1 // SPDX-License-Identifier: GPL-2.0+
2 /*
3 * Copyright (c) International Business Machines Corp., 2006
4 * Copyright (c) Nokia Corporation, 2006, 2007
5 *
6 * Author: Artem Bityutskiy (Битюцкий Артём)
7 */
8
9 /*
10 * UBI input/output sub-system.
11 *
12 * This sub-system provides a uniform way to work with all kinds of the
13 * underlying MTD devices. It also implements handy functions for reading and
14 * writing UBI headers.
15 *
16 * We are trying to have a paranoid mindset and not to trust to what we read
17 * from the flash media in order to be more secure and robust. So this
18 * sub-system validates every single header it reads from the flash media.
19 *
20 * Some words about how the eraseblock headers are stored.
21 *
22 * The erase counter header is always stored at offset zero. By default, the
23 * VID header is stored after the EC header at the closest aligned offset
24 * (i.e. aligned to the minimum I/O unit size). Data starts next to the VID
25 * header at the closest aligned offset. But this default layout may be
26 * changed. For example, for different reasons (e.g., optimization) UBI may be
27 * asked to put the VID header at further offset, and even at an unaligned
28 * offset. Of course, if the offset of the VID header is unaligned, UBI adds
29 * proper padding in front of it. Data offset may also be changed but it has to
30 * be aligned.
31 *
32 * About minimal I/O units. In general, UBI assumes flash device model where
33 * there is only one minimal I/O unit size. E.g., in case of NOR flash it is 1,
34 * in case of NAND flash it is a NAND page, etc. This is reported by MTD in the
35 * @ubi->mtd->writesize field. But as an exception, UBI admits of using another
36 * (smaller) minimal I/O unit size for EC and VID headers to make it possible
37 * to do different optimizations.
38 *
39 * This is extremely useful in case of NAND flashes which admit of several
40 * write operations to one NAND page. In this case UBI can fit EC and VID
41 * headers at one NAND page. Thus, UBI may use "sub-page" size as the minimal
42 * I/O unit for the headers (the @ubi->hdrs_min_io_size field). But it still
43 * reports NAND page size (@ubi->min_io_size) as a minimal I/O unit for the UBI
44 * users.
45 *
46 * Example: some Samsung NANDs with 2KiB pages allow 4x 512-byte writes, so
47 * although the minimal I/O unit is 2K, UBI uses 512 bytes for EC and VID
48 * headers.
49 *
50 * Q: why not just to treat sub-page as a minimal I/O unit of this flash
51 * device, e.g., make @ubi->min_io_size = 512 in the example above?
52 *
53 * A: because when writing a sub-page, MTD still writes a full 2K page but the
54 * bytes which are not relevant to the sub-page are 0xFF. So, basically,
55 * writing 4x512 sub-pages is 4 times slower than writing one 2KiB NAND page.
56 * Thus, we prefer to use sub-pages only for EC and VID headers.
57 *
58 * As it was noted above, the VID header may start at a non-aligned offset.
59 * For example, in case of a 2KiB page NAND flash with a 512 bytes sub-page,
60 * the VID header may reside at offset 1984 which is the last 64 bytes of the
61 * last sub-page (EC header is always at offset zero). This causes some
62 * difficulties when reading and writing VID headers.
63 *
64 * Suppose we have a 64-byte buffer and we read a VID header at it. We change
65 * the data and want to write this VID header out. As we can only write in
66 * 512-byte chunks, we have to allocate one more buffer and copy our VID header
67 * to offset 448 of this buffer.
68 *
69 * The I/O sub-system does the following trick in order to avoid this extra
70 * copy. It always allocates a @ubi->vid_hdr_alsize bytes buffer for the VID
71 * header and returns a pointer to offset @ubi->vid_hdr_shift of this buffer.
72 * When the VID header is being written out, it shifts the VID header pointer
73 * back and writes the whole sub-page.
74 */
75
76 #ifndef __UBOOT__
77 #include <log.h>
78 #include <dm/devres.h>
79 #include <linux/crc32.h>
80 #include <linux/err.h>
81 #include <linux/slab.h>
82 #include <u-boot/crc.h>
83 #else
84 #include <hexdump.h>
85 #include <ubi_uboot.h>
86 #endif
87
88 #include "ubi.h"
89
90 static int self_check_not_bad(const struct ubi_device *ubi, int pnum);
91 static int self_check_peb_ec_hdr(const struct ubi_device *ubi, int pnum);
92 static int self_check_ec_hdr(const struct ubi_device *ubi, int pnum,
93 const struct ubi_ec_hdr *ec_hdr);
94 static int self_check_peb_vid_hdr(const struct ubi_device *ubi, int pnum);
95 static int self_check_vid_hdr(const struct ubi_device *ubi, int pnum,
96 const struct ubi_vid_hdr *vid_hdr);
97 static int self_check_write(struct ubi_device *ubi, const void *buf, int pnum,
98 int offset, int len);
99
100 /**
101 * ubi_io_read - read data from a physical eraseblock.
102 * @ubi: UBI device description object
103 * @buf: buffer where to store the read data
104 * @pnum: physical eraseblock number to read from
105 * @offset: offset within the physical eraseblock from where to read
106 * @len: how many bytes to read
107 *
108 * This function reads data from offset @offset of physical eraseblock @pnum
109 * and stores the read data in the @buf buffer. The following return codes are
110 * possible:
111 *
112 * o %0 if all the requested data were successfully read;
113 * o %UBI_IO_BITFLIPS if all the requested data were successfully read, but
114 * correctable bit-flips were detected; this is harmless but may indicate
115 * that this eraseblock may become bad soon (but do not have to);
116 * o %-EBADMSG if the MTD subsystem reported about data integrity problems, for
117 * example it can be an ECC error in case of NAND; this most probably means
118 * that the data is corrupted;
119 * o %-EIO if some I/O error occurred;
120 * o other negative error codes in case of other errors.
121 */
ubi_io_read(const struct ubi_device * ubi,void * buf,int pnum,int offset,int len)122 int ubi_io_read(const struct ubi_device *ubi, void *buf, int pnum, int offset,
123 int len)
124 {
125 int err, retries = 0;
126 size_t read;
127 loff_t addr;
128
129 dbg_io("read %d bytes from PEB %d:%d", len, pnum, offset);
130
131 ubi_assert(pnum >= 0 && pnum < ubi->peb_count);
132 ubi_assert(offset >= 0 && offset + len <= ubi->peb_size);
133 ubi_assert(len > 0);
134
135 err = self_check_not_bad(ubi, pnum);
136 if (err)
137 return err;
138
139 /*
140 * Deliberately corrupt the buffer to improve robustness. Indeed, if we
141 * do not do this, the following may happen:
142 * 1. The buffer contains data from previous operation, e.g., read from
143 * another PEB previously. The data looks like expected, e.g., if we
144 * just do not read anything and return - the caller would not
145 * notice this. E.g., if we are reading a VID header, the buffer may
146 * contain a valid VID header from another PEB.
147 * 2. The driver is buggy and returns us success or -EBADMSG or
148 * -EUCLEAN, but it does not actually put any data to the buffer.
149 *
150 * This may confuse UBI or upper layers - they may think the buffer
151 * contains valid data while in fact it is just old data. This is
152 * especially possible because UBI (and UBIFS) relies on CRC, and
153 * treats data as correct even in case of ECC errors if the CRC is
154 * correct.
155 *
156 * Try to prevent this situation by changing the first byte of the
157 * buffer.
158 */
159 *((uint8_t *)buf) ^= 0xFF;
160
161 addr = (loff_t)pnum * ubi->peb_size + offset;
162 retry:
163 err = mtd_read(ubi->mtd, addr, len, &read, buf);
164 if (err) {
165 const char *errstr = mtd_is_eccerr(err) ? " (ECC error)" : "";
166
167 if (mtd_is_bitflip(err)) {
168 /*
169 * -EUCLEAN is reported if there was a bit-flip which
170 * was corrected, so this is harmless.
171 *
172 * We do not report about it here unless debugging is
173 * enabled. A corresponding message will be printed
174 * later, when it is has been scrubbed.
175 */
176 ubi_msg(ubi, "fixable bit-flip detected at PEB %d",
177 pnum);
178 ubi_assert(len == read);
179 return UBI_IO_BITFLIPS;
180 }
181
182 if (retries++ < UBI_IO_RETRIES) {
183 ubi_warn(ubi, "error %d%s while reading %d bytes from PEB %d:%d, read only %zd bytes, retry",
184 err, errstr, len, pnum, offset, read);
185 yield();
186 goto retry;
187 }
188
189 ubi_err(ubi, "error %d%s while reading %d bytes from PEB %d:%d, read %zd bytes",
190 err, errstr, len, pnum, offset, read);
191 dump_stack();
192
193 /*
194 * The driver should never return -EBADMSG if it failed to read
195 * all the requested data. But some buggy drivers might do
196 * this, so we change it to -EIO.
197 */
198 if (read != len && mtd_is_eccerr(err)) {
199 ubi_assert(0);
200 err = -EIO;
201 }
202 } else {
203 ubi_assert(len == read);
204
205 if (ubi_dbg_is_bitflip(ubi)) {
206 dbg_gen("bit-flip (emulated)");
207 err = UBI_IO_BITFLIPS;
208 }
209 }
210
211 return err;
212 }
213
214 /**
215 * ubi_io_write - write data to a physical eraseblock.
216 * @ubi: UBI device description object
217 * @buf: buffer with the data to write
218 * @pnum: physical eraseblock number to write to
219 * @offset: offset within the physical eraseblock where to write
220 * @len: how many bytes to write
221 *
222 * This function writes @len bytes of data from buffer @buf to offset @offset
223 * of physical eraseblock @pnum. If all the data were successfully written,
224 * zero is returned. If an error occurred, this function returns a negative
225 * error code. If %-EIO is returned, the physical eraseblock most probably went
226 * bad.
227 *
228 * Note, in case of an error, it is possible that something was still written
229 * to the flash media, but may be some garbage.
230 */
ubi_io_write(struct ubi_device * ubi,const void * buf,int pnum,int offset,int len)231 int ubi_io_write(struct ubi_device *ubi, const void *buf, int pnum, int offset,
232 int len)
233 {
234 int err;
235 size_t written;
236 loff_t addr;
237
238 dbg_io("write %d bytes to PEB %d:%d", len, pnum, offset);
239
240 ubi_assert(pnum >= 0 && pnum < ubi->peb_count);
241 ubi_assert(offset >= 0 && offset + len <= ubi->peb_size);
242 ubi_assert(offset % ubi->hdrs_min_io_size == 0);
243 ubi_assert(len > 0 && len % ubi->hdrs_min_io_size == 0);
244
245 if (ubi->ro_mode) {
246 ubi_err(ubi, "read-only mode");
247 return -EROFS;
248 }
249
250 err = self_check_not_bad(ubi, pnum);
251 if (err)
252 return err;
253
254 /* The area we are writing to has to contain all 0xFF bytes */
255 err = ubi_self_check_all_ff(ubi, pnum, offset, len);
256 if (err)
257 return err;
258
259 if (offset >= ubi->leb_start) {
260 /*
261 * We write to the data area of the physical eraseblock. Make
262 * sure it has valid EC and VID headers.
263 */
264 err = self_check_peb_ec_hdr(ubi, pnum);
265 if (err)
266 return err;
267 err = self_check_peb_vid_hdr(ubi, pnum);
268 if (err)
269 return err;
270 }
271
272 if (ubi_dbg_is_write_failure(ubi)) {
273 ubi_err(ubi, "cannot write %d bytes to PEB %d:%d (emulated)",
274 len, pnum, offset);
275 dump_stack();
276 return -EIO;
277 }
278
279 addr = (loff_t)pnum * ubi->peb_size + offset;
280 err = mtd_write(ubi->mtd, addr, len, &written, buf);
281 if (err) {
282 ubi_err(ubi, "error %d while writing %d bytes to PEB %d:%d, written %zd bytes",
283 err, len, pnum, offset, written);
284 dump_stack();
285 ubi_dump_flash(ubi, pnum, offset, len);
286 } else
287 ubi_assert(written == len);
288
289 if (!err) {
290 err = self_check_write(ubi, buf, pnum, offset, len);
291 if (err)
292 return err;
293
294 /*
295 * Since we always write sequentially, the rest of the PEB has
296 * to contain only 0xFF bytes.
297 */
298 offset += len;
299 len = ubi->peb_size - offset;
300 if (len)
301 err = ubi_self_check_all_ff(ubi, pnum, offset, len);
302 }
303
304 return err;
305 }
306
307 /**
308 * erase_callback - MTD erasure call-back.
309 * @ei: MTD erase information object.
310 *
311 * Note, even though MTD erase interface is asynchronous, all the current
312 * implementations are synchronous anyway.
313 */
erase_callback(struct erase_info * ei)314 static void erase_callback(struct erase_info *ei)
315 {
316 wake_up_interruptible((wait_queue_head_t *)ei->priv);
317 }
318
319 /**
320 * do_sync_erase - synchronously erase a physical eraseblock.
321 * @ubi: UBI device description object
322 * @pnum: the physical eraseblock number to erase
323 *
324 * This function synchronously erases physical eraseblock @pnum and returns
325 * zero in case of success and a negative error code in case of failure. If
326 * %-EIO is returned, the physical eraseblock most probably went bad.
327 */
do_sync_erase(struct ubi_device * ubi,int pnum)328 static int do_sync_erase(struct ubi_device *ubi, int pnum)
329 {
330 int err, retries = 0;
331 struct erase_info ei;
332 wait_queue_head_t wq;
333
334 dbg_io("erase PEB %d", pnum);
335 ubi_assert(pnum >= 0 && pnum < ubi->peb_count);
336
337 if (ubi->ro_mode) {
338 ubi_err(ubi, "read-only mode");
339 return -EROFS;
340 }
341
342 retry:
343 init_waitqueue_head(&wq);
344 memset(&ei, 0, sizeof(struct erase_info));
345
346 ei.mtd = ubi->mtd;
347 ei.addr = (loff_t)pnum * ubi->peb_size;
348 ei.len = ubi->peb_size;
349 ei.callback = erase_callback;
350 ei.priv = (unsigned long)&wq;
351
352 err = mtd_erase(ubi->mtd, &ei);
353 if (err) {
354 if (retries++ < UBI_IO_RETRIES) {
355 ubi_warn(ubi, "error %d while erasing PEB %d, retry",
356 err, pnum);
357 yield();
358 goto retry;
359 }
360 ubi_err(ubi, "cannot erase PEB %d, error %d", pnum, err);
361 dump_stack();
362 return err;
363 }
364
365 err = wait_event_interruptible(wq, ei.state == MTD_ERASE_DONE ||
366 ei.state == MTD_ERASE_FAILED);
367 if (err) {
368 ubi_err(ubi, "interrupted PEB %d erasure", pnum);
369 return -EINTR;
370 }
371
372 if (ei.state == MTD_ERASE_FAILED) {
373 if (retries++ < UBI_IO_RETRIES) {
374 ubi_warn(ubi, "error while erasing PEB %d, retry",
375 pnum);
376 yield();
377 goto retry;
378 }
379 ubi_err(ubi, "cannot erase PEB %d", pnum);
380 dump_stack();
381 return -EIO;
382 }
383
384 err = ubi_self_check_all_ff(ubi, pnum, 0, ubi->peb_size);
385 if (err)
386 return err;
387
388 if (ubi_dbg_is_erase_failure(ubi)) {
389 ubi_err(ubi, "cannot erase PEB %d (emulated)", pnum);
390 return -EIO;
391 }
392
393 return 0;
394 }
395
396 /* Patterns to write to a physical eraseblock when torturing it */
397 static uint8_t patterns[] = {0xa5, 0x5a, 0x0};
398
399 /**
400 * torture_peb - test a supposedly bad physical eraseblock.
401 * @ubi: UBI device description object
402 * @pnum: the physical eraseblock number to test
403 *
404 * This function returns %-EIO if the physical eraseblock did not pass the
405 * test, a positive number of erase operations done if the test was
406 * successfully passed, and other negative error codes in case of other errors.
407 */
torture_peb(struct ubi_device * ubi,int pnum)408 static int torture_peb(struct ubi_device *ubi, int pnum)
409 {
410 int err, i, patt_count;
411
412 ubi_msg(ubi, "run torture test for PEB %d", pnum);
413 patt_count = ARRAY_SIZE(patterns);
414 ubi_assert(patt_count > 0);
415
416 mutex_lock(&ubi->buf_mutex);
417 for (i = 0; i < patt_count; i++) {
418 err = do_sync_erase(ubi, pnum);
419 if (err)
420 goto out;
421
422 /* Make sure the PEB contains only 0xFF bytes */
423 err = ubi_io_read(ubi, ubi->peb_buf, pnum, 0, ubi->peb_size);
424 if (err)
425 goto out;
426
427 err = ubi_check_pattern(ubi->peb_buf, 0xFF, ubi->peb_size);
428 if (err == 0) {
429 ubi_err(ubi, "erased PEB %d, but a non-0xFF byte found",
430 pnum);
431 err = -EIO;
432 goto out;
433 }
434
435 /* Write a pattern and check it */
436 memset(ubi->peb_buf, patterns[i], ubi->peb_size);
437 err = ubi_io_write(ubi, ubi->peb_buf, pnum, 0, ubi->peb_size);
438 if (err)
439 goto out;
440
441 memset(ubi->peb_buf, ~patterns[i], ubi->peb_size);
442 err = ubi_io_read(ubi, ubi->peb_buf, pnum, 0, ubi->peb_size);
443 if (err)
444 goto out;
445
446 err = ubi_check_pattern(ubi->peb_buf, patterns[i],
447 ubi->peb_size);
448 if (err == 0) {
449 ubi_err(ubi, "pattern %x checking failed for PEB %d",
450 patterns[i], pnum);
451 err = -EIO;
452 goto out;
453 }
454 }
455
456 err = patt_count;
457 ubi_msg(ubi, "PEB %d passed torture test, do not mark it as bad", pnum);
458
459 out:
460 mutex_unlock(&ubi->buf_mutex);
461 if (err == UBI_IO_BITFLIPS || mtd_is_eccerr(err)) {
462 /*
463 * If a bit-flip or data integrity error was detected, the test
464 * has not passed because it happened on a freshly erased
465 * physical eraseblock which means something is wrong with it.
466 */
467 ubi_err(ubi, "read problems on freshly erased PEB %d, must be bad",
468 pnum);
469 err = -EIO;
470 }
471 return err;
472 }
473
474 /**
475 * nor_erase_prepare - prepare a NOR flash PEB for erasure.
476 * @ubi: UBI device description object
477 * @pnum: physical eraseblock number to prepare
478 *
479 * NOR flash, or at least some of them, have peculiar embedded PEB erasure
480 * algorithm: the PEB is first filled with zeroes, then it is erased. And
481 * filling with zeroes starts from the end of the PEB. This was observed with
482 * Spansion S29GL512N NOR flash.
483 *
484 * This means that in case of a power cut we may end up with intact data at the
485 * beginning of the PEB, and all zeroes at the end of PEB. In other words, the
486 * EC and VID headers are OK, but a large chunk of data at the end of PEB is
487 * zeroed. This makes UBI mistakenly treat this PEB as used and associate it
488 * with an LEB, which leads to subsequent failures (e.g., UBIFS fails).
489 *
490 * This function is called before erasing NOR PEBs and it zeroes out EC and VID
491 * magic numbers in order to invalidate them and prevent the failures. Returns
492 * zero in case of success and a negative error code in case of failure.
493 */
nor_erase_prepare(struct ubi_device * ubi,int pnum)494 static int nor_erase_prepare(struct ubi_device *ubi, int pnum)
495 {
496 int err;
497 size_t written;
498 loff_t addr;
499 uint32_t data = 0;
500 struct ubi_ec_hdr ec_hdr;
501
502 /*
503 * Note, we cannot generally define VID header buffers on stack,
504 * because of the way we deal with these buffers (see the header
505 * comment in this file). But we know this is a NOR-specific piece of
506 * code, so we can do this. But yes, this is error-prone and we should
507 * (pre-)allocate VID header buffer instead.
508 */
509 struct ubi_vid_hdr vid_hdr;
510
511 /*
512 * If VID or EC is valid, we have to corrupt them before erasing.
513 * It is important to first invalidate the EC header, and then the VID
514 * header. Otherwise a power cut may lead to valid EC header and
515 * invalid VID header, in which case UBI will treat this PEB as
516 * corrupted and will try to preserve it, and print scary warnings.
517 */
518 addr = (loff_t)pnum * ubi->peb_size;
519 err = ubi_io_read_ec_hdr(ubi, pnum, &ec_hdr, 0);
520 if (err != UBI_IO_BAD_HDR_EBADMSG && err != UBI_IO_BAD_HDR &&
521 err != UBI_IO_FF){
522 err = mtd_write(ubi->mtd, addr, 4, &written, (void *)&data);
523 if(err)
524 goto error;
525 }
526
527 err = ubi_io_read_vid_hdr(ubi, pnum, &vid_hdr, 0);
528 if (err != UBI_IO_BAD_HDR_EBADMSG && err != UBI_IO_BAD_HDR &&
529 err != UBI_IO_FF){
530 addr += ubi->vid_hdr_aloffset;
531 err = mtd_write(ubi->mtd, addr, 4, &written, (void *)&data);
532 if (err)
533 goto error;
534 }
535 return 0;
536
537 error:
538 /*
539 * The PEB contains a valid VID or EC header, but we cannot invalidate
540 * it. Supposedly the flash media or the driver is screwed up, so
541 * return an error.
542 */
543 ubi_err(ubi, "cannot invalidate PEB %d, write returned %d", pnum, err);
544 ubi_dump_flash(ubi, pnum, 0, ubi->peb_size);
545 return -EIO;
546 }
547
548 /**
549 * ubi_io_sync_erase - synchronously erase a physical eraseblock.
550 * @ubi: UBI device description object
551 * @pnum: physical eraseblock number to erase
552 * @torture: if this physical eraseblock has to be tortured
553 *
554 * This function synchronously erases physical eraseblock @pnum. If @torture
555 * flag is not zero, the physical eraseblock is checked by means of writing
556 * different patterns to it and reading them back. If the torturing is enabled,
557 * the physical eraseblock is erased more than once.
558 *
559 * This function returns the number of erasures made in case of success, %-EIO
560 * if the erasure failed or the torturing test failed, and other negative error
561 * codes in case of other errors. Note, %-EIO means that the physical
562 * eraseblock is bad.
563 */
ubi_io_sync_erase(struct ubi_device * ubi,int pnum,int torture)564 int ubi_io_sync_erase(struct ubi_device *ubi, int pnum, int torture)
565 {
566 int err, ret = 0;
567
568 ubi_assert(pnum >= 0 && pnum < ubi->peb_count);
569
570 err = self_check_not_bad(ubi, pnum);
571 if (err != 0)
572 return err;
573
574 if (ubi->ro_mode) {
575 ubi_err(ubi, "read-only mode");
576 return -EROFS;
577 }
578
579 if (ubi->nor_flash) {
580 err = nor_erase_prepare(ubi, pnum);
581 if (err)
582 return err;
583 }
584
585 if (torture) {
586 ret = torture_peb(ubi, pnum);
587 if (ret < 0)
588 return ret;
589 }
590
591 err = do_sync_erase(ubi, pnum);
592 if (err)
593 return err;
594
595 return ret + 1;
596 }
597
598 /**
599 * ubi_io_is_bad - check if a physical eraseblock is bad.
600 * @ubi: UBI device description object
601 * @pnum: the physical eraseblock number to check
602 *
603 * This function returns a positive number if the physical eraseblock is bad,
604 * zero if not, and a negative error code if an error occurred.
605 */
ubi_io_is_bad(const struct ubi_device * ubi,int pnum)606 int ubi_io_is_bad(const struct ubi_device *ubi, int pnum)
607 {
608 struct mtd_info *mtd = ubi->mtd;
609
610 ubi_assert(pnum >= 0 && pnum < ubi->peb_count);
611
612 if (ubi->bad_allowed) {
613 int ret;
614
615 ret = mtd_block_isbad(mtd, (loff_t)pnum * ubi->peb_size);
616 if (ret < 0)
617 ubi_err(ubi, "error %d while checking if PEB %d is bad",
618 ret, pnum);
619 else if (ret)
620 dbg_io("PEB %d is bad", pnum);
621 return ret;
622 }
623
624 return 0;
625 }
626
627 /**
628 * ubi_io_mark_bad - mark a physical eraseblock as bad.
629 * @ubi: UBI device description object
630 * @pnum: the physical eraseblock number to mark
631 *
632 * This function returns zero in case of success and a negative error code in
633 * case of failure.
634 */
ubi_io_mark_bad(const struct ubi_device * ubi,int pnum)635 int ubi_io_mark_bad(const struct ubi_device *ubi, int pnum)
636 {
637 int err;
638 struct mtd_info *mtd = ubi->mtd;
639
640 ubi_assert(pnum >= 0 && pnum < ubi->peb_count);
641
642 if (ubi->ro_mode) {
643 ubi_err(ubi, "read-only mode");
644 return -EROFS;
645 }
646
647 if (!ubi->bad_allowed)
648 return 0;
649
650 err = mtd_block_markbad(mtd, (loff_t)pnum * ubi->peb_size);
651 if (err)
652 ubi_err(ubi, "cannot mark PEB %d bad, error %d", pnum, err);
653 return err;
654 }
655
656 /**
657 * validate_ec_hdr - validate an erase counter header.
658 * @ubi: UBI device description object
659 * @ec_hdr: the erase counter header to check
660 *
661 * This function returns zero if the erase counter header is OK, and %1 if
662 * not.
663 */
validate_ec_hdr(const struct ubi_device * ubi,const struct ubi_ec_hdr * ec_hdr)664 static int validate_ec_hdr(const struct ubi_device *ubi,
665 const struct ubi_ec_hdr *ec_hdr)
666 {
667 long long ec;
668 int vid_hdr_offset, leb_start;
669
670 ec = be64_to_cpu(ec_hdr->ec);
671 vid_hdr_offset = be32_to_cpu(ec_hdr->vid_hdr_offset);
672 leb_start = be32_to_cpu(ec_hdr->data_offset);
673
674 if (ec_hdr->version != UBI_VERSION) {
675 ubi_err(ubi, "node with incompatible UBI version found: this UBI version is %d, image version is %d",
676 UBI_VERSION, (int)ec_hdr->version);
677 goto bad;
678 }
679
680 if (vid_hdr_offset != ubi->vid_hdr_offset) {
681 ubi_err(ubi, "bad VID header offset %d, expected %d",
682 vid_hdr_offset, ubi->vid_hdr_offset);
683 goto bad;
684 }
685
686 if (leb_start != ubi->leb_start) {
687 ubi_err(ubi, "bad data offset %d, expected %d",
688 leb_start, ubi->leb_start);
689 goto bad;
690 }
691
692 if (ec < 0 || ec > UBI_MAX_ERASECOUNTER) {
693 ubi_err(ubi, "bad erase counter %lld", ec);
694 goto bad;
695 }
696
697 return 0;
698
699 bad:
700 ubi_err(ubi, "bad EC header");
701 ubi_dump_ec_hdr(ec_hdr);
702 dump_stack();
703 return 1;
704 }
705
706 /**
707 * ubi_io_read_ec_hdr - read and check an erase counter header.
708 * @ubi: UBI device description object
709 * @pnum: physical eraseblock to read from
710 * @ec_hdr: a &struct ubi_ec_hdr object where to store the read erase counter
711 * header
712 * @verbose: be verbose if the header is corrupted or was not found
713 *
714 * This function reads erase counter header from physical eraseblock @pnum and
715 * stores it in @ec_hdr. This function also checks CRC checksum of the read
716 * erase counter header. The following codes may be returned:
717 *
718 * o %0 if the CRC checksum is correct and the header was successfully read;
719 * o %UBI_IO_BITFLIPS if the CRC is correct, but bit-flips were detected
720 * and corrected by the flash driver; this is harmless but may indicate that
721 * this eraseblock may become bad soon (but may be not);
722 * o %UBI_IO_BAD_HDR if the erase counter header is corrupted (a CRC error);
723 * o %UBI_IO_BAD_HDR_EBADMSG is the same as %UBI_IO_BAD_HDR, but there also was
724 * a data integrity error (uncorrectable ECC error in case of NAND);
725 * o %UBI_IO_FF if only 0xFF bytes were read (the PEB is supposedly empty)
726 * o a negative error code in case of failure.
727 */
ubi_io_read_ec_hdr(struct ubi_device * ubi,int pnum,struct ubi_ec_hdr * ec_hdr,int verbose)728 int ubi_io_read_ec_hdr(struct ubi_device *ubi, int pnum,
729 struct ubi_ec_hdr *ec_hdr, int verbose)
730 {
731 int err, read_err;
732 uint32_t crc, magic, hdr_crc;
733
734 dbg_io("read EC header from PEB %d", pnum);
735 ubi_assert(pnum >= 0 && pnum < ubi->peb_count);
736
737 read_err = ubi_io_read(ubi, ec_hdr, pnum, 0, UBI_EC_HDR_SIZE);
738 if (read_err) {
739 if (read_err != UBI_IO_BITFLIPS && !mtd_is_eccerr(read_err))
740 return read_err;
741
742 /*
743 * We read all the data, but either a correctable bit-flip
744 * occurred, or MTD reported a data integrity error
745 * (uncorrectable ECC error in case of NAND). The former is
746 * harmless, the later may mean that the read data is
747 * corrupted. But we have a CRC check-sum and we will detect
748 * this. If the EC header is still OK, we just report this as
749 * there was a bit-flip, to force scrubbing.
750 */
751 }
752
753 magic = be32_to_cpu(ec_hdr->magic);
754 if (magic != UBI_EC_HDR_MAGIC) {
755 if (mtd_is_eccerr(read_err))
756 return UBI_IO_BAD_HDR_EBADMSG;
757
758 /*
759 * The magic field is wrong. Let's check if we have read all
760 * 0xFF. If yes, this physical eraseblock is assumed to be
761 * empty.
762 */
763 if (ubi_check_pattern(ec_hdr, 0xFF, UBI_EC_HDR_SIZE)) {
764 /* The physical eraseblock is supposedly empty */
765 if (verbose)
766 ubi_warn(ubi, "no EC header found at PEB %d, only 0xFF bytes",
767 pnum);
768 dbg_bld("no EC header found at PEB %d, only 0xFF bytes",
769 pnum);
770 if (!read_err)
771 return UBI_IO_FF;
772 else
773 return UBI_IO_FF_BITFLIPS;
774 }
775
776 /*
777 * This is not a valid erase counter header, and these are not
778 * 0xFF bytes. Report that the header is corrupted.
779 */
780 if (verbose) {
781 ubi_warn(ubi, "bad magic number at PEB %d: %08x instead of %08x",
782 pnum, magic, UBI_EC_HDR_MAGIC);
783 ubi_dump_ec_hdr(ec_hdr);
784 }
785 dbg_bld("bad magic number at PEB %d: %08x instead of %08x",
786 pnum, magic, UBI_EC_HDR_MAGIC);
787 return UBI_IO_BAD_HDR;
788 }
789
790 crc = crc32(UBI_CRC32_INIT, ec_hdr, UBI_EC_HDR_SIZE_CRC);
791 hdr_crc = be32_to_cpu(ec_hdr->hdr_crc);
792
793 if (hdr_crc != crc) {
794 if (verbose) {
795 ubi_warn(ubi, "bad EC header CRC at PEB %d, calculated %#08x, read %#08x",
796 pnum, crc, hdr_crc);
797 ubi_dump_ec_hdr(ec_hdr);
798 }
799 dbg_bld("bad EC header CRC at PEB %d, calculated %#08x, read %#08x",
800 pnum, crc, hdr_crc);
801
802 if (!read_err)
803 return UBI_IO_BAD_HDR;
804 else
805 return UBI_IO_BAD_HDR_EBADMSG;
806 }
807
808 /* And of course validate what has just been read from the media */
809 err = validate_ec_hdr(ubi, ec_hdr);
810 if (err) {
811 ubi_err(ubi, "validation failed for PEB %d", pnum);
812 return -EINVAL;
813 }
814
815 /*
816 * If there was %-EBADMSG, but the header CRC is still OK, report about
817 * a bit-flip to force scrubbing on this PEB.
818 */
819 return read_err ? UBI_IO_BITFLIPS : 0;
820 }
821
822 /**
823 * ubi_io_write_ec_hdr - write an erase counter header.
824 * @ubi: UBI device description object
825 * @pnum: physical eraseblock to write to
826 * @ec_hdr: the erase counter header to write
827 *
828 * This function writes erase counter header described by @ec_hdr to physical
829 * eraseblock @pnum. It also fills most fields of @ec_hdr before writing, so
830 * the caller do not have to fill them. Callers must only fill the @ec_hdr->ec
831 * field.
832 *
833 * This function returns zero in case of success and a negative error code in
834 * case of failure. If %-EIO is returned, the physical eraseblock most probably
835 * went bad.
836 */
ubi_io_write_ec_hdr(struct ubi_device * ubi,int pnum,struct ubi_ec_hdr * ec_hdr)837 int ubi_io_write_ec_hdr(struct ubi_device *ubi, int pnum,
838 struct ubi_ec_hdr *ec_hdr)
839 {
840 int err;
841 uint32_t crc;
842
843 dbg_io("write EC header to PEB %d", pnum);
844 ubi_assert(pnum >= 0 && pnum < ubi->peb_count);
845
846 ec_hdr->magic = cpu_to_be32(UBI_EC_HDR_MAGIC);
847 ec_hdr->version = UBI_VERSION;
848 ec_hdr->vid_hdr_offset = cpu_to_be32(ubi->vid_hdr_offset);
849 ec_hdr->data_offset = cpu_to_be32(ubi->leb_start);
850 ec_hdr->image_seq = cpu_to_be32(ubi->image_seq);
851 crc = crc32(UBI_CRC32_INIT, ec_hdr, UBI_EC_HDR_SIZE_CRC);
852 ec_hdr->hdr_crc = cpu_to_be32(crc);
853
854 err = self_check_ec_hdr(ubi, pnum, ec_hdr);
855 if (err)
856 return err;
857
858 if (ubi_dbg_power_cut(ubi, POWER_CUT_EC_WRITE))
859 return -EROFS;
860
861 err = ubi_io_write(ubi, ec_hdr, pnum, 0, ubi->ec_hdr_alsize);
862 return err;
863 }
864
865 /**
866 * validate_vid_hdr - validate a volume identifier header.
867 * @ubi: UBI device description object
868 * @vid_hdr: the volume identifier header to check
869 *
870 * This function checks that data stored in the volume identifier header
871 * @vid_hdr. Returns zero if the VID header is OK and %1 if not.
872 */
validate_vid_hdr(const struct ubi_device * ubi,const struct ubi_vid_hdr * vid_hdr)873 static int validate_vid_hdr(const struct ubi_device *ubi,
874 const struct ubi_vid_hdr *vid_hdr)
875 {
876 int vol_type = vid_hdr->vol_type;
877 int copy_flag = vid_hdr->copy_flag;
878 int vol_id = be32_to_cpu(vid_hdr->vol_id);
879 int lnum = be32_to_cpu(vid_hdr->lnum);
880 int compat = vid_hdr->compat;
881 int data_size = be32_to_cpu(vid_hdr->data_size);
882 int used_ebs = be32_to_cpu(vid_hdr->used_ebs);
883 int data_pad = be32_to_cpu(vid_hdr->data_pad);
884 int data_crc = be32_to_cpu(vid_hdr->data_crc);
885 int usable_leb_size = ubi->leb_size - data_pad;
886
887 if (copy_flag != 0 && copy_flag != 1) {
888 ubi_err(ubi, "bad copy_flag");
889 goto bad;
890 }
891
892 if (vol_id < 0 || lnum < 0 || data_size < 0 || used_ebs < 0 ||
893 data_pad < 0) {
894 ubi_err(ubi, "negative values");
895 goto bad;
896 }
897
898 if (vol_id >= UBI_MAX_VOLUMES && vol_id < UBI_INTERNAL_VOL_START) {
899 ubi_err(ubi, "bad vol_id");
900 goto bad;
901 }
902
903 if (vol_id < UBI_INTERNAL_VOL_START && compat != 0) {
904 ubi_err(ubi, "bad compat");
905 goto bad;
906 }
907
908 if (vol_id >= UBI_INTERNAL_VOL_START && compat != UBI_COMPAT_DELETE &&
909 compat != UBI_COMPAT_RO && compat != UBI_COMPAT_PRESERVE &&
910 compat != UBI_COMPAT_REJECT) {
911 ubi_err(ubi, "bad compat");
912 goto bad;
913 }
914
915 if (vol_type != UBI_VID_DYNAMIC && vol_type != UBI_VID_STATIC) {
916 ubi_err(ubi, "bad vol_type");
917 goto bad;
918 }
919
920 if (data_pad >= ubi->leb_size / 2) {
921 ubi_err(ubi, "bad data_pad");
922 goto bad;
923 }
924
925 if (vol_type == UBI_VID_STATIC) {
926 /*
927 * Although from high-level point of view static volumes may
928 * contain zero bytes of data, but no VID headers can contain
929 * zero at these fields, because they empty volumes do not have
930 * mapped logical eraseblocks.
931 */
932 if (used_ebs == 0) {
933 ubi_err(ubi, "zero used_ebs");
934 goto bad;
935 }
936 if (data_size == 0) {
937 ubi_err(ubi, "zero data_size");
938 goto bad;
939 }
940 if (lnum < used_ebs - 1) {
941 if (data_size != usable_leb_size) {
942 ubi_err(ubi, "bad data_size");
943 goto bad;
944 }
945 } else if (lnum == used_ebs - 1) {
946 if (data_size == 0) {
947 ubi_err(ubi, "bad data_size at last LEB");
948 goto bad;
949 }
950 } else {
951 ubi_err(ubi, "too high lnum");
952 goto bad;
953 }
954 } else {
955 if (copy_flag == 0) {
956 if (data_crc != 0) {
957 ubi_err(ubi, "non-zero data CRC");
958 goto bad;
959 }
960 if (data_size != 0) {
961 ubi_err(ubi, "non-zero data_size");
962 goto bad;
963 }
964 } else {
965 if (data_size == 0) {
966 ubi_err(ubi, "zero data_size of copy");
967 goto bad;
968 }
969 }
970 if (used_ebs != 0) {
971 ubi_err(ubi, "bad used_ebs");
972 goto bad;
973 }
974 }
975
976 return 0;
977
978 bad:
979 ubi_err(ubi, "bad VID header");
980 ubi_dump_vid_hdr(vid_hdr);
981 dump_stack();
982 return 1;
983 }
984
985 /**
986 * ubi_io_read_vid_hdr - read and check a volume identifier header.
987 * @ubi: UBI device description object
988 * @pnum: physical eraseblock number to read from
989 * @vid_hdr: &struct ubi_vid_hdr object where to store the read volume
990 * identifier header
991 * @verbose: be verbose if the header is corrupted or wasn't found
992 *
993 * This function reads the volume identifier header from physical eraseblock
994 * @pnum and stores it in @vid_hdr. It also checks CRC checksum of the read
995 * volume identifier header. The error codes are the same as in
996 * 'ubi_io_read_ec_hdr()'.
997 *
998 * Note, the implementation of this function is also very similar to
999 * 'ubi_io_read_ec_hdr()', so refer commentaries in 'ubi_io_read_ec_hdr()'.
1000 */
ubi_io_read_vid_hdr(struct ubi_device * ubi,int pnum,struct ubi_vid_hdr * vid_hdr,int verbose)1001 int ubi_io_read_vid_hdr(struct ubi_device *ubi, int pnum,
1002 struct ubi_vid_hdr *vid_hdr, int verbose)
1003 {
1004 int err, read_err;
1005 uint32_t crc, magic, hdr_crc;
1006 void *p;
1007
1008 dbg_io("read VID header from PEB %d", pnum);
1009 ubi_assert(pnum >= 0 && pnum < ubi->peb_count);
1010
1011 p = (char *)vid_hdr - ubi->vid_hdr_shift;
1012 read_err = ubi_io_read(ubi, p, pnum, ubi->vid_hdr_aloffset,
1013 ubi->vid_hdr_alsize);
1014 if (read_err && read_err != UBI_IO_BITFLIPS && !mtd_is_eccerr(read_err))
1015 return read_err;
1016
1017 magic = be32_to_cpu(vid_hdr->magic);
1018 if (magic != UBI_VID_HDR_MAGIC) {
1019 if (mtd_is_eccerr(read_err))
1020 return UBI_IO_BAD_HDR_EBADMSG;
1021
1022 if (ubi_check_pattern(vid_hdr, 0xFF, UBI_VID_HDR_SIZE)) {
1023 if (verbose)
1024 ubi_warn(ubi, "no VID header found at PEB %d, only 0xFF bytes",
1025 pnum);
1026 dbg_bld("no VID header found at PEB %d, only 0xFF bytes",
1027 pnum);
1028 if (!read_err)
1029 return UBI_IO_FF;
1030 else
1031 return UBI_IO_FF_BITFLIPS;
1032 }
1033
1034 if (verbose) {
1035 ubi_warn(ubi, "bad magic number at PEB %d: %08x instead of %08x",
1036 pnum, magic, UBI_VID_HDR_MAGIC);
1037 ubi_dump_vid_hdr(vid_hdr);
1038 }
1039 dbg_bld("bad magic number at PEB %d: %08x instead of %08x",
1040 pnum, magic, UBI_VID_HDR_MAGIC);
1041 return UBI_IO_BAD_HDR;
1042 }
1043
1044 crc = crc32(UBI_CRC32_INIT, vid_hdr, UBI_VID_HDR_SIZE_CRC);
1045 hdr_crc = be32_to_cpu(vid_hdr->hdr_crc);
1046
1047 if (hdr_crc != crc) {
1048 if (verbose) {
1049 ubi_warn(ubi, "bad CRC at PEB %d, calculated %#08x, read %#08x",
1050 pnum, crc, hdr_crc);
1051 ubi_dump_vid_hdr(vid_hdr);
1052 }
1053 dbg_bld("bad CRC at PEB %d, calculated %#08x, read %#08x",
1054 pnum, crc, hdr_crc);
1055 if (!read_err)
1056 return UBI_IO_BAD_HDR;
1057 else
1058 return UBI_IO_BAD_HDR_EBADMSG;
1059 }
1060
1061 err = validate_vid_hdr(ubi, vid_hdr);
1062 if (err) {
1063 ubi_err(ubi, "validation failed for PEB %d", pnum);
1064 return -EINVAL;
1065 }
1066
1067 return read_err ? UBI_IO_BITFLIPS : 0;
1068 }
1069
1070 /**
1071 * ubi_io_write_vid_hdr - write a volume identifier header.
1072 * @ubi: UBI device description object
1073 * @pnum: the physical eraseblock number to write to
1074 * @vid_hdr: the volume identifier header to write
1075 *
1076 * This function writes the volume identifier header described by @vid_hdr to
1077 * physical eraseblock @pnum. This function automatically fills the
1078 * @vid_hdr->magic and the @vid_hdr->version fields, as well as calculates
1079 * header CRC checksum and stores it at vid_hdr->hdr_crc.
1080 *
1081 * This function returns zero in case of success and a negative error code in
1082 * case of failure. If %-EIO is returned, the physical eraseblock probably went
1083 * bad.
1084 */
ubi_io_write_vid_hdr(struct ubi_device * ubi,int pnum,struct ubi_vid_hdr * vid_hdr)1085 int ubi_io_write_vid_hdr(struct ubi_device *ubi, int pnum,
1086 struct ubi_vid_hdr *vid_hdr)
1087 {
1088 int err;
1089 uint32_t crc;
1090 void *p;
1091
1092 dbg_io("write VID header to PEB %d", pnum);
1093 ubi_assert(pnum >= 0 && pnum < ubi->peb_count);
1094
1095 err = self_check_peb_ec_hdr(ubi, pnum);
1096 if (err)
1097 return err;
1098
1099 vid_hdr->magic = cpu_to_be32(UBI_VID_HDR_MAGIC);
1100 vid_hdr->version = UBI_VERSION;
1101 crc = crc32(UBI_CRC32_INIT, vid_hdr, UBI_VID_HDR_SIZE_CRC);
1102 vid_hdr->hdr_crc = cpu_to_be32(crc);
1103
1104 err = self_check_vid_hdr(ubi, pnum, vid_hdr);
1105 if (err)
1106 return err;
1107
1108 if (ubi_dbg_power_cut(ubi, POWER_CUT_VID_WRITE))
1109 return -EROFS;
1110
1111 p = (char *)vid_hdr - ubi->vid_hdr_shift;
1112 err = ubi_io_write(ubi, p, pnum, ubi->vid_hdr_aloffset,
1113 ubi->vid_hdr_alsize);
1114 return err;
1115 }
1116
1117 /**
1118 * self_check_not_bad - ensure that a physical eraseblock is not bad.
1119 * @ubi: UBI device description object
1120 * @pnum: physical eraseblock number to check
1121 *
1122 * This function returns zero if the physical eraseblock is good, %-EINVAL if
1123 * it is bad and a negative error code if an error occurred.
1124 */
self_check_not_bad(const struct ubi_device * ubi,int pnum)1125 static int self_check_not_bad(const struct ubi_device *ubi, int pnum)
1126 {
1127 int err;
1128
1129 if (!ubi_dbg_chk_io(ubi))
1130 return 0;
1131
1132 err = ubi_io_is_bad(ubi, pnum);
1133 if (!err)
1134 return err;
1135
1136 ubi_err(ubi, "self-check failed for PEB %d", pnum);
1137 dump_stack();
1138 return err > 0 ? -EINVAL : err;
1139 }
1140
1141 /**
1142 * self_check_ec_hdr - check if an erase counter header is all right.
1143 * @ubi: UBI device description object
1144 * @pnum: physical eraseblock number the erase counter header belongs to
1145 * @ec_hdr: the erase counter header to check
1146 *
1147 * This function returns zero if the erase counter header contains valid
1148 * values, and %-EINVAL if not.
1149 */
self_check_ec_hdr(const struct ubi_device * ubi,int pnum,const struct ubi_ec_hdr * ec_hdr)1150 static int self_check_ec_hdr(const struct ubi_device *ubi, int pnum,
1151 const struct ubi_ec_hdr *ec_hdr)
1152 {
1153 int err;
1154 uint32_t magic;
1155
1156 if (!ubi_dbg_chk_io(ubi))
1157 return 0;
1158
1159 magic = be32_to_cpu(ec_hdr->magic);
1160 if (magic != UBI_EC_HDR_MAGIC) {
1161 ubi_err(ubi, "bad magic %#08x, must be %#08x",
1162 magic, UBI_EC_HDR_MAGIC);
1163 goto fail;
1164 }
1165
1166 err = validate_ec_hdr(ubi, ec_hdr);
1167 if (err) {
1168 ubi_err(ubi, "self-check failed for PEB %d", pnum);
1169 goto fail;
1170 }
1171
1172 return 0;
1173
1174 fail:
1175 ubi_dump_ec_hdr(ec_hdr);
1176 dump_stack();
1177 return -EINVAL;
1178 }
1179
1180 /**
1181 * self_check_peb_ec_hdr - check erase counter header.
1182 * @ubi: UBI device description object
1183 * @pnum: the physical eraseblock number to check
1184 *
1185 * This function returns zero if the erase counter header is all right and and
1186 * a negative error code if not or if an error occurred.
1187 */
self_check_peb_ec_hdr(const struct ubi_device * ubi,int pnum)1188 static int self_check_peb_ec_hdr(const struct ubi_device *ubi, int pnum)
1189 {
1190 int err;
1191 uint32_t crc, hdr_crc;
1192 struct ubi_ec_hdr *ec_hdr;
1193
1194 if (!ubi_dbg_chk_io(ubi))
1195 return 0;
1196
1197 ec_hdr = kzalloc(ubi->ec_hdr_alsize, GFP_NOFS);
1198 if (!ec_hdr)
1199 return -ENOMEM;
1200
1201 err = ubi_io_read(ubi, ec_hdr, pnum, 0, UBI_EC_HDR_SIZE);
1202 if (err && err != UBI_IO_BITFLIPS && !mtd_is_eccerr(err))
1203 goto exit;
1204
1205 crc = crc32(UBI_CRC32_INIT, ec_hdr, UBI_EC_HDR_SIZE_CRC);
1206 hdr_crc = be32_to_cpu(ec_hdr->hdr_crc);
1207 if (hdr_crc != crc) {
1208 ubi_err(ubi, "bad CRC, calculated %#08x, read %#08x",
1209 crc, hdr_crc);
1210 ubi_err(ubi, "self-check failed for PEB %d", pnum);
1211 ubi_dump_ec_hdr(ec_hdr);
1212 dump_stack();
1213 err = -EINVAL;
1214 goto exit;
1215 }
1216
1217 err = self_check_ec_hdr(ubi, pnum, ec_hdr);
1218
1219 exit:
1220 kfree(ec_hdr);
1221 return err;
1222 }
1223
1224 /**
1225 * self_check_vid_hdr - check that a volume identifier header is all right.
1226 * @ubi: UBI device description object
1227 * @pnum: physical eraseblock number the volume identifier header belongs to
1228 * @vid_hdr: the volume identifier header to check
1229 *
1230 * This function returns zero if the volume identifier header is all right, and
1231 * %-EINVAL if not.
1232 */
self_check_vid_hdr(const struct ubi_device * ubi,int pnum,const struct ubi_vid_hdr * vid_hdr)1233 static int self_check_vid_hdr(const struct ubi_device *ubi, int pnum,
1234 const struct ubi_vid_hdr *vid_hdr)
1235 {
1236 int err;
1237 uint32_t magic;
1238
1239 if (!ubi_dbg_chk_io(ubi))
1240 return 0;
1241
1242 magic = be32_to_cpu(vid_hdr->magic);
1243 if (magic != UBI_VID_HDR_MAGIC) {
1244 ubi_err(ubi, "bad VID header magic %#08x at PEB %d, must be %#08x",
1245 magic, pnum, UBI_VID_HDR_MAGIC);
1246 goto fail;
1247 }
1248
1249 err = validate_vid_hdr(ubi, vid_hdr);
1250 if (err) {
1251 ubi_err(ubi, "self-check failed for PEB %d", pnum);
1252 goto fail;
1253 }
1254
1255 return err;
1256
1257 fail:
1258 ubi_err(ubi, "self-check failed for PEB %d", pnum);
1259 ubi_dump_vid_hdr(vid_hdr);
1260 dump_stack();
1261 return -EINVAL;
1262
1263 }
1264
1265 /**
1266 * self_check_peb_vid_hdr - check volume identifier header.
1267 * @ubi: UBI device description object
1268 * @pnum: the physical eraseblock number to check
1269 *
1270 * This function returns zero if the volume identifier header is all right,
1271 * and a negative error code if not or if an error occurred.
1272 */
self_check_peb_vid_hdr(const struct ubi_device * ubi,int pnum)1273 static int self_check_peb_vid_hdr(const struct ubi_device *ubi, int pnum)
1274 {
1275 int err;
1276 uint32_t crc, hdr_crc;
1277 struct ubi_vid_hdr *vid_hdr;
1278 void *p;
1279
1280 if (!ubi_dbg_chk_io(ubi))
1281 return 0;
1282
1283 vid_hdr = ubi_zalloc_vid_hdr(ubi, GFP_NOFS);
1284 if (!vid_hdr)
1285 return -ENOMEM;
1286
1287 p = (char *)vid_hdr - ubi->vid_hdr_shift;
1288 err = ubi_io_read(ubi, p, pnum, ubi->vid_hdr_aloffset,
1289 ubi->vid_hdr_alsize);
1290 if (err && err != UBI_IO_BITFLIPS && !mtd_is_eccerr(err))
1291 goto exit;
1292
1293 crc = crc32(UBI_CRC32_INIT, vid_hdr, UBI_EC_HDR_SIZE_CRC);
1294 hdr_crc = be32_to_cpu(vid_hdr->hdr_crc);
1295 if (hdr_crc != crc) {
1296 ubi_err(ubi, "bad VID header CRC at PEB %d, calculated %#08x, read %#08x",
1297 pnum, crc, hdr_crc);
1298 ubi_err(ubi, "self-check failed for PEB %d", pnum);
1299 ubi_dump_vid_hdr(vid_hdr);
1300 dump_stack();
1301 err = -EINVAL;
1302 goto exit;
1303 }
1304
1305 err = self_check_vid_hdr(ubi, pnum, vid_hdr);
1306
1307 exit:
1308 ubi_free_vid_hdr(ubi, vid_hdr);
1309 return err;
1310 }
1311
1312 /**
1313 * self_check_write - make sure write succeeded.
1314 * @ubi: UBI device description object
1315 * @buf: buffer with data which were written
1316 * @pnum: physical eraseblock number the data were written to
1317 * @offset: offset within the physical eraseblock the data were written to
1318 * @len: how many bytes were written
1319 *
1320 * This functions reads data which were recently written and compares it with
1321 * the original data buffer - the data have to match. Returns zero if the data
1322 * match and a negative error code if not or in case of failure.
1323 */
self_check_write(struct ubi_device * ubi,const void * buf,int pnum,int offset,int len)1324 static int self_check_write(struct ubi_device *ubi, const void *buf, int pnum,
1325 int offset, int len)
1326 {
1327 int err, i;
1328 size_t read;
1329 void *buf1;
1330 loff_t addr = (loff_t)pnum * ubi->peb_size + offset;
1331
1332 if (!ubi_dbg_chk_io(ubi))
1333 return 0;
1334
1335 buf1 = __vmalloc(len, GFP_NOFS, PAGE_KERNEL);
1336 if (!buf1) {
1337 ubi_err(ubi, "cannot allocate memory to check writes");
1338 return 0;
1339 }
1340
1341 err = mtd_read(ubi->mtd, addr, len, &read, buf1);
1342 if (err && !mtd_is_bitflip(err))
1343 goto out_free;
1344
1345 for (i = 0; i < len; i++) {
1346 uint8_t c = ((uint8_t *)buf)[i];
1347 uint8_t c1 = ((uint8_t *)buf1)[i];
1348 #if !defined(CONFIG_UBI_SILENCE_MSG)
1349 int dump_len = max_t(int, 128, len - i);
1350 #endif
1351
1352 if (c == c1)
1353 continue;
1354
1355 ubi_err(ubi, "self-check failed for PEB %d:%d, len %d",
1356 pnum, offset, len);
1357 #if !defined(CONFIG_UBI_SILENCE_MSG)
1358 ubi_msg(ubi, "data differ at position %d", i);
1359 ubi_msg(ubi, "hex dump of the original buffer from %d to %d",
1360 i, i + dump_len);
1361 print_hex_dump("", DUMP_PREFIX_OFFSET, 32, 1,
1362 buf + i, dump_len, 1);
1363 ubi_msg(ubi, "hex dump of the read buffer from %d to %d",
1364 i, i + dump_len);
1365 print_hex_dump("", DUMP_PREFIX_OFFSET, 32, 1,
1366 buf1 + i, dump_len, 1);
1367 #endif
1368 dump_stack();
1369 err = -EINVAL;
1370 goto out_free;
1371 }
1372
1373 vfree(buf1);
1374 return 0;
1375
1376 out_free:
1377 vfree(buf1);
1378 return err;
1379 }
1380
1381 /**
1382 * ubi_self_check_all_ff - check that a region of flash is empty.
1383 * @ubi: UBI device description object
1384 * @pnum: the physical eraseblock number to check
1385 * @offset: the starting offset within the physical eraseblock to check
1386 * @len: the length of the region to check
1387 *
1388 * This function returns zero if only 0xFF bytes are present at offset
1389 * @offset of the physical eraseblock @pnum, and a negative error code if not
1390 * or if an error occurred.
1391 */
ubi_self_check_all_ff(struct ubi_device * ubi,int pnum,int offset,int len)1392 int ubi_self_check_all_ff(struct ubi_device *ubi, int pnum, int offset, int len)
1393 {
1394 size_t read;
1395 int err;
1396 void *buf;
1397 loff_t addr = (loff_t)pnum * ubi->peb_size + offset;
1398
1399 if (!ubi_dbg_chk_io(ubi))
1400 return 0;
1401
1402 buf = __vmalloc(len, GFP_NOFS, PAGE_KERNEL);
1403 if (!buf) {
1404 ubi_err(ubi, "cannot allocate memory to check for 0xFFs");
1405 return 0;
1406 }
1407
1408 err = mtd_read(ubi->mtd, addr, len, &read, buf);
1409 if (err && !mtd_is_bitflip(err)) {
1410 ubi_err(ubi, "err %d while reading %d bytes from PEB %d:%d, read %zd bytes",
1411 err, len, pnum, offset, read);
1412 goto error;
1413 }
1414
1415 err = ubi_check_pattern(buf, 0xFF, len);
1416 if (err == 0) {
1417 ubi_err(ubi, "flash region at PEB %d:%d, length %d does not contain all 0xFF bytes",
1418 pnum, offset, len);
1419 goto fail;
1420 }
1421
1422 vfree(buf);
1423 return 0;
1424
1425 fail:
1426 ubi_err(ubi, "self-check failed for PEB %d", pnum);
1427 ubi_msg(ubi, "hex dump of the %d-%d region", offset, offset + len);
1428 print_hex_dump("", DUMP_PREFIX_OFFSET, 32, 1, buf, len, 1);
1429 err = -EINVAL;
1430 error:
1431 dump_stack();
1432 vfree(buf);
1433 return err;
1434 }
1435