pstore/zone: Provide way to skip "broken" zone for MTD devices

One requirement to support MTD devices in pstore/zone is having a
way to declare certain regions as broken. Add this support to
pstore/zone.

The MTD driver should return -ENOMSG when encountering a bad region,
which tells pstore/zone to skip and try the next one.

Signed-off-by: WeiXiong Liao <liaoweixiong@allwinnertech.com>
Link: https://lore.kernel.org/lkml/20200511233229.27745-8-keescook@chromium.org/
Co-developed-by: Colin Ian King <colin.king@canonical.com>
Signed-off-by: Colin Ian King <colin.king@canonical.com>
Link: //lore.kernel.org/lkml/20200512173801.222666-1-colin.king@canonical.com
Signed-off-by: Kees Cook <keescook@chromium.org>
This commit is contained in:
WeiXiong Liao 2020-03-25 16:55:03 +08:00 коммит произвёл Kees Cook
Родитель 649304c936
Коммит 335426c6dc
4 изменённых файлов: 71 добавлений и 19 удалений

Просмотреть файл

@ -109,9 +109,12 @@ struct bdev_info {
* means error.
* @write: The same as @read, but the following error number:
* -EBUSY means try to write again later.
* -ENOMSG means to try next zone.
* @panic_write:The write operation only used for panic case. It's optional
* if you do not care panic log. The parameters and return value
* are the same as @read.
* if you do not care panic log. The parameters are relative
* value to storage.
* On success, the number of bytes should be returned, others
* excluding -ENOMSG mean error. -ENOMSG means to try next zone.
*/
struct pstore_device_info {
unsigned long total_size;
@ -337,6 +340,9 @@ static ssize_t psblk_blk_panic_write(const char *buf, size_t size,
/* size and off must align to SECTOR_SIZE for block device */
ret = blkdev_panic_write(buf, off >> SECTOR_SHIFT,
size >> SECTOR_SHIFT);
/* try next zone */
if (ret == -ENOMSG)
return ret;
return ret ? -EIO : size;
}

Просмотреть файл

@ -249,6 +249,9 @@ static int psz_zone_write(struct pstore_zone *zone,
return 0;
dirty:
/* no need to mark dirty if going to try next zone */
if (wcnt == -ENOMSG)
return -ENOMSG;
atomic_set(&zone->dirty, true);
/* flush dirty zones nicely */
if (wcnt == -EBUSY && !is_on_panic())
@ -391,7 +394,11 @@ static int psz_kmsg_recover_meta(struct psz_context *cxt)
return -EINVAL;
rcnt = info->read((char *)buf, len, zone->off);
if (rcnt != len) {
if (rcnt == -ENOMSG) {
pr_debug("%s with id %lu may be broken, skip\n",
zone->name, i);
continue;
} else if (rcnt != len) {
pr_err("read %s with id %lu failed\n", zone->name, i);
return (int)rcnt < 0 ? (int)rcnt : -EIO;
}
@ -725,24 +732,58 @@ static void psz_write_kmsg_hdr(struct pstore_zone *zone,
hdr->counter = 0;
}
/*
* In case zone is broken, which may occur to MTD device, we try each zones,
* start at cxt->kmsg_write_cnt.
*/
static inline int notrace psz_kmsg_write_record(struct psz_context *cxt,
struct pstore_record *record)
{
size_t size, hlen;
struct pstore_zone *zone;
unsigned int zonenum;
unsigned int i;
zonenum = cxt->kmsg_write_cnt;
zone = cxt->kpszs[zonenum];
if (unlikely(!zone))
return -ENOSPC;
cxt->kmsg_write_cnt = (zonenum + 1) % cxt->kmsg_max_cnt;
for (i = 0; i < cxt->kmsg_max_cnt; i++) {
unsigned int zonenum, len;
int ret;
pr_debug("write %s to zone id %d\n", zone->name, zonenum);
psz_write_kmsg_hdr(zone, record);
hlen = sizeof(struct psz_kmsg_header);
size = min_t(size_t, record->size, zone->buffer_size - hlen);
return psz_zone_write(zone, FLUSH_ALL, record->buf, size, hlen);
zonenum = (cxt->kmsg_write_cnt + i) % cxt->kmsg_max_cnt;
zone = cxt->kpszs[zonenum];
if (unlikely(!zone))
return -ENOSPC;
/* avoid destroying old data, allocate a new one */
len = zone->buffer_size + sizeof(*zone->buffer);
zone->oldbuf = zone->buffer;
zone->buffer = kzalloc(len, GFP_KERNEL);
if (!zone->buffer) {
zone->buffer = zone->oldbuf;
return -ENOMEM;
}
zone->buffer->sig = zone->oldbuf->sig;
pr_debug("write %s to zone id %d\n", zone->name, zonenum);
psz_write_kmsg_hdr(zone, record);
hlen = sizeof(struct psz_kmsg_header);
size = min_t(size_t, record->size, zone->buffer_size - hlen);
ret = psz_zone_write(zone, FLUSH_ALL, record->buf, size, hlen);
if (likely(!ret || ret != -ENOMSG)) {
cxt->kmsg_write_cnt = zonenum + 1;
cxt->kmsg_write_cnt %= cxt->kmsg_max_cnt;
/* no need to try next zone, free last zone buffer */
kfree(zone->oldbuf);
zone->oldbuf = NULL;
return ret;
}
pr_debug("zone %u may be broken, try next dmesg zone\n",
zonenum);
kfree(zone->buffer);
zone->buffer = zone->oldbuf;
zone->oldbuf = NULL;
}
return -EBUSY;
}
static int notrace psz_kmsg_write(struct psz_context *cxt,

Просмотреть файл

@ -14,7 +14,8 @@
* @start_sect: start sector to block device
* @sects: sectors count on buf
*
* Return: On success, zero should be returned. Others mean error.
* Return: On success, zero should be returned. Others excluding -ENOMSG
* mean error. -ENOMSG means to try next zone.
*
* Panic write to block device must be aligned to SECTOR_SIZE.
*/

Просмотреть файл

@ -23,11 +23,15 @@ typedef ssize_t (*pstore_zone_write_op)(const char *, size_t, loff_t);
* @read: The general read operation. Both of the function parameters
* @size and @offset are relative value to storage.
* On success, the number of bytes should be returned, others
* means error.
* @write: The same as @read, but -EBUSY means try to write again later.
* mean error.
* @write: The same as @read, but the following error number:
* -EBUSY means try to write again later.
* -ENOMSG means to try next zone.
* @panic_write:The write operation only used for panic case. It's optional
* if you do not care panic log. The parameters and return value
* are the same as @read.
* if you do not care panic log. The parameters are relative
* value to storage.
* On success, the number of bytes should be returned, others
* excluding -ENOMSG mean error. -ENOMSG means to try next zone.
*/
struct pstore_zone_info {
struct module *owner;