dm verity: add "panic_on_corruption" error handling mode

Samsung smart phones may need the ability to panic on corruption.  Not
all devices provide the bootloader support needed to use the existing
"restart_on_corruption" mode.  Additional details for why Samsung needs
this new mode can be found here:
https://www.redhat.com/archives/dm-devel/2020-June/msg00235.html

Signed-off-by: jhs2.lee <jhs2.lee@samsung.com>
Signed-off-by: Mike Snitzer <snitzer@redhat.com>

diff --git a/Documentation/admin-guide/device-mapper/verity.rst b/Documentation/admin-guide/device-mapper/verity.rst
index bb02caa..66f71f0 100644 (file)
--- a/Documentation/admin-guide/device-mapper/verity.rst
+++ b/Documentation/admin-guide/device-mapper/verity.rst
@@ -83,6 +83,10 @@ restart_on_corruption
     not compatible with ignore_corruption and requires user space support to
     avoid restart loops.
 
+panic_on_corruption
+    Panic the device when a corrupted block is discovered. This option is
+    not compatible with ignore_corruption and restart_on_corruption.
+
 ignore_zero_blocks
     Do not verify blocks that are expected to contain zeroes and always return
     zeroes instead. This may be useful if the partition contains unused blocks

diff --git a/drivers/md/dm-verity-target.c b/drivers/md/dm-verity-target.c
index eec9f25..ddcd1d0 100644 (file)
--- a/drivers/md/dm-verity-target.c
+++ b/drivers/md/dm-verity-target.c
@@ -30,6 +30,7 @@
 
 #define DM_VERITY_OPT_LOGGING          "ignore_corruption"
 #define DM_VERITY_OPT_RESTART          "restart_on_corruption"
+#define DM_VERITY_OPT_PANIC            "panic_on_corruption"
 #define DM_VERITY_OPT_IGN_ZEROES       "ignore_zero_blocks"
 #define DM_VERITY_OPT_AT_MOST_ONCE     "check_at_most_once"
 
@@ -254,6 +255,9 @@ out:
        if (v->mode == DM_VERITY_MODE_RESTART)
                kernel_restart("dm-verity device corrupted");
 
+       if (v->mode == DM_VERITY_MODE_PANIC)
+               panic("dm-verity device corrupted");
+
        return 1;
 }
 
@@ -742,6 +746,9 @@ static void verity_status(struct dm_target *ti, status_type_t type,
                        case DM_VERITY_MODE_RESTART:
                                DMEMIT(DM_VERITY_OPT_RESTART);
                                break;
+                       case DM_VERITY_MODE_PANIC:
+                               DMEMIT(DM_VERITY_OPT_PANIC);
+                               break;
                        default:
                                BUG();
                        }
@@ -907,6 +914,10 @@ static int verity_parse_opt_args(struct dm_arg_set *as, struct dm_verity *v,
                        v->mode = DM_VERITY_MODE_RESTART;
                        continue;
 
+               } else if (!strcasecmp(arg_name, DM_VERITY_OPT_PANIC)) {
+                       v->mode = DM_VERITY_MODE_PANIC;
+                       continue;
+
                } else if (!strcasecmp(arg_name, DM_VERITY_OPT_IGN_ZEROES)) {
                        r = verity_alloc_zero_digest(v);
                        if (r) {
@@ -1221,7 +1232,7 @@ bad:
 
 static struct target_type verity_target = {
        .name           = "verity",
-       .version        = {1, 6, 0},
+       .version        = {1, 7, 0},
        .module         = THIS_MODULE,
        .ctr            = verity_ctr,
        .dtr            = verity_dtr,

diff --git a/drivers/md/dm-verity.h b/drivers/md/dm-verity.h
index 641b9e3..4e769d1 100644 (file)
--- a/drivers/md/dm-verity.h
+++ b/drivers/md/dm-verity.h
@@ -20,7 +20,8 @@
 enum verity_mode {
        DM_VERITY_MODE_EIO,
        DM_VERITY_MODE_LOGGING,
-       DM_VERITY_MODE_RESTART
+       DM_VERITY_MODE_RESTART,
+       DM_VERITY_MODE_PANIC
 };
 
 enum verity_block_type {