[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20231228013639.2827205-6-chengzhihao1@huawei.com>
Date: Thu, 28 Dec 2023 09:36:33 +0800
From: Zhihao Cheng <chengzhihao1@...wei.com>
To: <david.oberhollenzer@...ma-star.at>, <richard@....at>,
<miquel.raynal@...tlin.com>, <s.hauer@...gutronix.de>,
<Tudor.Ambarus@...aro.org>
CC: <linux-kernel@...r.kernel.org>, <linux-mtd@...ts.infradead.org>
Subject: [PATCH mtd-utils 05/11] tests: ubifs_repair: Add corrupt+repair+fault_inject test
Inject memory/io fault while repairing corrupted UBIFS images.
This testcase mainly checks whether ubifs_repair has problems (eg.
memleak, UAF, null-ptr-def, etc.) in random error paths. Besides,
it provides a similar way to simulate powercut during repairing,
and checks whether ubifs_repair can fix an UBIFS image after many
repairing rounds interrupted by kinds of errors.
Signed-off-by: Zhihao Cheng <chengzhihao1@...wei.com>
---
.gitignore | 1 +
configure.ac | 3 +-
tests/ubifs_repair-tests/Makemodule.am | 3 +-
.../cycle_corrupted_repair_fault_inject.sh.in | 233 +++++++++++++++++++++
4 files changed, 238 insertions(+), 2 deletions(-)
create mode 100755 tests/ubifs_repair-tests/tests/cycle_corrupted_repair_fault_inject.sh.in
diff --git a/.gitignore b/.gitignore
index d47282c..52396e6 100644
--- a/.gitignore
+++ b/.gitignore
@@ -116,6 +116,7 @@ tests/ubifs_repair-tests/lib/common.sh
tests/ubifs_repair-tests/tests/authentication_refuse.sh
tests/ubifs_repair-tests/tests/cycle_mount_repair_check.sh
tests/ubifs_repair-tests/tests/powercut_repair_mount.sh
+tests/ubifs_repair-tests/tests/cycle_corrupted_repair_fault_inject.sh
#
# Files generated by autotools
diff --git a/configure.ac b/configure.ac
index 349e4ad..31a7184 100644
--- a/configure.ac
+++ b/configure.ac
@@ -358,6 +358,7 @@ AC_CONFIG_FILES([tests/fs-tests/fs_help_all.sh
tests/ubifs_repair-tests/lib/common.sh
tests/ubifs_repair-tests/tests/authentication_refuse.sh
tests/ubifs_repair-tests/tests/cycle_mount_repair_check.sh
- tests/ubifs_repair-tests/tests/powercut_repair_mount.sh])
+ tests/ubifs_repair-tests/tests/powercut_repair_mount.sh
+ tests/ubifs_repair-tests/tests/cycle_corrupted_repair_fault_inject.sh])
AC_OUTPUT([Makefile])
diff --git a/tests/ubifs_repair-tests/Makemodule.am b/tests/ubifs_repair-tests/Makemodule.am
index 92f288a..0a9fb48 100644
--- a/tests/ubifs_repair-tests/Makemodule.am
+++ b/tests/ubifs_repair-tests/Makemodule.am
@@ -2,4 +2,5 @@ test_SCRIPTS += \
tests/ubifs_repair-tests/lib/common.sh \
tests/ubifs_repair-tests/tests/authentication_refuse.sh \
tests/ubifs_repair-tests/tests/cycle_mount_repair_check.sh \
- tests/ubifs_repair-tests/tests/powercut_repair_mount.sh
+ tests/ubifs_repair-tests/tests/powercut_repair_mount.sh \
+ tests/ubifs_repair-tests/tests/cycle_corrupted_repair_fault_inject.sh
diff --git a/tests/ubifs_repair-tests/tests/cycle_corrupted_repair_fault_inject.sh.in b/tests/ubifs_repair-tests/tests/cycle_corrupted_repair_fault_inject.sh.in
new file mode 100755
index 0000000..9752970
--- /dev/null
+++ b/tests/ubifs_repair-tests/tests/cycle_corrupted_repair_fault_inject.sh.in
@@ -0,0 +1,233 @@
+#!/bin/sh
+# Copyright (c), 2023-2024, Huawei Technologies Co, Ltd.
+# Author: Zhihao Cheng <chengzhihao1@...wei.com>
+#
+# Test Description:
+# For many kinds of flash, do following things
+# 1. mount UBIFS
+# 2. fsstress && unmount
+# 3. inject corruption into UBIFS image randomly
+# 3. repair ubifs && inject kinds of errors(memory, io)
+# 4. check UBIFS mounting result
+# Running time: 10min
+
+TESTBINDIR=@...TBINDIR@
+source $TESTBINDIR/common.sh
+
+function run_test()
+{
+ local simulator="$1";
+ local size="$2";
+ local peb_size="$3";
+ local page_size="$4";
+ local encryption=$5;
+
+ echo "======================================================================"
+ printf "%s" "$simulator: ${size}MiB PEB size ${peb_size}KiB"
+ if [ "$simulator" = "nandsim" ]; then
+ printf " %s" "page size ${page_size}KiB"
+ fi
+ printf " $encryption\n"
+
+ if [ "$simulator" = "nandsim" ]; then
+ $TESTBINDIR/load_nandsim.sh "$size" "$peb_size" "$page_size" || echo "cannot load nandsim";
+ mtdnum="$(find_mtd_device "$nandsim_patt")"
+ elif [ "$simulator" = "mtdram" ]; then
+ load_mtdram "$size" "$peb_size" || echo "cannot load mtdram"
+ mtdnum="$(find_mtd_device "$mtdram_patt")"
+ else
+ fatal "$simulator is not supported"
+ fi
+
+ flash_eraseall /dev/mtd$mtdnum
+ modprobe ubi mtd="$mtdnum,$page_size,0,0,1" fm_autoconvert || fatal "modprobe ubi fail"
+ ubimkvol -N vol_test -m -n 0 /dev/ubi$UBI_NUM || fatal "mkvol fail"
+ modprobe ubifs || fatal "modprobe ubifs fail"
+ mount_ubifs $DEV $MNT || fatal "mount ubifs fail"
+ if [[ "$encryption" == "encrypted" ]]; then
+ encryption_gen_key
+ encryption_set_key $MNT
+ fi
+
+ fsstress -d $MNT -l0 -p4 -n10000 &
+
+ sleep $((RANDOM % 20))
+
+ ps -e | grep -w fsstress > /dev/null 2>&1
+ while [ $? -eq 0 ]
+ do
+ killall -9 fsstress > /dev/null 2>&1
+ sleep 1
+ ps -e | grep -w fsstress > /dev/null 2>&1
+ done
+
+ while true
+ do
+ res=`mount | grep "$MNT"`
+ if [[ "$res" == "" ]]
+ then
+ break;
+ fi
+ umount $MNT
+ sleep 0.1
+ done
+
+ # inject corruption
+ times=$((RANDOM % 10))
+ let times=$times+10
+ i=0
+ tot_peb=`cat /sys/class/ubi/ubi$UBI_NUM/total_eraseblocks`;
+
+ modprobe -r ubifs
+ modprobe -r ubi # Stop wear-leveling & erasing worker
+ while [[ $i -lt $times ]]
+ do
+ let i=$i+1;
+ peb=$((RANDOM % $tot_peb));
+ pg=`expr $peb_size \* 1024`;
+ peb_off=`expr $pg \* $peb`
+ pages=`expr $pg / $page_size`;
+ pg=`expr $pages - 2`;
+ pg=$((RANDOM % $pg));
+ pg_off=`expr $pg + 2`;
+ pg_start=`expr $pages \* $peb`;
+ pg=`expr $pg_start + $pg_off`;
+ vid_pg=`expr $pg_start + 1`;
+ dd if=/dev/mtd$mtdnum of=$TMP_FILE bs=$page_size skip=$vid_pg count=1 2>/dev/null;
+ content=`cat $TMP_FILE | grep UBI!`; # vid header magic
+ if [[ "$content" == "" ]]; then
+ # Skip free PEB, otherwise data could be overwritten in ubifs repairing process
+ continue;
+ fi
+ if [[ $((RANDOM % 2)) == 0 ]]; then
+ # Corrupts 1 page
+ dd if=/dev/urandom of=/dev/mtd$mtdnum bs=$page_size seek=$pg count=1;
+ else
+ # Erase 1 LEB, TNC points to an unmapped area
+ flash_erase /dev/mtd$mtdnum $peb_off 1
+ fi
+ done
+ rm -f $TMP_FILE 2>/dev/null
+ sync
+
+ skip=0
+ modprobe ubi mtd="$mtdnum,$page_size,0,0,1" fm_autoconvert
+ ret=$?
+ if [[ $ret != 0 ]]
+ then
+ skip=1
+ echo "UBI layout volume is corrupted, skip"
+ fi
+
+ if [[ $skip == 0 ]]; then
+ modprobe ubifs || fatal "modprobe ubifs2 fail"
+ dmesg -c > /dev/null
+
+ round=0
+ while true;
+ do
+ injected=0
+ inject_mem=0
+ res=0
+ let round=$round+1
+
+ echo 'format "UBIFS DBG repair" +pflmt' > /sys/kernel/debug/dynamic_debug/control
+ if [[ $round -lt 50 ]]; then
+ injected=1
+ echo "$DEV" > /sys/kernel/debug/ubifs/repair_fs &
+ pid=$!
+ if [[ $((RANDOM % 2)) == 0 ]]; then
+ inject_mem_err $pid
+ inject_mem=1
+ fi
+ inject_io_err
+ wait $pid
+ res=$?
+ if [[ $inject_mem == 1 ]]; then
+ cancel_mem_err
+ fi
+ cancel_io_err
+ else
+ echo "$DEV" > /sys/kernel/debug/ubifs/repair_fs
+ res=$?
+ fi
+ if [[ $res != 0 ]]
+ then
+ log=`dmesg | grep "bad node at LEB 0:"`
+ if [[ "$log" != "" ]]
+ then
+ skip=1
+ echo "SB is corrupted, skip repairing & mounting"
+ break
+ else
+ check_memleak
+ # UBI could become ro-mode
+ modprobe -r ubifs
+ modprobe -r ubi
+ modprobe ubi mtd="$mtdnum,$page_size,0,0,1" fm_autoconvert
+ modprobe ubifs || fatal "modprobe ubifs3 fail"
+ if [[ $injected == 0 ]]; then
+ fatal "repair fail $res"
+ fi
+ fi
+ else
+ break
+ fi
+ done
+
+ check_memleak
+
+ dmesg -c > /dev/null # repairing corrupted image could reproduce error messages
+
+ if [[ $skip == 0 ]]; then
+ enable_chkfs
+
+ mount_ubifs $DEV $MNT
+ res=$?
+ if [[ $res != 0 ]]
+ then
+ fatal "mount fail $res"
+ fi
+
+ if [[ "$encryption" == "encrypted" ]]; then
+ encryption_set_key $MNT
+ fi
+
+ du -sh $MNT > /dev/null # Make sure all files are accessible
+ ret=$?
+ if [[ $ret != 0 ]]; then
+ fatal "Cannot access all files"
+ fi
+ # check_err_msg is not suggested in this testcase, because
+ # ubi_io_read(triggered by wear_leveling_worker -> ubi_eba_copy_leb)
+ # could print stack if ecc uncorrectable errors are detected.
+
+ umount $MNT
+ res=$?
+ if [[ $res != 0 ]]
+ then
+ fatal "unmount fail $res"
+ fi
+ fi
+
+ modprobe -r ubifs
+ modprobe -r ubi
+ fi
+ modprobe -r $simulator
+
+ echo "----------------------------------------------------------------------"
+}
+
+check_fsstress
+start_t=$(date +%s)
+echo "Do corrruption+cycle_repair_fault_injection test in kinds of flashes"
+for simulator in "mtdram" "nandsim"; do
+ for encryption in "encrypted" "noencrypted"; do
+ run_test "$simulator" "16" "16" "512" $encryption
+ run_test "$simulator" "256" "128" "2048" $encryption
+ done
+done
+end_t=$(date +%s)
+time_cost=$(( end_t - start_t ))
+echo "Success, cost $time_cost seconds"
+exit 0
--
2.13.6
Powered by blists - more mailing lists