hi Kees Cook, On 2020/5/8 PM 2:39, Kees Cook wrote: > From: WeiXiong Liao <liaoweixiong@xxxxxxxxxxxxxxxxx> > > Support backend for console. To enable console backend, just make > console_size be greater than 0 and a multiple of 4096. > > Signed-off-by: WeiXiong Liao <liaoweixiong@xxxxxxxxxxxxxxxxx> > Link: https://lore.kernel.org/r/1585126506-18635-6-git-send-email-liaoweixiong@xxxxxxxxxxxxxxxxx > Signed-off-by: Kees Cook <keescook@xxxxxxxxxxxx> > --- > fs/pstore/Kconfig | 12 +++++++ > fs/pstore/blk.c | 12 ++++++- > fs/pstore/zone.c | 67 +++++++++++++++++++++++++++++++++++-- > include/linux/pstore_zone.h | 4 ++- > 4 files changed, 90 insertions(+), 5 deletions(-) > > diff --git a/fs/pstore/Kconfig b/fs/pstore/Kconfig > index f18cd126d83f..f1484f751c5e 100644 > --- a/fs/pstore/Kconfig > +++ b/fs/pstore/Kconfig > @@ -236,3 +236,15 @@ config PSTORE_BLK_PMSG_SIZE > > NOTE that, both Kconfig and module parameters can configure > pstore/blk, but module parameters have priority over Kconfig. > + > +config PSTORE_BLK_CONSOLE_SIZE > + int "Size in Kbytes of console to store" > + depends on PSTORE_BLK > + depends on PSTORE_CONSOLE > + default 64 > + help > + This just sets size of console (console_size) for pstore/blk. The > + size is in KB and must be a multiple of 4. > + > + NOTE that, both Kconfig and module parameters can configure > + pstore/blk, but module parameters have priority over Kconfig. > diff --git a/fs/pstore/blk.c b/fs/pstore/blk.c > index 401e5ba66a5f..813025ea7edd 100644 > --- a/fs/pstore/blk.c > +++ b/fs/pstore/blk.c > @@ -32,6 +32,14 @@ static long pmsg_size = -1; > module_param(pmsg_size, long, 0400); > MODULE_PARM_DESC(pmsg_size, "pmsg size in kbytes"); > > +#if IS_ENABLED(CONFIG_PSTORE_CONSOLE) > +static long console_size = CONFIG_PSTORE_BLK_CONSOLE_SIZE; > +#else > +static long console_size = -1; > +#endif > +module_param(console_size, long, 0400); > +MODULE_PARM_DESC(console_size, "console size in kbytes"); > + > /* > * blkdev - The block device to use. > * > @@ -83,7 +91,8 @@ static struct bdev_info { > * whole disk). > * On success, the number of bytes should be returned, others > * means error. > - * @write: The same as @read. > + * @write: The same as @read, but the following error number: > + * -EBUSY means try to write again later. > * @panic_write:The write operation only used for panic case. It's optional > * if you do not care panic log. The parameters and return value > * are the same as @read. > @@ -133,6 +142,7 @@ static int psblk_register_do(struct psblk_device *dev) > > verify_size(kmsg_size, 4096, dev->flags & PSTORE_FLAGS_DMESG); > verify_size(pmsg_size, 4096, dev->flags & PSTORE_FLAGS_PMSG); > + verify_size(console_size, 4096, dev->flags & PSTORE_FLAGS_CONSOLE); > #undef verify_size > > pstore_zone_info->total_size = dev->total_size; > diff --git a/fs/pstore/zone.c b/fs/pstore/zone.c > index f472b06a6c14..0b952eea39fe 100644 > --- a/fs/pstore/zone.c > +++ b/fs/pstore/zone.c > @@ -87,10 +87,12 @@ struct pstore_zone { > * > * @opszs: oops/panic storage zones > * @ppsz: pmsg storage zone > + * @cpsz: console storage zone > * @oops_max_cnt: max count of @opszs > * @oops_read_cnt: counter to read oops zone > * @oops_write_cnt: counter to write > * @pmsg_read_cnt: counter to read pmsg zone > + * @console_read_cnt: counter to read console zone > * @oops_counter: counter to oops > * @panic_counter: counter to panic > * @recovered: whether finish recovering data from storage > @@ -102,10 +104,12 @@ struct pstore_zone { > struct psz_context { > struct pstore_zone **opszs; > struct pstore_zone *ppsz; > + struct pstore_zone *cpsz; > unsigned int oops_max_cnt; > unsigned int oops_read_cnt; > unsigned int oops_write_cnt; > unsigned int pmsg_read_cnt; > + unsigned int console_read_cnt; > /* > * the counter should be recovered when recover. > * It records the oops/panic times after burning rather than booting. > @@ -125,6 +129,9 @@ struct psz_context { > }; > static struct psz_context psz_cxt; > > +static void psz_flush_all_dirty_zones(struct work_struct *); > +static DECLARE_WORK(psz_cleaner, psz_flush_all_dirty_zones); I think it's better to use delayed work. static DECLARE_DELAYED_WORK(psz_cleaner, psz_flush_all_dirty_zones); > + > /** > * enum psz_flush_mode - flush mode for psz_zone_write() > * > @@ -235,6 +242,9 @@ static int psz_zone_write(struct pstore_zone *zone, > return 0; > dirty: > atomic_set(&zone->dirty, true); > + /* flush dirty zones nicely */ > + if (wcnt == -EBUSY && !is_on_panic()) > + schedule_work(&psz_cleaner); Change to: schedule_delayed_work(&psz_cleaner, msecs_to_jiffies(500)); delay for 500ms to merge more log of console and reduce calling times. > return -EBUSY; > } > > @@ -291,6 +301,15 @@ static int psz_move_zone(struct pstore_zone *old, struct pstore_zone *new) > return 0; > } > > +static void psz_flush_all_dirty_zones(struct work_struct *work) > +{ > + struct psz_context *cxt = &psz_cxt; > + > + psz_flush_dirty_zone(cxt->ppsz); > + psz_flush_dirty_zone(cxt->cpsz); > + psz_flush_dirty_zones(cxt->opszs, cxt->oops_max_cnt); If flush dirty failed, I think it should try again later. int ret = 0; ret |= psz_flush_dirty_zone(cxt->ppsz); ret |= psz_flush_dirty_zone(cxt->cpsz); ret |= psz_flush_dirty_zones(cxt->opszs, cxt->oops_max_cnt); if (ret) schedule_delayed_work(&psz_cleaner, msecs_to_jiffies(1000)); And add this diff: @@ -714,10 +717,10 @@ static int notrace psz_oops_write(struct psz_context *cxt, return -ENOSPC; ret = psz_oops_write_record(cxt, record); - if (!ret) { + if (!ret && is_on_panic()) { + /* ensure all data are flushed to storage when panic */ pr_debug("try to flush other dirty zones\n"); - psz_flush_dirty_zones(cxt->opszs, cxt->oops_max_cnt); - psz_flush_dirty_zone(cxt->ppsz); + psz_flush_all_dirty_zones(NULL); } /* always return 0 as we had handled it on buffer */ We should flush only when panic since all the dirty zones will be flushed by delayed_work after this patch. > +} > +> static int psz_recover_oops_data(struct psz_context *cxt) > { > struct pstore_zone_info *info = cxt->pstore_zone_info; > @@ -546,6 +565,10 @@ static inline int psz_recovery(struct psz_context *cxt) > if (ret) > goto recover_fail; > > + ret = psz_recover_zone(cxt, cxt->cpsz); > + if (ret) > + goto recover_fail; > + > pr_debug("recover end!\n"); > atomic_set(&cxt->recovered, 1); > return 0; > @@ -561,6 +584,7 @@ static int psz_pstore_open(struct pstore_info *psi) > > cxt->oops_read_cnt = 0; > cxt->pmsg_read_cnt = 0; > + cxt->console_read_cnt = 0; > return 0; > } > > @@ -625,8 +649,9 @@ static int psz_pstore_erase(struct pstore_record *record) > return psz_oops_erase(cxt, cxt->opszs[record->id], record); > case PSTORE_TYPE_PMSG: > return psz_record_erase(cxt, cxt->ppsz); > - default: > - return -EINVAL; > + case PSTORE_TYPE_CONSOLE: > + return psz_record_erase(cxt, cxt->cpsz); > + default: return -EINVAL; > } > } > > @@ -753,9 +778,18 @@ static int notrace psz_pstore_write(struct pstore_record *record) > record->reason == KMSG_DUMP_PANIC) > atomic_set(&cxt->on_panic, 1); > > + /* > + * if on panic, do not write except panic records > + * Fix case that panic_write prints log which wakes up console backend. > + */ > + if (is_on_panic() && record->type != PSTORE_TYPE_DMESG) > + return -EBUSY; > + > switch (record->type) { > case PSTORE_TYPE_DMESG: > return psz_oops_write(cxt, record); > + case PSTORE_TYPE_CONSOLE: > + return psz_record_write(cxt->cpsz, record); > case PSTORE_TYPE_PMSG: > return psz_record_write(cxt->ppsz, record); > default: > @@ -780,6 +814,13 @@ static struct pstore_zone *psz_read_next_zone(struct psz_context *cxt) > return zone; > } > > + if (cxt->console_read_cnt == 0) { > + cxt->console_read_cnt++; > + zone = cxt->cpsz; > + if (psz_old_ok(zone)) > + return zone; > + } > + > return NULL; > } > > @@ -890,6 +931,8 @@ static ssize_t psz_pstore_read(struct pstore_record *record) > readop = psz_oops_read; > record->id = cxt->oops_read_cnt - 1; > break; > + case PSTORE_TYPE_CONSOLE: > + fallthrough; > case PSTORE_TYPE_PMSG: > readop = psz_record_read; > break; > @@ -1037,6 +1080,8 @@ static void psz_free_all_zones(struct psz_context *cxt) > psz_free_zones(&cxt->opszs, &cxt->oops_max_cnt); > if (cxt->ppsz) > psz_free_zone(&cxt->ppsz); > + if (cxt->cpsz) > + psz_free_zone(&cxt->cpsz); > } > > static int psz_alloc_zones(struct psz_context *cxt) > @@ -1053,6 +1098,14 @@ static int psz_alloc_zones(struct psz_context *cxt) > goto free_out; > } > > + off_size += info->console_size; > + cxt->cpsz = psz_init_zone(PSTORE_TYPE_CONSOLE, &off, > + info->console_size); > + if (IS_ERR(cxt->cpsz)) { > + err = PTR_ERR(cxt->cpsz); > + goto free_out; > + } > + > cxt->opszs = psz_init_zones(PSTORE_TYPE_DMESG, &off, > info->total_size - off_size, > info->kmsg_size, &cxt->oops_max_cnt); > @@ -1086,7 +1139,7 @@ int register_pstore_zone(struct pstore_zone_info *info) > return -EINVAL; > } > > - if (!info->kmsg_size && !info->pmsg_size) { > + if (!info->kmsg_size && !info->pmsg_size && !info->console_size) { > pr_warn("at least one of the records be non-zero\n"); > return -EINVAL; > } > @@ -1114,6 +1167,7 @@ int register_pstore_zone(struct pstore_zone_info *info) > check_size(total_size, 4096); > check_size(kmsg_size, SECTOR_SIZE); > check_size(pmsg_size, SECTOR_SIZE); > + check_size(console_size, SECTOR_SIZE); > > #undef check_size > > @@ -1141,6 +1195,7 @@ int register_pstore_zone(struct pstore_zone_info *info) > pr_debug("\ttotal size : %ld Bytes\n", info->total_size); > pr_debug("\toops size : %ld Bytes\n", info->kmsg_size); > pr_debug("\tpmsg size : %ld Bytes\n", info->pmsg_size); > + pr_debug("\tconsole size : %ld Bytes\n", info->console_size); > > err = psz_alloc_zones(cxt); > if (err) { > @@ -1173,6 +1228,10 @@ int register_pstore_zone(struct pstore_zone_info *info) > cxt->pstore.flags |= PSTORE_FLAGS_PMSG; > pr_cont(" pmsg"); > } > + if (info->console_size) { > + cxt->pstore.flags |= PSTORE_FLAGS_CONSOLE; > + pr_cont(" console"); > + } > pr_cont("\n"); > > err = pstore_register(&cxt->pstore); > @@ -1204,6 +1263,8 @@ void unregister_pstore_zone(struct pstore_zone_info *info) > { > struct psz_context *cxt = &psz_cxt; > > + flush_work(&psz_cleaner); > + I think it should try to flush dirty zones before unregister in case of lost data. psz_flush_all_dirty_zones(NULL); flush_delayed_work(&psz_cleaner); > pstore_unregister(&cxt->pstore); > kfree(cxt->pstore.buf); > cxt->pstore.bufsize = 0; > diff --git a/include/linux/pstore_zone.h b/include/linux/pstore_zone.h > index 39c2cb944123..da294e6d7661 100644 > --- a/include/linux/pstore_zone.h > +++ b/include/linux/pstore_zone.h > @@ -18,11 +18,12 @@ typedef ssize_t (*psz_write_op)(const char *, size_t, loff_t); > * it must be multiple of SECTOR_SIZE(512 Bytes). > * @max_reason: Maximum kmsg dump reason to store. > * @pmsg_size: The size of pmsg zone which is the same as @kmsg_size. > + * @console_size:The size of console zone which is the same as @kmsg_size. > * @read: The general read operation. Both of the function parameters > * @size and @offset are relative value to storage. > * On success, the number of bytes should be returned, others > * means error. > - * @write: The same as @read. > + * @write: The same as @read, but -EBUSY means try to write again later. > * @panic_write:The write operation only used for panic case. It's optional > * if you do not care panic log. The parameters and return value > * are the same as @read. > @@ -35,6 +36,7 @@ struct pstore_zone_info { > unsigned long kmsg_size; > int max_reason; > unsigned long pmsg_size; > + unsigned long console_size; > psz_read_op read; > psz_write_op write; > psz_write_op panic_write; > -- WeiXiong Liao