projects / deliverable / linux.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
UBI: allocate memory with GFP_NOFS
[deliverable/linux.git] / drivers / mtd / ubi / io.c
1 /*
2 * Copyright (c) International Business Machines Corp., 2006
3 * Copyright (c) Nokia Corporation, 2006, 2007
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 2 of the License, or
8 * (at your option) any later version.
9 *
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See
13 * the GNU General Public License for more details.
14 *
15 * You should have received a copy of the GNU General Public License
16 * along with this program; if not, write to the Free Software
17 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
18 *
19 * Author: Artem Bityutskiy (Битюцкий Артём)
20 */
21
22 /*
23 * UBI input/output unit.
24 *
25 * This unit provides a uniform way to work with all kinds of the underlying
26 * MTD devices. It also implements handy functions for reading and writing UBI
27 * headers.
28 *
29 * We are trying to have a paranoid mindset and not to trust to what we read
30 * from the flash media in order to be more secure and robust. So this unit
31 * validates every single header it reads from the flash media.
32 *
33 * Some words about how the eraseblock headers are stored.
34 *
35 * The erase counter header is always stored at offset zero. By default, the
36 * VID header is stored after the EC header at the closest aligned offset
37 * (i.e. aligned to the minimum I/O unit size). Data starts next to the VID
38 * header at the closest aligned offset. But this default layout may be
39 * changed. For example, for different reasons (e.g., optimization) UBI may be
40 * asked to put the VID header at further offset, and even at an unaligned
41 * offset. Of course, if the offset of the VID header is unaligned, UBI adds
42 * proper padding in front of it. Data offset may also be changed but it has to
43 * be aligned.
44 *
45 * About minimal I/O units. In general, UBI assumes flash device model where
46 * there is only one minimal I/O unit size. E.g., in case of NOR flash it is 1,
47 * in case of NAND flash it is a NAND page, etc. This is reported by MTD in the
48 * @ubi->mtd->writesize field. But as an exception, UBI admits of using another
49 * (smaller) minimal I/O unit size for EC and VID headers to make it possible
50 * to do different optimizations.
51 *
52 * This is extremely useful in case of NAND flashes which admit of several
53 * write operations to one NAND page. In this case UBI can fit EC and VID
54 * headers at one NAND page. Thus, UBI may use "sub-page" size as the minimal
55 * I/O unit for the headers (the @ubi->hdrs_min_io_size field). But it still
56 * reports NAND page size (@ubi->min_io_size) as a minimal I/O unit for the UBI
57 * users.
58 *
59 * Example: some Samsung NANDs with 2KiB pages allow 4x 512-byte writes, so
60 * although the minimal I/O unit is 2K, UBI uses 512 bytes for EC and VID
61 * headers.
62 *
63 * Q: why not just to treat sub-page as a minimal I/O unit of this flash
64 * device, e.g., make @ubi->min_io_size = 512 in the example above?
65 *
66 * A: because when writing a sub-page, MTD still writes a full 2K page but the
67 * bytes which are no relevant to the sub-page are 0xFF. So, basically, writing
68 * 4x512 sub-pages is 4 times slower then writing one 2KiB NAND page. Thus, we
69 * prefer to use sub-pages only for EV and VID headers.
70 *
71 * As it was noted above, the VID header may start at a non-aligned offset.
72 * For example, in case of a 2KiB page NAND flash with a 512 bytes sub-page,
73 * the VID header may reside at offset 1984 which is the last 64 bytes of the
74 * last sub-page (EC header is always at offset zero). This causes some
75 * difficulties when reading and writing VID headers.
76 *
77 * Suppose we have a 64-byte buffer and we read a VID header at it. We change
78 * the data and want to write this VID header out. As we can only write in
79 * 512-byte chunks, we have to allocate one more buffer and copy our VID header
80 * to offset 448 of this buffer.
81 *
82 * The I/O unit does the following trick in order to avoid this extra copy.
83 * It always allocates a @ubi->vid_hdr_alsize bytes buffer for the VID header
84 * and returns a pointer to offset @ubi->vid_hdr_shift of this buffer. When the
85 * VID header is being written out, it shifts the VID header pointer back and
86 * writes the whole sub-page.
87 */
88
89 #include <linux/crc32.h>
90 #include <linux/err.h>
91 #include "ubi.h"
92
93 #ifdef CONFIG_MTD_UBI_DEBUG_PARANOID
94 static int paranoid_check_not_bad(const struct ubi_device *ubi, int pnum);
95 static int paranoid_check_peb_ec_hdr(const struct ubi_device *ubi, int pnum);
96 static int paranoid_check_ec_hdr(const struct ubi_device *ubi, int pnum,
97 const struct ubi_ec_hdr *ec_hdr);
98 static int paranoid_check_peb_vid_hdr(const struct ubi_device *ubi, int pnum);
99 static int paranoid_check_vid_hdr(const struct ubi_device *ubi, int pnum,
100 const struct ubi_vid_hdr *vid_hdr);
101 static int paranoid_check_all_ff(const struct ubi_device *ubi, int pnum,
102 int offset, int len);
103 #else
104 #define paranoid_check_not_bad(ubi, pnum) 0
105 #define paranoid_check_peb_ec_hdr(ubi, pnum) 0
106 #define paranoid_check_ec_hdr(ubi, pnum, ec_hdr) 0
107 #define paranoid_check_peb_vid_hdr(ubi, pnum) 0
108 #define paranoid_check_vid_hdr(ubi, pnum, vid_hdr) 0
109 #define paranoid_check_all_ff(ubi, pnum, offset, len) 0
110 #endif
111
112 /**
113 * ubi_io_read - read data from a physical eraseblock.
114 * @ubi: UBI device description object
115 * @buf: buffer where to store the read data
116 * @pnum: physical eraseblock number to read from
117 * @offset: offset within the physical eraseblock from where to read
118 * @len: how many bytes to read
119 *
120 * This function reads data from offset @offset of physical eraseblock @pnum
121 * and stores the read data in the @buf buffer. The following return codes are
122 * possible:
123 *
124 * o %0 if all the requested data were successfully read;
125 * o %UBI_IO_BITFLIPS if all the requested data were successfully read, but
126 * correctable bit-flips were detected; this is harmless but may indicate
127 * that this eraseblock may become bad soon (but do not have to);
128 * o %-EBADMSG if the MTD subsystem reported about data integrity problems, for
129 * example it can be an ECC error in case of NAND; this most probably means
130 * that the data is corrupted;
131 * o %-EIO if some I/O error occurred;
132 * o other negative error codes in case of other errors.
133 */
134 int ubi_io_read(const struct ubi_device *ubi, void *buf, int pnum, int offset,
135 int len)
136 {
137 int err, retries = 0;
138 size_t read;
139 loff_t addr;
140
141 dbg_io("read %d bytes from PEB %d:%d", len, pnum, offset);
142
143 ubi_assert(pnum >= 0 && pnum < ubi->peb_count);
144 ubi_assert(offset >= 0 && offset + len <= ubi->peb_size);
145 ubi_assert(len > 0);
146
147 err = paranoid_check_not_bad(ubi, pnum);
148 if (err)
149 return err > 0 ? -EINVAL : err;
150
151 addr = (loff_t)pnum * ubi->peb_size + offset;
152 retry:
153 err = ubi->mtd->read(ubi->mtd, addr, len, &read, buf);
154 if (err) {
155 if (err == -EUCLEAN) {
156 /*
157 * -EUCLEAN is reported if there was a bit-flip which
158 * was corrected, so this is harmless.
159 */
160 ubi_msg("fixable bit-flip detected at PEB %d", pnum);
161 ubi_assert(len == read);
162 return UBI_IO_BITFLIPS;
163 }
164
165 if (read != len && retries++ < UBI_IO_RETRIES) {
166 dbg_io("error %d while reading %d bytes from PEB %d:%d, "
167 "read only %zd bytes, retry",
168 err, len, pnum, offset, read);
169 yield();
170 goto retry;
171 }
172
173 ubi_err("error %d while reading %d bytes from PEB %d:%d, "
174 "read %zd bytes", err, len, pnum, offset, read);
175 ubi_dbg_dump_stack();
176 } else {
177 ubi_assert(len == read);
178
179 if (ubi_dbg_is_bitflip()) {
180 dbg_msg("bit-flip (emulated)");
181 err = UBI_IO_BITFLIPS;
182 }
183 }
184
185 return err;
186 }
187
188 /**
189 * ubi_io_write - write data to a physical eraseblock.
190 * @ubi: UBI device description object
191 * @buf: buffer with the data to write
192 * @pnum: physical eraseblock number to write to
193 * @offset: offset within the physical eraseblock where to write
194 * @len: how many bytes to write
195 *
196 * This function writes @len bytes of data from buffer @buf to offset @offset
197 * of physical eraseblock @pnum. If all the data were successfully written,
198 * zero is returned. If an error occurred, this function returns a negative
199 * error code. If %-EIO is returned, the physical eraseblock most probably went
200 * bad.
201 *
202 * Note, in case of an error, it is possible that something was still written
203 * to the flash media, but may be some garbage.
204 */
205 int ubi_io_write(const struct ubi_device *ubi, const void *buf, int pnum,
206 int offset, int len)
207 {
208 int err;
209 size_t written;
210 loff_t addr;
211
212 dbg_io("write %d bytes to PEB %d:%d", len, pnum, offset);
213
214 ubi_assert(pnum >= 0 && pnum < ubi->peb_count);
215 ubi_assert(offset >= 0 && offset + len <= ubi->peb_size);
216 ubi_assert(offset % ubi->hdrs_min_io_size == 0);
217 ubi_assert(len > 0 && len % ubi->hdrs_min_io_size == 0);
218
219 if (ubi->ro_mode) {
220 ubi_err("read-only mode");
221 return -EROFS;
222 }
223
224 /* The below has to be compiled out if paranoid checks are disabled */
225
226 err = paranoid_check_not_bad(ubi, pnum);
227 if (err)
228 return err > 0 ? -EINVAL : err;
229
230 /* The area we are writing to has to contain all 0xFF bytes */
231 err = paranoid_check_all_ff(ubi, pnum, offset, len);
232 if (err)
233 return err > 0 ? -EINVAL : err;
234
235 if (offset >= ubi->leb_start) {
236 /*
237 * We write to the data area of the physical eraseblock. Make
238 * sure it has valid EC and VID headers.
239 */
240 err = paranoid_check_peb_ec_hdr(ubi, pnum);
241 if (err)
242 return err > 0 ? -EINVAL : err;
243 err = paranoid_check_peb_vid_hdr(ubi, pnum);
244 if (err)
245 return err > 0 ? -EINVAL : err;
246 }
247
248 if (ubi_dbg_is_write_failure()) {
249 dbg_err("cannot write %d bytes to PEB %d:%d "
250 "(emulated)", len, pnum, offset);
251 ubi_dbg_dump_stack();
252 return -EIO;
253 }
254
255 addr = (loff_t)pnum * ubi->peb_size + offset;
256 err = ubi->mtd->write(ubi->mtd, addr, len, &written, buf);
257 if (err) {
258 ubi_err("error %d while writing %d bytes to PEB %d:%d, written"
259 " %zd bytes", err, len, pnum, offset, written);
260 ubi_dbg_dump_stack();
261 } else
262 ubi_assert(written == len);
263
264 return err;
265 }
266
267 /**
268 * erase_callback - MTD erasure call-back.
269 * @ei: MTD erase information object.
270 *
271 * Note, even though MTD erase interface is asynchronous, all the current
272 * implementations are synchronous anyway.
273 */
274 static void erase_callback(struct erase_info *ei)
275 {
276 wake_up_interruptible((wait_queue_head_t *)ei->priv);
277 }
278
279 /**
280 * do_sync_erase - synchronously erase a physical eraseblock.
281 * @ubi: UBI device description object
282 * @pnum: the physical eraseblock number to erase
283 *
284 * This function synchronously erases physical eraseblock @pnum and returns
285 * zero in case of success and a negative error code in case of failure. If
286 * %-EIO is returned, the physical eraseblock most probably went bad.
287 */
288 static int do_sync_erase(const struct ubi_device *ubi, int pnum)
289 {
290 int err, retries = 0;
291 struct erase_info ei;
292 wait_queue_head_t wq;
293
294 dbg_io("erase PEB %d", pnum);
295
296 retry:
297 init_waitqueue_head(&wq);
298 memset(&ei, 0, sizeof(struct erase_info));
299
300 ei.mtd = ubi->mtd;
301 ei.addr = (loff_t)pnum * ubi->peb_size;
302 ei.len = ubi->peb_size;
303 ei.callback = erase_callback;
304 ei.priv = (unsigned long)&wq;
305
306 err = ubi->mtd->erase(ubi->mtd, &ei);
307 if (err) {
308 if (retries++ < UBI_IO_RETRIES) {
309 dbg_io("error %d while erasing PEB %d, retry",
310 err, pnum);
311 yield();
312 goto retry;
313 }
314 ubi_err("cannot erase PEB %d, error %d", pnum, err);
315 ubi_dbg_dump_stack();
316 return err;
317 }
318
319 err = wait_event_interruptible(wq, ei.state == MTD_ERASE_DONE ||
320 ei.state == MTD_ERASE_FAILED);
321 if (err) {
322 ubi_err("interrupted PEB %d erasure", pnum);
323 return -EINTR;
324 }
325
326 if (ei.state == MTD_ERASE_FAILED) {
327 if (retries++ < UBI_IO_RETRIES) {
328 dbg_io("error while erasing PEB %d, retry", pnum);
329 yield();
330 goto retry;
331 }
332 ubi_err("cannot erase PEB %d", pnum);
333 ubi_dbg_dump_stack();
334 return -EIO;
335 }
336
337 err = paranoid_check_all_ff(ubi, pnum, 0, ubi->peb_size);
338 if (err)
339 return err > 0 ? -EINVAL : err;
340
341 if (ubi_dbg_is_erase_failure() && !err) {
342 dbg_err("cannot erase PEB %d (emulated)", pnum);
343 return -EIO;
344 }
345
346 return 0;
347 }
348
349 /**
350 * check_pattern - check if buffer contains only a certain byte pattern.
351 * @buf: buffer to check
352 * @patt: the pattern to check
353 * @size: buffer size in bytes
354 *
355 * This function returns %1 in there are only @patt bytes in @buf, and %0 if
356 * something else was also found.
357 */
358 static int check_pattern(const void *buf, uint8_t patt, int size)
359 {
360 int i;
361
362 for (i = 0; i < size; i++)
363 if (((const uint8_t *)buf)[i] != patt)
364 return 0;
365 return 1;
366 }
367
368 /* Patterns to write to a physical eraseblock when torturing it */
369 static uint8_t patterns[] = {0xa5, 0x5a, 0x0};
370
371 /**
372 * torture_peb - test a supposedly bad physical eraseblock.
373 * @ubi: UBI device description object
374 * @pnum: the physical eraseblock number to test
375 *
376 * This function returns %-EIO if the physical eraseblock did not pass the
377 * test, a positive number of erase operations done if the test was
378 * successfully passed, and other negative error codes in case of other errors.
379 */
380 static int torture_peb(const struct ubi_device *ubi, int pnum)
381 {
382 void *buf;
383 int err, i, patt_count;
384
385 buf = vmalloc(ubi->peb_size);
386 if (!buf)
387 return -ENOMEM;
388
389 patt_count = ARRAY_SIZE(patterns);
390 ubi_assert(patt_count > 0);
391
392 for (i = 0; i < patt_count; i++) {
393 err = do_sync_erase(ubi, pnum);
394 if (err)
395 goto out;
396
397 /* Make sure the PEB contains only 0xFF bytes */
398 err = ubi_io_read(ubi, buf, pnum, 0, ubi->peb_size);
399 if (err)
400 goto out;
401
402 err = check_pattern(buf, 0xFF, ubi->peb_size);
403 if (err == 0) {
404 ubi_err("erased PEB %d, but a non-0xFF byte found",
405 pnum);
406 err = -EIO;
407 goto out;
408 }
409
410 /* Write a pattern and check it */
411 memset(buf, patterns[i], ubi->peb_size);
412 err = ubi_io_write(ubi, buf, pnum, 0, ubi->peb_size);
413 if (err)
414 goto out;
415
416 memset(buf, ~patterns[i], ubi->peb_size);
417 err = ubi_io_read(ubi, buf, pnum, 0, ubi->peb_size);
418 if (err)
419 goto out;
420
421 err = check_pattern(buf, patterns[i], ubi->peb_size);
422 if (err == 0) {
423 ubi_err("pattern %x checking failed for PEB %d",
424 patterns[i], pnum);
425 err = -EIO;
426 goto out;
427 }
428 }
429
430 err = patt_count;
431
432 out:
433 if (err == UBI_IO_BITFLIPS || err == -EBADMSG) {
434 /*
435 * If a bit-flip or data integrity error was detected, the test
436 * has not passed because it happened on a freshly erased
437 * physical eraseblock which means something is wrong with it.
438 */
439 ubi_err("read problems on freshly erased PEB %d, must be bad",
440 pnum);
441 err = -EIO;
442 }
443 vfree(buf);
444 return err;
445 }
446
447 /**
448 * ubi_io_sync_erase - synchronously erase a physical eraseblock.
449 * @ubi: UBI device description object
450 * @pnum: physical eraseblock number to erase
451 * @torture: if this physical eraseblock has to be tortured
452 *
453 * This function synchronously erases physical eraseblock @pnum. If @torture
454 * flag is not zero, the physical eraseblock is checked by means of writing
455 * different patterns to it and reading them back. If the torturing is enabled,
456 * the physical eraseblock is erased more then once.
457 *
458 * This function returns the number of erasures made in case of success, %-EIO
459 * if the erasure failed or the torturing test failed, and other negative error
460 * codes in case of other errors. Note, %-EIO means that the physical
461 * eraseblock is bad.
462 */
463 int ubi_io_sync_erase(const struct ubi_device *ubi, int pnum, int torture)
464 {
465 int err, ret = 0;
466
467 ubi_assert(pnum >= 0 && pnum < ubi->peb_count);
468
469 err = paranoid_check_not_bad(ubi, pnum);
470 if (err != 0)
471 return err > 0 ? -EINVAL : err;
472
473 if (ubi->ro_mode) {
474 ubi_err("read-only mode");
475 return -EROFS;
476 }
477
478 if (torture) {
479 ret = torture_peb(ubi, pnum);
480 if (ret < 0)
481 return ret;
482 }
483
484 err = do_sync_erase(ubi, pnum);
485 if (err)
486 return err;
487
488 return ret + 1;
489 }
490
491 /**
492 * ubi_io_is_bad - check if a physical eraseblock is bad.
493 * @ubi: UBI device description object
494 * @pnum: the physical eraseblock number to check
495 *
496 * This function returns a positive number if the physical eraseblock is bad,
497 * zero if not, and a negative error code if an error occurred.
498 */
499 int ubi_io_is_bad(const struct ubi_device *ubi, int pnum)
500 {
501 struct mtd_info *mtd = ubi->mtd;
502
503 ubi_assert(pnum >= 0 && pnum < ubi->peb_count);
504
505 if (ubi->bad_allowed) {
506 int ret;
507
508 ret = mtd->block_isbad(mtd, (loff_t)pnum * ubi->peb_size);
509 if (ret < 0)
510 ubi_err("error %d while checking if PEB %d is bad",
511 ret, pnum);
512 else if (ret)
513 dbg_io("PEB %d is bad", pnum);
514 return ret;
515 }
516
517 return 0;
518 }
519
520 /**
521 * ubi_io_mark_bad - mark a physical eraseblock as bad.
522 * @ubi: UBI device description object
523 * @pnum: the physical eraseblock number to mark
524 *
525 * This function returns zero in case of success and a negative error code in
526 * case of failure.
527 */
528 int ubi_io_mark_bad(const struct ubi_device *ubi, int pnum)
529 {
530 int err;
531 struct mtd_info *mtd = ubi->mtd;
532
533 ubi_assert(pnum >= 0 && pnum < ubi->peb_count);
534
535 if (ubi->ro_mode) {
536 ubi_err("read-only mode");
537 return -EROFS;
538 }
539
540 if (!ubi->bad_allowed)
541 return 0;
542
543 err = mtd->block_markbad(mtd, (loff_t)pnum * ubi->peb_size);
544 if (err)
545 ubi_err("cannot mark PEB %d bad, error %d", pnum, err);
546 return err;
547 }
548
549 /**
550 * validate_ec_hdr - validate an erase counter header.
551 * @ubi: UBI device description object
552 * @ec_hdr: the erase counter header to check
553 *
554 * This function returns zero if the erase counter header is OK, and %1 if
555 * not.
556 */
557 static int validate_ec_hdr(const struct ubi_device *ubi,
558 const struct ubi_ec_hdr *ec_hdr)
559 {
560 long long ec;
561 int vid_hdr_offset, leb_start;
562
563 ec = be64_to_cpu(ec_hdr->ec);
564 vid_hdr_offset = be32_to_cpu(ec_hdr->vid_hdr_offset);
565 leb_start = be32_to_cpu(ec_hdr->data_offset);
566
567 if (ec_hdr->version != UBI_VERSION) {
568 ubi_err("node with incompatible UBI version found: "
569 "this UBI version is %d, image version is %d",
570 UBI_VERSION, (int)ec_hdr->version);
571 goto bad;
572 }
573
574 if (vid_hdr_offset != ubi->vid_hdr_offset) {
575 ubi_err("bad VID header offset %d, expected %d",
576 vid_hdr_offset, ubi->vid_hdr_offset);
577 goto bad;
578 }
579
580 if (leb_start != ubi->leb_start) {
581 ubi_err("bad data offset %d, expected %d",
582 leb_start, ubi->leb_start);
583 goto bad;
584 }
585
586 if (ec < 0 || ec > UBI_MAX_ERASECOUNTER) {
587 ubi_err("bad erase counter %lld", ec);
588 goto bad;
589 }
590
591 return 0;
592
593 bad:
594 ubi_err("bad EC header");
595 ubi_dbg_dump_ec_hdr(ec_hdr);
596 ubi_dbg_dump_stack();
597 return 1;
598 }
599
600 /**
601 * ubi_io_read_ec_hdr - read and check an erase counter header.
602 * @ubi: UBI device description object
603 * @pnum: physical eraseblock to read from
604 * @ec_hdr: a &struct ubi_ec_hdr object where to store the read erase counter
605 * header
606 * @verbose: be verbose if the header is corrupted or was not found
607 *
608 * This function reads erase counter header from physical eraseblock @pnum and
609 * stores it in @ec_hdr. This function also checks CRC checksum of the read
610 * erase counter header. The following codes may be returned:
611 *
612 * o %0 if the CRC checksum is correct and the header was successfully read;
613 * o %UBI_IO_BITFLIPS if the CRC is correct, but bit-flips were detected
614 * and corrected by the flash driver; this is harmless but may indicate that
615 * this eraseblock may become bad soon (but may be not);
616 * o %UBI_IO_BAD_EC_HDR if the erase counter header is corrupted (a CRC error);
617 * o %UBI_IO_PEB_EMPTY if the physical eraseblock is empty;
618 * o a negative error code in case of failure.
619 */
620 int ubi_io_read_ec_hdr(const struct ubi_device *ubi, int pnum,
621 struct ubi_ec_hdr *ec_hdr, int verbose)
622 {
623 int err, read_err = 0;
624 uint32_t crc, magic, hdr_crc;
625
626 dbg_io("read EC header from PEB %d", pnum);
627 ubi_assert(pnum >= 0 && pnum < ubi->peb_count);
628
629 err = ubi_io_read(ubi, ec_hdr, pnum, 0, UBI_EC_HDR_SIZE);
630 if (err) {
631 if (err != UBI_IO_BITFLIPS && err != -EBADMSG)
632 return err;
633
634 /*
635 * We read all the data, but either a correctable bit-flip
636 * occurred, or MTD reported about some data integrity error,
637 * like an ECC error in case of NAND. The former is harmless,
638 * the later may mean that the read data is corrupted. But we
639 * have a CRC check-sum and we will detect this. If the EC
640 * header is still OK, we just report this as there was a
641 * bit-flip.
642 */
643 read_err = err;
644 }
645
646 magic = be32_to_cpu(ec_hdr->magic);
647 if (magic != UBI_EC_HDR_MAGIC) {
648 /*
649 * The magic field is wrong. Let's check if we have read all
650 * 0xFF. If yes, this physical eraseblock is assumed to be
651 * empty.
652 *
653 * But if there was a read error, we do not test it for all
654 * 0xFFs. Even if it does contain all 0xFFs, this error
655 * indicates that something is still wrong with this physical
656 * eraseblock and we anyway cannot treat it as empty.
657 */
658 if (read_err != -EBADMSG &&
659 check_pattern(ec_hdr, 0xFF, UBI_EC_HDR_SIZE)) {
660 /* The physical eraseblock is supposedly empty */
661
662 /*
663 * The below is just a paranoid check, it has to be
664 * compiled out if paranoid checks are disabled.
665 */
666 err = paranoid_check_all_ff(ubi, pnum, 0,
667 ubi->peb_size);
668 if (err)
669 return err > 0 ? UBI_IO_BAD_EC_HDR : err;
670
671 if (verbose)
672 ubi_warn("no EC header found at PEB %d, "
673 "only 0xFF bytes", pnum);
674 return UBI_IO_PEB_EMPTY;
675 }
676
677 /*
678 * This is not a valid erase counter header, and these are not
679 * 0xFF bytes. Report that the header is corrupted.
680 */
681 if (verbose) {
682 ubi_warn("bad magic number at PEB %d: %08x instead of "
683 "%08x", pnum, magic, UBI_EC_HDR_MAGIC);
684 ubi_dbg_dump_ec_hdr(ec_hdr);
685 }
686 return UBI_IO_BAD_EC_HDR;
687 }
688
689 crc = crc32(UBI_CRC32_INIT, ec_hdr, UBI_EC_HDR_SIZE_CRC);
690 hdr_crc = be32_to_cpu(ec_hdr->hdr_crc);
691
692 if (hdr_crc != crc) {
693 if (verbose) {
694 ubi_warn("bad EC header CRC at PEB %d, calculated %#08x,"
695 " read %#08x", pnum, crc, hdr_crc);
696 ubi_dbg_dump_ec_hdr(ec_hdr);
697 }
698 return UBI_IO_BAD_EC_HDR;
699 }
700
701 /* And of course validate what has just been read from the media */
702 err = validate_ec_hdr(ubi, ec_hdr);
703 if (err) {
704 ubi_err("validation failed for PEB %d", pnum);
705 return -EINVAL;
706 }
707
708 return read_err ? UBI_IO_BITFLIPS : 0;
709 }
710
711 /**
712 * ubi_io_write_ec_hdr - write an erase counter header.
713 * @ubi: UBI device description object
714 * @pnum: physical eraseblock to write to
715 * @ec_hdr: the erase counter header to write
716 *
717 * This function writes erase counter header described by @ec_hdr to physical
718 * eraseblock @pnum. It also fills most fields of @ec_hdr before writing, so
719 * the caller do not have to fill them. Callers must only fill the @ec_hdr->ec
720 * field.
721 *
722 * This function returns zero in case of success and a negative error code in
723 * case of failure. If %-EIO is returned, the physical eraseblock most probably
724 * went bad.
725 */
726 int ubi_io_write_ec_hdr(const struct ubi_device *ubi, int pnum,
727 struct ubi_ec_hdr *ec_hdr)
728 {
729 int err;
730 uint32_t crc;
731
732 dbg_io("write EC header to PEB %d", pnum);
733 ubi_assert(pnum >= 0 && pnum < ubi->peb_count);
734
735 ec_hdr->magic = cpu_to_be32(UBI_EC_HDR_MAGIC);
736 ec_hdr->version = UBI_VERSION;
737 ec_hdr->vid_hdr_offset = cpu_to_be32(ubi->vid_hdr_offset);
738 ec_hdr->data_offset = cpu_to_be32(ubi->leb_start);
739 crc = crc32(UBI_CRC32_INIT, ec_hdr, UBI_EC_HDR_SIZE_CRC);
740 ec_hdr->hdr_crc = cpu_to_be32(crc);
741
742 err = paranoid_check_ec_hdr(ubi, pnum, ec_hdr);
743 if (err)
744 return -EINVAL;
745
746 err = ubi_io_write(ubi, ec_hdr, pnum, 0, ubi->ec_hdr_alsize);
747 return err;
748 }
749
750 /**
751 * validate_vid_hdr - validate a volume identifier header.
752 * @ubi: UBI device description object
753 * @vid_hdr: the volume identifier header to check
754 *
755 * This function checks that data stored in the volume identifier header
756 * @vid_hdr. Returns zero if the VID header is OK and %1 if not.
757 */
758 static int validate_vid_hdr(const struct ubi_device *ubi,
759 const struct ubi_vid_hdr *vid_hdr)
760 {
761 int vol_type = vid_hdr->vol_type;
762 int copy_flag = vid_hdr->copy_flag;
763 int vol_id = be32_to_cpu(vid_hdr->vol_id);
764 int lnum = be32_to_cpu(vid_hdr->lnum);
765 int compat = vid_hdr->compat;
766 int data_size = be32_to_cpu(vid_hdr->data_size);
767 int used_ebs = be32_to_cpu(vid_hdr->used_ebs);
768 int data_pad = be32_to_cpu(vid_hdr->data_pad);
769 int data_crc = be32_to_cpu(vid_hdr->data_crc);
770 int usable_leb_size = ubi->leb_size - data_pad;
771
772 if (copy_flag != 0 && copy_flag != 1) {
773 dbg_err("bad copy_flag");
774 goto bad;
775 }
776
777 if (vol_id < 0 || lnum < 0 || data_size < 0 || used_ebs < 0 ||
778 data_pad < 0) {
779 dbg_err("negative values");
780 goto bad;
781 }
782
783 if (vol_id >= UBI_MAX_VOLUMES && vol_id < UBI_INTERNAL_VOL_START) {
784 dbg_err("bad vol_id");
785 goto bad;
786 }
787
788 if (vol_id < UBI_INTERNAL_VOL_START && compat != 0) {
789 dbg_err("bad compat");
790 goto bad;
791 }
792
793 if (vol_id >= UBI_INTERNAL_VOL_START && compat != UBI_COMPAT_DELETE &&
794 compat != UBI_COMPAT_RO && compat != UBI_COMPAT_PRESERVE &&
795 compat != UBI_COMPAT_REJECT) {
796 dbg_err("bad compat");
797 goto bad;
798 }
799
800 if (vol_type != UBI_VID_DYNAMIC && vol_type != UBI_VID_STATIC) {
801 dbg_err("bad vol_type");
802 goto bad;
803 }
804
805 if (data_pad >= ubi->leb_size / 2) {
806 dbg_err("bad data_pad");
807 goto bad;
808 }
809
810 if (vol_type == UBI_VID_STATIC) {
811 /*
812 * Although from high-level point of view static volumes may
813 * contain zero bytes of data, but no VID headers can contain
814 * zero at these fields, because they empty volumes do not have
815 * mapped logical eraseblocks.
816 */
817 if (used_ebs == 0) {
818 dbg_err("zero used_ebs");
819 goto bad;
820 }
821 if (data_size == 0) {
822 dbg_err("zero data_size");
823 goto bad;
824 }
825 if (lnum < used_ebs - 1) {
826 if (data_size != usable_leb_size) {
827 dbg_err("bad data_size");
828 goto bad;
829 }
830 } else if (lnum == used_ebs - 1) {
831 if (data_size == 0) {
832 dbg_err("bad data_size at last LEB");
833 goto bad;
834 }
835 } else {
836 dbg_err("too high lnum");
837 goto bad;
838 }
839 } else {
840 if (copy_flag == 0) {
841 if (data_crc != 0) {
842 dbg_err("non-zero data CRC");
843 goto bad;
844 }
845 if (data_size != 0) {
846 dbg_err("non-zero data_size");
847 goto bad;
848 }
849 } else {
850 if (data_size == 0) {
851 dbg_err("zero data_size of copy");
852 goto bad;
853 }
854 }
855 if (used_ebs != 0) {
856 dbg_err("bad used_ebs");
857 goto bad;
858 }
859 }
860
861 return 0;
862
863 bad:
864 ubi_err("bad VID header");
865 ubi_dbg_dump_vid_hdr(vid_hdr);
866 ubi_dbg_dump_stack();
867 return 1;
868 }
869
870 /**
871 * ubi_io_read_vid_hdr - read and check a volume identifier header.
872 * @ubi: UBI device description object
873 * @pnum: physical eraseblock number to read from
874 * @vid_hdr: &struct ubi_vid_hdr object where to store the read volume
875 * identifier header
876 * @verbose: be verbose if the header is corrupted or wasn't found
877 *
878 * This function reads the volume identifier header from physical eraseblock
879 * @pnum and stores it in @vid_hdr. It also checks CRC checksum of the read
880 * volume identifier header. The following codes may be returned:
881 *
882 * o %0 if the CRC checksum is correct and the header was successfully read;
883 * o %UBI_IO_BITFLIPS if the CRC is correct, but bit-flips were detected
884 * and corrected by the flash driver; this is harmless but may indicate that
885 * this eraseblock may become bad soon;
886 * o %UBI_IO_BAD_VID_HRD if the volume identifier header is corrupted (a CRC
887 * error detected);
888 * o %UBI_IO_PEB_FREE if the physical eraseblock is free (i.e., there is no VID
889 * header there);
890 * o a negative error code in case of failure.
891 */
892 int ubi_io_read_vid_hdr(const struct ubi_device *ubi, int pnum,
893 struct ubi_vid_hdr *vid_hdr, int verbose)
894 {
895 int err, read_err = 0;
896 uint32_t crc, magic, hdr_crc;
897 void *p;
898
899 dbg_io("read VID header from PEB %d", pnum);
900 ubi_assert(pnum >= 0 && pnum < ubi->peb_count);
901
902 p = (char *)vid_hdr - ubi->vid_hdr_shift;
903 err = ubi_io_read(ubi, p, pnum, ubi->vid_hdr_aloffset,
904 ubi->vid_hdr_alsize);
905 if (err) {
906 if (err != UBI_IO_BITFLIPS && err != -EBADMSG)
907 return err;
908
909 /*
910 * We read all the data, but either a correctable bit-flip
911 * occurred, or MTD reported about some data integrity error,
912 * like an ECC error in case of NAND. The former is harmless,
913 * the later may mean the read data is corrupted. But we have a
914 * CRC check-sum and we will identify this. If the VID header is
915 * still OK, we just report this as there was a bit-flip.
916 */
917 read_err = err;
918 }
919
920 magic = be32_to_cpu(vid_hdr->magic);
921 if (magic != UBI_VID_HDR_MAGIC) {
922 /*
923 * If we have read all 0xFF bytes, the VID header probably does
924 * not exist and the physical eraseblock is assumed to be free.
925 *
926 * But if there was a read error, we do not test the data for
927 * 0xFFs. Even if it does contain all 0xFFs, this error
928 * indicates that something is still wrong with this physical
929 * eraseblock and it cannot be regarded as free.
930 */
931 if (read_err != -EBADMSG &&
932 check_pattern(vid_hdr, 0xFF, UBI_VID_HDR_SIZE)) {
933 /* The physical eraseblock is supposedly free */
934
935 /*
936 * The below is just a paranoid check, it has to be
937 * compiled out if paranoid checks are disabled.
938 */
939 err = paranoid_check_all_ff(ubi, pnum, ubi->leb_start,
940 ubi->leb_size);
941 if (err)
942 return err > 0 ? UBI_IO_BAD_VID_HDR : err;
943
944 if (verbose)
945 ubi_warn("no VID header found at PEB %d, "
946 "only 0xFF bytes", pnum);
947 return UBI_IO_PEB_FREE;
948 }
949
950 /*
951 * This is not a valid VID header, and these are not 0xFF
952 * bytes. Report that the header is corrupted.
953 */
954 if (verbose) {
955 ubi_warn("bad magic number at PEB %d: %08x instead of "
956 "%08x", pnum, magic, UBI_VID_HDR_MAGIC);
957 ubi_dbg_dump_vid_hdr(vid_hdr);
958 }
959 return UBI_IO_BAD_VID_HDR;
960 }
961
962 crc = crc32(UBI_CRC32_INIT, vid_hdr, UBI_VID_HDR_SIZE_CRC);
963 hdr_crc = be32_to_cpu(vid_hdr->hdr_crc);
964
965 if (hdr_crc != crc) {
966 if (verbose) {
967 ubi_warn("bad CRC at PEB %d, calculated %#08x, "
968 "read %#08x", pnum, crc, hdr_crc);
969 ubi_dbg_dump_vid_hdr(vid_hdr);
970 }
971 return UBI_IO_BAD_VID_HDR;
972 }
973
974 /* Validate the VID header that we have just read */
975 err = validate_vid_hdr(ubi, vid_hdr);
976 if (err) {
977 ubi_err("validation failed for PEB %d", pnum);
978 return -EINVAL;
979 }
980
981 return read_err ? UBI_IO_BITFLIPS : 0;
982 }
983
984 /**
985 * ubi_io_write_vid_hdr - write a volume identifier header.
986 * @ubi: UBI device description object
987 * @pnum: the physical eraseblock number to write to
988 * @vid_hdr: the volume identifier header to write
989 *
990 * This function writes the volume identifier header described by @vid_hdr to
991 * physical eraseblock @pnum. This function automatically fills the
992 * @vid_hdr->magic and the @vid_hdr->version fields, as well as calculates
993 * header CRC checksum and stores it at vid_hdr->hdr_crc.
994 *
995 * This function returns zero in case of success and a negative error code in
996 * case of failure. If %-EIO is returned, the physical eraseblock probably went
997 * bad.
998 */
999 int ubi_io_write_vid_hdr(const struct ubi_device *ubi, int pnum,
1000 struct ubi_vid_hdr *vid_hdr)
1001 {
1002 int err;
1003 uint32_t crc;
1004 void *p;
1005
1006 dbg_io("write VID header to PEB %d", pnum);
1007 ubi_assert(pnum >= 0 && pnum < ubi->peb_count);
1008
1009 err = paranoid_check_peb_ec_hdr(ubi, pnum);
1010 if (err)
1011 return err > 0 ? -EINVAL: err;
1012
1013 vid_hdr->magic = cpu_to_be32(UBI_VID_HDR_MAGIC);
1014 vid_hdr->version = UBI_VERSION;
1015 crc = crc32(UBI_CRC32_INIT, vid_hdr, UBI_VID_HDR_SIZE_CRC);
1016 vid_hdr->hdr_crc = cpu_to_be32(crc);
1017
1018 err = paranoid_check_vid_hdr(ubi, pnum, vid_hdr);
1019 if (err)
1020 return -EINVAL;
1021
1022 p = (char *)vid_hdr - ubi->vid_hdr_shift;
1023 err = ubi_io_write(ubi, p, pnum, ubi->vid_hdr_aloffset,
1024 ubi->vid_hdr_alsize);
1025 return err;
1026 }
1027
1028 #ifdef CONFIG_MTD_UBI_DEBUG_PARANOID
1029
1030 /**
1031 * paranoid_check_not_bad - ensure that a physical eraseblock is not bad.
1032 * @ubi: UBI device description object
1033 * @pnum: physical eraseblock number to check
1034 *
1035 * This function returns zero if the physical eraseblock is good, a positive
1036 * number if it is bad and a negative error code if an error occurred.
1037 */
1038 static int paranoid_check_not_bad(const struct ubi_device *ubi, int pnum)
1039 {
1040 int err;
1041
1042 err = ubi_io_is_bad(ubi, pnum);
1043 if (!err)
1044 return err;
1045
1046 ubi_err("paranoid check failed for PEB %d", pnum);
1047 ubi_dbg_dump_stack();
1048 return err;
1049 }
1050
1051 /**
1052 * paranoid_check_ec_hdr - check if an erase counter header is all right.
1053 * @ubi: UBI device description object
1054 * @pnum: physical eraseblock number the erase counter header belongs to
1055 * @ec_hdr: the erase counter header to check
1056 *
1057 * This function returns zero if the erase counter header contains valid
1058 * values, and %1 if not.
1059 */
1060 static int paranoid_check_ec_hdr(const struct ubi_device *ubi, int pnum,
1061 const struct ubi_ec_hdr *ec_hdr)
1062 {
1063 int err;
1064 uint32_t magic;
1065
1066 magic = be32_to_cpu(ec_hdr->magic);
1067 if (magic != UBI_EC_HDR_MAGIC) {
1068 ubi_err("bad magic %#08x, must be %#08x",
1069 magic, UBI_EC_HDR_MAGIC);
1070 goto fail;
1071 }
1072
1073 err = validate_ec_hdr(ubi, ec_hdr);
1074 if (err) {
1075 ubi_err("paranoid check failed for PEB %d", pnum);
1076 goto fail;
1077 }
1078
1079 return 0;
1080
1081 fail:
1082 ubi_dbg_dump_ec_hdr(ec_hdr);
1083 ubi_dbg_dump_stack();
1084 return 1;
1085 }
1086
1087 /**
1088 * paranoid_check_peb_ec_hdr - check that the erase counter header of a
1089 * physical eraseblock is in-place and is all right.
1090 * @ubi: UBI device description object
1091 * @pnum: the physical eraseblock number to check
1092 *
1093 * This function returns zero if the erase counter header is all right, %1 if
1094 * not, and a negative error code if an error occurred.
1095 */
1096 static int paranoid_check_peb_ec_hdr(const struct ubi_device *ubi, int pnum)
1097 {
1098 int err;
1099 uint32_t crc, hdr_crc;
1100 struct ubi_ec_hdr *ec_hdr;
1101
1102 ec_hdr = kzalloc(ubi->ec_hdr_alsize, GFP_NOFS);
1103 if (!ec_hdr)
1104 return -ENOMEM;
1105
1106 err = ubi_io_read(ubi, ec_hdr, pnum, 0, UBI_EC_HDR_SIZE);
1107 if (err && err != UBI_IO_BITFLIPS && err != -EBADMSG)
1108 goto exit;
1109
1110 crc = crc32(UBI_CRC32_INIT, ec_hdr, UBI_EC_HDR_SIZE_CRC);
1111 hdr_crc = be32_to_cpu(ec_hdr->hdr_crc);
1112 if (hdr_crc != crc) {
1113 ubi_err("bad CRC, calculated %#08x, read %#08x", crc, hdr_crc);
1114 ubi_err("paranoid check failed for PEB %d", pnum);
1115 ubi_dbg_dump_ec_hdr(ec_hdr);
1116 ubi_dbg_dump_stack();
1117 err = 1;
1118 goto exit;
1119 }
1120
1121 err = paranoid_check_ec_hdr(ubi, pnum, ec_hdr);
1122
1123 exit:
1124 kfree(ec_hdr);
1125 return err;
1126 }
1127
1128 /**
1129 * paranoid_check_vid_hdr - check that a volume identifier header is all right.
1130 * @ubi: UBI device description object
1131 * @pnum: physical eraseblock number the volume identifier header belongs to
1132 * @vid_hdr: the volume identifier header to check
1133 *
1134 * This function returns zero if the volume identifier header is all right, and
1135 * %1 if not.
1136 */
1137 static int paranoid_check_vid_hdr(const struct ubi_device *ubi, int pnum,
1138 const struct ubi_vid_hdr *vid_hdr)
1139 {
1140 int err;
1141 uint32_t magic;
1142
1143 magic = be32_to_cpu(vid_hdr->magic);
1144 if (magic != UBI_VID_HDR_MAGIC) {
1145 ubi_err("bad VID header magic %#08x at PEB %d, must be %#08x",
1146 magic, pnum, UBI_VID_HDR_MAGIC);
1147 goto fail;
1148 }
1149
1150 err = validate_vid_hdr(ubi, vid_hdr);
1151 if (err) {
1152 ubi_err("paranoid check failed for PEB %d", pnum);
1153 goto fail;
1154 }
1155
1156 return err;
1157
1158 fail:
1159 ubi_err("paranoid check failed for PEB %d", pnum);
1160 ubi_dbg_dump_vid_hdr(vid_hdr);
1161 ubi_dbg_dump_stack();
1162 return 1;
1163
1164 }
1165
1166 /**
1167 * paranoid_check_peb_vid_hdr - check that the volume identifier header of a
1168 * physical eraseblock is in-place and is all right.
1169 * @ubi: UBI device description object
1170 * @pnum: the physical eraseblock number to check
1171 *
1172 * This function returns zero if the volume identifier header is all right,
1173 * %1 if not, and a negative error code if an error occurred.
1174 */
1175 static int paranoid_check_peb_vid_hdr(const struct ubi_device *ubi, int pnum)
1176 {
1177 int err;
1178 uint32_t crc, hdr_crc;
1179 struct ubi_vid_hdr *vid_hdr;
1180 void *p;
1181
1182 vid_hdr = ubi_zalloc_vid_hdr(ubi, GFP_NOFS);
1183 if (!vid_hdr)
1184 return -ENOMEM;
1185
1186 p = (char *)vid_hdr - ubi->vid_hdr_shift;
1187 err = ubi_io_read(ubi, p, pnum, ubi->vid_hdr_aloffset,
1188 ubi->vid_hdr_alsize);
1189 if (err && err != UBI_IO_BITFLIPS && err != -EBADMSG)
1190 goto exit;
1191
1192 crc = crc32(UBI_CRC32_INIT, vid_hdr, UBI_EC_HDR_SIZE_CRC);
1193 hdr_crc = be32_to_cpu(vid_hdr->hdr_crc);
1194 if (hdr_crc != crc) {
1195 ubi_err("bad VID header CRC at PEB %d, calculated %#08x, "
1196 "read %#08x", pnum, crc, hdr_crc);
1197 ubi_err("paranoid check failed for PEB %d", pnum);
1198 ubi_dbg_dump_vid_hdr(vid_hdr);
1199 ubi_dbg_dump_stack();
1200 err = 1;
1201 goto exit;
1202 }
1203
1204 err = paranoid_check_vid_hdr(ubi, pnum, vid_hdr);
1205
1206 exit:
1207 ubi_free_vid_hdr(ubi, vid_hdr);
1208 return err;
1209 }
1210
1211 /**
1212 * paranoid_check_all_ff - check that a region of flash is empty.
1213 * @ubi: UBI device description object
1214 * @pnum: the physical eraseblock number to check
1215 * @offset: the starting offset within the physical eraseblock to check
1216 * @len: the length of the region to check
1217 *
1218 * This function returns zero if only 0xFF bytes are present at offset
1219 * @offset of the physical eraseblock @pnum, %1 if not, and a negative error
1220 * code if an error occurred.
1221 */
1222 static int paranoid_check_all_ff(const struct ubi_device *ubi, int pnum,
1223 int offset, int len)
1224 {
1225 size_t read;
1226 int err;
1227 void *buf;
1228 loff_t addr = (loff_t)pnum * ubi->peb_size + offset;
1229
1230 buf = vmalloc(len);
1231 if (!buf)
1232 return -ENOMEM;
1233 memset(buf, 0, len);
1234
1235 err = ubi->mtd->read(ubi->mtd, addr, len, &read, buf);
1236 if (err && err != -EUCLEAN) {
1237 ubi_err("error %d while reading %d bytes from PEB %d:%d, "
1238 "read %zd bytes", err, len, pnum, offset, read);
1239 goto error;
1240 }
1241
1242 err = check_pattern(buf, 0xFF, len);
1243 if (err == 0) {
1244 ubi_err("flash region at PEB %d:%d, length %d does not "
1245 "contain all 0xFF bytes", pnum, offset, len);
1246 goto fail;
1247 }
1248
1249 vfree(buf);
1250 return 0;
1251
1252 fail:
1253 ubi_err("paranoid check failed for PEB %d", pnum);
1254 dbg_msg("hex dump of the %d-%d region", offset, offset + len);
1255 print_hex_dump(KERN_DEBUG, "", DUMP_PREFIX_OFFSET, 32, 4, buf, len, 1);
1256 err = 1;
1257 error:
1258 ubi_dbg_dump_stack();
1259 vfree(buf);
1260 return err;
1261 }
1262
1263 #endif /* CONFIG_MTD_UBI_DEBUG_PARANOID */
Linux kernel - Deliverables
This page took 0.059841 seconds and 5 git commands to generate.