Message ID | 20220830214919.53220-23-surenb@google.com (mailing list archive) |
---|---|
State | New |
Headers | show |
Series | Code tagging framework and applications | expand |
On 8/30/22 14:49, Suren Baghdasaryan wrote: > From: Kent Overstreet <kent.overstreet@linux.dev> > > This adds a new fault injection capability, based on code tagging. > > To use, simply insert somewhere in your code > > dynamic_fault("fault_class_name") > > and check whether it returns true - if so, inject the error. > For example > > if (dynamic_fault("init")) > return -EINVAL; > > There's no need to define faults elsewhere, as with > include/linux/fault-injection.h. Faults show up in debugfs, under > /sys/kernel/debug/dynamic_faults, and can be selected based on > file/module/function/line number/class, and enabled permanently, or in > oneshot mode, or with a specified frequency. > > Signed-off-by: Kent Overstreet <kent.overstreet@linux.dev> Missing Signed-off-by: from Suren. See Documentation/process/submitting-patches.rst: When to use Acked-by:, Cc:, and Co-developed-by: ------------------------------------------------ The Signed-off-by: tag indicates that the signer was involved in the development of the patch, or that he/she was in the patch's delivery path.
On Tue, 30 Aug 2022 at 23:50, Suren Baghdasaryan <surenb@google.com> wrote: > > From: Kent Overstreet <kent.overstreet@linux.dev> > > This adds a new fault injection capability, based on code tagging. > > To use, simply insert somewhere in your code > > dynamic_fault("fault_class_name") > > and check whether it returns true - if so, inject the error. > For example > > if (dynamic_fault("init")) > return -EINVAL; Hi Suren, If this is going to be used by mainline kernel, it would be good to integrate this with fail_nth systematic fault injection: https://elixir.bootlin.com/linux/latest/source/lib/fault-inject.c#L109 Otherwise these dynamic sites won't be tested by testing systems doing systematic fault injection testing. > There's no need to define faults elsewhere, as with > include/linux/fault-injection.h. Faults show up in debugfs, under > /sys/kernel/debug/dynamic_faults, and can be selected based on > file/module/function/line number/class, and enabled permanently, or in > oneshot mode, or with a specified frequency. > > Signed-off-by: Kent Overstreet <kent.overstreet@linux.dev> > --- > include/asm-generic/codetag.lds.h | 3 +- > include/linux/dynamic_fault.h | 79 +++++++ > include/linux/slab.h | 3 +- > lib/Kconfig.debug | 6 + > lib/Makefile | 2 + > lib/dynamic_fault.c | 372 ++++++++++++++++++++++++++++++ > 6 files changed, 463 insertions(+), 2 deletions(-) > create mode 100644 include/linux/dynamic_fault.h > create mode 100644 lib/dynamic_fault.c > > diff --git a/include/asm-generic/codetag.lds.h b/include/asm-generic/codetag.lds.h > index 64f536b80380..16fbf74edc3d 100644 > --- a/include/asm-generic/codetag.lds.h > +++ b/include/asm-generic/codetag.lds.h > @@ -9,6 +9,7 @@ > __stop_##_name = .; > > #define CODETAG_SECTIONS() \ > - SECTION_WITH_BOUNDARIES(alloc_tags) > + SECTION_WITH_BOUNDARIES(alloc_tags) \ > + SECTION_WITH_BOUNDARIES(dynamic_fault_tags) > > #endif /* __ASM_GENERIC_CODETAG_LDS_H */ > diff --git a/include/linux/dynamic_fault.h b/include/linux/dynamic_fault.h > new file mode 100644 > index 000000000000..526a33209e94 > --- /dev/null > +++ b/include/linux/dynamic_fault.h > @@ -0,0 +1,79 @@ > +/* SPDX-License-Identifier: GPL-2.0 */ > + > +#ifndef _LINUX_DYNAMIC_FAULT_H > +#define _LINUX_DYNAMIC_FAULT_H > + > +/* > + * Dynamic/code tagging fault injection: > + * > + * Originally based on the dynamic debug trick of putting types in a special elf > + * section, then rewritten using code tagging: > + * > + * To use, simply insert a call to dynamic_fault("fault_class"), which will > + * return true if an error should be injected. > + * > + * Fault injection sites may be listed and enabled via debugfs, under > + * /sys/kernel/debug/dynamic_faults. > + */ > + > +#ifdef CONFIG_CODETAG_FAULT_INJECTION > + > +#include <linux/codetag.h> > +#include <linux/jump_label.h> > + > +#define DFAULT_STATES() \ > + x(disabled) \ > + x(enabled) \ > + x(oneshot) > + > +enum dfault_enabled { > +#define x(n) DFAULT_##n, > + DFAULT_STATES() > +#undef x > +}; > + > +union dfault_state { > + struct { > + unsigned int enabled:2; > + unsigned int count:30; > + }; > + > + struct { > + unsigned int v; > + }; > +}; > + > +struct dfault { > + struct codetag tag; > + const char *class; > + unsigned int frequency; > + union dfault_state state; > + struct static_key_false enabled; > +}; > + > +bool __dynamic_fault_enabled(struct dfault *df); > + > +#define dynamic_fault(_class) \ > +({ \ > + static struct dfault \ > + __used \ > + __section("dynamic_fault_tags") \ > + __aligned(8) df = { \ > + .tag = CODE_TAG_INIT, \ > + .class = _class, \ > + .enabled = STATIC_KEY_FALSE_INIT, \ > + }; \ > + \ > + static_key_false(&df.enabled.key) && \ > + __dynamic_fault_enabled(&df); \ > +}) > + > +#else > + > +#define dynamic_fault(_class) false > + > +#endif /* CODETAG_FAULT_INJECTION */ > + > +#define memory_fault() dynamic_fault("memory") > + > +#endif /* _LINUX_DYNAMIC_FAULT_H */ > diff --git a/include/linux/slab.h b/include/linux/slab.h > index 89273be35743..4be5a93ed15a 100644 > --- a/include/linux/slab.h > +++ b/include/linux/slab.h > @@ -17,6 +17,7 @@ > #include <linux/types.h> > #include <linux/workqueue.h> > #include <linux/percpu-refcount.h> > +#include <linux/dynamic_fault.h> > > > /* > @@ -468,7 +469,7 @@ static inline void slab_tag_dec(const void *ptr) {} > > #define krealloc_hooks(_p, _do_alloc) \ > ({ \ > - void *_res = _do_alloc; \ > + void *_res = !memory_fault() ? _do_alloc : NULL; \ > slab_tag_add(_p, _res); \ > _res; \ > }) > diff --git a/lib/Kconfig.debug b/lib/Kconfig.debug > index 2790848464f1..b7d03afbc808 100644 > --- a/lib/Kconfig.debug > +++ b/lib/Kconfig.debug > @@ -1982,6 +1982,12 @@ config FAULT_INJECTION_STACKTRACE_FILTER > help > Provide stacktrace filter for fault-injection capabilities > > +config CODETAG_FAULT_INJECTION > + bool "Code tagging based fault injection" > + select CODE_TAGGING > + help > + Dynamic fault injection based on code tagging > + > config ARCH_HAS_KCOV > bool > help > diff --git a/lib/Makefile b/lib/Makefile > index 99f732156673..489ea000c528 100644 > --- a/lib/Makefile > +++ b/lib/Makefile > @@ -231,6 +231,8 @@ obj-$(CONFIG_CODE_TAGGING) += codetag.o > obj-$(CONFIG_ALLOC_TAGGING) += alloc_tag.o > obj-$(CONFIG_PAGE_ALLOC_TAGGING) += pgalloc_tag.o > > +obj-$(CONFIG_CODETAG_FAULT_INJECTION) += dynamic_fault.o > + > lib-$(CONFIG_GENERIC_BUG) += bug.o > > obj-$(CONFIG_HAVE_ARCH_TRACEHOOK) += syscall.o > diff --git a/lib/dynamic_fault.c b/lib/dynamic_fault.c > new file mode 100644 > index 000000000000..4c9cd18686be > --- /dev/null > +++ b/lib/dynamic_fault.c > @@ -0,0 +1,372 @@ > +// SPDX-License-Identifier: GPL-2.0-only > + > +#include <linux/ctype.h> > +#include <linux/debugfs.h> > +#include <linux/dynamic_fault.h> > +#include <linux/kernel.h> > +#include <linux/module.h> > +#include <linux/seq_buf.h> > + > +static struct codetag_type *cttype; > + > +bool __dynamic_fault_enabled(struct dfault *df) > +{ > + union dfault_state old, new; > + unsigned int v = df->state.v; > + bool ret; > + > + do { > + old.v = new.v = v; > + > + if (new.enabled == DFAULT_disabled) > + return false; > + > + ret = df->frequency > + ? ++new.count >= df->frequency > + : true; > + if (ret) > + new.count = 0; > + if (ret && new.enabled == DFAULT_oneshot) > + new.enabled = DFAULT_disabled; > + } while ((v = cmpxchg(&df->state.v, old.v, new.v)) != old.v); > + > + if (ret) > + pr_debug("returned true for %s:%u", df->tag.filename, df->tag.lineno); > + > + return ret; > +} > +EXPORT_SYMBOL(__dynamic_fault_enabled); > + > +static const char * const dfault_state_strs[] = { > +#define x(n) #n, > + DFAULT_STATES() > +#undef x > + NULL > +}; > + > +static void dynamic_fault_to_text(struct seq_buf *out, struct dfault *df) > +{ > + codetag_to_text(out, &df->tag); > + seq_buf_printf(out, "class:%s %s \"", df->class, > + dfault_state_strs[df->state.enabled]); > +} > + > +struct dfault_query { > + struct codetag_query q; > + > + bool set_enabled:1; > + unsigned int enabled:2; > + > + bool set_frequency:1; > + unsigned int frequency; > +}; > + > +/* > + * Search the tables for _dfault's which match the given > + * `query' and apply the `flags' and `mask' to them. Tells > + * the user which dfault's were changed, or whether none > + * were matched. > + */ > +static int dfault_change(struct dfault_query *query) > +{ > + struct codetag_iterator ct_iter; > + struct codetag *ct; > + unsigned int nfound = 0; > + > + codetag_lock_module_list(cttype, true); > + codetag_init_iter(&ct_iter, cttype); > + > + while ((ct = codetag_next_ct(&ct_iter))) { > + struct dfault *df = container_of(ct, struct dfault, tag); > + > + if (!codetag_matches_query(&query->q, ct, ct_iter.cmod, df->class)) > + continue; > + > + if (query->set_enabled && > + query->enabled != df->state.enabled) { > + if (query->enabled != DFAULT_disabled) > + static_key_slow_inc(&df->enabled.key); > + else if (df->state.enabled != DFAULT_disabled) > + static_key_slow_dec(&df->enabled.key); > + > + df->state.enabled = query->enabled; > + } > + > + if (query->set_frequency) > + df->frequency = query->frequency; > + > + pr_debug("changed %s:%d [%s]%s #%d %s", > + df->tag.filename, df->tag.lineno, df->tag.modname, > + df->tag.function, query->q.cur_index, > + dfault_state_strs[df->state.enabled]); > + > + nfound++; > + } > + > + pr_debug("dfault: %u matches", nfound); > + > + codetag_lock_module_list(cttype, false); > + > + return nfound ? 0 : -ENOENT; > +} > + > +#define DFAULT_TOKENS() \ > + x(disable, 0) \ > + x(enable, 0) \ > + x(oneshot, 0) \ > + x(frequency, 1) > + > +enum dfault_token { > +#define x(name, nr_args) TOK_##name, > + DFAULT_TOKENS() > +#undef x > +}; > + > +static const char * const dfault_token_strs[] = { > +#define x(name, nr_args) #name, > + DFAULT_TOKENS() > +#undef x > + NULL > +}; > + > +static unsigned int dfault_token_nr_args[] = { > +#define x(name, nr_args) nr_args, > + DFAULT_TOKENS() > +#undef x > +}; > + > +static enum dfault_token str_to_token(const char *word, unsigned int nr_words) > +{ > + int tok = match_string(dfault_token_strs, ARRAY_SIZE(dfault_token_strs), word); > + > + if (tok < 0) { > + pr_debug("unknown keyword \"%s\"", word); > + return tok; > + } > + > + if (nr_words < dfault_token_nr_args[tok]) { > + pr_debug("insufficient arguments to \"%s\"", word); > + return -EINVAL; > + } > + > + return tok; > +} > + > +static int dfault_parse_command(struct dfault_query *query, > + enum dfault_token tok, > + char *words[], size_t nr_words) > +{ > + unsigned int i = 0; > + int ret; > + > + switch (tok) { > + case TOK_disable: > + query->set_enabled = true; > + query->enabled = DFAULT_disabled; > + break; > + case TOK_enable: > + query->set_enabled = true; > + query->enabled = DFAULT_enabled; > + break; > + case TOK_oneshot: > + query->set_enabled = true; > + query->enabled = DFAULT_oneshot; > + break; > + case TOK_frequency: > + query->set_frequency = 1; > + ret = kstrtouint(words[i++], 10, &query->frequency); > + if (ret) > + return ret; > + > + if (!query->set_enabled) { > + query->set_enabled = 1; > + query->enabled = DFAULT_enabled; > + } > + break; > + } > + > + return i; > +} > + > +static int dynamic_fault_store(char *buf) > +{ > + struct dfault_query query = { NULL }; > +#define MAXWORDS 9 > + char *tok, *words[MAXWORDS]; > + int ret, nr_words, i = 0; > + > + buf = codetag_query_parse(&query.q, buf); > + if (IS_ERR(buf)) > + return PTR_ERR(buf); > + > + while ((tok = strsep_no_empty(&buf, " \t\r\n"))) { > + if (nr_words == ARRAY_SIZE(words)) > + return -EINVAL; /* ran out of words[] before bytes */ > + words[nr_words++] = tok; > + } > + > + while (i < nr_words) { > + const char *tok_str = words[i++]; > + enum dfault_token tok = str_to_token(tok_str, nr_words - i); > + > + if (tok < 0) > + return tok; > + > + ret = dfault_parse_command(&query, tok, words + i, nr_words - i); > + if (ret < 0) > + return ret; > + > + i += ret; > + BUG_ON(i > nr_words); > + } > + > + pr_debug("q->function=\"%s\" q->filename=\"%s\" " > + "q->module=\"%s\" q->line=%u-%u\n q->index=%u-%u", > + query.q.function, query.q.filename, query.q.module, > + query.q.first_line, query.q.last_line, > + query.q.first_index, query.q.last_index); > + > + ret = dfault_change(&query); > + if (ret < 0) > + return ret; > + > + return 0; > +} > + > +struct dfault_iter { > + struct codetag_iterator ct_iter; > + > + struct seq_buf buf; > + char rawbuf[4096]; > +}; > + > +static int dfault_open(struct inode *inode, struct file *file) > +{ > + struct dfault_iter *iter; > + > + iter = kzalloc(sizeof(*iter), GFP_KERNEL); > + if (!iter) > + return -ENOMEM; > + > + codetag_lock_module_list(cttype, true); > + codetag_init_iter(&iter->ct_iter, cttype); > + codetag_lock_module_list(cttype, false); > + > + file->private_data = iter; > + seq_buf_init(&iter->buf, iter->rawbuf, sizeof(iter->rawbuf)); > + return 0; > +} > + > +static int dfault_release(struct inode *inode, struct file *file) > +{ > + struct dfault_iter *iter = file->private_data; > + > + kfree(iter); > + return 0; > +} > + > +struct user_buf { > + char __user *buf; /* destination user buffer */ > + size_t size; /* size of requested read */ > + ssize_t ret; /* bytes read so far */ > +}; > + > +static int flush_ubuf(struct user_buf *dst, struct seq_buf *src) > +{ > + if (src->len) { > + size_t bytes = min_t(size_t, src->len, dst->size); > + int err = copy_to_user(dst->buf, src->buffer, bytes); > + > + if (err) > + return err; > + > + dst->ret += bytes; > + dst->buf += bytes; > + dst->size -= bytes; > + src->len -= bytes; > + memmove(src->buffer, src->buffer + bytes, src->len); > + } > + > + return 0; > +} > + > +static ssize_t dfault_read(struct file *file, char __user *ubuf, > + size_t size, loff_t *ppos) > +{ > + struct dfault_iter *iter = file->private_data; > + struct user_buf buf = { .buf = ubuf, .size = size }; > + struct codetag *ct; > + struct dfault *df; > + int err; > + > + codetag_lock_module_list(iter->ct_iter.cttype, true); > + while (1) { > + err = flush_ubuf(&buf, &iter->buf); > + if (err || !buf.size) > + break; > + > + ct = codetag_next_ct(&iter->ct_iter); > + if (!ct) > + break; > + > + df = container_of(ct, struct dfault, tag); > + dynamic_fault_to_text(&iter->buf, df); > + seq_buf_putc(&iter->buf, '\n'); > + } > + codetag_lock_module_list(iter->ct_iter.cttype, false); > + > + return err ?: buf.ret; > +} > + > +/* > + * File_ops->write method for <debugfs>/dynamic_fault/conrol. Gathers the > + * command text from userspace, parses and executes it. > + */ > +static ssize_t dfault_write(struct file *file, const char __user *ubuf, > + size_t len, loff_t *offp) > +{ > + char tmpbuf[256]; > + > + if (len == 0) > + return 0; > + /* we don't check *offp -- multiple writes() are allowed */ > + if (len > sizeof(tmpbuf)-1) > + return -E2BIG; > + if (copy_from_user(tmpbuf, ubuf, len)) > + return -EFAULT; > + tmpbuf[len] = '\0'; > + pr_debug("read %zu bytes from userspace", len); > + > + dynamic_fault_store(tmpbuf); > + > + *offp += len; > + return len; > +} > + > +static const struct file_operations dfault_ops = { > + .owner = THIS_MODULE, > + .open = dfault_open, > + .release = dfault_release, > + .read = dfault_read, > + .write = dfault_write > +}; > + > +static int __init dynamic_fault_init(void) > +{ > + const struct codetag_type_desc desc = { > + .section = "dynamic_fault_tags", > + .tag_size = sizeof(struct dfault), > + }; > + struct dentry *debugfs_file; > + > + cttype = codetag_register_type(&desc); > + if (IS_ERR_OR_NULL(cttype)) > + return PTR_ERR(cttype); > + > + debugfs_file = debugfs_create_file("dynamic_faults", 0666, NULL, NULL, &dfault_ops); > + if (IS_ERR(debugfs_file)) > + return PTR_ERR(debugfs_file); > + > + return 0; > +} > +module_init(dynamic_fault_init); > -- > 2.37.2.672.g94769d06f0-goog >
On Wed, Aug 31, 2022 at 3:37 AM Dmitry Vyukov <dvyukov@google.com> wrote: > > On Tue, 30 Aug 2022 at 23:50, Suren Baghdasaryan <surenb@google.com> wrote: > > > > From: Kent Overstreet <kent.overstreet@linux.dev> > > > > This adds a new fault injection capability, based on code tagging. > > > > To use, simply insert somewhere in your code > > > > dynamic_fault("fault_class_name") > > > > and check whether it returns true - if so, inject the error. > > For example > > > > if (dynamic_fault("init")) > > return -EINVAL; > > Hi Suren, > > If this is going to be used by mainline kernel, it would be good to > integrate this with fail_nth systematic fault injection: > https://elixir.bootlin.com/linux/latest/source/lib/fault-inject.c#L109 > > Otherwise these dynamic sites won't be tested by testing systems doing > systematic fault injection testing. Hi Dmitry, Thanks for the information! Will look into it and try to integrate. Suren. > > > > There's no need to define faults elsewhere, as with > > include/linux/fault-injection.h. Faults show up in debugfs, under > > /sys/kernel/debug/dynamic_faults, and can be selected based on > > file/module/function/line number/class, and enabled permanently, or in > > oneshot mode, or with a specified frequency. > > > > Signed-off-by: Kent Overstreet <kent.overstreet@linux.dev> > > --- > > include/asm-generic/codetag.lds.h | 3 +- > > include/linux/dynamic_fault.h | 79 +++++++ > > include/linux/slab.h | 3 +- > > lib/Kconfig.debug | 6 + > > lib/Makefile | 2 + > > lib/dynamic_fault.c | 372 ++++++++++++++++++++++++++++++ > > 6 files changed, 463 insertions(+), 2 deletions(-) > > create mode 100644 include/linux/dynamic_fault.h > > create mode 100644 lib/dynamic_fault.c > > > > diff --git a/include/asm-generic/codetag.lds.h b/include/asm-generic/codetag.lds.h > > index 64f536b80380..16fbf74edc3d 100644 > > --- a/include/asm-generic/codetag.lds.h > > +++ b/include/asm-generic/codetag.lds.h > > @@ -9,6 +9,7 @@ > > __stop_##_name = .; > > > > #define CODETAG_SECTIONS() \ > > - SECTION_WITH_BOUNDARIES(alloc_tags) > > + SECTION_WITH_BOUNDARIES(alloc_tags) \ > > + SECTION_WITH_BOUNDARIES(dynamic_fault_tags) > > > > #endif /* __ASM_GENERIC_CODETAG_LDS_H */ > > diff --git a/include/linux/dynamic_fault.h b/include/linux/dynamic_fault.h > > new file mode 100644 > > index 000000000000..526a33209e94 > > --- /dev/null > > +++ b/include/linux/dynamic_fault.h > > @@ -0,0 +1,79 @@ > > +/* SPDX-License-Identifier: GPL-2.0 */ > > + > > +#ifndef _LINUX_DYNAMIC_FAULT_H > > +#define _LINUX_DYNAMIC_FAULT_H > > + > > +/* > > + * Dynamic/code tagging fault injection: > > + * > > + * Originally based on the dynamic debug trick of putting types in a special elf > > + * section, then rewritten using code tagging: > > + * > > + * To use, simply insert a call to dynamic_fault("fault_class"), which will > > + * return true if an error should be injected. > > + * > > + * Fault injection sites may be listed and enabled via debugfs, under > > + * /sys/kernel/debug/dynamic_faults. > > + */ > > + > > +#ifdef CONFIG_CODETAG_FAULT_INJECTION > > + > > +#include <linux/codetag.h> > > +#include <linux/jump_label.h> > > + > > +#define DFAULT_STATES() \ > > + x(disabled) \ > > + x(enabled) \ > > + x(oneshot) > > + > > +enum dfault_enabled { > > +#define x(n) DFAULT_##n, > > + DFAULT_STATES() > > +#undef x > > +}; > > + > > +union dfault_state { > > + struct { > > + unsigned int enabled:2; > > + unsigned int count:30; > > + }; > > + > > + struct { > > + unsigned int v; > > + }; > > +}; > > + > > +struct dfault { > > + struct codetag tag; > > + const char *class; > > + unsigned int frequency; > > + union dfault_state state; > > + struct static_key_false enabled; > > +}; > > + > > +bool __dynamic_fault_enabled(struct dfault *df); > > + > > +#define dynamic_fault(_class) \ > > +({ \ > > + static struct dfault \ > > + __used \ > > + __section("dynamic_fault_tags") \ > > + __aligned(8) df = { \ > > + .tag = CODE_TAG_INIT, \ > > + .class = _class, \ > > + .enabled = STATIC_KEY_FALSE_INIT, \ > > + }; \ > > + \ > > + static_key_false(&df.enabled.key) && \ > > + __dynamic_fault_enabled(&df); \ > > +}) > > + > > +#else > > + > > +#define dynamic_fault(_class) false > > + > > +#endif /* CODETAG_FAULT_INJECTION */ > > + > > +#define memory_fault() dynamic_fault("memory") > > + > > +#endif /* _LINUX_DYNAMIC_FAULT_H */ > > diff --git a/include/linux/slab.h b/include/linux/slab.h > > index 89273be35743..4be5a93ed15a 100644 > > --- a/include/linux/slab.h > > +++ b/include/linux/slab.h > > @@ -17,6 +17,7 @@ > > #include <linux/types.h> > > #include <linux/workqueue.h> > > #include <linux/percpu-refcount.h> > > +#include <linux/dynamic_fault.h> > > > > > > /* > > @@ -468,7 +469,7 @@ static inline void slab_tag_dec(const void *ptr) {} > > > > #define krealloc_hooks(_p, _do_alloc) \ > > ({ \ > > - void *_res = _do_alloc; \ > > + void *_res = !memory_fault() ? _do_alloc : NULL; \ > > slab_tag_add(_p, _res); \ > > _res; \ > > }) > > diff --git a/lib/Kconfig.debug b/lib/Kconfig.debug > > index 2790848464f1..b7d03afbc808 100644 > > --- a/lib/Kconfig.debug > > +++ b/lib/Kconfig.debug > > @@ -1982,6 +1982,12 @@ config FAULT_INJECTION_STACKTRACE_FILTER > > help > > Provide stacktrace filter for fault-injection capabilities > > > > +config CODETAG_FAULT_INJECTION > > + bool "Code tagging based fault injection" > > + select CODE_TAGGING > > + help > > + Dynamic fault injection based on code tagging > > + > > config ARCH_HAS_KCOV > > bool > > help > > diff --git a/lib/Makefile b/lib/Makefile > > index 99f732156673..489ea000c528 100644 > > --- a/lib/Makefile > > +++ b/lib/Makefile > > @@ -231,6 +231,8 @@ obj-$(CONFIG_CODE_TAGGING) += codetag.o > > obj-$(CONFIG_ALLOC_TAGGING) += alloc_tag.o > > obj-$(CONFIG_PAGE_ALLOC_TAGGING) += pgalloc_tag.o > > > > +obj-$(CONFIG_CODETAG_FAULT_INJECTION) += dynamic_fault.o > > + > > lib-$(CONFIG_GENERIC_BUG) += bug.o > > > > obj-$(CONFIG_HAVE_ARCH_TRACEHOOK) += syscall.o > > diff --git a/lib/dynamic_fault.c b/lib/dynamic_fault.c > > new file mode 100644 > > index 000000000000..4c9cd18686be > > --- /dev/null > > +++ b/lib/dynamic_fault.c > > @@ -0,0 +1,372 @@ > > +// SPDX-License-Identifier: GPL-2.0-only > > + > > +#include <linux/ctype.h> > > +#include <linux/debugfs.h> > > +#include <linux/dynamic_fault.h> > > +#include <linux/kernel.h> > > +#include <linux/module.h> > > +#include <linux/seq_buf.h> > > + > > +static struct codetag_type *cttype; > > + > > +bool __dynamic_fault_enabled(struct dfault *df) > > +{ > > + union dfault_state old, new; > > + unsigned int v = df->state.v; > > + bool ret; > > + > > + do { > > + old.v = new.v = v; > > + > > + if (new.enabled == DFAULT_disabled) > > + return false; > > + > > + ret = df->frequency > > + ? ++new.count >= df->frequency > > + : true; > > + if (ret) > > + new.count = 0; > > + if (ret && new.enabled == DFAULT_oneshot) > > + new.enabled = DFAULT_disabled; > > + } while ((v = cmpxchg(&df->state.v, old.v, new.v)) != old.v); > > + > > + if (ret) > > + pr_debug("returned true for %s:%u", df->tag.filename, df->tag.lineno); > > + > > + return ret; > > +} > > +EXPORT_SYMBOL(__dynamic_fault_enabled); > > + > > +static const char * const dfault_state_strs[] = { > > +#define x(n) #n, > > + DFAULT_STATES() > > +#undef x > > + NULL > > +}; > > + > > +static void dynamic_fault_to_text(struct seq_buf *out, struct dfault *df) > > +{ > > + codetag_to_text(out, &df->tag); > > + seq_buf_printf(out, "class:%s %s \"", df->class, > > + dfault_state_strs[df->state.enabled]); > > +} > > + > > +struct dfault_query { > > + struct codetag_query q; > > + > > + bool set_enabled:1; > > + unsigned int enabled:2; > > + > > + bool set_frequency:1; > > + unsigned int frequency; > > +}; > > + > > +/* > > + * Search the tables for _dfault's which match the given > > + * `query' and apply the `flags' and `mask' to them. Tells > > + * the user which dfault's were changed, or whether none > > + * were matched. > > + */ > > +static int dfault_change(struct dfault_query *query) > > +{ > > + struct codetag_iterator ct_iter; > > + struct codetag *ct; > > + unsigned int nfound = 0; > > + > > + codetag_lock_module_list(cttype, true); > > + codetag_init_iter(&ct_iter, cttype); > > + > > + while ((ct = codetag_next_ct(&ct_iter))) { > > + struct dfault *df = container_of(ct, struct dfault, tag); > > + > > + if (!codetag_matches_query(&query->q, ct, ct_iter.cmod, df->class)) > > + continue; > > + > > + if (query->set_enabled && > > + query->enabled != df->state.enabled) { > > + if (query->enabled != DFAULT_disabled) > > + static_key_slow_inc(&df->enabled.key); > > + else if (df->state.enabled != DFAULT_disabled) > > + static_key_slow_dec(&df->enabled.key); > > + > > + df->state.enabled = query->enabled; > > + } > > + > > + if (query->set_frequency) > > + df->frequency = query->frequency; > > + > > + pr_debug("changed %s:%d [%s]%s #%d %s", > > + df->tag.filename, df->tag.lineno, df->tag.modname, > > + df->tag.function, query->q.cur_index, > > + dfault_state_strs[df->state.enabled]); > > + > > + nfound++; > > + } > > + > > + pr_debug("dfault: %u matches", nfound); > > + > > + codetag_lock_module_list(cttype, false); > > + > > + return nfound ? 0 : -ENOENT; > > +} > > + > > +#define DFAULT_TOKENS() \ > > + x(disable, 0) \ > > + x(enable, 0) \ > > + x(oneshot, 0) \ > > + x(frequency, 1) > > + > > +enum dfault_token { > > +#define x(name, nr_args) TOK_##name, > > + DFAULT_TOKENS() > > +#undef x > > +}; > > + > > +static const char * const dfault_token_strs[] = { > > +#define x(name, nr_args) #name, > > + DFAULT_TOKENS() > > +#undef x > > + NULL > > +}; > > + > > +static unsigned int dfault_token_nr_args[] = { > > +#define x(name, nr_args) nr_args, > > + DFAULT_TOKENS() > > +#undef x > > +}; > > + > > +static enum dfault_token str_to_token(const char *word, unsigned int nr_words) > > +{ > > + int tok = match_string(dfault_token_strs, ARRAY_SIZE(dfault_token_strs), word); > > + > > + if (tok < 0) { > > + pr_debug("unknown keyword \"%s\"", word); > > + return tok; > > + } > > + > > + if (nr_words < dfault_token_nr_args[tok]) { > > + pr_debug("insufficient arguments to \"%s\"", word); > > + return -EINVAL; > > + } > > + > > + return tok; > > +} > > + > > +static int dfault_parse_command(struct dfault_query *query, > > + enum dfault_token tok, > > + char *words[], size_t nr_words) > > +{ > > + unsigned int i = 0; > > + int ret; > > + > > + switch (tok) { > > + case TOK_disable: > > + query->set_enabled = true; > > + query->enabled = DFAULT_disabled; > > + break; > > + case TOK_enable: > > + query->set_enabled = true; > > + query->enabled = DFAULT_enabled; > > + break; > > + case TOK_oneshot: > > + query->set_enabled = true; > > + query->enabled = DFAULT_oneshot; > > + break; > > + case TOK_frequency: > > + query->set_frequency = 1; > > + ret = kstrtouint(words[i++], 10, &query->frequency); > > + if (ret) > > + return ret; > > + > > + if (!query->set_enabled) { > > + query->set_enabled = 1; > > + query->enabled = DFAULT_enabled; > > + } > > + break; > > + } > > + > > + return i; > > +} > > + > > +static int dynamic_fault_store(char *buf) > > +{ > > + struct dfault_query query = { NULL }; > > +#define MAXWORDS 9 > > + char *tok, *words[MAXWORDS]; > > + int ret, nr_words, i = 0; > > + > > + buf = codetag_query_parse(&query.q, buf); > > + if (IS_ERR(buf)) > > + return PTR_ERR(buf); > > + > > + while ((tok = strsep_no_empty(&buf, " \t\r\n"))) { > > + if (nr_words == ARRAY_SIZE(words)) > > + return -EINVAL; /* ran out of words[] before bytes */ > > + words[nr_words++] = tok; > > + } > > + > > + while (i < nr_words) { > > + const char *tok_str = words[i++]; > > + enum dfault_token tok = str_to_token(tok_str, nr_words - i); > > + > > + if (tok < 0) > > + return tok; > > + > > + ret = dfault_parse_command(&query, tok, words + i, nr_words - i); > > + if (ret < 0) > > + return ret; > > + > > + i += ret; > > + BUG_ON(i > nr_words); > > + } > > + > > + pr_debug("q->function=\"%s\" q->filename=\"%s\" " > > + "q->module=\"%s\" q->line=%u-%u\n q->index=%u-%u", > > + query.q.function, query.q.filename, query.q.module, > > + query.q.first_line, query.q.last_line, > > + query.q.first_index, query.q.last_index); > > + > > + ret = dfault_change(&query); > > + if (ret < 0) > > + return ret; > > + > > + return 0; > > +} > > + > > +struct dfault_iter { > > + struct codetag_iterator ct_iter; > > + > > + struct seq_buf buf; > > + char rawbuf[4096]; > > +}; > > + > > +static int dfault_open(struct inode *inode, struct file *file) > > +{ > > + struct dfault_iter *iter; > > + > > + iter = kzalloc(sizeof(*iter), GFP_KERNEL); > > + if (!iter) > > + return -ENOMEM; > > + > > + codetag_lock_module_list(cttype, true); > > + codetag_init_iter(&iter->ct_iter, cttype); > > + codetag_lock_module_list(cttype, false); > > + > > + file->private_data = iter; > > + seq_buf_init(&iter->buf, iter->rawbuf, sizeof(iter->rawbuf)); > > + return 0; > > +} > > + > > +static int dfault_release(struct inode *inode, struct file *file) > > +{ > > + struct dfault_iter *iter = file->private_data; > > + > > + kfree(iter); > > + return 0; > > +} > > + > > +struct user_buf { > > + char __user *buf; /* destination user buffer */ > > + size_t size; /* size of requested read */ > > + ssize_t ret; /* bytes read so far */ > > +}; > > + > > +static int flush_ubuf(struct user_buf *dst, struct seq_buf *src) > > +{ > > + if (src->len) { > > + size_t bytes = min_t(size_t, src->len, dst->size); > > + int err = copy_to_user(dst->buf, src->buffer, bytes); > > + > > + if (err) > > + return err; > > + > > + dst->ret += bytes; > > + dst->buf += bytes; > > + dst->size -= bytes; > > + src->len -= bytes; > > + memmove(src->buffer, src->buffer + bytes, src->len); > > + } > > + > > + return 0; > > +} > > + > > +static ssize_t dfault_read(struct file *file, char __user *ubuf, > > + size_t size, loff_t *ppos) > > +{ > > + struct dfault_iter *iter = file->private_data; > > + struct user_buf buf = { .buf = ubuf, .size = size }; > > + struct codetag *ct; > > + struct dfault *df; > > + int err; > > + > > + codetag_lock_module_list(iter->ct_iter.cttype, true); > > + while (1) { > > + err = flush_ubuf(&buf, &iter->buf); > > + if (err || !buf.size) > > + break; > > + > > + ct = codetag_next_ct(&iter->ct_iter); > > + if (!ct) > > + break; > > + > > + df = container_of(ct, struct dfault, tag); > > + dynamic_fault_to_text(&iter->buf, df); > > + seq_buf_putc(&iter->buf, '\n'); > > + } > > + codetag_lock_module_list(iter->ct_iter.cttype, false); > > + > > + return err ?: buf.ret; > > +} > > + > > +/* > > + * File_ops->write method for <debugfs>/dynamic_fault/conrol. Gathers the > > + * command text from userspace, parses and executes it. > > + */ > > +static ssize_t dfault_write(struct file *file, const char __user *ubuf, > > + size_t len, loff_t *offp) > > +{ > > + char tmpbuf[256]; > > + > > + if (len == 0) > > + return 0; > > + /* we don't check *offp -- multiple writes() are allowed */ > > + if (len > sizeof(tmpbuf)-1) > > + return -E2BIG; > > + if (copy_from_user(tmpbuf, ubuf, len)) > > + return -EFAULT; > > + tmpbuf[len] = '\0'; > > + pr_debug("read %zu bytes from userspace", len); > > + > > + dynamic_fault_store(tmpbuf); > > + > > + *offp += len; > > + return len; > > +} > > + > > +static const struct file_operations dfault_ops = { > > + .owner = THIS_MODULE, > > + .open = dfault_open, > > + .release = dfault_release, > > + .read = dfault_read, > > + .write = dfault_write > > +}; > > + > > +static int __init dynamic_fault_init(void) > > +{ > > + const struct codetag_type_desc desc = { > > + .section = "dynamic_fault_tags", > > + .tag_size = sizeof(struct dfault), > > + }; > > + struct dentry *debugfs_file; > > + > > + cttype = codetag_register_type(&desc); > > + if (IS_ERR_OR_NULL(cttype)) > > + return PTR_ERR(cttype); > > + > > + debugfs_file = debugfs_create_file("dynamic_faults", 0666, NULL, NULL, &dfault_ops); > > + if (IS_ERR(debugfs_file)) > > + return PTR_ERR(debugfs_file); > > + > > + return 0; > > +} > > +module_init(dynamic_fault_init); > > -- > > 2.37.2.672.g94769d06f0-goog > >
On Tue, Aug 30, 2022 at 6:52 PM Randy Dunlap <rdunlap@infradead.org> wrote: > > > > On 8/30/22 14:49, Suren Baghdasaryan wrote: > > From: Kent Overstreet <kent.overstreet@linux.dev> > > > > This adds a new fault injection capability, based on code tagging. > > > > To use, simply insert somewhere in your code > > > > dynamic_fault("fault_class_name") > > > > and check whether it returns true - if so, inject the error. > > For example > > > > if (dynamic_fault("init")) > > return -EINVAL; > > > > There's no need to define faults elsewhere, as with > > include/linux/fault-injection.h. Faults show up in debugfs, under > > /sys/kernel/debug/dynamic_faults, and can be selected based on > > file/module/function/line number/class, and enabled permanently, or in > > oneshot mode, or with a specified frequency. > > > > Signed-off-by: Kent Overstreet <kent.overstreet@linux.dev> > > Missing Signed-off-by: from Suren. > See Documentation/process/submitting-patches.rst: > > When to use Acked-by:, Cc:, and Co-developed-by: > ------------------------------------------------ > > The Signed-off-by: tag indicates that the signer was involved in the > development of the patch, or that he/she was in the patch's delivery path. Thanks for the note! Will fix in the next respin. > > > -- > ~Randy
On Wed, Aug 31, 2022 at 12:37:14PM +0200, Dmitry Vyukov wrote: > On Tue, 30 Aug 2022 at 23:50, Suren Baghdasaryan <surenb@google.com> wrote: > > > > From: Kent Overstreet <kent.overstreet@linux.dev> > > > > This adds a new fault injection capability, based on code tagging. > > > > To use, simply insert somewhere in your code > > > > dynamic_fault("fault_class_name") > > > > and check whether it returns true - if so, inject the error. > > For example > > > > if (dynamic_fault("init")) > > return -EINVAL; > > Hi Suren, > > If this is going to be used by mainline kernel, it would be good to > integrate this with fail_nth systematic fault injection: > https://elixir.bootlin.com/linux/latest/source/lib/fault-inject.c#L109 > > Otherwise these dynamic sites won't be tested by testing systems doing > systematic fault injection testing. That's a discussion we need to have, yeah. We don't want two distinct fault injection frameworks, we'll have to have a discussion as to whether this is (or can be) better enough to make a switch worthwhile, and whether a compatibility interface is needed - or maybe there's enough distinct interesting bits in both to make merging plausible? The debugfs interface for this fault injection code is necessarily different from our existing fault injection - this gives you a fault injection point _per callsite_, which is huge - e.g. for filesystem testing what I need is to be able to enable fault injection points within a given module. I can do that easily with this, not with our current fault injection. I think the per-callsite fault injection points would also be pretty valuable for CONFIG_FAULT_INJECTION_USERCOPY, too. OTOH, existing kernel fault injection can filter based on task - this fault injection framework doesn't have that. Easy enough to add, though. Similar for the interval/probability/ratelimit stuff. fail_function is the odd one out, I'm not sure how that would fit into this model. Everything else I've seen I think fits into this model. Also, it sounds like you're more familiar with our existing fault injection than I am, so if I've misunderstood anything about what it can do please do correct me. Interestingly: I just discovered from reading the code that CONFIG_FAULT_INJECTION_STACKTRACE_FILTER is a thing (hadn't before because it depends on !X86_64 - what?). That's cool, though.
On Wed, 31 Aug 2022 at 19:30, Kent Overstreet <kent.overstreet@linux.dev> wrote: > > > From: Kent Overstreet <kent.overstreet@linux.dev> > > > > > > This adds a new fault injection capability, based on code tagging. > > > > > > To use, simply insert somewhere in your code > > > > > > dynamic_fault("fault_class_name") > > > > > > and check whether it returns true - if so, inject the error. > > > For example > > > > > > if (dynamic_fault("init")) > > > return -EINVAL; > > > > Hi Suren, > > > > If this is going to be used by mainline kernel, it would be good to > > integrate this with fail_nth systematic fault injection: > > https://elixir.bootlin.com/linux/latest/source/lib/fault-inject.c#L109 > > > > Otherwise these dynamic sites won't be tested by testing systems doing > > systematic fault injection testing. > > That's a discussion we need to have, yeah. We don't want two distinct fault > injection frameworks, we'll have to have a discussion as to whether this is (or > can be) better enough to make a switch worthwhile, and whether a compatibility > interface is needed - or maybe there's enough distinct interesting bits in both > to make merging plausible? > > The debugfs interface for this fault injection code is necessarily different > from our existing fault injection - this gives you a fault injection point _per > callsite_, which is huge - e.g. for filesystem testing what I need is to be able > to enable fault injection points within a given module. I can do that easily > with this, not with our current fault injection. > > I think the per-callsite fault injection points would also be pretty valuable > for CONFIG_FAULT_INJECTION_USERCOPY, too. > > OTOH, existing kernel fault injection can filter based on task - this fault > injection framework doesn't have that. Easy enough to add, though. Similar for > the interval/probability/ratelimit stuff. > > fail_function is the odd one out, I'm not sure how that would fit into this > model. Everything else I've seen I think fits into this model. > > Also, it sounds like you're more familiar with our existing fault injection than > I am, so if I've misunderstood anything about what it can do please do correct > me. What you are saying makes sense. But I can't say if we want to do a global switch or not. I don't know how many existing users there are (by users I mean automated testing b/c humans can switch for one-off manual testing). However, fail_nth that I mentioned is orthogonal to this. It's a different mechanism to select the fault site that needs to be failed (similar to what you mentioned as "interval/probability/ratelimit stuff"). fail_nth allows to fail the specified n-th call site in the specified task. And that's the only mechanism we use in syzkaller/syzbot. And I think it can be supported relatively easily (copy a few lines to the "does this site needs to fail" check). I don't know how exactly you want to use this new mechanism, but I found fail_nth much better than any of the existing selection mechanisms, including what this will add for specific site failing. fail_nth allows to fail every site in a given test/syscall one-by-one systematically. E.g. we can even have strace-like utility that repeats the given test failing all sites in to systematically: $ fail_all ./a_unit_test This can be integrated into any CI system, e.g. running all LTP tests with this. For file:line-based selection, first, we need to get these file:line from somewhere; second, lines are changing over time so can't be hardcoded in tests; third, it still needs to be per-task, since unrelated processes can execute the same code. One downside of fail_nth, though, is that it does not cover background threads/async work. But we found that there are so many untested synchronous error paths, that moving to background threads is not necessary at this point. > Interestingly: I just discovered from reading the code that > CONFIG_FAULT_INJECTION_STACKTRACE_FILTER is a thing (hadn't before because it > depends on !X86_64 - what?). That's cool, though.
diff --git a/include/asm-generic/codetag.lds.h b/include/asm-generic/codetag.lds.h index 64f536b80380..16fbf74edc3d 100644 --- a/include/asm-generic/codetag.lds.h +++ b/include/asm-generic/codetag.lds.h @@ -9,6 +9,7 @@ __stop_##_name = .; #define CODETAG_SECTIONS() \ - SECTION_WITH_BOUNDARIES(alloc_tags) + SECTION_WITH_BOUNDARIES(alloc_tags) \ + SECTION_WITH_BOUNDARIES(dynamic_fault_tags) #endif /* __ASM_GENERIC_CODETAG_LDS_H */ diff --git a/include/linux/dynamic_fault.h b/include/linux/dynamic_fault.h new file mode 100644 index 000000000000..526a33209e94 --- /dev/null +++ b/include/linux/dynamic_fault.h @@ -0,0 +1,79 @@ +/* SPDX-License-Identifier: GPL-2.0 */ + +#ifndef _LINUX_DYNAMIC_FAULT_H +#define _LINUX_DYNAMIC_FAULT_H + +/* + * Dynamic/code tagging fault injection: + * + * Originally based on the dynamic debug trick of putting types in a special elf + * section, then rewritten using code tagging: + * + * To use, simply insert a call to dynamic_fault("fault_class"), which will + * return true if an error should be injected. + * + * Fault injection sites may be listed and enabled via debugfs, under + * /sys/kernel/debug/dynamic_faults. + */ + +#ifdef CONFIG_CODETAG_FAULT_INJECTION + +#include <linux/codetag.h> +#include <linux/jump_label.h> + +#define DFAULT_STATES() \ + x(disabled) \ + x(enabled) \ + x(oneshot) + +enum dfault_enabled { +#define x(n) DFAULT_##n, + DFAULT_STATES() +#undef x +}; + +union dfault_state { + struct { + unsigned int enabled:2; + unsigned int count:30; + }; + + struct { + unsigned int v; + }; +}; + +struct dfault { + struct codetag tag; + const char *class; + unsigned int frequency; + union dfault_state state; + struct static_key_false enabled; +}; + +bool __dynamic_fault_enabled(struct dfault *df); + +#define dynamic_fault(_class) \ +({ \ + static struct dfault \ + __used \ + __section("dynamic_fault_tags") \ + __aligned(8) df = { \ + .tag = CODE_TAG_INIT, \ + .class = _class, \ + .enabled = STATIC_KEY_FALSE_INIT, \ + }; \ + \ + static_key_false(&df.enabled.key) && \ + __dynamic_fault_enabled(&df); \ +}) + +#else + +#define dynamic_fault(_class) false + +#endif /* CODETAG_FAULT_INJECTION */ + +#define memory_fault() dynamic_fault("memory") + +#endif /* _LINUX_DYNAMIC_FAULT_H */ diff --git a/include/linux/slab.h b/include/linux/slab.h index 89273be35743..4be5a93ed15a 100644 --- a/include/linux/slab.h +++ b/include/linux/slab.h @@ -17,6 +17,7 @@ #include <linux/types.h> #include <linux/workqueue.h> #include <linux/percpu-refcount.h> +#include <linux/dynamic_fault.h> /* @@ -468,7 +469,7 @@ static inline void slab_tag_dec(const void *ptr) {} #define krealloc_hooks(_p, _do_alloc) \ ({ \ - void *_res = _do_alloc; \ + void *_res = !memory_fault() ? _do_alloc : NULL; \ slab_tag_add(_p, _res); \ _res; \ }) diff --git a/lib/Kconfig.debug b/lib/Kconfig.debug index 2790848464f1..b7d03afbc808 100644 --- a/lib/Kconfig.debug +++ b/lib/Kconfig.debug @@ -1982,6 +1982,12 @@ config FAULT_INJECTION_STACKTRACE_FILTER help Provide stacktrace filter for fault-injection capabilities +config CODETAG_FAULT_INJECTION + bool "Code tagging based fault injection" + select CODE_TAGGING + help + Dynamic fault injection based on code tagging + config ARCH_HAS_KCOV bool help diff --git a/lib/Makefile b/lib/Makefile index 99f732156673..489ea000c528 100644 --- a/lib/Makefile +++ b/lib/Makefile @@ -231,6 +231,8 @@ obj-$(CONFIG_CODE_TAGGING) += codetag.o obj-$(CONFIG_ALLOC_TAGGING) += alloc_tag.o obj-$(CONFIG_PAGE_ALLOC_TAGGING) += pgalloc_tag.o +obj-$(CONFIG_CODETAG_FAULT_INJECTION) += dynamic_fault.o + lib-$(CONFIG_GENERIC_BUG) += bug.o obj-$(CONFIG_HAVE_ARCH_TRACEHOOK) += syscall.o diff --git a/lib/dynamic_fault.c b/lib/dynamic_fault.c new file mode 100644 index 000000000000..4c9cd18686be --- /dev/null +++ b/lib/dynamic_fault.c @@ -0,0 +1,372 @@ +// SPDX-License-Identifier: GPL-2.0-only + +#include <linux/ctype.h> +#include <linux/debugfs.h> +#include <linux/dynamic_fault.h> +#include <linux/kernel.h> +#include <linux/module.h> +#include <linux/seq_buf.h> + +static struct codetag_type *cttype; + +bool __dynamic_fault_enabled(struct dfault *df) +{ + union dfault_state old, new; + unsigned int v = df->state.v; + bool ret; + + do { + old.v = new.v = v; + + if (new.enabled == DFAULT_disabled) + return false; + + ret = df->frequency + ? ++new.count >= df->frequency + : true; + if (ret) + new.count = 0; + if (ret && new.enabled == DFAULT_oneshot) + new.enabled = DFAULT_disabled; + } while ((v = cmpxchg(&df->state.v, old.v, new.v)) != old.v); + + if (ret) + pr_debug("returned true for %s:%u", df->tag.filename, df->tag.lineno); + + return ret; +} +EXPORT_SYMBOL(__dynamic_fault_enabled); + +static const char * const dfault_state_strs[] = { +#define x(n) #n, + DFAULT_STATES() +#undef x + NULL +}; + +static void dynamic_fault_to_text(struct seq_buf *out, struct dfault *df) +{ + codetag_to_text(out, &df->tag); + seq_buf_printf(out, "class:%s %s \"", df->class, + dfault_state_strs[df->state.enabled]); +} + +struct dfault_query { + struct codetag_query q; + + bool set_enabled:1; + unsigned int enabled:2; + + bool set_frequency:1; + unsigned int frequency; +}; + +/* + * Search the tables for _dfault's which match the given + * `query' and apply the `flags' and `mask' to them. Tells + * the user which dfault's were changed, or whether none + * were matched. + */ +static int dfault_change(struct dfault_query *query) +{ + struct codetag_iterator ct_iter; + struct codetag *ct; + unsigned int nfound = 0; + + codetag_lock_module_list(cttype, true); + codetag_init_iter(&ct_iter, cttype); + + while ((ct = codetag_next_ct(&ct_iter))) { + struct dfault *df = container_of(ct, struct dfault, tag); + + if (!codetag_matches_query(&query->q, ct, ct_iter.cmod, df->class)) + continue; + + if (query->set_enabled && + query->enabled != df->state.enabled) { + if (query->enabled != DFAULT_disabled) + static_key_slow_inc(&df->enabled.key); + else if (df->state.enabled != DFAULT_disabled) + static_key_slow_dec(&df->enabled.key); + + df->state.enabled = query->enabled; + } + + if (query->set_frequency) + df->frequency = query->frequency; + + pr_debug("changed %s:%d [%s]%s #%d %s", + df->tag.filename, df->tag.lineno, df->tag.modname, + df->tag.function, query->q.cur_index, + dfault_state_strs[df->state.enabled]); + + nfound++; + } + + pr_debug("dfault: %u matches", nfound); + + codetag_lock_module_list(cttype, false); + + return nfound ? 0 : -ENOENT; +} + +#define DFAULT_TOKENS() \ + x(disable, 0) \ + x(enable, 0) \ + x(oneshot, 0) \ + x(frequency, 1) + +enum dfault_token { +#define x(name, nr_args) TOK_##name, + DFAULT_TOKENS() +#undef x +}; + +static const char * const dfault_token_strs[] = { +#define x(name, nr_args) #name, + DFAULT_TOKENS() +#undef x + NULL +}; + +static unsigned int dfault_token_nr_args[] = { +#define x(name, nr_args) nr_args, + DFAULT_TOKENS() +#undef x +}; + +static enum dfault_token str_to_token(const char *word, unsigned int nr_words) +{ + int tok = match_string(dfault_token_strs, ARRAY_SIZE(dfault_token_strs), word); + + if (tok < 0) { + pr_debug("unknown keyword \"%s\"", word); + return tok; + } + + if (nr_words < dfault_token_nr_args[tok]) { + pr_debug("insufficient arguments to \"%s\"", word); + return -EINVAL; + } + + return tok; +} + +static int dfault_parse_command(struct dfault_query *query, + enum dfault_token tok, + char *words[], size_t nr_words) +{ + unsigned int i = 0; + int ret; + + switch (tok) { + case TOK_disable: + query->set_enabled = true; + query->enabled = DFAULT_disabled; + break; + case TOK_enable: + query->set_enabled = true; + query->enabled = DFAULT_enabled; + break; + case TOK_oneshot: + query->set_enabled = true; + query->enabled = DFAULT_oneshot; + break; + case TOK_frequency: + query->set_frequency = 1; + ret = kstrtouint(words[i++], 10, &query->frequency); + if (ret) + return ret; + + if (!query->set_enabled) { + query->set_enabled = 1; + query->enabled = DFAULT_enabled; + } + break; + } + + return i; +} + +static int dynamic_fault_store(char *buf) +{ + struct dfault_query query = { NULL }; +#define MAXWORDS 9 + char *tok, *words[MAXWORDS]; + int ret, nr_words, i = 0; + + buf = codetag_query_parse(&query.q, buf); + if (IS_ERR(buf)) + return PTR_ERR(buf); + + while ((tok = strsep_no_empty(&buf, " \t\r\n"))) { + if (nr_words == ARRAY_SIZE(words)) + return -EINVAL; /* ran out of words[] before bytes */ + words[nr_words++] = tok; + } + + while (i < nr_words) { + const char *tok_str = words[i++]; + enum dfault_token tok = str_to_token(tok_str, nr_words - i); + + if (tok < 0) + return tok; + + ret = dfault_parse_command(&query, tok, words + i, nr_words - i); + if (ret < 0) + return ret; + + i += ret; + BUG_ON(i > nr_words); + } + + pr_debug("q->function=\"%s\" q->filename=\"%s\" " + "q->module=\"%s\" q->line=%u-%u\n q->index=%u-%u", + query.q.function, query.q.filename, query.q.module, + query.q.first_line, query.q.last_line, + query.q.first_index, query.q.last_index); + + ret = dfault_change(&query); + if (ret < 0) + return ret; + + return 0; +} + +struct dfault_iter { + struct codetag_iterator ct_iter; + + struct seq_buf buf; + char rawbuf[4096]; +}; + +static int dfault_open(struct inode *inode, struct file *file) +{ + struct dfault_iter *iter; + + iter = kzalloc(sizeof(*iter), GFP_KERNEL); + if (!iter) + return -ENOMEM; + + codetag_lock_module_list(cttype, true); + codetag_init_iter(&iter->ct_iter, cttype); + codetag_lock_module_list(cttype, false); + + file->private_data = iter; + seq_buf_init(&iter->buf, iter->rawbuf, sizeof(iter->rawbuf)); + return 0; +} + +static int dfault_release(struct inode *inode, struct file *file) +{ + struct dfault_iter *iter = file->private_data; + + kfree(iter); + return 0; +} + +struct user_buf { + char __user *buf; /* destination user buffer */ + size_t size; /* size of requested read */ + ssize_t ret; /* bytes read so far */ +}; + +static int flush_ubuf(struct user_buf *dst, struct seq_buf *src) +{ + if (src->len) { + size_t bytes = min_t(size_t, src->len, dst->size); + int err = copy_to_user(dst->buf, src->buffer, bytes); + + if (err) + return err; + + dst->ret += bytes; + dst->buf += bytes; + dst->size -= bytes; + src->len -= bytes; + memmove(src->buffer, src->buffer + bytes, src->len); + } + + return 0; +} + +static ssize_t dfault_read(struct file *file, char __user *ubuf, + size_t size, loff_t *ppos) +{ + struct dfault_iter *iter = file->private_data; + struct user_buf buf = { .buf = ubuf, .size = size }; + struct codetag *ct; + struct dfault *df; + int err; + + codetag_lock_module_list(iter->ct_iter.cttype, true); + while (1) { + err = flush_ubuf(&buf, &iter->buf); + if (err || !buf.size) + break; + + ct = codetag_next_ct(&iter->ct_iter); + if (!ct) + break; + + df = container_of(ct, struct dfault, tag); + dynamic_fault_to_text(&iter->buf, df); + seq_buf_putc(&iter->buf, '\n'); + } + codetag_lock_module_list(iter->ct_iter.cttype, false); + + return err ?: buf.ret; +} + +/* + * File_ops->write method for <debugfs>/dynamic_fault/conrol. Gathers the + * command text from userspace, parses and executes it. + */ +static ssize_t dfault_write(struct file *file, const char __user *ubuf, + size_t len, loff_t *offp) +{ + char tmpbuf[256]; + + if (len == 0) + return 0; + /* we don't check *offp -- multiple writes() are allowed */ + if (len > sizeof(tmpbuf)-1) + return -E2BIG; + if (copy_from_user(tmpbuf, ubuf, len)) + return -EFAULT; + tmpbuf[len] = '\0'; + pr_debug("read %zu bytes from userspace", len); + + dynamic_fault_store(tmpbuf); + + *offp += len; + return len; +} + +static const struct file_operations dfault_ops = { + .owner = THIS_MODULE, + .open = dfault_open, + .release = dfault_release, + .read = dfault_read, + .write = dfault_write +}; + +static int __init dynamic_fault_init(void) +{ + const struct codetag_type_desc desc = { + .section = "dynamic_fault_tags", + .tag_size = sizeof(struct dfault), + }; + struct dentry *debugfs_file; + + cttype = codetag_register_type(&desc); + if (IS_ERR_OR_NULL(cttype)) + return PTR_ERR(cttype); + + debugfs_file = debugfs_create_file("dynamic_faults", 0666, NULL, NULL, &dfault_ops); + if (IS_ERR(debugfs_file)) + return PTR_ERR(debugfs_file); + + return 0; +} +module_init(dynamic_fault_init);