On Tue, Feb 09, 2021 at 06:22:47AM +0000, Sidong Yang wrote:
> On Thu, Feb 04, 2021 at 12:09:31PM -0800, Boris Burkov wrote:
> 
> Hi Boris, I have a question for this code.
> 
> > btrfs-corrupt-block already has a mix of generic and specific corruption
> > options, but currently lacks the capacity for totally arbitrary
> > corruption in item data.
> > 
> > There is already a flag for corruption size (bytes/-b), so add a flag
> > for an offset and a value to memset the item with. Exercise the new
> > flags with a new variant for -I (item) corruption. Look up the item as
> > before, but instead of corrupting a field in the item struct, corrupt an
> > offset/size in the item data.
> > 
> > The motivating example for this is that in testing fsverity with btrfs,
> > we need to corrupt the generated Merkle tree--metadata item data which
> > is an opaque blob to btrfs.
> > 
> > Signed-off-by: Boris Burkov <bo...@bur.io>
> > ---
> >  btrfs-corrupt-block.c | 71 +++++++++++++++++++++++++++++++++++++++++--
> >  1 file changed, 68 insertions(+), 3 deletions(-)
> > 
> > diff --git a/btrfs-corrupt-block.c b/btrfs-corrupt-block.c
> > index 0c022a8e..bf1ce9c5 100644
> > --- a/btrfs-corrupt-block.c
> > +++ b/btrfs-corrupt-block.c
> > @@ -116,11 +116,13 @@ static void print_usage(int ret)
> >     printf("\t-m   The metadata block to corrupt (must also specify -f for 
> > the field to corrupt)\n");
> >     printf("\t-K <u64,u8,u64> Corrupt the given key (must also specify -f 
> > for the field and optionally -r for the root)\n");
> >     printf("\t-f   The field in the item to corrupt\n");
> > -   printf("\t-I <u64,u8,u64> Corrupt an item corresponding to the passed 
> > key triplet (must also specify the field to corrupt and root for the 
> > item)\n");
> > +   printf("\t-I <u64,u8,u64> Corrupt an item corresponding to the passed 
> > key triplet (must also specify the field, or bytes, offset, and value to 
> > corrupt and root for the item)\n");
> >     printf("\t-D <u64,u8,u64> Corrupt a dir item corresponding to the 
> > passed key triplet, must also specify a field\n");
> >     printf("\t-d <u64,u8,u64> Delete item corresponding to passed key 
> > triplet\n");
> >     printf("\t-r   Operate on this root\n");
> >     printf("\t-C   Delete a csum for the specified bytenr.  When used with 
> > -b it'll delete that many bytes, otherwise it's just sectorsize\n");
> > +   printf("\t-v   Value to use for corrupting item data\n");
> > +   printf("\t-o   Offset to use for corrupting item data\n");
> >     exit(ret);
> >  }
> >  
> > @@ -896,6 +898,50 @@ out:
> >     return ret;
> >  }
> >  
> > +static int corrupt_btrfs_item_data(struct btrfs_root *root,
> > +                              struct btrfs_key *key,
> > +                              u64 bogus_offset, u64 bogus_size,
> > +                              char bogus_value)
> > +{
> > +   struct btrfs_trans_handle *trans;
> > +   struct btrfs_path *path;
> > +   int ret;
> > +   void *data;
> > +   struct extent_buffer *leaf;
> > +   int slot;
> > +
> > +   path = btrfs_alloc_path();
> > +   if (!path)
> > +           return -ENOMEM;
> > +
> > +   trans = btrfs_start_transaction(root, 1);
> > +   if (IS_ERR(trans)) {
> > +           fprintf(stderr, "Couldn't start transaction %ld\n",
> > +                   PTR_ERR(trans));
> > +           ret = PTR_ERR(trans);
> > +           goto free_path;
> > +   }
> > +
> > +   ret = btrfs_search_slot(trans, root, key, path, 0, 1);
> > +   if (ret != 0) {
> > +           fprintf(stderr, "Error searching to node %d\n", ret);
> > +           goto commit_txn;
> 
> This is error case. but this code goes to commit transaction. I think there is
> an option to abort transaction. This code has pros than aborting?
> 

Good question. To be perfectly honest, I copied this pattern from some
of the other corruption functions around, and don't have a good answer.
Looking at it now, I don't see any harm in either approach (we don't
have any work to commit since it was just search_slot that failed) but
abort does seem less surprising.

> > +   }
> > +   leaf = path->nodes[0];
> > +   slot = path->slots[0];
> > +   data = btrfs_item_ptr(leaf, slot, void);
> > +   // TODO: check offset/size legitimacy
> > +   data += bogus_offset;
> > +   memset_extent_buffer(leaf, bogus_value, (unsigned long)data, 
> > bogus_size);
> > +   btrfs_mark_buffer_dirty(leaf);
> > +
> > +commit_txn:
> > +   btrfs_commit_transaction(trans, root);
> > +free_path:
> > +   btrfs_free_path(path);
> > +   return ret;
> > +}
> > +
> >  static int delete_item(struct btrfs_root *root, struct btrfs_key *key)
> >  {
> >     struct btrfs_trans_handle *trans;
> > @@ -1151,6 +1197,8 @@ int main(int argc, char **argv)
> >     u64 root_objectid = 0;
> >     u64 csum_bytenr = 0;
> >     char field[FIELD_BUF_LEN];
> > +   u64 bogus_value = (u64)-1;
> > +   u64 bogus_offset = (u64)-1;
> >  
> >     field[0] = '\0';
> >     memset(&key, 0, sizeof(key));
> > @@ -1177,11 +1225,13 @@ int main(int argc, char **argv)
> >                     { "delete", no_argument, NULL, 'd'},
> >                     { "root", no_argument, NULL, 'r'},
> >                     { "csum", required_argument, NULL, 'C'},
> > +                   { "value", required_argument, NULL, 'v'},
> > +                   { "offset", required_argument, NULL, 'o'},
> >                     { "help", no_argument, NULL, GETOPT_VAL_HELP},
> >                     { NULL, 0, NULL, 0 }
> >             };
> >  
> > -           c = getopt_long(argc, argv, "l:c:b:eEkuUi:f:x:m:K:I:D:d:r:C:",
> > +           c = getopt_long(argc, argv, 
> > "l:c:b:eEkuUi:f:x:m:K:I:D:d:r:C:v:o:",
> >                             long_options, NULL);
> >             if (c < 0)
> >                     break;
> > @@ -1244,6 +1294,12 @@ int main(int argc, char **argv)
> >                     case 'C':
> >                             csum_bytenr = arg_strtou64(optarg);
> >                             break;
> > +                   case 'v':
> > +                           bogus_value = arg_strtou64(optarg);
> > +                           break;
> > +                   case 'o':
> > +                           bogus_offset = arg_strtou64(optarg);
> > +                           break;
> >                     case GETOPT_VAL_HELP:
> >                     default:
> >                             print_usage(c != GETOPT_VAL_HELP);
> > @@ -1368,7 +1424,16 @@ int main(int argc, char **argv)
> >             if (!root_objectid)
> >                     print_usage(1);
> >  
> > -           ret = corrupt_btrfs_item(target_root, &key, field);
> > +           if (*field != 0)
> > +                   ret = corrupt_btrfs_item(target_root, &key, field);
> > +           else if (bogus_offset != (u64)-1 &&
> > +                    bytes != (u64)-1 &&
> > +                    bogus_value != (u64)-1)
> > +                   ret = corrupt_btrfs_item_data(target_root, &key,
> > +                                                 bogus_offset, bytes,
> > +                                                 bogus_value);
> > +           else
> > +                   print_usage(1);
> >             goto out_close;
> >     }
> >     if (delete) {
> > -- 
> > 2.24.1
> > 

Reply via email to