projects / deliverable / linux.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
tracing/selftest: remove TRACE_CONT reference
[deliverable/linux.git] / drivers / mtd / ubi / io.c
1 /*
2 * Copyright (c) International Business Machines Corp., 2006
3 * Copyright (c) Nokia Corporation, 2006, 2007
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 2 of the License, or
8 * (at your option) any later version.
9 *
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See
13 * the GNU General Public License for more details.
14 *
15 * You should have received a copy of the GNU General Public License
16 * along with this program; if not, write to the Free Software
17 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
18 *
19 * Author: Artem Bityutskiy (Битюцкий Артём)
20 */
21
22 /*
23 * UBI input/output sub-system.
24 *
25 * This sub-system provides a uniform way to work with all kinds of the
26 * underlying MTD devices. It also implements handy functions for reading and
27 * writing UBI headers.
28 *
29 * We are trying to have a paranoid mindset and not to trust to what we read
30 * from the flash media in order to be more secure and robust. So this
31 * sub-system validates every single header it reads from the flash media.
32 *
33 * Some words about how the eraseblock headers are stored.
34 *
35 * The erase counter header is always stored at offset zero. By default, the
36 * VID header is stored after the EC header at the closest aligned offset
37 * (i.e. aligned to the minimum I/O unit size). Data starts next to the VID
38 * header at the closest aligned offset. But this default layout may be
39 * changed. For example, for different reasons (e.g., optimization) UBI may be
40 * asked to put the VID header at further offset, and even at an unaligned
41 * offset. Of course, if the offset of the VID header is unaligned, UBI adds
42 * proper padding in front of it. Data offset may also be changed but it has to
43 * be aligned.
44 *
45 * About minimal I/O units. In general, UBI assumes flash device model where
46 * there is only one minimal I/O unit size. E.g., in case of NOR flash it is 1,
47 * in case of NAND flash it is a NAND page, etc. This is reported by MTD in the
48 * @ubi->mtd->writesize field. But as an exception, UBI admits of using another
49 * (smaller) minimal I/O unit size for EC and VID headers to make it possible
50 * to do different optimizations.
51 *
52 * This is extremely useful in case of NAND flashes which admit of several
53 * write operations to one NAND page. In this case UBI can fit EC and VID
54 * headers at one NAND page. Thus, UBI may use "sub-page" size as the minimal
55 * I/O unit for the headers (the @ubi->hdrs_min_io_size field). But it still
56 * reports NAND page size (@ubi->min_io_size) as a minimal I/O unit for the UBI
57 * users.
58 *
59 * Example: some Samsung NANDs with 2KiB pages allow 4x 512-byte writes, so
60 * although the minimal I/O unit is 2K, UBI uses 512 bytes for EC and VID
61 * headers.
62 *
63 * Q: why not just to treat sub-page as a minimal I/O unit of this flash
64 * device, e.g., make @ubi->min_io_size = 512 in the example above?
65 *
66 * A: because when writing a sub-page, MTD still writes a full 2K page but the
67 * bytes which are no relevant to the sub-page are 0xFF. So, basically, writing
68 * 4x512 sub-pages is 4 times slower then writing one 2KiB NAND page. Thus, we
69 * prefer to use sub-pages only for EV and VID headers.
70 *
71 * As it was noted above, the VID header may start at a non-aligned offset.
72 * For example, in case of a 2KiB page NAND flash with a 512 bytes sub-page,
73 * the VID header may reside at offset 1984 which is the last 64 bytes of the
74 * last sub-page (EC header is always at offset zero). This causes some
75 * difficulties when reading and writing VID headers.
76 *
77 * Suppose we have a 64-byte buffer and we read a VID header at it. We change
78 * the data and want to write this VID header out. As we can only write in
79 * 512-byte chunks, we have to allocate one more buffer and copy our VID header
80 * to offset 448 of this buffer.
81 *
82 * The I/O sub-system does the following trick in order to avoid this extra
83 * copy. It always allocates a @ubi->vid_hdr_alsize bytes buffer for the VID
84 * header and returns a pointer to offset @ubi->vid_hdr_shift of this buffer.
85 * When the VID header is being written out, it shifts the VID header pointer
86 * back and writes the whole sub-page.
87 */
88
89 #include <linux/crc32.h>
90 #include <linux/err.h>
91 #include "ubi.h"
92
93 #ifdef CONFIG_MTD_UBI_DEBUG_PARANOID
94 static int paranoid_check_not_bad(const struct ubi_device *ubi, int pnum);
95 static int paranoid_check_peb_ec_hdr(const struct ubi_device *ubi, int pnum);
96 static int paranoid_check_ec_hdr(const struct ubi_device *ubi, int pnum,
97 const struct ubi_ec_hdr *ec_hdr);
98 static int paranoid_check_peb_vid_hdr(const struct ubi_device *ubi, int pnum);
99 static int paranoid_check_vid_hdr(const struct ubi_device *ubi, int pnum,
100 const struct ubi_vid_hdr *vid_hdr);
101 static int paranoid_check_all_ff(struct ubi_device *ubi, int pnum, int offset,
102 int len);
103 #else
104 #define paranoid_check_not_bad(ubi, pnum) 0
105 #define paranoid_check_peb_ec_hdr(ubi, pnum) 0
106 #define paranoid_check_ec_hdr(ubi, pnum, ec_hdr) 0
107 #define paranoid_check_peb_vid_hdr(ubi, pnum) 0
108 #define paranoid_check_vid_hdr(ubi, pnum, vid_hdr) 0
109 #define paranoid_check_all_ff(ubi, pnum, offset, len) 0
110 #endif
111
112 /**
113 * ubi_io_read - read data from a physical eraseblock.
114 * @ubi: UBI device description object
115 * @buf: buffer where to store the read data
116 * @pnum: physical eraseblock number to read from
117 * @offset: offset within the physical eraseblock from where to read
118 * @len: how many bytes to read
119 *
120 * This function reads data from offset @offset of physical eraseblock @pnum
121 * and stores the read data in the @buf buffer. The following return codes are
122 * possible:
123 *
124 * o %0 if all the requested data were successfully read;
125 * o %UBI_IO_BITFLIPS if all the requested data were successfully read, but
126 * correctable bit-flips were detected; this is harmless but may indicate
127 * that this eraseblock may become bad soon (but do not have to);
128 * o %-EBADMSG if the MTD subsystem reported about data integrity problems, for
129 * example it can be an ECC error in case of NAND; this most probably means
130 * that the data is corrupted;
131 * o %-EIO if some I/O error occurred;
132 * o other negative error codes in case of other errors.
133 */
134 int ubi_io_read(const struct ubi_device *ubi, void *buf, int pnum, int offset,
135 int len)
136 {
137 int err, retries = 0;
138 size_t read;
139 loff_t addr;
140
141 dbg_io("read %d bytes from PEB %d:%d", len, pnum, offset);
142
143 ubi_assert(pnum >= 0 && pnum < ubi->peb_count);
144 ubi_assert(offset >= 0 && offset + len <= ubi->peb_size);
145 ubi_assert(len > 0);
146
147 err = paranoid_check_not_bad(ubi, pnum);
148 if (err)
149 return err > 0 ? -EINVAL : err;
150
151 addr = (loff_t)pnum * ubi->peb_size + offset;
152 retry:
153 err = ubi->mtd->read(ubi->mtd, addr, len, &read, buf);
154 if (err) {
155 if (err == -EUCLEAN) {
156 /*
157 * -EUCLEAN is reported if there was a bit-flip which
158 * was corrected, so this is harmless.
159 *
160 * We do not report about it here unless debugging is
161 * enabled. A corresponding message will be printed
162 * later, when it is has been scrubbed.
163 */
164 dbg_msg("fixable bit-flip detected at PEB %d", pnum);
165 ubi_assert(len == read);
166 return UBI_IO_BITFLIPS;
167 }
168
169 if (read != len && retries++ < UBI_IO_RETRIES) {
170 dbg_io("error %d while reading %d bytes from PEB %d:%d,"
171 " read only %zd bytes, retry",
172 err, len, pnum, offset, read);
173 yield();
174 goto retry;
175 }
176
177 ubi_err("error %d while reading %d bytes from PEB %d:%d, "
178 "read %zd bytes", err, len, pnum, offset, read);
179 ubi_dbg_dump_stack();
180
181 /*
182 * The driver should never return -EBADMSG if it failed to read
183 * all the requested data. But some buggy drivers might do
184 * this, so we change it to -EIO.
185 */
186 if (read != len && err == -EBADMSG) {
187 ubi_assert(0);
188 err = -EIO;
189 }
190 } else {
191 ubi_assert(len == read);
192
193 if (ubi_dbg_is_bitflip()) {
194 dbg_gen("bit-flip (emulated)");
195 err = UBI_IO_BITFLIPS;
196 }
197 }
198
199 return err;
200 }
201
202 /**
203 * ubi_io_write - write data to a physical eraseblock.
204 * @ubi: UBI device description object
205 * @buf: buffer with the data to write
206 * @pnum: physical eraseblock number to write to
207 * @offset: offset within the physical eraseblock where to write
208 * @len: how many bytes to write
209 *
210 * This function writes @len bytes of data from buffer @buf to offset @offset
211 * of physical eraseblock @pnum. If all the data were successfully written,
212 * zero is returned. If an error occurred, this function returns a negative
213 * error code. If %-EIO is returned, the physical eraseblock most probably went
214 * bad.
215 *
216 * Note, in case of an error, it is possible that something was still written
217 * to the flash media, but may be some garbage.
218 */
219 int ubi_io_write(struct ubi_device *ubi, const void *buf, int pnum, int offset,
220 int len)
221 {
222 int err;
223 size_t written;
224 loff_t addr;
225
226 dbg_io("write %d bytes to PEB %d:%d", len, pnum, offset);
227
228 ubi_assert(pnum >= 0 && pnum < ubi->peb_count);
229 ubi_assert(offset >= 0 && offset + len <= ubi->peb_size);
230 ubi_assert(offset % ubi->hdrs_min_io_size == 0);
231 ubi_assert(len > 0 && len % ubi->hdrs_min_io_size == 0);
232
233 if (ubi->ro_mode) {
234 ubi_err("read-only mode");
235 return -EROFS;
236 }
237
238 /* The below has to be compiled out if paranoid checks are disabled */
239
240 err = paranoid_check_not_bad(ubi, pnum);
241 if (err)
242 return err > 0 ? -EINVAL : err;
243
244 /* The area we are writing to has to contain all 0xFF bytes */
245 err = paranoid_check_all_ff(ubi, pnum, offset, len);
246 if (err)
247 return err > 0 ? -EINVAL : err;
248
249 if (offset >= ubi->leb_start) {
250 /*
251 * We write to the data area of the physical eraseblock. Make
252 * sure it has valid EC and VID headers.
253 */
254 err = paranoid_check_peb_ec_hdr(ubi, pnum);
255 if (err)
256 return err > 0 ? -EINVAL : err;
257 err = paranoid_check_peb_vid_hdr(ubi, pnum);
258 if (err)
259 return err > 0 ? -EINVAL : err;
260 }
261
262 if (ubi_dbg_is_write_failure()) {
263 dbg_err("cannot write %d bytes to PEB %d:%d "
264 "(emulated)", len, pnum, offset);
265 ubi_dbg_dump_stack();
266 return -EIO;
267 }
268
269 addr = (loff_t)pnum * ubi->peb_size + offset;
270 err = ubi->mtd->write(ubi->mtd, addr, len, &written, buf);
271 if (err) {
272 ubi_err("error %d while writing %d bytes to PEB %d:%d, written"
273 " %zd bytes", err, len, pnum, offset, written);
274 ubi_dbg_dump_stack();
275 } else
276 ubi_assert(written == len);
277
278 return err;
279 }
280
281 /**
282 * erase_callback - MTD erasure call-back.
283 * @ei: MTD erase information object.
284 *
285 * Note, even though MTD erase interface is asynchronous, all the current
286 * implementations are synchronous anyway.
287 */
288 static void erase_callback(struct erase_info *ei)
289 {
290 wake_up_interruptible((wait_queue_head_t *)ei->priv);
291 }
292
293 /**
294 * do_sync_erase - synchronously erase a physical eraseblock.
295 * @ubi: UBI device description object
296 * @pnum: the physical eraseblock number to erase
297 *
298 * This function synchronously erases physical eraseblock @pnum and returns
299 * zero in case of success and a negative error code in case of failure. If
300 * %-EIO is returned, the physical eraseblock most probably went bad.
301 */
302 static int do_sync_erase(struct ubi_device *ubi, int pnum)
303 {
304 int err, retries = 0;
305 struct erase_info ei;
306 wait_queue_head_t wq;
307
308 dbg_io("erase PEB %d", pnum);
309
310 retry:
311 init_waitqueue_head(&wq);
312 memset(&ei, 0, sizeof(struct erase_info));
313
314 ei.mtd = ubi->mtd;
315 ei.addr = (loff_t)pnum * ubi->peb_size;
316 ei.len = ubi->peb_size;
317 ei.callback = erase_callback;
318 ei.priv = (unsigned long)&wq;
319
320 err = ubi->mtd->erase(ubi->mtd, &ei);
321 if (err) {
322 if (retries++ < UBI_IO_RETRIES) {
323 dbg_io("error %d while erasing PEB %d, retry",
324 err, pnum);
325 yield();
326 goto retry;
327 }
328 ubi_err("cannot erase PEB %d, error %d", pnum, err);
329 ubi_dbg_dump_stack();
330 return err;
331 }
332
333 err = wait_event_interruptible(wq, ei.state == MTD_ERASE_DONE ||
334 ei.state == MTD_ERASE_FAILED);
335 if (err) {
336 ubi_err("interrupted PEB %d erasure", pnum);
337 return -EINTR;
338 }
339
340 if (ei.state == MTD_ERASE_FAILED) {
341 if (retries++ < UBI_IO_RETRIES) {
342 dbg_io("error while erasing PEB %d, retry", pnum);
343 yield();
344 goto retry;
345 }
346 ubi_err("cannot erase PEB %d", pnum);
347 ubi_dbg_dump_stack();
348 return -EIO;
349 }
350
351 err = paranoid_check_all_ff(ubi, pnum, 0, ubi->peb_size);
352 if (err)
353 return err > 0 ? -EINVAL : err;
354
355 if (ubi_dbg_is_erase_failure() && !err) {
356 dbg_err("cannot erase PEB %d (emulated)", pnum);
357 return -EIO;
358 }
359
360 return 0;
361 }
362
363 /**
364 * check_pattern - check if buffer contains only a certain byte pattern.
365 * @buf: buffer to check
366 * @patt: the pattern to check
367 * @size: buffer size in bytes
368 *
369 * This function returns %1 in there are only @patt bytes in @buf, and %0 if
370 * something else was also found.
371 */
372 static int check_pattern(const void *buf, uint8_t patt, int size)
373 {
374 int i;
375
376 for (i = 0; i < size; i++)
377 if (((const uint8_t *)buf)[i] != patt)
378 return 0;
379 return 1;
380 }
381
382 /* Patterns to write to a physical eraseblock when torturing it */
383 static uint8_t patterns[] = {0xa5, 0x5a, 0x0};
384
385 /**
386 * torture_peb - test a supposedly bad physical eraseblock.
387 * @ubi: UBI device description object
388 * @pnum: the physical eraseblock number to test
389 *
390 * This function returns %-EIO if the physical eraseblock did not pass the
391 * test, a positive number of erase operations done if the test was
392 * successfully passed, and other negative error codes in case of other errors.
393 */
394 static int torture_peb(struct ubi_device *ubi, int pnum)
395 {
396 int err, i, patt_count;
397
398 ubi_msg("run torture test for PEB %d", pnum);
399 patt_count = ARRAY_SIZE(patterns);
400 ubi_assert(patt_count > 0);
401
402 mutex_lock(&ubi->buf_mutex);
403 for (i = 0; i < patt_count; i++) {
404 err = do_sync_erase(ubi, pnum);
405 if (err)
406 goto out;
407
408 /* Make sure the PEB contains only 0xFF bytes */
409 err = ubi_io_read(ubi, ubi->peb_buf1, pnum, 0, ubi->peb_size);
410 if (err)
411 goto out;
412
413 err = check_pattern(ubi->peb_buf1, 0xFF, ubi->peb_size);
414 if (err == 0) {
415 ubi_err("erased PEB %d, but a non-0xFF byte found",
416 pnum);
417 err = -EIO;
418 goto out;
419 }
420
421 /* Write a pattern and check it */
422 memset(ubi->peb_buf1, patterns[i], ubi->peb_size);
423 err = ubi_io_write(ubi, ubi->peb_buf1, pnum, 0, ubi->peb_size);
424 if (err)
425 goto out;
426
427 memset(ubi->peb_buf1, ~patterns[i], ubi->peb_size);
428 err = ubi_io_read(ubi, ubi->peb_buf1, pnum, 0, ubi->peb_size);
429 if (err)
430 goto out;
431
432 err = check_pattern(ubi->peb_buf1, patterns[i], ubi->peb_size);
433 if (err == 0) {
434 ubi_err("pattern %x checking failed for PEB %d",
435 patterns[i], pnum);
436 err = -EIO;
437 goto out;
438 }
439 }
440
441 err = patt_count;
442 ubi_msg("PEB %d passed torture test, do not mark it a bad", pnum);
443
444 out:
445 mutex_unlock(&ubi->buf_mutex);
446 if (err == UBI_IO_BITFLIPS || err == -EBADMSG) {
447 /*
448 * If a bit-flip or data integrity error was detected, the test
449 * has not passed because it happened on a freshly erased
450 * physical eraseblock which means something is wrong with it.
451 */
452 ubi_err("read problems on freshly erased PEB %d, must be bad",
453 pnum);
454 err = -EIO;
455 }
456 return err;
457 }
458
459 /**
460 * ubi_io_sync_erase - synchronously erase a physical eraseblock.
461 * @ubi: UBI device description object
462 * @pnum: physical eraseblock number to erase
463 * @torture: if this physical eraseblock has to be tortured
464 *
465 * This function synchronously erases physical eraseblock @pnum. If @torture
466 * flag is not zero, the physical eraseblock is checked by means of writing
467 * different patterns to it and reading them back. If the torturing is enabled,
468 * the physical eraseblock is erased more then once.
469 *
470 * This function returns the number of erasures made in case of success, %-EIO
471 * if the erasure failed or the torturing test failed, and other negative error
472 * codes in case of other errors. Note, %-EIO means that the physical
473 * eraseblock is bad.
474 */
475 int ubi_io_sync_erase(struct ubi_device *ubi, int pnum, int torture)
476 {
477 int err, ret = 0;
478
479 ubi_assert(pnum >= 0 && pnum < ubi->peb_count);
480
481 err = paranoid_check_not_bad(ubi, pnum);
482 if (err != 0)
483 return err > 0 ? -EINVAL : err;
484
485 if (ubi->ro_mode) {
486 ubi_err("read-only mode");
487 return -EROFS;
488 }
489
490 if (torture) {
491 ret = torture_peb(ubi, pnum);
492 if (ret < 0)
493 return ret;
494 }
495
496 err = do_sync_erase(ubi, pnum);
497 if (err)
498 return err;
499
500 return ret + 1;
501 }
502
503 /**
504 * ubi_io_is_bad - check if a physical eraseblock is bad.
505 * @ubi: UBI device description object
506 * @pnum: the physical eraseblock number to check
507 *
508 * This function returns a positive number if the physical eraseblock is bad,
509 * zero if not, and a negative error code if an error occurred.
510 */
511 int ubi_io_is_bad(const struct ubi_device *ubi, int pnum)
512 {
513 struct mtd_info *mtd = ubi->mtd;
514
515 ubi_assert(pnum >= 0 && pnum < ubi->peb_count);
516
517 if (ubi->bad_allowed) {
518 int ret;
519
520 ret = mtd->block_isbad(mtd, (loff_t)pnum * ubi->peb_size);
521 if (ret < 0)
522 ubi_err("error %d while checking if PEB %d is bad",
523 ret, pnum);
524 else if (ret)
525 dbg_io("PEB %d is bad", pnum);
526 return ret;
527 }
528
529 return 0;
530 }
531
532 /**
533 * ubi_io_mark_bad - mark a physical eraseblock as bad.
534 * @ubi: UBI device description object
535 * @pnum: the physical eraseblock number to mark
536 *
537 * This function returns zero in case of success and a negative error code in
538 * case of failure.
539 */
540 int ubi_io_mark_bad(const struct ubi_device *ubi, int pnum)
541 {
542 int err;
543 struct mtd_info *mtd = ubi->mtd;
544
545 ubi_assert(pnum >= 0 && pnum < ubi->peb_count);
546
547 if (ubi->ro_mode) {
548 ubi_err("read-only mode");
549 return -EROFS;
550 }
551
552 if (!ubi->bad_allowed)
553 return 0;
554
555 err = mtd->block_markbad(mtd, (loff_t)pnum * ubi->peb_size);
556 if (err)
557 ubi_err("cannot mark PEB %d bad, error %d", pnum, err);
558 return err;
559 }
560
561 /**
562 * validate_ec_hdr - validate an erase counter header.
563 * @ubi: UBI device description object
564 * @ec_hdr: the erase counter header to check
565 *
566 * This function returns zero if the erase counter header is OK, and %1 if
567 * not.
568 */
569 static int validate_ec_hdr(const struct ubi_device *ubi,
570 const struct ubi_ec_hdr *ec_hdr)
571 {
572 long long ec;
573 int vid_hdr_offset, leb_start;
574
575 ec = be64_to_cpu(ec_hdr->ec);
576 vid_hdr_offset = be32_to_cpu(ec_hdr->vid_hdr_offset);
577 leb_start = be32_to_cpu(ec_hdr->data_offset);
578
579 if (ec_hdr->version != UBI_VERSION) {
580 ubi_err("node with incompatible UBI version found: "
581 "this UBI version is %d, image version is %d",
582 UBI_VERSION, (int)ec_hdr->version);
583 goto bad;
584 }
585
586 if (vid_hdr_offset != ubi->vid_hdr_offset) {
587 ubi_err("bad VID header offset %d, expected %d",
588 vid_hdr_offset, ubi->vid_hdr_offset);
589 goto bad;
590 }
591
592 if (leb_start != ubi->leb_start) {
593 ubi_err("bad data offset %d, expected %d",
594 leb_start, ubi->leb_start);
595 goto bad;
596 }
597
598 if (ec < 0 || ec > UBI_MAX_ERASECOUNTER) {
599 ubi_err("bad erase counter %lld", ec);
600 goto bad;
601 }
602
603 return 0;
604
605 bad:
606 ubi_err("bad EC header");
607 ubi_dbg_dump_ec_hdr(ec_hdr);
608 ubi_dbg_dump_stack();
609 return 1;
610 }
611
612 /**
613 * ubi_io_read_ec_hdr - read and check an erase counter header.
614 * @ubi: UBI device description object
615 * @pnum: physical eraseblock to read from
616 * @ec_hdr: a &struct ubi_ec_hdr object where to store the read erase counter
617 * header
618 * @verbose: be verbose if the header is corrupted or was not found
619 *
620 * This function reads erase counter header from physical eraseblock @pnum and
621 * stores it in @ec_hdr. This function also checks CRC checksum of the read
622 * erase counter header. The following codes may be returned:
623 *
624 * o %0 if the CRC checksum is correct and the header was successfully read;
625 * o %UBI_IO_BITFLIPS if the CRC is correct, but bit-flips were detected
626 * and corrected by the flash driver; this is harmless but may indicate that
627 * this eraseblock may become bad soon (but may be not);
628 * o %UBI_IO_BAD_EC_HDR if the erase counter header is corrupted (a CRC error);
629 * o %UBI_IO_PEB_EMPTY if the physical eraseblock is empty;
630 * o a negative error code in case of failure.
631 */
632 int ubi_io_read_ec_hdr(struct ubi_device *ubi, int pnum,
633 struct ubi_ec_hdr *ec_hdr, int verbose)
634 {
635 int err, read_err = 0;
636 uint32_t crc, magic, hdr_crc;
637
638 dbg_io("read EC header from PEB %d", pnum);
639 ubi_assert(pnum >= 0 && pnum < ubi->peb_count);
640 if (UBI_IO_DEBUG)
641 verbose = 1;
642
643 err = ubi_io_read(ubi, ec_hdr, pnum, 0, UBI_EC_HDR_SIZE);
644 if (err) {
645 if (err != UBI_IO_BITFLIPS && err != -EBADMSG)
646 return err;
647
648 /*
649 * We read all the data, but either a correctable bit-flip
650 * occurred, or MTD reported about some data integrity error,
651 * like an ECC error in case of NAND. The former is harmless,
652 * the later may mean that the read data is corrupted. But we
653 * have a CRC check-sum and we will detect this. If the EC
654 * header is still OK, we just report this as there was a
655 * bit-flip.
656 */
657 read_err = err;
658 }
659
660 magic = be32_to_cpu(ec_hdr->magic);
661 if (magic != UBI_EC_HDR_MAGIC) {
662 /*
663 * The magic field is wrong. Let's check if we have read all
664 * 0xFF. If yes, this physical eraseblock is assumed to be
665 * empty.
666 *
667 * But if there was a read error, we do not test it for all
668 * 0xFFs. Even if it does contain all 0xFFs, this error
669 * indicates that something is still wrong with this physical
670 * eraseblock and we anyway cannot treat it as empty.
671 */
672 if (read_err != -EBADMSG &&
673 check_pattern(ec_hdr, 0xFF, UBI_EC_HDR_SIZE)) {
674 /* The physical eraseblock is supposedly empty */
675
676 /*
677 * The below is just a paranoid check, it has to be
678 * compiled out if paranoid checks are disabled.
679 */
680 err = paranoid_check_all_ff(ubi, pnum, 0,
681 ubi->peb_size);
682 if (err)
683 return err > 0 ? UBI_IO_BAD_EC_HDR : err;
684
685 if (verbose)
686 ubi_warn("no EC header found at PEB %d, "
687 "only 0xFF bytes", pnum);
688 return UBI_IO_PEB_EMPTY;
689 }
690
691 /*
692 * This is not a valid erase counter header, and these are not
693 * 0xFF bytes. Report that the header is corrupted.
694 */
695 if (verbose) {
696 ubi_warn("bad magic number at PEB %d: %08x instead of "
697 "%08x", pnum, magic, UBI_EC_HDR_MAGIC);
698 ubi_dbg_dump_ec_hdr(ec_hdr);
699 }
700 return UBI_IO_BAD_EC_HDR;
701 }
702
703 crc = crc32(UBI_CRC32_INIT, ec_hdr, UBI_EC_HDR_SIZE_CRC);
704 hdr_crc = be32_to_cpu(ec_hdr->hdr_crc);
705
706 if (hdr_crc != crc) {
707 if (verbose) {
708 ubi_warn("bad EC header CRC at PEB %d, calculated "
709 "%#08x, read %#08x", pnum, crc, hdr_crc);
710 ubi_dbg_dump_ec_hdr(ec_hdr);
711 }
712 return UBI_IO_BAD_EC_HDR;
713 }
714
715 /* And of course validate what has just been read from the media */
716 err = validate_ec_hdr(ubi, ec_hdr);
717 if (err) {
718 ubi_err("validation failed for PEB %d", pnum);
719 return -EINVAL;
720 }
721
722 return read_err ? UBI_IO_BITFLIPS : 0;
723 }
724
725 /**
726 * ubi_io_write_ec_hdr - write an erase counter header.
727 * @ubi: UBI device description object
728 * @pnum: physical eraseblock to write to
729 * @ec_hdr: the erase counter header to write
730 *
731 * This function writes erase counter header described by @ec_hdr to physical
732 * eraseblock @pnum. It also fills most fields of @ec_hdr before writing, so
733 * the caller do not have to fill them. Callers must only fill the @ec_hdr->ec
734 * field.
735 *
736 * This function returns zero in case of success and a negative error code in
737 * case of failure. If %-EIO is returned, the physical eraseblock most probably
738 * went bad.
739 */
740 int ubi_io_write_ec_hdr(struct ubi_device *ubi, int pnum,
741 struct ubi_ec_hdr *ec_hdr)
742 {
743 int err;
744 uint32_t crc;
745
746 dbg_io("write EC header to PEB %d", pnum);
747 ubi_assert(pnum >= 0 && pnum < ubi->peb_count);
748
749 ec_hdr->magic = cpu_to_be32(UBI_EC_HDR_MAGIC);
750 ec_hdr->version = UBI_VERSION;
751 ec_hdr->vid_hdr_offset = cpu_to_be32(ubi->vid_hdr_offset);
752 ec_hdr->data_offset = cpu_to_be32(ubi->leb_start);
753 crc = crc32(UBI_CRC32_INIT, ec_hdr, UBI_EC_HDR_SIZE_CRC);
754 ec_hdr->hdr_crc = cpu_to_be32(crc);
755
756 err = paranoid_check_ec_hdr(ubi, pnum, ec_hdr);
757 if (err)
758 return -EINVAL;
759
760 err = ubi_io_write(ubi, ec_hdr, pnum, 0, ubi->ec_hdr_alsize);
761 return err;
762 }
763
764 /**
765 * validate_vid_hdr - validate a volume identifier header.
766 * @ubi: UBI device description object
767 * @vid_hdr: the volume identifier header to check
768 *
769 * This function checks that data stored in the volume identifier header
770 * @vid_hdr. Returns zero if the VID header is OK and %1 if not.
771 */
772 static int validate_vid_hdr(const struct ubi_device *ubi,
773 const struct ubi_vid_hdr *vid_hdr)
774 {
775 int vol_type = vid_hdr->vol_type;
776 int copy_flag = vid_hdr->copy_flag;
777 int vol_id = be32_to_cpu(vid_hdr->vol_id);
778 int lnum = be32_to_cpu(vid_hdr->lnum);
779 int compat = vid_hdr->compat;
780 int data_size = be32_to_cpu(vid_hdr->data_size);
781 int used_ebs = be32_to_cpu(vid_hdr->used_ebs);
782 int data_pad = be32_to_cpu(vid_hdr->data_pad);
783 int data_crc = be32_to_cpu(vid_hdr->data_crc);
784 int usable_leb_size = ubi->leb_size - data_pad;
785
786 if (copy_flag != 0 && copy_flag != 1) {
787 dbg_err("bad copy_flag");
788 goto bad;
789 }
790
791 if (vol_id < 0 || lnum < 0 || data_size < 0 || used_ebs < 0 ||
792 data_pad < 0) {
793 dbg_err("negative values");
794 goto bad;
795 }
796
797 if (vol_id >= UBI_MAX_VOLUMES && vol_id < UBI_INTERNAL_VOL_START) {
798 dbg_err("bad vol_id");
799 goto bad;
800 }
801
802 if (vol_id < UBI_INTERNAL_VOL_START && compat != 0) {
803 dbg_err("bad compat");
804 goto bad;
805 }
806
807 if (vol_id >= UBI_INTERNAL_VOL_START && compat != UBI_COMPAT_DELETE &&
808 compat != UBI_COMPAT_RO && compat != UBI_COMPAT_PRESERVE &&
809 compat != UBI_COMPAT_REJECT) {
810 dbg_err("bad compat");
811 goto bad;
812 }
813
814 if (vol_type != UBI_VID_DYNAMIC && vol_type != UBI_VID_STATIC) {
815 dbg_err("bad vol_type");
816 goto bad;
817 }
818
819 if (data_pad >= ubi->leb_size / 2) {
820 dbg_err("bad data_pad");
821 goto bad;
822 }
823
824 if (vol_type == UBI_VID_STATIC) {
825 /*
826 * Although from high-level point of view static volumes may
827 * contain zero bytes of data, but no VID headers can contain
828 * zero at these fields, because they empty volumes do not have
829 * mapped logical eraseblocks.
830 */
831 if (used_ebs == 0) {
832 dbg_err("zero used_ebs");
833 goto bad;
834 }
835 if (data_size == 0) {
836 dbg_err("zero data_size");
837 goto bad;
838 }
839 if (lnum < used_ebs - 1) {
840 if (data_size != usable_leb_size) {
841 dbg_err("bad data_size");
842 goto bad;
843 }
844 } else if (lnum == used_ebs - 1) {
845 if (data_size == 0) {
846 dbg_err("bad data_size at last LEB");
847 goto bad;
848 }
849 } else {
850 dbg_err("too high lnum");
851 goto bad;
852 }
853 } else {
854 if (copy_flag == 0) {
855 if (data_crc != 0) {
856 dbg_err("non-zero data CRC");
857 goto bad;
858 }
859 if (data_size != 0) {
860 dbg_err("non-zero data_size");
861 goto bad;
862 }
863 } else {
864 if (data_size == 0) {
865 dbg_err("zero data_size of copy");
866 goto bad;
867 }
868 }
869 if (used_ebs != 0) {
870 dbg_err("bad used_ebs");
871 goto bad;
872 }
873 }
874
875 return 0;
876
877 bad:
878 ubi_err("bad VID header");
879 ubi_dbg_dump_vid_hdr(vid_hdr);
880 ubi_dbg_dump_stack();
881 return 1;
882 }
883
884 /**
885 * ubi_io_read_vid_hdr - read and check a volume identifier header.
886 * @ubi: UBI device description object
887 * @pnum: physical eraseblock number to read from
888 * @vid_hdr: &struct ubi_vid_hdr object where to store the read volume
889 * identifier header
890 * @verbose: be verbose if the header is corrupted or wasn't found
891 *
892 * This function reads the volume identifier header from physical eraseblock
893 * @pnum and stores it in @vid_hdr. It also checks CRC checksum of the read
894 * volume identifier header. The following codes may be returned:
895 *
896 * o %0 if the CRC checksum is correct and the header was successfully read;
897 * o %UBI_IO_BITFLIPS if the CRC is correct, but bit-flips were detected
898 * and corrected by the flash driver; this is harmless but may indicate that
899 * this eraseblock may become bad soon;
900 * o %UBI_IO_BAD_VID_HRD if the volume identifier header is corrupted (a CRC
901 * error detected);
902 * o %UBI_IO_PEB_FREE if the physical eraseblock is free (i.e., there is no VID
903 * header there);
904 * o a negative error code in case of failure.
905 */
906 int ubi_io_read_vid_hdr(struct ubi_device *ubi, int pnum,
907 struct ubi_vid_hdr *vid_hdr, int verbose)
908 {
909 int err, read_err = 0;
910 uint32_t crc, magic, hdr_crc;
911 void *p;
912
913 dbg_io("read VID header from PEB %d", pnum);
914 ubi_assert(pnum >= 0 && pnum < ubi->peb_count);
915 if (UBI_IO_DEBUG)
916 verbose = 1;
917
918 p = (char *)vid_hdr - ubi->vid_hdr_shift;
919 err = ubi_io_read(ubi, p, pnum, ubi->vid_hdr_aloffset,
920 ubi->vid_hdr_alsize);
921 if (err) {
922 if (err != UBI_IO_BITFLIPS && err != -EBADMSG)
923 return err;
924
925 /*
926 * We read all the data, but either a correctable bit-flip
927 * occurred, or MTD reported about some data integrity error,
928 * like an ECC error in case of NAND. The former is harmless,
929 * the later may mean the read data is corrupted. But we have a
930 * CRC check-sum and we will identify this. If the VID header is
931 * still OK, we just report this as there was a bit-flip.
932 */
933 read_err = err;
934 }
935
936 magic = be32_to_cpu(vid_hdr->magic);
937 if (magic != UBI_VID_HDR_MAGIC) {
938 /*
939 * If we have read all 0xFF bytes, the VID header probably does
940 * not exist and the physical eraseblock is assumed to be free.
941 *
942 * But if there was a read error, we do not test the data for
943 * 0xFFs. Even if it does contain all 0xFFs, this error
944 * indicates that something is still wrong with this physical
945 * eraseblock and it cannot be regarded as free.
946 */
947 if (read_err != -EBADMSG &&
948 check_pattern(vid_hdr, 0xFF, UBI_VID_HDR_SIZE)) {
949 /* The physical eraseblock is supposedly free */
950
951 /*
952 * The below is just a paranoid check, it has to be
953 * compiled out if paranoid checks are disabled.
954 */
955 err = paranoid_check_all_ff(ubi, pnum, ubi->leb_start,
956 ubi->leb_size);
957 if (err)
958 return err > 0 ? UBI_IO_BAD_VID_HDR : err;
959
960 if (verbose)
961 ubi_warn("no VID header found at PEB %d, "
962 "only 0xFF bytes", pnum);
963 return UBI_IO_PEB_FREE;
964 }
965
966 /*
967 * This is not a valid VID header, and these are not 0xFF
968 * bytes. Report that the header is corrupted.
969 */
970 if (verbose) {
971 ubi_warn("bad magic number at PEB %d: %08x instead of "
972 "%08x", pnum, magic, UBI_VID_HDR_MAGIC);
973 ubi_dbg_dump_vid_hdr(vid_hdr);
974 }
975 return UBI_IO_BAD_VID_HDR;
976 }
977
978 crc = crc32(UBI_CRC32_INIT, vid_hdr, UBI_VID_HDR_SIZE_CRC);
979 hdr_crc = be32_to_cpu(vid_hdr->hdr_crc);
980
981 if (hdr_crc != crc) {
982 if (verbose) {
983 ubi_warn("bad CRC at PEB %d, calculated %#08x, "
984 "read %#08x", pnum, crc, hdr_crc);
985 ubi_dbg_dump_vid_hdr(vid_hdr);
986 }
987 return UBI_IO_BAD_VID_HDR;
988 }
989
990 /* Validate the VID header that we have just read */
991 err = validate_vid_hdr(ubi, vid_hdr);
992 if (err) {
993 ubi_err("validation failed for PEB %d", pnum);
994 return -EINVAL;
995 }
996
997 return read_err ? UBI_IO_BITFLIPS : 0;
998 }
999
1000 /**
1001 * ubi_io_write_vid_hdr - write a volume identifier header.
1002 * @ubi: UBI device description object
1003 * @pnum: the physical eraseblock number to write to
1004 * @vid_hdr: the volume identifier header to write
1005 *
1006 * This function writes the volume identifier header described by @vid_hdr to
1007 * physical eraseblock @pnum. This function automatically fills the
1008 * @vid_hdr->magic and the @vid_hdr->version fields, as well as calculates
1009 * header CRC checksum and stores it at vid_hdr->hdr_crc.
1010 *
1011 * This function returns zero in case of success and a negative error code in
1012 * case of failure. If %-EIO is returned, the physical eraseblock probably went
1013 * bad.
1014 */
1015 int ubi_io_write_vid_hdr(struct ubi_device *ubi, int pnum,
1016 struct ubi_vid_hdr *vid_hdr)
1017 {
1018 int err;
1019 uint32_t crc;
1020 void *p;
1021
1022 dbg_io("write VID header to PEB %d", pnum);
1023 ubi_assert(pnum >= 0 && pnum < ubi->peb_count);
1024
1025 err = paranoid_check_peb_ec_hdr(ubi, pnum);
1026 if (err)
1027 return err > 0 ? -EINVAL: err;
1028
1029 vid_hdr->magic = cpu_to_be32(UBI_VID_HDR_MAGIC);
1030 vid_hdr->version = UBI_VERSION;
1031 crc = crc32(UBI_CRC32_INIT, vid_hdr, UBI_VID_HDR_SIZE_CRC);
1032 vid_hdr->hdr_crc = cpu_to_be32(crc);
1033
1034 err = paranoid_check_vid_hdr(ubi, pnum, vid_hdr);
1035 if (err)
1036 return -EINVAL;
1037
1038 p = (char *)vid_hdr - ubi->vid_hdr_shift;
1039 err = ubi_io_write(ubi, p, pnum, ubi->vid_hdr_aloffset,
1040 ubi->vid_hdr_alsize);
1041 return err;
1042 }
1043
1044 #ifdef CONFIG_MTD_UBI_DEBUG_PARANOID
1045
1046 /**
1047 * paranoid_check_not_bad - ensure that a physical eraseblock is not bad.
1048 * @ubi: UBI device description object
1049 * @pnum: physical eraseblock number to check
1050 *
1051 * This function returns zero if the physical eraseblock is good, a positive
1052 * number if it is bad and a negative error code if an error occurred.
1053 */
1054 static int paranoid_check_not_bad(const struct ubi_device *ubi, int pnum)
1055 {
1056 int err;
1057
1058 err = ubi_io_is_bad(ubi, pnum);
1059 if (!err)
1060 return err;
1061
1062 ubi_err("paranoid check failed for PEB %d", pnum);
1063 ubi_dbg_dump_stack();
1064 return err;
1065 }
1066
1067 /**
1068 * paranoid_check_ec_hdr - check if an erase counter header is all right.
1069 * @ubi: UBI device description object
1070 * @pnum: physical eraseblock number the erase counter header belongs to
1071 * @ec_hdr: the erase counter header to check
1072 *
1073 * This function returns zero if the erase counter header contains valid
1074 * values, and %1 if not.
1075 */
1076 static int paranoid_check_ec_hdr(const struct ubi_device *ubi, int pnum,
1077 const struct ubi_ec_hdr *ec_hdr)
1078 {
1079 int err;
1080 uint32_t magic;
1081
1082 magic = be32_to_cpu(ec_hdr->magic);
1083 if (magic != UBI_EC_HDR_MAGIC) {
1084 ubi_err("bad magic %#08x, must be %#08x",
1085 magic, UBI_EC_HDR_MAGIC);
1086 goto fail;
1087 }
1088
1089 err = validate_ec_hdr(ubi, ec_hdr);
1090 if (err) {
1091 ubi_err("paranoid check failed for PEB %d", pnum);
1092 goto fail;
1093 }
1094
1095 return 0;
1096
1097 fail:
1098 ubi_dbg_dump_ec_hdr(ec_hdr);
1099 ubi_dbg_dump_stack();
1100 return 1;
1101 }
1102
1103 /**
1104 * paranoid_check_peb_ec_hdr - check erase counter header.
1105 * @ubi: UBI device description object
1106 * @pnum: the physical eraseblock number to check
1107 *
1108 * This function returns zero if the erase counter header is all right, %1 if
1109 * not, and a negative error code if an error occurred.
1110 */
1111 static int paranoid_check_peb_ec_hdr(const struct ubi_device *ubi, int pnum)
1112 {
1113 int err;
1114 uint32_t crc, hdr_crc;
1115 struct ubi_ec_hdr *ec_hdr;
1116
1117 ec_hdr = kzalloc(ubi->ec_hdr_alsize, GFP_NOFS);
1118 if (!ec_hdr)
1119 return -ENOMEM;
1120
1121 err = ubi_io_read(ubi, ec_hdr, pnum, 0, UBI_EC_HDR_SIZE);
1122 if (err && err != UBI_IO_BITFLIPS && err != -EBADMSG)
1123 goto exit;
1124
1125 crc = crc32(UBI_CRC32_INIT, ec_hdr, UBI_EC_HDR_SIZE_CRC);
1126 hdr_crc = be32_to_cpu(ec_hdr->hdr_crc);
1127 if (hdr_crc != crc) {
1128 ubi_err("bad CRC, calculated %#08x, read %#08x", crc, hdr_crc);
1129 ubi_err("paranoid check failed for PEB %d", pnum);
1130 ubi_dbg_dump_ec_hdr(ec_hdr);
1131 ubi_dbg_dump_stack();
1132 err = 1;
1133 goto exit;
1134 }
1135
1136 err = paranoid_check_ec_hdr(ubi, pnum, ec_hdr);
1137
1138 exit:
1139 kfree(ec_hdr);
1140 return err;
1141 }
1142
1143 /**
1144 * paranoid_check_vid_hdr - check that a volume identifier header is all right.
1145 * @ubi: UBI device description object
1146 * @pnum: physical eraseblock number the volume identifier header belongs to
1147 * @vid_hdr: the volume identifier header to check
1148 *
1149 * This function returns zero if the volume identifier header is all right, and
1150 * %1 if not.
1151 */
1152 static int paranoid_check_vid_hdr(const struct ubi_device *ubi, int pnum,
1153 const struct ubi_vid_hdr *vid_hdr)
1154 {
1155 int err;
1156 uint32_t magic;
1157
1158 magic = be32_to_cpu(vid_hdr->magic);
1159 if (magic != UBI_VID_HDR_MAGIC) {
1160 ubi_err("bad VID header magic %#08x at PEB %d, must be %#08x",
1161 magic, pnum, UBI_VID_HDR_MAGIC);
1162 goto fail;
1163 }
1164
1165 err = validate_vid_hdr(ubi, vid_hdr);
1166 if (err) {
1167 ubi_err("paranoid check failed for PEB %d", pnum);
1168 goto fail;
1169 }
1170
1171 return err;
1172
1173 fail:
1174 ubi_err("paranoid check failed for PEB %d", pnum);
1175 ubi_dbg_dump_vid_hdr(vid_hdr);
1176 ubi_dbg_dump_stack();
1177 return 1;
1178
1179 }
1180
1181 /**
1182 * paranoid_check_peb_vid_hdr - check volume identifier header.
1183 * @ubi: UBI device description object
1184 * @pnum: the physical eraseblock number to check
1185 *
1186 * This function returns zero if the volume identifier header is all right,
1187 * %1 if not, and a negative error code if an error occurred.
1188 */
1189 static int paranoid_check_peb_vid_hdr(const struct ubi_device *ubi, int pnum)
1190 {
1191 int err;
1192 uint32_t crc, hdr_crc;
1193 struct ubi_vid_hdr *vid_hdr;
1194 void *p;
1195
1196 vid_hdr = ubi_zalloc_vid_hdr(ubi, GFP_NOFS);
1197 if (!vid_hdr)
1198 return -ENOMEM;
1199
1200 p = (char *)vid_hdr - ubi->vid_hdr_shift;
1201 err = ubi_io_read(ubi, p, pnum, ubi->vid_hdr_aloffset,
1202 ubi->vid_hdr_alsize);
1203 if (err && err != UBI_IO_BITFLIPS && err != -EBADMSG)
1204 goto exit;
1205
1206 crc = crc32(UBI_CRC32_INIT, vid_hdr, UBI_EC_HDR_SIZE_CRC);
1207 hdr_crc = be32_to_cpu(vid_hdr->hdr_crc);
1208 if (hdr_crc != crc) {
1209 ubi_err("bad VID header CRC at PEB %d, calculated %#08x, "
1210 "read %#08x", pnum, crc, hdr_crc);
1211 ubi_err("paranoid check failed for PEB %d", pnum);
1212 ubi_dbg_dump_vid_hdr(vid_hdr);
1213 ubi_dbg_dump_stack();
1214 err = 1;
1215 goto exit;
1216 }
1217
1218 err = paranoid_check_vid_hdr(ubi, pnum, vid_hdr);
1219
1220 exit:
1221 ubi_free_vid_hdr(ubi, vid_hdr);
1222 return err;
1223 }
1224
1225 /**
1226 * paranoid_check_all_ff - check that a region of flash is empty.
1227 * @ubi: UBI device description object
1228 * @pnum: the physical eraseblock number to check
1229 * @offset: the starting offset within the physical eraseblock to check
1230 * @len: the length of the region to check
1231 *
1232 * This function returns zero if only 0xFF bytes are present at offset
1233 * @offset of the physical eraseblock @pnum, %1 if not, and a negative error
1234 * code if an error occurred.
1235 */
1236 static int paranoid_check_all_ff(struct ubi_device *ubi, int pnum, int offset,
1237 int len)
1238 {
1239 size_t read;
1240 int err;
1241 loff_t addr = (loff_t)pnum * ubi->peb_size + offset;
1242
1243 mutex_lock(&ubi->dbg_buf_mutex);
1244 err = ubi->mtd->read(ubi->mtd, addr, len, &read, ubi->dbg_peb_buf);
1245 if (err && err != -EUCLEAN) {
1246 ubi_err("error %d while reading %d bytes from PEB %d:%d, "
1247 "read %zd bytes", err, len, pnum, offset, read);
1248 goto error;
1249 }
1250
1251 err = check_pattern(ubi->dbg_peb_buf, 0xFF, len);
1252 if (err == 0) {
1253 ubi_err("flash region at PEB %d:%d, length %d does not "
1254 "contain all 0xFF bytes", pnum, offset, len);
1255 goto fail;
1256 }
1257 mutex_unlock(&ubi->dbg_buf_mutex);
1258
1259 return 0;
1260
1261 fail:
1262 ubi_err("paranoid check failed for PEB %d", pnum);
1263 ubi_msg("hex dump of the %d-%d region", offset, offset + len);
1264 print_hex_dump(KERN_DEBUG, "", DUMP_PREFIX_OFFSET, 32, 1,
1265 ubi->dbg_peb_buf, len, 1);
1266 err = 1;
1267 error:
1268 ubi_dbg_dump_stack();
1269 mutex_unlock(&ubi->dbg_buf_mutex);
1270 return err;
1271 }
1272
1273 #endif /* CONFIG_MTD_UBI_DEBUG_PARANOID */
Linux kernel - Deliverables
This page took 0.05753 seconds and 5 git commands to generate.