * @c: UBIFS file-system description object 23 23 * @node: the node to calculate a hash for 24 24 * @hash: the returned hash ··· 507 507 */ 508 508 int ubifs_hmac_wkm(struct ubifs_info *c, u8 *hmac) 509 509 { 510 - SHASH_DESC_ON_STACK(shash, c->hmac_tfm); 511 - int err; 512 510 const char well_known_message[] = "UBIFS"; 513 511 514 512 if (!ubifs_authenticated(c)) 515 513 return 0; 516 514 517 - shash->tfm = c->hmac_tfm; 518 - 519 - err = crypto_shash_init(shash); 520 - if (err) 521 - return err; 522 - 523 - err = crypto_shash_update(shash, well_known_message, 524 - sizeof(well_known_message) - 1); 525 - if (err < 0) 526 - return err; 527 - 528 - err = crypto_shash_final(shash, hmac); 529 - if (err) 530 - return err; 531 - return 0; 515 + return crypto_shash_tfm_digest(c->hmac_tfm, well_known_message, 516 + sizeof(well_known_message) - 1, hmac); 532 517 } 533 518 534 519 /*
+12 -1
fs/ubifs/commit.c
··· 70 70 return 0; 71 71 72 72 /* 73 + * Increasing @c->dirty_pn_cnt/@c->dirty_nn_cnt and marking 74 + * nnodes/pnodes as dirty in run_gc() could race with following 75 + * checking, which leads inconsistent states between @c->nroot 76 + * and @c->dirty_pn_cnt/@c->dirty_nn_cnt, holding @c->lp_mutex 77 + * to avoid that. 78 + */ 79 + mutex_lock(&c->lp_mutex); 80 + /* 73 81 * Even though the TNC is clean, the LPT tree may have dirty nodes. For 74 82 * example, this may happen if the budgeting subsystem invoked GC to 75 83 * make some free space, and the GC found an LEB with only dirty and 76 84 * free space. In this case GC would just change the lprops of this 77 85 * LEB (by turning all space into free space) and unmap it. 78 86 */ 79 - if (c->nroot && test_bit(DIRTY_CNODE, &c->nroot->flags)) 87 + if (c->nroot && test_bit(DIRTY_CNODE, &c->nroot->flags)) { 88 + mutex_unlock(&c->lp_mutex); 80 89 return 0; 90 + } 81 91 82 92 ubifs_assert(c, atomic_long_read(&c->dirty_zn_cnt) == 0); 83 93 ubifs_assert(c, c->dirty_pn_cnt == 0); 84 94 ubifs_assert(c, c->dirty_nn_cnt == 0); 95 + mutex_unlock(&c->lp_mutex); 85 96 86 97 return 1; 87 98 }
+2
fs/ubifs/dir.c
··· 1234 1234 dir_ui->ui_size = dir->i_size; 1235 1235 mutex_unlock(&dir_ui->ui_mutex); 1236 1236 out_inode: 1237 + /* Free inode->i_link before inode is marked as bad. */ 1238 + fscrypt_free_inode(inode); 1237 1239 make_bad_inode(inode); 1238 1240 iput(inode); 1239 1241 out_fname:
+21 -9
fs/ubifs/file.c
··· 318 318 * This is a helper function for 'ubifs_write_begin()' which allocates budget 319 319 * for the operation. The budget is allocated differently depending on whether 320 320 * this is appending, whether the page is dirty or not, and so on. This 321 - * function leaves the @ui->ui_mutex locked in case of appending. Returns zero 322 - * in case of success and %-ENOSPC in case of failure. 321 + * function leaves the @ui->ui_mutex locked in case of appending. 322 + * 323 + * Returns: %0 in case of success and %-ENOSPC in case of failure. 323 324 */ 324 325 static int allocate_budget(struct ubifs_info *c, struct page *page, 325 326 struct ubifs_inode *ui, int appending) ··· 601 600 * @bu: bulk-read information 602 601 * @n: next zbranch slot 603 602 * 604 - * This function returns %0 on success and a negative error code on failure. 603 + * Returns: %0 on success and a negative error code on failure. 605 604 */ 606 605 static int populate_page(struct ubifs_info *c, struct page *page, 607 606 struct bu_info *bu, int *n) ··· 712 711 * @bu: bulk-read information 713 712 * @page1: first page to read 714 713 * 715 - * This function returns %1 if the bulk-read is done, otherwise %0 is returned. 714 + * Returns: %1 if the bulk-read is done, otherwise %0 is returned. 716 715 */ 717 716 static int ubifs_do_bulk_read(struct ubifs_info *c, struct bu_info *bu, 718 717 struct page *page1) ··· 822 821 * Some flash media are capable of reading sequentially at faster rates. UBIFS 823 822 * bulk-read facility is designed to take advantage of that, by reading in one 824 823 * go consecutive data nodes that are also located consecutively in the same 825 - * LEB. This function returns %1 if a bulk-read is done and %0 otherwise. 824 + * LEB. 825 + * 826 + * Returns: %1 if a bulk-read is done and %0 otherwise. 826 827 */ 827 828 static int ubifs_bulk_read(struct page *page) 828 829 { ··· 1112 1109 * @attr: inode attribute changes description 1113 1110 * 1114 1111 * This function implements VFS '->setattr()' call when the inode is truncated 1115 - * to a smaller size. Returns zero in case of success and a negative error code 1112 + * to a smaller size. 1113 + * 1114 + * Returns: %0 in case of success and a negative error code 1116 1115 * in case of failure. 1117 1116 */ 1118 1117 static int do_truncation(struct ubifs_info *c, struct inode *inode, ··· 1220 1215 * @attr: inode attribute changes description 1221 1216 * 1222 1217 * This function implements VFS '->setattr()' call for all cases except 1223 - * truncations to smaller size. Returns zero in case of success and a negative 1218 + * truncations to smaller size. 1219 + * 1220 + * Returns: %0 in case of success and a negative 1224 1221 * error code in case of failure. 1225 1222 */ 1226 1223 static int do_setattr(struct ubifs_info *c, struct inode *inode, ··· 1367 1360 * This helper function checks if the inode mtime/ctime should be updated or 1368 1361 * not. If current values of the time-stamps are within the UBIFS inode time 1369 1362 * granularity, they are not updated. This is an optimization. 1363 + * 1364 + * Returns: %1 if time update is needed, %0 if not 1370 1365 */ 1371 1366 static inline int mctime_update_needed(const struct inode *inode, 1372 1367 const struct timespec64 *now) ··· 1384 1375 /** 1385 1376 * ubifs_update_time - update time of inode. 1386 1377 * @inode: inode to update 1387 - * @time: timespec structure to hold the current time value 1388 1378 * @flags: time updating control flag determines updating 1389 1379 * which time fields of @inode 1390 1380 * 1391 1381 * This function updates time of the inode. 1382 + * 1383 + * Returns: %0 for success or a negative error code otherwise. 1392 1384 */ 1393 1385 int ubifs_update_time(struct inode *inode, int flags) 1394 1386 { ··· 1423 1413 * @inode: inode to update 1424 1414 * 1425 1415 * This function updates mtime and ctime of the inode if it is not equivalent to 1426 - * current time. Returns zero in case of success and a negative error code in 1416 + * current time. 1417 + * 1418 + * Returns: %0 in case of success and a negative error code in 1427 1419 * case of failure. 1428 1420 */ 1429 1421 static int update_mctime(struct inode *inode)
+2
fs/ubifs/replay.c
··· 365 365 * @lnum: node logical eraseblock number 366 366 * @offs: node offset 367 367 * @len: node length 368 + * @hash: node hash 368 369 * @key: node key 369 370 * @sqnum: sequence number 370 371 * @deletion: non-zero if this is a deletion ··· 418 417 * @lnum: node logical eraseblock number 419 418 * @offs: node offset 420 419 * @len: node length 420 + * @hash: node hash 421 421 * @key: node key 422 422 * @name: directory entry name 423 423 * @nlen: directory entry name length