2 * Copyright (c) International Business Machines Corp., 2006
3 * Copyright (c) Nokia Corporation, 2006, 2007
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 2 of the License, or
8 * (at your option) any later version.
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See
13 * the GNU General Public License for more details.
15 * You should have received a copy of the GNU General Public License
16 * along with this program; if not, write to the Free Software
17 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
19 * Author: Artem Bityutskiy (Битюцкий Артём)
23 * UBI input/output sub-system.
25 * This sub-system provides a uniform way to work with all kinds of the
26 * underlying MTD devices. It also implements handy functions for reading and
27 * writing UBI headers.
29 * We are trying to have a paranoid mindset and not to trust to what we read
30 * from the flash media in order to be more secure and robust. So this
31 * sub-system validates every single header it reads from the flash media.
33 * Some words about how the eraseblock headers are stored.
35 * The erase counter header is always stored at offset zero. By default, the
36 * VID header is stored after the EC header at the closest aligned offset
37 * (i.e. aligned to the minimum I/O unit size). Data starts next to the VID
38 * header at the closest aligned offset. But this default layout may be
39 * changed. For example, for different reasons (e.g., optimization) UBI may be
40 * asked to put the VID header at further offset, and even at an unaligned
41 * offset. Of course, if the offset of the VID header is unaligned, UBI adds
42 * proper padding in front of it. Data offset may also be changed but it has to
45 * About minimal I/O units. In general, UBI assumes flash device model where
46 * there is only one minimal I/O unit size. E.g., in case of NOR flash it is 1,
47 * in case of NAND flash it is a NAND page, etc. This is reported by MTD in the
48 * @ubi->mtd->writesize field. But as an exception, UBI admits of using another
49 * (smaller) minimal I/O unit size for EC and VID headers to make it possible
50 * to do different optimizations.
52 * This is extremely useful in case of NAND flashes which admit of several
53 * write operations to one NAND page. In this case UBI can fit EC and VID
54 * headers at one NAND page. Thus, UBI may use "sub-page" size as the minimal
55 * I/O unit for the headers (the @ubi->hdrs_min_io_size field). But it still
56 * reports NAND page size (@ubi->min_io_size) as a minimal I/O unit for the UBI
59 * Example: some Samsung NANDs with 2KiB pages allow 4x 512-byte writes, so
60 * although the minimal I/O unit is 2K, UBI uses 512 bytes for EC and VID
63 * Q: why not just to treat sub-page as a minimal I/O unit of this flash
64 * device, e.g., make @ubi->min_io_size = 512 in the example above?
66 * A: because when writing a sub-page, MTD still writes a full 2K page but the
67 * bytes which are not relevant to the sub-page are 0xFF. So, basically,
68 * writing 4x512 sub-pages is 4 times slower than writing one 2KiB NAND page.
69 * Thus, we prefer to use sub-pages only for EC and VID headers.
71 * As it was noted above, the VID header may start at a non-aligned offset.
72 * For example, in case of a 2KiB page NAND flash with a 512 bytes sub-page,
73 * the VID header may reside at offset 1984 which is the last 64 bytes of the
74 * last sub-page (EC header is always at offset zero). This causes some
75 * difficulties when reading and writing VID headers.
77 * Suppose we have a 64-byte buffer and we read a VID header at it. We change
78 * the data and want to write this VID header out. As we can only write in
79 * 512-byte chunks, we have to allocate one more buffer and copy our VID header
80 * to offset 448 of this buffer.
82 * The I/O sub-system does the following trick in order to avoid this extra
83 * copy. It always allocates a @ubi->vid_hdr_alsize bytes buffer for the VID
84 * header and returns a pointer to offset @ubi->vid_hdr_shift of this buffer.
85 * When the VID header is being written out, it shifts the VID header pointer
86 * back and writes the whole sub-page.
89 #include <linux/crc32.h>
90 #include <linux/err.h>
91 #include <linux/slab.h>
94 static int self_check_not_bad(const struct ubi_device *ubi, int pnum);
95 static int self_check_peb_ec_hdr(const struct ubi_device *ubi, int pnum);
96 static int self_check_ec_hdr(const struct ubi_device *ubi, int pnum,
97 const struct ubi_ec_hdr *ec_hdr);
98 static int self_check_peb_vid_hdr(const struct ubi_device *ubi, int pnum);
99 static int self_check_vid_hdr(const struct ubi_device *ubi, int pnum,
100 const struct ubi_vid_hdr *vid_hdr);
101 static int self_check_write(struct ubi_device *ubi, const void *buf, int pnum,
102 int offset, int len);
105 * ubi_io_read - read data from a physical eraseblock.
106 * @ubi: UBI device description object
107 * @buf: buffer where to store the read data
108 * @pnum: physical eraseblock number to read from
109 * @offset: offset within the physical eraseblock from where to read
110 * @len: how many bytes to read
112 * This function reads data from offset @offset of physical eraseblock @pnum
113 * and stores the read data in the @buf buffer. The following return codes are
116 * o %0 if all the requested data were successfully read;
117 * o %UBI_IO_BITFLIPS if all the requested data were successfully read, but
118 * correctable bit-flips were detected; this is harmless but may indicate
119 * that this eraseblock may become bad soon (but do not have to);
120 * o %-EBADMSG if the MTD subsystem reported about data integrity problems, for
121 * example it can be an ECC error in case of NAND; this most probably means
122 * that the data is corrupted;
123 * o %-EIO if some I/O error occurred;
124 * o other negative error codes in case of other errors.
126 int ubi_io_read(const struct ubi_device *ubi, void *buf, int pnum, int offset,
129 int err, retries = 0;
133 dbg_io("read %d bytes from PEB %d:%d", len, pnum, offset);
135 ubi_assert(pnum >= 0 && pnum < ubi->peb_count);
136 ubi_assert(offset >= 0 && offset + len <= ubi->peb_size);
139 err = self_check_not_bad(ubi, pnum);
144 * Deliberately corrupt the buffer to improve robustness. Indeed, if we
145 * do not do this, the following may happen:
146 * 1. The buffer contains data from previous operation, e.g., read from
147 * another PEB previously. The data looks like expected, e.g., if we
148 * just do not read anything and return - the caller would not
149 * notice this. E.g., if we are reading a VID header, the buffer may
150 * contain a valid VID header from another PEB.
151 * 2. The driver is buggy and returns us success or -EBADMSG or
152 * -EUCLEAN, but it does not actually put any data to the buffer.
154 * This may confuse UBI or upper layers - they may think the buffer
155 * contains valid data while in fact it is just old data. This is
156 * especially possible because UBI (and UBIFS) relies on CRC, and
157 * treats data as correct even in case of ECC errors if the CRC is
160 * Try to prevent this situation by changing the first byte of the
163 *((uint8_t *)buf) ^= 0xFF;
165 addr = (loff_t)pnum * ubi->peb_size + offset;
167 err = mtd_read(ubi->mtd, addr, len, &read, buf);
169 const char *errstr = mtd_is_eccerr(err) ? " (ECC error)" : "";
171 if (mtd_is_bitflip(err)) {
173 * -EUCLEAN is reported if there was a bit-flip which
174 * was corrected, so this is harmless.
176 * We do not report about it here unless debugging is
177 * enabled. A corresponding message will be printed
178 * later, when it is has been scrubbed.
180 ubi_msg("fixable bit-flip detected at PEB %d", pnum);
181 ubi_assert(len == read);
182 return UBI_IO_BITFLIPS;
185 if (retries++ < UBI_IO_RETRIES) {
186 ubi_warn("error %d%s while reading %d bytes from PEB %d:%d, read only %zd bytes, retry",
187 err, errstr, len, pnum, offset, read);
192 ubi_err("error %d%s while reading %d bytes from PEB %d:%d, read %zd bytes",
193 err, errstr, len, pnum, offset, read);
197 * The driver should never return -EBADMSG if it failed to read
198 * all the requested data. But some buggy drivers might do
199 * this, so we change it to -EIO.
201 if (read != len && mtd_is_eccerr(err)) {
206 ubi_assert(len == read);
208 if (ubi_dbg_is_bitflip(ubi)) {
209 dbg_gen("bit-flip (emulated)");
210 err = UBI_IO_BITFLIPS;
218 * ubi_io_write - write data to a physical eraseblock.
219 * @ubi: UBI device description object
220 * @buf: buffer with the data to write
221 * @pnum: physical eraseblock number to write to
222 * @offset: offset within the physical eraseblock where to write
223 * @len: how many bytes to write
225 * This function writes @len bytes of data from buffer @buf to offset @offset
226 * of physical eraseblock @pnum. If all the data were successfully written,
227 * zero is returned. If an error occurred, this function returns a negative
228 * error code. If %-EIO is returned, the physical eraseblock most probably went
231 * Note, in case of an error, it is possible that something was still written
232 * to the flash media, but may be some garbage.
234 int ubi_io_write(struct ubi_device *ubi, const void *buf, int pnum, int offset,
241 dbg_io("write %d bytes to PEB %d:%d", len, pnum, offset);
243 ubi_assert(pnum >= 0 && pnum < ubi->peb_count);
244 ubi_assert(offset >= 0 && offset + len <= ubi->peb_size);
245 ubi_assert(offset % ubi->hdrs_min_io_size == 0);
246 ubi_assert(len > 0 && len % ubi->hdrs_min_io_size == 0);
249 ubi_err("read-only mode");
253 err = self_check_not_bad(ubi, pnum);
257 /* The area we are writing to has to contain all 0xFF bytes */
258 err = ubi_self_check_all_ff(ubi, pnum, offset, len);
262 if (offset >= ubi->leb_start) {
264 * We write to the data area of the physical eraseblock. Make
265 * sure it has valid EC and VID headers.
267 err = self_check_peb_ec_hdr(ubi, pnum);
270 err = self_check_peb_vid_hdr(ubi, pnum);
275 if (ubi_dbg_is_write_failure(ubi)) {
276 ubi_err("cannot write %d bytes to PEB %d:%d (emulated)",
282 addr = (loff_t)pnum * ubi->peb_size + offset;
283 err = mtd_write(ubi->mtd, addr, len, &written, buf);
285 ubi_err("error %d while writing %d bytes to PEB %d:%d, written %zd bytes",
286 err, len, pnum, offset, written);
288 ubi_dump_flash(ubi, pnum, offset, len);
290 ubi_assert(written == len);
293 err = self_check_write(ubi, buf, pnum, offset, len);
298 * Since we always write sequentially, the rest of the PEB has
299 * to contain only 0xFF bytes.
302 len = ubi->peb_size - offset;
304 err = ubi_self_check_all_ff(ubi, pnum, offset, len);
311 * erase_callback - MTD erasure call-back.
312 * @ei: MTD erase information object.
314 * Note, even though MTD erase interface is asynchronous, all the current
315 * implementations are synchronous anyway.
317 static void erase_callback(struct erase_info *ei)
319 wake_up_interruptible((wait_queue_head_t *)ei->priv);
323 * do_sync_erase - synchronously erase a physical eraseblock.
324 * @ubi: UBI device description object
325 * @pnum: the physical eraseblock number to erase
327 * This function synchronously erases physical eraseblock @pnum and returns
328 * zero in case of success and a negative error code in case of failure. If
329 * %-EIO is returned, the physical eraseblock most probably went bad.
331 static int do_sync_erase(struct ubi_device *ubi, int pnum)
333 int err, retries = 0;
334 struct erase_info ei;
335 wait_queue_head_t wq;
337 dbg_io("erase PEB %d", pnum);
338 ubi_assert(pnum >= 0 && pnum < ubi->peb_count);
341 ubi_err("read-only mode");
346 init_waitqueue_head(&wq);
347 memset(&ei, 0, sizeof(struct erase_info));
350 ei.addr = (loff_t)pnum * ubi->peb_size;
351 ei.len = ubi->peb_size;
352 ei.callback = erase_callback;
353 ei.priv = (unsigned long)&wq;
355 err = mtd_erase(ubi->mtd, &ei);
357 if (retries++ < UBI_IO_RETRIES) {
358 ubi_warn("error %d while erasing PEB %d, retry",
363 ubi_err("cannot erase PEB %d, error %d", pnum, err);
368 err = wait_event_interruptible(wq, ei.state == MTD_ERASE_DONE ||
369 ei.state == MTD_ERASE_FAILED);
371 ubi_err("interrupted PEB %d erasure", pnum);
375 if (ei.state == MTD_ERASE_FAILED) {
376 if (retries++ < UBI_IO_RETRIES) {
377 ubi_warn("error while erasing PEB %d, retry", pnum);
381 ubi_err("cannot erase PEB %d", pnum);
386 err = ubi_self_check_all_ff(ubi, pnum, 0, ubi->peb_size);
390 if (ubi_dbg_is_erase_failure(ubi)) {
391 ubi_err("cannot erase PEB %d (emulated)", pnum);
398 /* Patterns to write to a physical eraseblock when torturing it */
399 static uint8_t patterns[] = {0xa5, 0x5a, 0x0};
402 * torture_peb - test a supposedly bad physical eraseblock.
403 * @ubi: UBI device description object
404 * @pnum: the physical eraseblock number to test
406 * This function returns %-EIO if the physical eraseblock did not pass the
407 * test, a positive number of erase operations done if the test was
408 * successfully passed, and other negative error codes in case of other errors.
410 static int torture_peb(struct ubi_device *ubi, int pnum)
412 int err, i, patt_count;
414 ubi_msg("run torture test for PEB %d", pnum);
415 patt_count = ARRAY_SIZE(patterns);
416 ubi_assert(patt_count > 0);
418 mutex_lock(&ubi->buf_mutex);
419 for (i = 0; i < patt_count; i++) {
420 err = do_sync_erase(ubi, pnum);
424 /* Make sure the PEB contains only 0xFF bytes */
425 err = ubi_io_read(ubi, ubi->peb_buf, pnum, 0, ubi->peb_size);
429 err = ubi_check_pattern(ubi->peb_buf, 0xFF, ubi->peb_size);
431 ubi_err("erased PEB %d, but a non-0xFF byte found",
437 /* Write a pattern and check it */
438 memset(ubi->peb_buf, patterns[i], ubi->peb_size);
439 err = ubi_io_write(ubi, ubi->peb_buf, pnum, 0, ubi->peb_size);
443 memset(ubi->peb_buf, ~patterns[i], ubi->peb_size);
444 err = ubi_io_read(ubi, ubi->peb_buf, pnum, 0, ubi->peb_size);
448 err = ubi_check_pattern(ubi->peb_buf, patterns[i],
451 ubi_err("pattern %x checking failed for PEB %d",
459 ubi_msg("PEB %d passed torture test, do not mark it as bad", pnum);
462 mutex_unlock(&ubi->buf_mutex);
463 if (err == UBI_IO_BITFLIPS || mtd_is_eccerr(err)) {
465 * If a bit-flip or data integrity error was detected, the test
466 * has not passed because it happened on a freshly erased
467 * physical eraseblock which means something is wrong with it.
469 ubi_err("read problems on freshly erased PEB %d, must be bad",
477 * nor_erase_prepare - prepare a NOR flash PEB for erasure.
478 * @ubi: UBI device description object
479 * @pnum: physical eraseblock number to prepare
481 * NOR flash, or at least some of them, have peculiar embedded PEB erasure
482 * algorithm: the PEB is first filled with zeroes, then it is erased. And
483 * filling with zeroes starts from the end of the PEB. This was observed with
484 * Spansion S29GL512N NOR flash.
486 * This means that in case of a power cut we may end up with intact data at the
487 * beginning of the PEB, and all zeroes at the end of PEB. In other words, the
488 * EC and VID headers are OK, but a large chunk of data at the end of PEB is
489 * zeroed. This makes UBI mistakenly treat this PEB as used and associate it
490 * with an LEB, which leads to subsequent failures (e.g., UBIFS fails).
492 * This function is called before erasing NOR PEBs and it zeroes out EC and VID
493 * magic numbers in order to invalidate them and prevent the failures. Returns
494 * zero in case of success and a negative error code in case of failure.
496 static int nor_erase_prepare(struct ubi_device *ubi, int pnum)
503 * Note, we cannot generally define VID header buffers on stack,
504 * because of the way we deal with these buffers (see the header
505 * comment in this file). But we know this is a NOR-specific piece of
506 * code, so we can do this. But yes, this is error-prone and we should
507 * (pre-)allocate VID header buffer instead.
509 struct ubi_vid_hdr vid_hdr;
512 * It is important to first invalidate the EC header, and then the VID
513 * header. Otherwise a power cut may lead to valid EC header and
514 * invalid VID header, in which case UBI will treat this PEB as
515 * corrupted and will try to preserve it, and print scary warnings.
517 addr = (loff_t)pnum * ubi->peb_size;
518 err = mtd_write(ubi->mtd, addr, 4, &written, (void *)&data);
520 addr += ubi->vid_hdr_aloffset;
521 err = mtd_write(ubi->mtd, addr, 4, &written, (void *)&data);
527 * We failed to write to the media. This was observed with Spansion
528 * S29GL512N NOR flash. Most probably the previously eraseblock erasure
529 * was interrupted at a very inappropriate moment, so it became
530 * unwritable. In this case we probably anyway have garbage in this
533 err1 = ubi_io_read_vid_hdr(ubi, pnum, &vid_hdr, 0);
534 if (err1 == UBI_IO_BAD_HDR_EBADMSG || err1 == UBI_IO_BAD_HDR ||
536 struct ubi_ec_hdr ec_hdr;
538 err1 = ubi_io_read_ec_hdr(ubi, pnum, &ec_hdr, 0);
539 if (err1 == UBI_IO_BAD_HDR_EBADMSG || err1 == UBI_IO_BAD_HDR ||
542 * Both VID and EC headers are corrupted, so we can
543 * safely erase this PEB and not afraid that it will be
544 * treated as a valid PEB in case of an unclean reboot.
550 * The PEB contains a valid VID header, but we cannot invalidate it.
551 * Supposedly the flash media or the driver is screwed up, so return an
554 ubi_err("cannot invalidate PEB %d, write returned %d read returned %d",
556 ubi_dump_flash(ubi, pnum, 0, ubi->peb_size);
561 * ubi_io_sync_erase - synchronously erase a physical eraseblock.
562 * @ubi: UBI device description object
563 * @pnum: physical eraseblock number to erase
564 * @torture: if this physical eraseblock has to be tortured
566 * This function synchronously erases physical eraseblock @pnum. If @torture
567 * flag is not zero, the physical eraseblock is checked by means of writing
568 * different patterns to it and reading them back. If the torturing is enabled,
569 * the physical eraseblock is erased more than once.
571 * This function returns the number of erasures made in case of success, %-EIO
572 * if the erasure failed or the torturing test failed, and other negative error
573 * codes in case of other errors. Note, %-EIO means that the physical
576 int ubi_io_sync_erase(struct ubi_device *ubi, int pnum, int torture)
580 ubi_assert(pnum >= 0 && pnum < ubi->peb_count);
582 err = self_check_not_bad(ubi, pnum);
587 ubi_err("read-only mode");
591 if (ubi->nor_flash) {
592 err = nor_erase_prepare(ubi, pnum);
598 ret = torture_peb(ubi, pnum);
603 err = do_sync_erase(ubi, pnum);
611 * ubi_io_is_bad - check if a physical eraseblock is bad.
612 * @ubi: UBI device description object
613 * @pnum: the physical eraseblock number to check
615 * This function returns a positive number if the physical eraseblock is bad,
616 * zero if not, and a negative error code if an error occurred.
618 int ubi_io_is_bad(const struct ubi_device *ubi, int pnum)
620 struct mtd_info *mtd = ubi->mtd;
622 ubi_assert(pnum >= 0 && pnum < ubi->peb_count);
624 if (ubi->bad_allowed) {
627 ret = mtd_block_isbad(mtd, (loff_t)pnum * ubi->peb_size);
629 ubi_err("error %d while checking if PEB %d is bad",
632 dbg_io("PEB %d is bad", pnum);
640 * ubi_io_mark_bad - mark a physical eraseblock as bad.
641 * @ubi: UBI device description object
642 * @pnum: the physical eraseblock number to mark
644 * This function returns zero in case of success and a negative error code in
647 int ubi_io_mark_bad(const struct ubi_device *ubi, int pnum)
650 struct mtd_info *mtd = ubi->mtd;
652 ubi_assert(pnum >= 0 && pnum < ubi->peb_count);
655 ubi_err("read-only mode");
659 if (!ubi->bad_allowed)
662 err = mtd_block_markbad(mtd, (loff_t)pnum * ubi->peb_size);
664 ubi_err("cannot mark PEB %d bad, error %d", pnum, err);
669 * validate_ec_hdr - validate an erase counter header.
670 * @ubi: UBI device description object
671 * @ec_hdr: the erase counter header to check
673 * This function returns zero if the erase counter header is OK, and %1 if
676 static int validate_ec_hdr(const struct ubi_device *ubi,
677 const struct ubi_ec_hdr *ec_hdr)
680 int vid_hdr_offset, leb_start;
682 ec = be64_to_cpu(ec_hdr->ec);
683 vid_hdr_offset = be32_to_cpu(ec_hdr->vid_hdr_offset);
684 leb_start = be32_to_cpu(ec_hdr->data_offset);
686 if (ec_hdr->version != UBI_VERSION) {
687 ubi_err("node with incompatible UBI version found: this UBI version is %d, image version is %d",
688 UBI_VERSION, (int)ec_hdr->version);
692 if (vid_hdr_offset != ubi->vid_hdr_offset) {
693 ubi_err("bad VID header offset %d, expected %d",
694 vid_hdr_offset, ubi->vid_hdr_offset);
698 if (leb_start != ubi->leb_start) {
699 ubi_err("bad data offset %d, expected %d",
700 leb_start, ubi->leb_start);
704 if (ec < 0 || ec > UBI_MAX_ERASECOUNTER) {
705 ubi_err("bad erase counter %lld", ec);
712 ubi_err("bad EC header");
713 ubi_dump_ec_hdr(ec_hdr);
719 * ubi_io_read_ec_hdr - read and check an erase counter header.
720 * @ubi: UBI device description object
721 * @pnum: physical eraseblock to read from
722 * @ec_hdr: a &struct ubi_ec_hdr object where to store the read erase counter
724 * @verbose: be verbose if the header is corrupted or was not found
726 * This function reads erase counter header from physical eraseblock @pnum and
727 * stores it in @ec_hdr. This function also checks CRC checksum of the read
728 * erase counter header. The following codes may be returned:
730 * o %0 if the CRC checksum is correct and the header was successfully read;
731 * o %UBI_IO_BITFLIPS if the CRC is correct, but bit-flips were detected
732 * and corrected by the flash driver; this is harmless but may indicate that
733 * this eraseblock may become bad soon (but may be not);
734 * o %UBI_IO_BAD_HDR if the erase counter header is corrupted (a CRC error);
735 * o %UBI_IO_BAD_HDR_EBADMSG is the same as %UBI_IO_BAD_HDR, but there also was
736 * a data integrity error (uncorrectable ECC error in case of NAND);
737 * o %UBI_IO_FF if only 0xFF bytes were read (the PEB is supposedly empty)
738 * o a negative error code in case of failure.
740 int ubi_io_read_ec_hdr(struct ubi_device *ubi, int pnum,
741 struct ubi_ec_hdr *ec_hdr, int verbose)
744 uint32_t crc, magic, hdr_crc;
746 dbg_io("read EC header from PEB %d", pnum);
747 ubi_assert(pnum >= 0 && pnum < ubi->peb_count);
749 read_err = ubi_io_read(ubi, ec_hdr, pnum, 0, UBI_EC_HDR_SIZE);
751 if (read_err != UBI_IO_BITFLIPS && !mtd_is_eccerr(read_err))
755 * We read all the data, but either a correctable bit-flip
756 * occurred, or MTD reported a data integrity error
757 * (uncorrectable ECC error in case of NAND). The former is
758 * harmless, the later may mean that the read data is
759 * corrupted. But we have a CRC check-sum and we will detect
760 * this. If the EC header is still OK, we just report this as
761 * there was a bit-flip, to force scrubbing.
765 magic = be32_to_cpu(ec_hdr->magic);
766 if (magic != UBI_EC_HDR_MAGIC) {
767 if (mtd_is_eccerr(read_err))
768 return UBI_IO_BAD_HDR_EBADMSG;
771 * The magic field is wrong. Let's check if we have read all
772 * 0xFF. If yes, this physical eraseblock is assumed to be
775 if (ubi_check_pattern(ec_hdr, 0xFF, UBI_EC_HDR_SIZE)) {
776 /* The physical eraseblock is supposedly empty */
778 ubi_warn("no EC header found at PEB %d, only 0xFF bytes",
780 dbg_bld("no EC header found at PEB %d, only 0xFF bytes",
785 return UBI_IO_FF_BITFLIPS;
789 * This is not a valid erase counter header, and these are not
790 * 0xFF bytes. Report that the header is corrupted.
793 ubi_warn("bad magic number at PEB %d: %08x instead of %08x",
794 pnum, magic, UBI_EC_HDR_MAGIC);
795 ubi_dump_ec_hdr(ec_hdr);
797 dbg_bld("bad magic number at PEB %d: %08x instead of %08x",
798 pnum, magic, UBI_EC_HDR_MAGIC);
799 return UBI_IO_BAD_HDR;
802 crc = crc32(UBI_CRC32_INIT, ec_hdr, UBI_EC_HDR_SIZE_CRC);
803 hdr_crc = be32_to_cpu(ec_hdr->hdr_crc);
805 if (hdr_crc != crc) {
807 ubi_warn("bad EC header CRC at PEB %d, calculated %#08x, read %#08x",
809 ubi_dump_ec_hdr(ec_hdr);
811 dbg_bld("bad EC header CRC at PEB %d, calculated %#08x, read %#08x",
815 return UBI_IO_BAD_HDR;
817 return UBI_IO_BAD_HDR_EBADMSG;
820 /* And of course validate what has just been read from the media */
821 err = validate_ec_hdr(ubi, ec_hdr);
823 ubi_err("validation failed for PEB %d", pnum);
828 * If there was %-EBADMSG, but the header CRC is still OK, report about
829 * a bit-flip to force scrubbing on this PEB.
831 return read_err ? UBI_IO_BITFLIPS : 0;
835 * ubi_io_write_ec_hdr - write an erase counter header.
836 * @ubi: UBI device description object
837 * @pnum: physical eraseblock to write to
838 * @ec_hdr: the erase counter header to write
840 * This function writes erase counter header described by @ec_hdr to physical
841 * eraseblock @pnum. It also fills most fields of @ec_hdr before writing, so
842 * the caller do not have to fill them. Callers must only fill the @ec_hdr->ec
845 * This function returns zero in case of success and a negative error code in
846 * case of failure. If %-EIO is returned, the physical eraseblock most probably
849 int ubi_io_write_ec_hdr(struct ubi_device *ubi, int pnum,
850 struct ubi_ec_hdr *ec_hdr)
855 dbg_io("write EC header to PEB %d", pnum);
856 ubi_assert(pnum >= 0 && pnum < ubi->peb_count);
858 ec_hdr->magic = cpu_to_be32(UBI_EC_HDR_MAGIC);
859 ec_hdr->version = UBI_VERSION;
860 ec_hdr->vid_hdr_offset = cpu_to_be32(ubi->vid_hdr_offset);
861 ec_hdr->data_offset = cpu_to_be32(ubi->leb_start);
862 ec_hdr->image_seq = cpu_to_be32(ubi->image_seq);
863 crc = crc32(UBI_CRC32_INIT, ec_hdr, UBI_EC_HDR_SIZE_CRC);
864 ec_hdr->hdr_crc = cpu_to_be32(crc);
866 err = self_check_ec_hdr(ubi, pnum, ec_hdr);
870 err = ubi_io_write(ubi, ec_hdr, pnum, 0, ubi->ec_hdr_alsize);
875 * validate_vid_hdr - validate a volume identifier header.
876 * @ubi: UBI device description object
877 * @vid_hdr: the volume identifier header to check
879 * This function checks that data stored in the volume identifier header
880 * @vid_hdr. Returns zero if the VID header is OK and %1 if not.
882 static int validate_vid_hdr(const struct ubi_device *ubi,
883 const struct ubi_vid_hdr *vid_hdr)
885 int vol_type = vid_hdr->vol_type;
886 int copy_flag = vid_hdr->copy_flag;
887 int vol_id = be32_to_cpu(vid_hdr->vol_id);
888 int lnum = be32_to_cpu(vid_hdr->lnum);
889 int compat = vid_hdr->compat;
890 int data_size = be32_to_cpu(vid_hdr->data_size);
891 int used_ebs = be32_to_cpu(vid_hdr->used_ebs);
892 int data_pad = be32_to_cpu(vid_hdr->data_pad);
893 int data_crc = be32_to_cpu(vid_hdr->data_crc);
894 int usable_leb_size = ubi->leb_size - data_pad;
896 if (copy_flag != 0 && copy_flag != 1) {
897 ubi_err("bad copy_flag");
901 if (vol_id < 0 || lnum < 0 || data_size < 0 || used_ebs < 0 ||
903 ubi_err("negative values");
907 if (vol_id >= UBI_MAX_VOLUMES && vol_id < UBI_INTERNAL_VOL_START) {
908 ubi_err("bad vol_id");
912 if (vol_id < UBI_INTERNAL_VOL_START && compat != 0) {
913 ubi_err("bad compat");
917 if (vol_id >= UBI_INTERNAL_VOL_START && compat != UBI_COMPAT_DELETE &&
918 compat != UBI_COMPAT_RO && compat != UBI_COMPAT_PRESERVE &&
919 compat != UBI_COMPAT_REJECT) {
920 ubi_err("bad compat");
924 if (vol_type != UBI_VID_DYNAMIC && vol_type != UBI_VID_STATIC) {
925 ubi_err("bad vol_type");
929 if (data_pad >= ubi->leb_size / 2) {
930 ubi_err("bad data_pad");
934 if (data_size > ubi->leb_size) {
935 ubi_err("bad data_size");
939 if (vol_type == UBI_VID_STATIC) {
941 * Although from high-level point of view static volumes may
942 * contain zero bytes of data, but no VID headers can contain
943 * zero at these fields, because they empty volumes do not have
944 * mapped logical eraseblocks.
947 ubi_err("zero used_ebs");
950 if (data_size == 0) {
951 ubi_err("zero data_size");
954 if (lnum < used_ebs - 1) {
955 if (data_size != usable_leb_size) {
956 ubi_err("bad data_size");
959 } else if (lnum == used_ebs - 1) {
960 if (data_size == 0) {
961 ubi_err("bad data_size at last LEB");
965 ubi_err("too high lnum");
969 if (copy_flag == 0) {
971 ubi_err("non-zero data CRC");
974 if (data_size != 0) {
975 ubi_err("non-zero data_size");
979 if (data_size == 0) {
980 ubi_err("zero data_size of copy");
985 ubi_err("bad used_ebs");
993 ubi_err("bad VID header");
994 ubi_dump_vid_hdr(vid_hdr);
1000 * ubi_io_read_vid_hdr - read and check a volume identifier header.
1001 * @ubi: UBI device description object
1002 * @pnum: physical eraseblock number to read from
1003 * @vid_hdr: &struct ubi_vid_hdr object where to store the read volume
1005 * @verbose: be verbose if the header is corrupted or wasn't found
1007 * This function reads the volume identifier header from physical eraseblock
1008 * @pnum and stores it in @vid_hdr. It also checks CRC checksum of the read
1009 * volume identifier header. The error codes are the same as in
1010 * 'ubi_io_read_ec_hdr()'.
1012 * Note, the implementation of this function is also very similar to
1013 * 'ubi_io_read_ec_hdr()', so refer commentaries in 'ubi_io_read_ec_hdr()'.
1015 int ubi_io_read_vid_hdr(struct ubi_device *ubi, int pnum,
1016 struct ubi_vid_hdr *vid_hdr, int verbose)
1019 uint32_t crc, magic, hdr_crc;
1022 dbg_io("read VID header from PEB %d", pnum);
1023 ubi_assert(pnum >= 0 && pnum < ubi->peb_count);
1025 p = (char *)vid_hdr - ubi->vid_hdr_shift;
1026 read_err = ubi_io_read(ubi, p, pnum, ubi->vid_hdr_aloffset,
1027 ubi->vid_hdr_alsize);
1028 if (read_err && read_err != UBI_IO_BITFLIPS && !mtd_is_eccerr(read_err))
1031 magic = be32_to_cpu(vid_hdr->magic);
1032 if (magic != UBI_VID_HDR_MAGIC) {
1033 if (mtd_is_eccerr(read_err))
1034 return UBI_IO_BAD_HDR_EBADMSG;
1036 if (ubi_check_pattern(vid_hdr, 0xFF, UBI_VID_HDR_SIZE)) {
1038 ubi_warn("no VID header found at PEB %d, only 0xFF bytes",
1040 dbg_bld("no VID header found at PEB %d, only 0xFF bytes",
1045 return UBI_IO_FF_BITFLIPS;
1049 ubi_warn("bad magic number at PEB %d: %08x instead of %08x",
1050 pnum, magic, UBI_VID_HDR_MAGIC);
1051 ubi_dump_vid_hdr(vid_hdr);
1053 dbg_bld("bad magic number at PEB %d: %08x instead of %08x",
1054 pnum, magic, UBI_VID_HDR_MAGIC);
1055 return UBI_IO_BAD_HDR;
1058 crc = crc32(UBI_CRC32_INIT, vid_hdr, UBI_VID_HDR_SIZE_CRC);
1059 hdr_crc = be32_to_cpu(vid_hdr->hdr_crc);
1061 if (hdr_crc != crc) {
1063 ubi_warn("bad CRC at PEB %d, calculated %#08x, read %#08x",
1064 pnum, crc, hdr_crc);
1065 ubi_dump_vid_hdr(vid_hdr);
1067 dbg_bld("bad CRC at PEB %d, calculated %#08x, read %#08x",
1068 pnum, crc, hdr_crc);
1070 return UBI_IO_BAD_HDR;
1072 return UBI_IO_BAD_HDR_EBADMSG;
1075 err = validate_vid_hdr(ubi, vid_hdr);
1077 ubi_err("validation failed for PEB %d", pnum);
1081 return read_err ? UBI_IO_BITFLIPS : 0;
1085 * ubi_io_write_vid_hdr - write a volume identifier header.
1086 * @ubi: UBI device description object
1087 * @pnum: the physical eraseblock number to write to
1088 * @vid_hdr: the volume identifier header to write
1090 * This function writes the volume identifier header described by @vid_hdr to
1091 * physical eraseblock @pnum. This function automatically fills the
1092 * @vid_hdr->magic and the @vid_hdr->version fields, as well as calculates
1093 * header CRC checksum and stores it at vid_hdr->hdr_crc.
1095 * This function returns zero in case of success and a negative error code in
1096 * case of failure. If %-EIO is returned, the physical eraseblock probably went
1099 int ubi_io_write_vid_hdr(struct ubi_device *ubi, int pnum,
1100 struct ubi_vid_hdr *vid_hdr)
1106 dbg_io("write VID header to PEB %d", pnum);
1107 ubi_assert(pnum >= 0 && pnum < ubi->peb_count);
1109 err = self_check_peb_ec_hdr(ubi, pnum);
1113 vid_hdr->magic = cpu_to_be32(UBI_VID_HDR_MAGIC);
1114 vid_hdr->version = UBI_VERSION;
1115 crc = crc32(UBI_CRC32_INIT, vid_hdr, UBI_VID_HDR_SIZE_CRC);
1116 vid_hdr->hdr_crc = cpu_to_be32(crc);
1118 err = self_check_vid_hdr(ubi, pnum, vid_hdr);
1122 p = (char *)vid_hdr - ubi->vid_hdr_shift;
1123 err = ubi_io_write(ubi, p, pnum, ubi->vid_hdr_aloffset,
1124 ubi->vid_hdr_alsize);
1129 * self_check_not_bad - ensure that a physical eraseblock is not bad.
1130 * @ubi: UBI device description object
1131 * @pnum: physical eraseblock number to check
1133 * This function returns zero if the physical eraseblock is good, %-EINVAL if
1134 * it is bad and a negative error code if an error occurred.
1136 static int self_check_not_bad(const struct ubi_device *ubi, int pnum)
1140 if (!ubi_dbg_chk_io(ubi))
1143 err = ubi_io_is_bad(ubi, pnum);
1147 ubi_err("self-check failed for PEB %d", pnum);
1149 return err > 0 ? -EINVAL : err;
1153 * self_check_ec_hdr - check if an erase counter header is all right.
1154 * @ubi: UBI device description object
1155 * @pnum: physical eraseblock number the erase counter header belongs to
1156 * @ec_hdr: the erase counter header to check
1158 * This function returns zero if the erase counter header contains valid
1159 * values, and %-EINVAL if not.
1161 static int self_check_ec_hdr(const struct ubi_device *ubi, int pnum,
1162 const struct ubi_ec_hdr *ec_hdr)
1167 if (!ubi_dbg_chk_io(ubi))
1170 magic = be32_to_cpu(ec_hdr->magic);
1171 if (magic != UBI_EC_HDR_MAGIC) {
1172 ubi_err("bad magic %#08x, must be %#08x",
1173 magic, UBI_EC_HDR_MAGIC);
1177 err = validate_ec_hdr(ubi, ec_hdr);
1179 ubi_err("self-check failed for PEB %d", pnum);
1186 ubi_dump_ec_hdr(ec_hdr);
1192 * self_check_peb_ec_hdr - check erase counter header.
1193 * @ubi: UBI device description object
1194 * @pnum: the physical eraseblock number to check
1196 * This function returns zero if the erase counter header is all right and and
1197 * a negative error code if not or if an error occurred.
1199 static int self_check_peb_ec_hdr(const struct ubi_device *ubi, int pnum)
1202 uint32_t crc, hdr_crc;
1203 struct ubi_ec_hdr *ec_hdr;
1205 if (!ubi_dbg_chk_io(ubi))
1208 ec_hdr = kzalloc(ubi->ec_hdr_alsize, GFP_NOFS);
1212 err = ubi_io_read(ubi, ec_hdr, pnum, 0, UBI_EC_HDR_SIZE);
1213 if (err && err != UBI_IO_BITFLIPS && !mtd_is_eccerr(err))
1216 crc = crc32(UBI_CRC32_INIT, ec_hdr, UBI_EC_HDR_SIZE_CRC);
1217 hdr_crc = be32_to_cpu(ec_hdr->hdr_crc);
1218 if (hdr_crc != crc) {
1219 ubi_err("bad CRC, calculated %#08x, read %#08x", crc, hdr_crc);
1220 ubi_err("self-check failed for PEB %d", pnum);
1221 ubi_dump_ec_hdr(ec_hdr);
1227 err = self_check_ec_hdr(ubi, pnum, ec_hdr);
1235 * self_check_vid_hdr - check that a volume identifier header is all right.
1236 * @ubi: UBI device description object
1237 * @pnum: physical eraseblock number the volume identifier header belongs to
1238 * @vid_hdr: the volume identifier header to check
1240 * This function returns zero if the volume identifier header is all right, and
1243 static int self_check_vid_hdr(const struct ubi_device *ubi, int pnum,
1244 const struct ubi_vid_hdr *vid_hdr)
1249 if (!ubi_dbg_chk_io(ubi))
1252 magic = be32_to_cpu(vid_hdr->magic);
1253 if (magic != UBI_VID_HDR_MAGIC) {
1254 ubi_err("bad VID header magic %#08x at PEB %d, must be %#08x",
1255 magic, pnum, UBI_VID_HDR_MAGIC);
1259 err = validate_vid_hdr(ubi, vid_hdr);
1261 ubi_err("self-check failed for PEB %d", pnum);
1268 ubi_err("self-check failed for PEB %d", pnum);
1269 ubi_dump_vid_hdr(vid_hdr);
1276 * self_check_peb_vid_hdr - check volume identifier header.
1277 * @ubi: UBI device description object
1278 * @pnum: the physical eraseblock number to check
1280 * This function returns zero if the volume identifier header is all right,
1281 * and a negative error code if not or if an error occurred.
1283 static int self_check_peb_vid_hdr(const struct ubi_device *ubi, int pnum)
1286 uint32_t crc, hdr_crc;
1287 struct ubi_vid_hdr *vid_hdr;
1290 if (!ubi_dbg_chk_io(ubi))
1293 vid_hdr = ubi_zalloc_vid_hdr(ubi, GFP_NOFS);
1297 p = (char *)vid_hdr - ubi->vid_hdr_shift;
1298 err = ubi_io_read(ubi, p, pnum, ubi->vid_hdr_aloffset,
1299 ubi->vid_hdr_alsize);
1300 if (err && err != UBI_IO_BITFLIPS && !mtd_is_eccerr(err))
1303 crc = crc32(UBI_CRC32_INIT, vid_hdr, UBI_EC_HDR_SIZE_CRC);
1304 hdr_crc = be32_to_cpu(vid_hdr->hdr_crc);
1305 if (hdr_crc != crc) {
1306 ubi_err("bad VID header CRC at PEB %d, calculated %#08x, read %#08x",
1307 pnum, crc, hdr_crc);
1308 ubi_err("self-check failed for PEB %d", pnum);
1309 ubi_dump_vid_hdr(vid_hdr);
1315 err = self_check_vid_hdr(ubi, pnum, vid_hdr);
1318 ubi_free_vid_hdr(ubi, vid_hdr);
1323 * self_check_write - make sure write succeeded.
1324 * @ubi: UBI device description object
1325 * @buf: buffer with data which were written
1326 * @pnum: physical eraseblock number the data were written to
1327 * @offset: offset within the physical eraseblock the data were written to
1328 * @len: how many bytes were written
1330 * This functions reads data which were recently written and compares it with
1331 * the original data buffer - the data have to match. Returns zero if the data
1332 * match and a negative error code if not or in case of failure.
1334 static int self_check_write(struct ubi_device *ubi, const void *buf, int pnum,
1335 int offset, int len)
1340 loff_t addr = (loff_t)pnum * ubi->peb_size + offset;
1342 if (!ubi_dbg_chk_io(ubi))
1345 buf1 = __vmalloc(len, GFP_NOFS, PAGE_KERNEL);
1347 ubi_err("cannot allocate memory to check writes");
1351 err = mtd_read(ubi->mtd, addr, len, &read, buf1);
1352 if (err && !mtd_is_bitflip(err))
1355 for (i = 0; i < len; i++) {
1356 uint8_t c = ((uint8_t *)buf)[i];
1357 uint8_t c1 = ((uint8_t *)buf1)[i];
1363 ubi_err("self-check failed for PEB %d:%d, len %d",
1365 ubi_msg("data differ at position %d", i);
1366 dump_len = max_t(int, 128, len - i);
1367 ubi_msg("hex dump of the original buffer from %d to %d",
1369 print_hex_dump(KERN_DEBUG, "", DUMP_PREFIX_OFFSET, 32, 1,
1370 buf + i, dump_len, 1);
1371 ubi_msg("hex dump of the read buffer from %d to %d",
1373 print_hex_dump(KERN_DEBUG, "", DUMP_PREFIX_OFFSET, 32, 1,
1374 buf1 + i, dump_len, 1);
1389 * ubi_self_check_all_ff - check that a region of flash is empty.
1390 * @ubi: UBI device description object
1391 * @pnum: the physical eraseblock number to check
1392 * @offset: the starting offset within the physical eraseblock to check
1393 * @len: the length of the region to check
1395 * This function returns zero if only 0xFF bytes are present at offset
1396 * @offset of the physical eraseblock @pnum, and a negative error code if not
1397 * or if an error occurred.
1399 int ubi_self_check_all_ff(struct ubi_device *ubi, int pnum, int offset, int len)
1404 loff_t addr = (loff_t)pnum * ubi->peb_size + offset;
1406 if (!ubi_dbg_chk_io(ubi))
1409 buf = __vmalloc(len, GFP_NOFS, PAGE_KERNEL);
1411 ubi_err("cannot allocate memory to check for 0xFFs");
1415 err = mtd_read(ubi->mtd, addr, len, &read, buf);
1416 if (err && !mtd_is_bitflip(err)) {
1417 ubi_err("error %d while reading %d bytes from PEB %d:%d, read %zd bytes",
1418 err, len, pnum, offset, read);
1422 err = ubi_check_pattern(buf, 0xFF, len);
1424 ubi_err("flash region at PEB %d:%d, length %d does not contain all 0xFF bytes",
1433 ubi_err("self-check failed for PEB %d", pnum);
1434 ubi_msg("hex dump of the %d-%d region", offset, offset + len);
1435 print_hex_dump(KERN_DEBUG, "", DUMP_PREFIX_OFFSET, 32, 1, buf, len, 1);
projects / firefly-linux-kernel-4.4.55.git / blob