1// SPDX-License-Identifier: GPL-2.0-or-later 2/* 3 * Copyright (c) International Business Machines Corp., 2006 4 * Copyright (c) Nokia Corporation, 2006, 2007 5 * 6 * Author: Artem Bityutskiy (Битюцкий Артём) 7 */ 8 9/* 10 * UBI input/output sub-system. 11 * 12 * This sub-system provides a uniform way to work with all kinds of the 13 * underlying MTD devices. It also implements handy functions for reading and 14 * writing UBI headers. 15 * 16 * We are trying to have a paranoid mindset and not to trust to what we read 17 * from the flash media in order to be more secure and robust. So this 18 * sub-system validates every single header it reads from the flash media. 19 * 20 * Some words about how the eraseblock headers are stored. 21 * 22 * The erase counter header is always stored at offset zero. By default, the 23 * VID header is stored after the EC header at the closest aligned offset 24 * (i.e. aligned to the minimum I/O unit size). Data starts next to the VID 25 * header at the closest aligned offset. But this default layout may be 26 * changed. For example, for different reasons (e.g., optimization) UBI may be 27 * asked to put the VID header at further offset, and even at an unaligned 28 * offset. Of course, if the offset of the VID header is unaligned, UBI adds 29 * proper padding in front of it. Data offset may also be changed but it has to 30 * be aligned. 31 * 32 * About minimal I/O units. In general, UBI assumes flash device model where 33 * there is only one minimal I/O unit size. E.g., in case of NOR flash it is 1, 34 * in case of NAND flash it is a NAND page, etc. This is reported by MTD in the 35 * @ubi->mtd->writesize field. But as an exception, UBI admits use of another 36 * (smaller) minimal I/O unit size for EC and VID headers to make it possible 37 * to do different optimizations. 38 * 39 * This is extremely useful in case of NAND flashes which admit of several 40 * write operations to one NAND page. In this case UBI can fit EC and VID 41 * headers at one NAND page. Thus, UBI may use "sub-page" size as the minimal 42 * I/O unit for the headers (the @ubi->hdrs_min_io_size field). But it still 43 * reports NAND page size (@ubi->min_io_size) as a minimal I/O unit for the UBI 44 * users. 45 * 46 * Example: some Samsung NANDs with 2KiB pages allow 4x 512-byte writes, so 47 * although the minimal I/O unit is 2K, UBI uses 512 bytes for EC and VID 48 * headers. 49 * 50 * Q: why not just to treat sub-page as a minimal I/O unit of this flash 51 * device, e.g., make @ubi->min_io_size = 512 in the example above? 52 * 53 * A: because when writing a sub-page, MTD still writes a full 2K page but the 54 * bytes which are not relevant to the sub-page are 0xFF. So, basically, 55 * writing 4x512 sub-pages is 4 times slower than writing one 2KiB NAND page. 56 * Thus, we prefer to use sub-pages only for EC and VID headers. 57 * 58 * As it was noted above, the VID header may start at a non-aligned offset. 59 * For example, in case of a 2KiB page NAND flash with a 512 bytes sub-page, 60 * the VID header may reside at offset 1984 which is the last 64 bytes of the 61 * last sub-page (EC header is always at offset zero). This causes some 62 * difficulties when reading and writing VID headers. 63 * 64 * Suppose we have a 64-byte buffer and we read a VID header at it. We change 65 * the data and want to write this VID header out. As we can only write in 66 * 512-byte chunks, we have to allocate one more buffer and copy our VID header 67 * to offset 448 of this buffer. 68 * 69 * The I/O sub-system does the following trick in order to avoid this extra 70 * copy. It always allocates a @ubi->vid_hdr_alsize bytes buffer for the VID 71 * header and returns a pointer to offset @ubi->vid_hdr_shift of this buffer. 72 * When the VID header is being written out, it shifts the VID header pointer 73 * back and writes the whole sub-page. 74 */ 75 76#include <linux/crc32.h> 77#include <linux/err.h> 78#include <linux/slab.h> 79#include "ubi.h" 80 81static int self_check_not_bad(const struct ubi_device *ubi, int pnum); 82static int self_check_peb_ec_hdr(const struct ubi_device *ubi, int pnum); 83static int self_check_ec_hdr(const struct ubi_device *ubi, int pnum, 84 const struct ubi_ec_hdr *ec_hdr); 85static int self_check_peb_vid_hdr(const struct ubi_device *ubi, int pnum); 86static int self_check_vid_hdr(const struct ubi_device *ubi, int pnum, 87 const struct ubi_vid_hdr *vid_hdr); 88static int self_check_write(struct ubi_device *ubi, const void *buf, int pnum, 89 int offset, int len); 90 91/** 92 * ubi_io_read - read data from a physical eraseblock. 93 * @ubi: UBI device description object 94 * @buf: buffer where to store the read data 95 * @pnum: physical eraseblock number to read from 96 * @offset: offset within the physical eraseblock from where to read 97 * @len: how many bytes to read 98 * 99 * This function reads data from offset @offset of physical eraseblock @pnum 100 * and stores the read data in the @buf buffer. The following return codes are 101 * possible: 102 * 103 * o %0 if all the requested data were successfully read; 104 * o %UBI_IO_BITFLIPS if all the requested data were successfully read, but 105 * correctable bit-flips were detected; this is harmless but may indicate 106 * that this eraseblock may become bad soon (but do not have to); 107 * o %-EBADMSG if the MTD subsystem reported about data integrity problems, for 108 * example it can be an ECC error in case of NAND; this most probably means 109 * that the data is corrupted; 110 * o %-EIO if some I/O error occurred; 111 * o other negative error codes in case of other errors. 112 */ 113int ubi_io_read(const struct ubi_device *ubi, void *buf, int pnum, int offset, 114 int len) 115{ 116 int err, retries = 0; 117 size_t read; 118 loff_t addr; 119 120 dbg_io("read %d bytes from PEB %d:%d", len, pnum, offset); 121 122 ubi_assert(pnum >= 0 && pnum < ubi->peb_count); 123 ubi_assert(offset >= 0 && offset + len <= ubi->peb_size); 124 ubi_assert(len > 0); 125 126 err = self_check_not_bad(ubi, pnum); 127 if (err) 128 return err; 129 130 /* 131 * Deliberately corrupt the buffer to improve robustness. Indeed, if we 132 * do not do this, the following may happen: 133 * 1. The buffer contains data from previous operation, e.g., read from 134 * another PEB previously. The data looks like expected, e.g., if we 135 * just do not read anything and return - the caller would not 136 * notice this. E.g., if we are reading a VID header, the buffer may 137 * contain a valid VID header from another PEB. 138 * 2. The driver is buggy and returns us success or -EBADMSG or 139 * -EUCLEAN, but it does not actually put any data to the buffer. 140 * 141 * This may confuse UBI or upper layers - they may think the buffer 142 * contains valid data while in fact it is just old data. This is 143 * especially possible because UBI (and UBIFS) relies on CRC, and 144 * treats data as correct even in case of ECC errors if the CRC is 145 * correct. 146 * 147 * Try to prevent this situation by changing the first byte of the 148 * buffer. 149 */ 150 *((uint8_t *)buf) ^= 0xFF; 151 152 addr = (loff_t)pnum * ubi->peb_size + offset; 153retry: 154 err = mtd_read(ubi->mtd, addr, len, &read, buf); 155 if (err) { 156 const char *errstr = mtd_is_eccerr(err) ? " (ECC error)" : ""; 157 158 if (mtd_is_bitflip(err)) { 159 /* 160 * -EUCLEAN is reported if there was a bit-flip which 161 * was corrected, so this is harmless. 162 * 163 * We do not report about it here unless debugging is 164 * enabled. A corresponding message will be printed 165 * later, when it is has been scrubbed. 166 */ 167 ubi_msg(ubi, "fixable bit-flip detected at PEB %d", 168 pnum); 169 ubi_assert(len == read); 170 return UBI_IO_BITFLIPS; 171 } 172 173 if (retries++ < UBI_IO_RETRIES) { 174 ubi_warn(ubi, "error %d%s while reading %d bytes from PEB %d:%d, read only %zd bytes, retry", 175 err, errstr, len, pnum, offset, read); 176 yield(); 177 goto retry; 178 } 179 180 ubi_err(ubi, "error %d%s while reading %d bytes from PEB %d:%d, read %zd bytes", 181 err, errstr, len, pnum, offset, read); 182 dump_stack(); 183 184 /* 185 * The driver should never return -EBADMSG if it failed to read 186 * all the requested data. But some buggy drivers might do 187 * this, so we change it to -EIO. 188 */ 189 if (read != len && mtd_is_eccerr(err)) { 190 ubi_assert(0); 191 err = -EIO; 192 } 193 } else { 194 ubi_assert(len == read); 195 196 if (ubi_dbg_is_bitflip(ubi)) { 197 dbg_gen("bit-flip (emulated)"); 198 err = UBI_IO_BITFLIPS; 199 } 200 } 201 202 return err; 203} 204 205/** 206 * ubi_io_write - write data to a physical eraseblock. 207 * @ubi: UBI device description object 208 * @buf: buffer with the data to write 209 * @pnum: physical eraseblock number to write to 210 * @offset: offset within the physical eraseblock where to write 211 * @len: how many bytes to write 212 * 213 * This function writes @len bytes of data from buffer @buf to offset @offset 214 * of physical eraseblock @pnum. If all the data were successfully written, 215 * zero is returned. If an error occurred, this function returns a negative 216 * error code. If %-EIO is returned, the physical eraseblock most probably went 217 * bad. 218 * 219 * Note, in case of an error, it is possible that something was still written 220 * to the flash media, but may be some garbage. 221 */ 222int ubi_io_write(struct ubi_device *ubi, const void *buf, int pnum, int offset, 223 int len) 224{ 225 int err; 226 size_t written; 227 loff_t addr; 228 229 dbg_io("write %d bytes to PEB %d:%d", len, pnum, offset); 230 231 ubi_assert(pnum >= 0 && pnum < ubi->peb_count); 232 ubi_assert(offset >= 0 && offset + len <= ubi->peb_size); 233 ubi_assert(offset % ubi->hdrs_min_io_size == 0); 234 ubi_assert(len > 0 && len % ubi->hdrs_min_io_size == 0); 235 236 if (ubi->ro_mode) { 237 ubi_err(ubi, "read-only mode"); 238 return -EROFS; 239 } 240 241 err = self_check_not_bad(ubi, pnum); 242 if (err) 243 return err; 244 245 /* The area we are writing to has to contain all 0xFF bytes */ 246 err = ubi_self_check_all_ff(ubi, pnum, offset, len); 247 if (err) 248 return err; 249 250 if (offset >= ubi->leb_start) { 251 /* 252 * We write to the data area of the physical eraseblock. Make 253 * sure it has valid EC and VID headers. 254 */ 255 err = self_check_peb_ec_hdr(ubi, pnum); 256 if (err) 257 return err; 258 err = self_check_peb_vid_hdr(ubi, pnum); 259 if (err) 260 return err; 261 } 262 263 if (ubi_dbg_is_write_failure(ubi)) { 264 ubi_err(ubi, "cannot write %d bytes to PEB %d:%d (emulated)", 265 len, pnum, offset); 266 dump_stack(); 267 return -EIO; 268 } 269 270 addr = (loff_t)pnum * ubi->peb_size + offset; 271 err = mtd_write(ubi->mtd, addr, len, &written, buf); 272 if (err) { 273 ubi_err(ubi, "error %d while writing %d bytes to PEB %d:%d, written %zd bytes", 274 err, len, pnum, offset, written); 275 dump_stack(); 276 ubi_dump_flash(ubi, pnum, offset, len); 277 } else 278 ubi_assert(written == len); 279 280 if (!err) { 281 err = self_check_write(ubi, buf, pnum, offset, len); 282 if (err) 283 return err; 284 285 /* 286 * Since we always write sequentially, the rest of the PEB has 287 * to contain only 0xFF bytes. 288 */ 289 offset += len; 290 len = ubi->peb_size - offset; 291 if (len) 292 err = ubi_self_check_all_ff(ubi, pnum, offset, len); 293 } 294 295 return err; 296} 297 298/** 299 * do_sync_erase - synchronously erase a physical eraseblock. 300 * @ubi: UBI device description object 301 * @pnum: the physical eraseblock number to erase 302 * 303 * This function synchronously erases physical eraseblock @pnum and returns 304 * zero in case of success and a negative error code in case of failure. If 305 * %-EIO is returned, the physical eraseblock most probably went bad. 306 */ 307static int do_sync_erase(struct ubi_device *ubi, int pnum) 308{ 309 int err, retries = 0; 310 struct erase_info ei; 311 312 dbg_io("erase PEB %d", pnum); 313 ubi_assert(pnum >= 0 && pnum < ubi->peb_count); 314 315 if (ubi->ro_mode) { 316 ubi_err(ubi, "read-only mode"); 317 return -EROFS; 318 } 319 320retry: 321 memset(&ei, 0, sizeof(struct erase_info)); 322 323 ei.addr = (loff_t)pnum * ubi->peb_size; 324 ei.len = ubi->peb_size; 325 326 err = mtd_erase(ubi->mtd, &ei); 327 if (err) { 328 if (retries++ < UBI_IO_RETRIES) { 329 ubi_warn(ubi, "error %d while erasing PEB %d, retry", 330 err, pnum); 331 yield(); 332 goto retry; 333 } 334 ubi_err(ubi, "cannot erase PEB %d, error %d", pnum, err); 335 dump_stack(); 336 return err; 337 } 338 339 err = ubi_self_check_all_ff(ubi, pnum, 0, ubi->peb_size); 340 if (err) 341 return err; 342 343 if (ubi_dbg_is_erase_failure(ubi)) { 344 ubi_err(ubi, "cannot erase PEB %d (emulated)", pnum); 345 return -EIO; 346 } 347 348 return 0; 349} 350 351/* Patterns to write to a physical eraseblock when torturing it */ 352static uint8_t patterns[] = {0xa5, 0x5a, 0x0}; 353 354/** 355 * torture_peb - test a supposedly bad physical eraseblock. 356 * @ubi: UBI device description object 357 * @pnum: the physical eraseblock number to test 358 * 359 * This function returns %-EIO if the physical eraseblock did not pass the 360 * test, a positive number of erase operations done if the test was 361 * successfully passed, and other negative error codes in case of other errors. 362 */ 363static int torture_peb(struct ubi_device *ubi, int pnum) 364{ 365 int err, i, patt_count; 366 367 ubi_msg(ubi, "run torture test for PEB %d", pnum); 368 patt_count = ARRAY_SIZE(patterns); 369 ubi_assert(patt_count > 0); 370 371 mutex_lock(&ubi->buf_mutex); 372 for (i = 0; i < patt_count; i++) { 373 err = do_sync_erase(ubi, pnum); 374 if (err) 375 goto out; 376 377 /* Make sure the PEB contains only 0xFF bytes */ 378 err = ubi_io_read(ubi, ubi->peb_buf, pnum, 0, ubi->peb_size); 379 if (err) 380 goto out; 381 382 err = ubi_check_pattern(ubi->peb_buf, 0xFF, ubi->peb_size); 383 if (err == 0) { 384 ubi_err(ubi, "erased PEB %d, but a non-0xFF byte found", 385 pnum); 386 err = -EIO; 387 goto out; 388 } 389 390 /* Write a pattern and check it */ 391 memset(ubi->peb_buf, patterns[i], ubi->peb_size); 392 err = ubi_io_write(ubi, ubi->peb_buf, pnum, 0, ubi->peb_size); 393 if (err) 394 goto out; 395 396 memset(ubi->peb_buf, ~patterns[i], ubi->peb_size); 397 err = ubi_io_read(ubi, ubi->peb_buf, pnum, 0, ubi->peb_size); 398 if (err) 399 goto out; 400 401 err = ubi_check_pattern(ubi->peb_buf, patterns[i], 402 ubi->peb_size); 403 if (err == 0) { 404 ubi_err(ubi, "pattern %x checking failed for PEB %d", 405 patterns[i], pnum); 406 err = -EIO; 407 goto out; 408 } 409 } 410 411 err = patt_count; 412 ubi_msg(ubi, "PEB %d passed torture test, do not mark it as bad", pnum); 413 414out: 415 mutex_unlock(&ubi->buf_mutex); 416 if (err == UBI_IO_BITFLIPS || mtd_is_eccerr(err)) { 417 /* 418 * If a bit-flip or data integrity error was detected, the test 419 * has not passed because it happened on a freshly erased 420 * physical eraseblock which means something is wrong with it. 421 */ 422 ubi_err(ubi, "read problems on freshly erased PEB %d, must be bad", 423 pnum); 424 err = -EIO; 425 } 426 return err; 427} 428 429/** 430 * nor_erase_prepare - prepare a NOR flash PEB for erasure. 431 * @ubi: UBI device description object 432 * @pnum: physical eraseblock number to prepare 433 * 434 * NOR flash, or at least some of them, have peculiar embedded PEB erasure 435 * algorithm: the PEB is first filled with zeroes, then it is erased. And 436 * filling with zeroes starts from the end of the PEB. This was observed with 437 * Spansion S29GL512N NOR flash. 438 * 439 * This means that in case of a power cut we may end up with intact data at the 440 * beginning of the PEB, and all zeroes at the end of PEB. In other words, the 441 * EC and VID headers are OK, but a large chunk of data at the end of PEB is 442 * zeroed. This makes UBI mistakenly treat this PEB as used and associate it 443 * with an LEB, which leads to subsequent failures (e.g., UBIFS fails). 444 * 445 * This function is called before erasing NOR PEBs and it zeroes out EC and VID 446 * magic numbers in order to invalidate them and prevent the failures. Returns 447 * zero in case of success and a negative error code in case of failure. 448 */ 449static int nor_erase_prepare(struct ubi_device *ubi, int pnum) 450{ 451 int err; 452 size_t written; 453 loff_t addr; 454 uint32_t data = 0; 455 struct ubi_ec_hdr ec_hdr; 456 struct ubi_vid_io_buf vidb; 457 458 /* 459 * Note, we cannot generally define VID header buffers on stack, 460 * because of the way we deal with these buffers (see the header 461 * comment in this file). But we know this is a NOR-specific piece of 462 * code, so we can do this. But yes, this is error-prone and we should 463 * (pre-)allocate VID header buffer instead. 464 */ 465 struct ubi_vid_hdr vid_hdr; 466 467 /* 468 * If VID or EC is valid, we have to corrupt them before erasing. 469 * It is important to first invalidate the EC header, and then the VID 470 * header. Otherwise a power cut may lead to valid EC header and 471 * invalid VID header, in which case UBI will treat this PEB as 472 * corrupted and will try to preserve it, and print scary warnings. 473 */ 474 addr = (loff_t)pnum * ubi->peb_size; 475 err = ubi_io_read_ec_hdr(ubi, pnum, &ec_hdr, 0); 476 if (err != UBI_IO_BAD_HDR_EBADMSG && err != UBI_IO_BAD_HDR && 477 err != UBI_IO_FF){ 478 err = mtd_write(ubi->mtd, addr, 4, &written, (void *)&data); 479 if(err) 480 goto error; 481 } 482 483 ubi_init_vid_buf(ubi, &vidb, &vid_hdr); 484 ubi_assert(&vid_hdr == ubi_get_vid_hdr(&vidb)); 485 486 err = ubi_io_read_vid_hdr(ubi, pnum, &vidb, 0); 487 if (err != UBI_IO_BAD_HDR_EBADMSG && err != UBI_IO_BAD_HDR && 488 err != UBI_IO_FF){ 489 addr += ubi->vid_hdr_aloffset; 490 err = mtd_write(ubi->mtd, addr, 4, &written, (void *)&data); 491 if (err) 492 goto error; 493 } 494 return 0; 495 496error: 497 /* 498 * The PEB contains a valid VID or EC header, but we cannot invalidate 499 * it. Supposedly the flash media or the driver is screwed up, so 500 * return an error. 501 */ 502 ubi_err(ubi, "cannot invalidate PEB %d, write returned %d", pnum, err); 503 ubi_dump_flash(ubi, pnum, 0, ubi->peb_size); 504 return -EIO; 505} 506 507/** 508 * ubi_io_sync_erase - synchronously erase a physical eraseblock. 509 * @ubi: UBI device description object 510 * @pnum: physical eraseblock number to erase 511 * @torture: if this physical eraseblock has to be tortured 512 * 513 * This function synchronously erases physical eraseblock @pnum. If @torture 514 * flag is not zero, the physical eraseblock is checked by means of writing 515 * different patterns to it and reading them back. If the torturing is enabled, 516 * the physical eraseblock is erased more than once. 517 * 518 * This function returns the number of erasures made in case of success, %-EIO 519 * if the erasure failed or the torturing test failed, and other negative error 520 * codes in case of other errors. Note, %-EIO means that the physical 521 * eraseblock is bad. 522 */ 523int ubi_io_sync_erase(struct ubi_device *ubi, int pnum, int torture) 524{ 525 int err, ret = 0; 526 527 ubi_assert(pnum >= 0 && pnum < ubi->peb_count); 528 529 err = self_check_not_bad(ubi, pnum); 530 if (err != 0) 531 return err; 532 533 if (ubi->ro_mode) { 534 ubi_err(ubi, "read-only mode"); 535 return -EROFS; 536 } 537 538 if (ubi->nor_flash) { 539 err = nor_erase_prepare(ubi, pnum); 540 if (err) 541 return err; 542 } 543 544 if (torture) { 545 ret = torture_peb(ubi, pnum); 546 if (ret < 0) 547 return ret; 548 } 549 550 err = do_sync_erase(ubi, pnum); 551 if (err) 552 return err; 553 554 return ret + 1; 555} 556 557/** 558 * ubi_io_is_bad - check if a physical eraseblock is bad. 559 * @ubi: UBI device description object 560 * @pnum: the physical eraseblock number to check 561 * 562 * This function returns a positive number if the physical eraseblock is bad, 563 * zero if not, and a negative error code if an error occurred. 564 */ 565int ubi_io_is_bad(const struct ubi_device *ubi, int pnum) 566{ 567 struct mtd_info *mtd = ubi->mtd; 568 569 ubi_assert(pnum >= 0 && pnum < ubi->peb_count); 570 571 if (ubi->bad_allowed) { 572 int ret; 573 574 ret = mtd_block_isbad(mtd, (loff_t)pnum * ubi->peb_size); 575 if (ret < 0) 576 ubi_err(ubi, "error %d while checking if PEB %d is bad", 577 ret, pnum); 578 else if (ret) 579 dbg_io("PEB %d is bad", pnum); 580 return ret; 581 } 582 583 return 0; 584} 585 586/** 587 * ubi_io_mark_bad - mark a physical eraseblock as bad. 588 * @ubi: UBI device description object 589 * @pnum: the physical eraseblock number to mark 590 * 591 * This function returns zero in case of success and a negative error code in 592 * case of failure. 593 */ 594int ubi_io_mark_bad(const struct ubi_device *ubi, int pnum) 595{ 596 int err; 597 struct mtd_info *mtd = ubi->mtd; 598 599 ubi_assert(pnum >= 0 && pnum < ubi->peb_count); 600 601 if (ubi->ro_mode) { 602 ubi_err(ubi, "read-only mode"); 603 return -EROFS; 604 } 605 606 if (!ubi->bad_allowed) 607 return 0; 608 609 err = mtd_block_markbad(mtd, (loff_t)pnum * ubi->peb_size); 610 if (err) 611 ubi_err(ubi, "cannot mark PEB %d bad, error %d", pnum, err); 612 return err; 613} 614 615/** 616 * validate_ec_hdr - validate an erase counter header. 617 * @ubi: UBI device description object 618 * @ec_hdr: the erase counter header to check 619 * 620 * This function returns zero if the erase counter header is OK, and %1 if 621 * not. 622 */ 623static int validate_ec_hdr(const struct ubi_device *ubi, 624 const struct ubi_ec_hdr *ec_hdr) 625{ 626 long long ec; 627 int vid_hdr_offset, leb_start; 628 629 ec = be64_to_cpu(ec_hdr->ec); 630 vid_hdr_offset = be32_to_cpu(ec_hdr->vid_hdr_offset); 631 leb_start = be32_to_cpu(ec_hdr->data_offset); 632 633 if (ec_hdr->version != UBI_VERSION) { 634 ubi_err(ubi, "node with incompatible UBI version found: this UBI version is %d, image version is %d", 635 UBI_VERSION, (int)ec_hdr->version); 636 goto bad; 637 } 638 639 if (vid_hdr_offset != ubi->vid_hdr_offset) { 640 ubi_err(ubi, "bad VID header offset %d, expected %d", 641 vid_hdr_offset, ubi->vid_hdr_offset); 642 goto bad; 643 } 644 645 if (leb_start != ubi->leb_start) { 646 ubi_err(ubi, "bad data offset %d, expected %d", 647 leb_start, ubi->leb_start); 648 goto bad; 649 } 650 651 if (ec < 0 || ec > UBI_MAX_ERASECOUNTER) { 652 ubi_err(ubi, "bad erase counter %lld", ec); 653 goto bad; 654 } 655 656 return 0; 657 658bad: 659 ubi_err(ubi, "bad EC header"); 660 ubi_dump_ec_hdr(ec_hdr); 661 dump_stack(); 662 return 1; 663} 664 665/** 666 * ubi_io_read_ec_hdr - read and check an erase counter header. 667 * @ubi: UBI device description object 668 * @pnum: physical eraseblock to read from 669 * @ec_hdr: a &struct ubi_ec_hdr object where to store the read erase counter 670 * header 671 * @verbose: be verbose if the header is corrupted or was not found 672 * 673 * This function reads erase counter header from physical eraseblock @pnum and 674 * stores it in @ec_hdr. This function also checks CRC checksum of the read 675 * erase counter header. The following codes may be returned: 676 * 677 * o %0 if the CRC checksum is correct and the header was successfully read; 678 * o %UBI_IO_BITFLIPS if the CRC is correct, but bit-flips were detected 679 * and corrected by the flash driver; this is harmless but may indicate that 680 * this eraseblock may become bad soon (but may be not); 681 * o %UBI_IO_BAD_HDR if the erase counter header is corrupted (a CRC error); 682 * o %UBI_IO_BAD_HDR_EBADMSG is the same as %UBI_IO_BAD_HDR, but there also was 683 * a data integrity error (uncorrectable ECC error in case of NAND); 684 * o %UBI_IO_FF if only 0xFF bytes were read (the PEB is supposedly empty) 685 * o a negative error code in case of failure. 686 */ 687int ubi_io_read_ec_hdr(struct ubi_device *ubi, int pnum, 688 struct ubi_ec_hdr *ec_hdr, int verbose) 689{ 690 int err, read_err; 691 uint32_t crc, magic, hdr_crc; 692 693 dbg_io("read EC header from PEB %d", pnum); 694 ubi_assert(pnum >= 0 && pnum < ubi->peb_count); 695 696 read_err = ubi_io_read(ubi, ec_hdr, pnum, 0, UBI_EC_HDR_SIZE); 697 if (read_err) { 698 if (read_err != UBI_IO_BITFLIPS && !mtd_is_eccerr(read_err)) 699 return read_err; 700 701 /* 702 * We read all the data, but either a correctable bit-flip 703 * occurred, or MTD reported a data integrity error 704 * (uncorrectable ECC error in case of NAND). The former is 705 * harmless, the later may mean that the read data is 706 * corrupted. But we have a CRC check-sum and we will detect 707 * this. If the EC header is still OK, we just report this as 708 * there was a bit-flip, to force scrubbing. 709 */ 710 } 711 712 magic = be32_to_cpu(ec_hdr->magic); 713 if (magic != UBI_EC_HDR_MAGIC) { 714 if (mtd_is_eccerr(read_err)) 715 return UBI_IO_BAD_HDR_EBADMSG; 716 717 /* 718 * The magic field is wrong. Let's check if we have read all 719 * 0xFF. If yes, this physical eraseblock is assumed to be 720 * empty. 721 */ 722 if (ubi_check_pattern(ec_hdr, 0xFF, UBI_EC_HDR_SIZE)) { 723 /* The physical eraseblock is supposedly empty */ 724 if (verbose) 725 ubi_warn(ubi, "no EC header found at PEB %d, only 0xFF bytes", 726 pnum); 727 dbg_bld("no EC header found at PEB %d, only 0xFF bytes", 728 pnum); 729 if (!read_err) 730 return UBI_IO_FF; 731 else 732 return UBI_IO_FF_BITFLIPS; 733 } 734 735 /* 736 * This is not a valid erase counter header, and these are not 737 * 0xFF bytes. Report that the header is corrupted. 738 */ 739 if (verbose) { 740 ubi_warn(ubi, "bad magic number at PEB %d: %08x instead of %08x", 741 pnum, magic, UBI_EC_HDR_MAGIC); 742 ubi_dump_ec_hdr(ec_hdr); 743 } 744 dbg_bld("bad magic number at PEB %d: %08x instead of %08x", 745 pnum, magic, UBI_EC_HDR_MAGIC); 746 return UBI_IO_BAD_HDR; 747 } 748 749 crc = crc32(UBI_CRC32_INIT, ec_hdr, UBI_EC_HDR_SIZE_CRC); 750 hdr_crc = be32_to_cpu(ec_hdr->hdr_crc); 751 752 if (hdr_crc != crc) { 753 if (verbose) { 754 ubi_warn(ubi, "bad EC header CRC at PEB %d, calculated %#08x, read %#08x", 755 pnum, crc, hdr_crc); 756 ubi_dump_ec_hdr(ec_hdr); 757 } 758 dbg_bld("bad EC header CRC at PEB %d, calculated %#08x, read %#08x", 759 pnum, crc, hdr_crc); 760 761 if (!read_err) 762 return UBI_IO_BAD_HDR; 763 else 764 return UBI_IO_BAD_HDR_EBADMSG; 765 } 766 767 /* And of course validate what has just been read from the media */ 768 err = validate_ec_hdr(ubi, ec_hdr); 769 if (err) { 770 ubi_err(ubi, "validation failed for PEB %d", pnum); 771 return -EINVAL; 772 } 773 774 /* 775 * If there was %-EBADMSG, but the header CRC is still OK, report about 776 * a bit-flip to force scrubbing on this PEB. 777 */ 778 return read_err ? UBI_IO_BITFLIPS : 0; 779} 780 781/** 782 * ubi_io_write_ec_hdr - write an erase counter header. 783 * @ubi: UBI device description object 784 * @pnum: physical eraseblock to write to 785 * @ec_hdr: the erase counter header to write 786 * 787 * This function writes erase counter header described by @ec_hdr to physical 788 * eraseblock @pnum. It also fills most fields of @ec_hdr before writing, so 789 * the caller do not have to fill them. Callers must only fill the @ec_hdr->ec 790 * field. 791 * 792 * This function returns zero in case of success and a negative error code in 793 * case of failure. If %-EIO is returned, the physical eraseblock most probably 794 * went bad. 795 */ 796int ubi_io_write_ec_hdr(struct ubi_device *ubi, int pnum, 797 struct ubi_ec_hdr *ec_hdr) 798{ 799 int err; 800 uint32_t crc; 801 802 dbg_io("write EC header to PEB %d", pnum); 803 ubi_assert(pnum >= 0 && pnum < ubi->peb_count); 804 805 ec_hdr->magic = cpu_to_be32(UBI_EC_HDR_MAGIC); 806 ec_hdr->version = UBI_VERSION; 807 ec_hdr->vid_hdr_offset = cpu_to_be32(ubi->vid_hdr_offset); 808 ec_hdr->data_offset = cpu_to_be32(ubi->leb_start); 809 ec_hdr->image_seq = cpu_to_be32(ubi->image_seq); 810 crc = crc32(UBI_CRC32_INIT, ec_hdr, UBI_EC_HDR_SIZE_CRC); 811 ec_hdr->hdr_crc = cpu_to_be32(crc); 812 813 err = self_check_ec_hdr(ubi, pnum, ec_hdr); 814 if (err) 815 return err; 816 817 if (ubi_dbg_power_cut(ubi, POWER_CUT_EC_WRITE)) 818 return -EROFS; 819 820 err = ubi_io_write(ubi, ec_hdr, pnum, 0, ubi->ec_hdr_alsize); 821 return err; 822} 823 824/** 825 * validate_vid_hdr - validate a volume identifier header. 826 * @ubi: UBI device description object 827 * @vid_hdr: the volume identifier header to check 828 * 829 * This function checks that data stored in the volume identifier header 830 * @vid_hdr. Returns zero if the VID header is OK and %1 if not. 831 */ 832static int validate_vid_hdr(const struct ubi_device *ubi, 833 const struct ubi_vid_hdr *vid_hdr) 834{ 835 int vol_type = vid_hdr->vol_type; 836 int copy_flag = vid_hdr->copy_flag; 837 int vol_id = be32_to_cpu(vid_hdr->vol_id); 838 int lnum = be32_to_cpu(vid_hdr->lnum); 839 int compat = vid_hdr->compat; 840 int data_size = be32_to_cpu(vid_hdr->data_size); 841 int used_ebs = be32_to_cpu(vid_hdr->used_ebs); 842 int data_pad = be32_to_cpu(vid_hdr->data_pad); 843 int data_crc = be32_to_cpu(vid_hdr->data_crc); 844 int usable_leb_size = ubi->leb_size - data_pad; 845 846 if (copy_flag != 0 && copy_flag != 1) { 847 ubi_err(ubi, "bad copy_flag"); 848 goto bad; 849 } 850 851 if (vol_id < 0 || lnum < 0 || data_size < 0 || used_ebs < 0 || 852 data_pad < 0) { 853 ubi_err(ubi, "negative values"); 854 goto bad; 855 } 856 857 if (vol_id >= UBI_MAX_VOLUMES && vol_id < UBI_INTERNAL_VOL_START) { 858 ubi_err(ubi, "bad vol_id"); 859 goto bad; 860 } 861 862 if (vol_id < UBI_INTERNAL_VOL_START && compat != 0) { 863 ubi_err(ubi, "bad compat"); 864 goto bad; 865 } 866 867 if (vol_id >= UBI_INTERNAL_VOL_START && compat != UBI_COMPAT_DELETE && 868 compat != UBI_COMPAT_RO && compat != UBI_COMPAT_PRESERVE && 869 compat != UBI_COMPAT_REJECT) { 870 ubi_err(ubi, "bad compat"); 871 goto bad; 872 } 873 874 if (vol_type != UBI_VID_DYNAMIC && vol_type != UBI_VID_STATIC) { 875 ubi_err(ubi, "bad vol_type"); 876 goto bad; 877 } 878 879 if (data_pad >= ubi->leb_size / 2) { 880 ubi_err(ubi, "bad data_pad"); 881 goto bad; 882 } 883 884 if (data_size > ubi->leb_size) { 885 ubi_err(ubi, "bad data_size"); 886 goto bad; 887 } 888 889 if (vol_type == UBI_VID_STATIC) { 890 /* 891 * Although from high-level point of view static volumes may 892 * contain zero bytes of data, but no VID headers can contain 893 * zero at these fields, because they empty volumes do not have 894 * mapped logical eraseblocks. 895 */ 896 if (used_ebs == 0) { 897 ubi_err(ubi, "zero used_ebs"); 898 goto bad; 899 } 900 if (data_size == 0) { 901 ubi_err(ubi, "zero data_size"); 902 goto bad; 903 } 904 if (lnum < used_ebs - 1) { 905 if (data_size != usable_leb_size) { 906 ubi_err(ubi, "bad data_size"); 907 goto bad; 908 } 909 } else if (lnum == used_ebs - 1) { 910 if (data_size == 0) { 911 ubi_err(ubi, "bad data_size at last LEB"); 912 goto bad; 913 } 914 } else { 915 ubi_err(ubi, "too high lnum"); 916 goto bad; 917 } 918 } else { 919 if (copy_flag == 0) { 920 if (data_crc != 0) { 921 ubi_err(ubi, "non-zero data CRC"); 922 goto bad; 923 } 924 if (data_size != 0) { 925 ubi_err(ubi, "non-zero data_size"); 926 goto bad; 927 } 928 } else { 929 if (data_size == 0) { 930 ubi_err(ubi, "zero data_size of copy"); 931 goto bad; 932 } 933 } 934 if (used_ebs != 0) { 935 ubi_err(ubi, "bad used_ebs"); 936 goto bad; 937 } 938 } 939 940 return 0; 941 942bad: 943 ubi_err(ubi, "bad VID header"); 944 ubi_dump_vid_hdr(vid_hdr); 945 dump_stack(); 946 return 1; 947} 948 949/** 950 * ubi_io_read_vid_hdr - read and check a volume identifier header. 951 * @ubi: UBI device description object 952 * @pnum: physical eraseblock number to read from 953 * @vidb: the volume identifier buffer to store data in 954 * @verbose: be verbose if the header is corrupted or wasn't found 955 * 956 * This function reads the volume identifier header from physical eraseblock 957 * @pnum and stores it in @vidb. It also checks CRC checksum of the read 958 * volume identifier header. The error codes are the same as in 959 * 'ubi_io_read_ec_hdr()'. 960 * 961 * Note, the implementation of this function is also very similar to 962 * 'ubi_io_read_ec_hdr()', so refer commentaries in 'ubi_io_read_ec_hdr()'. 963 */ 964int ubi_io_read_vid_hdr(struct ubi_device *ubi, int pnum, 965 struct ubi_vid_io_buf *vidb, int verbose) 966{ 967 int err, read_err; 968 uint32_t crc, magic, hdr_crc; 969 struct ubi_vid_hdr *vid_hdr = ubi_get_vid_hdr(vidb); 970 void *p = vidb->buffer; 971 972 dbg_io("read VID header from PEB %d", pnum); 973 ubi_assert(pnum >= 0 && pnum < ubi->peb_count); 974 975 read_err = ubi_io_read(ubi, p, pnum, ubi->vid_hdr_aloffset, 976 ubi->vid_hdr_shift + UBI_VID_HDR_SIZE); 977 if (read_err && read_err != UBI_IO_BITFLIPS && !mtd_is_eccerr(read_err)) 978 return read_err; 979 980 magic = be32_to_cpu(vid_hdr->magic); 981 if (magic != UBI_VID_HDR_MAGIC) { 982 if (mtd_is_eccerr(read_err)) 983 return UBI_IO_BAD_HDR_EBADMSG; 984 985 if (ubi_check_pattern(vid_hdr, 0xFF, UBI_VID_HDR_SIZE)) { 986 if (verbose) 987 ubi_warn(ubi, "no VID header found at PEB %d, only 0xFF bytes", 988 pnum); 989 dbg_bld("no VID header found at PEB %d, only 0xFF bytes", 990 pnum); 991 if (!read_err) 992 return UBI_IO_FF; 993 else 994 return UBI_IO_FF_BITFLIPS; 995 } 996 997 if (verbose) { 998 ubi_warn(ubi, "bad magic number at PEB %d: %08x instead of %08x", 999 pnum, magic, UBI_VID_HDR_MAGIC); 1000 ubi_dump_vid_hdr(vid_hdr); 1001 } 1002 dbg_bld("bad magic number at PEB %d: %08x instead of %08x", 1003 pnum, magic, UBI_VID_HDR_MAGIC); 1004 return UBI_IO_BAD_HDR; 1005 } 1006 1007 crc = crc32(UBI_CRC32_INIT, vid_hdr, UBI_VID_HDR_SIZE_CRC); 1008 hdr_crc = be32_to_cpu(vid_hdr->hdr_crc); 1009 1010 if (hdr_crc != crc) { 1011 if (verbose) { 1012 ubi_warn(ubi, "bad CRC at PEB %d, calculated %#08x, read %#08x", 1013 pnum, crc, hdr_crc); 1014 ubi_dump_vid_hdr(vid_hdr); 1015 } 1016 dbg_bld("bad CRC at PEB %d, calculated %#08x, read %#08x", 1017 pnum, crc, hdr_crc); 1018 if (!read_err) 1019 return UBI_IO_BAD_HDR; 1020 else 1021 return UBI_IO_BAD_HDR_EBADMSG; 1022 } 1023 1024 err = validate_vid_hdr(ubi, vid_hdr); 1025 if (err) { 1026 ubi_err(ubi, "validation failed for PEB %d", pnum); 1027 return -EINVAL; 1028 } 1029 1030 return read_err ? UBI_IO_BITFLIPS : 0; 1031} 1032 1033/** 1034 * ubi_io_write_vid_hdr - write a volume identifier header. 1035 * @ubi: UBI device description object 1036 * @pnum: the physical eraseblock number to write to 1037 * @vidb: the volume identifier buffer to write 1038 * 1039 * This function writes the volume identifier header described by @vid_hdr to 1040 * physical eraseblock @pnum. This function automatically fills the 1041 * @vidb->hdr->magic and the @vidb->hdr->version fields, as well as calculates 1042 * header CRC checksum and stores it at vidb->hdr->hdr_crc. 1043 * 1044 * This function returns zero in case of success and a negative error code in 1045 * case of failure. If %-EIO is returned, the physical eraseblock probably went 1046 * bad. 1047 */ 1048int ubi_io_write_vid_hdr(struct ubi_device *ubi, int pnum, 1049 struct ubi_vid_io_buf *vidb) 1050{ 1051 struct ubi_vid_hdr *vid_hdr = ubi_get_vid_hdr(vidb); 1052 int err; 1053 uint32_t crc; 1054 void *p = vidb->buffer; 1055 1056 dbg_io("write VID header to PEB %d", pnum); 1057 ubi_assert(pnum >= 0 && pnum < ubi->peb_count); 1058 1059 err = self_check_peb_ec_hdr(ubi, pnum); 1060 if (err) 1061 return err; 1062 1063 vid_hdr->magic = cpu_to_be32(UBI_VID_HDR_MAGIC); 1064 vid_hdr->version = UBI_VERSION; 1065 crc = crc32(UBI_CRC32_INIT, vid_hdr, UBI_VID_HDR_SIZE_CRC); 1066 vid_hdr->hdr_crc = cpu_to_be32(crc); 1067 1068 err = self_check_vid_hdr(ubi, pnum, vid_hdr); 1069 if (err) 1070 return err; 1071 1072 if (ubi_dbg_power_cut(ubi, POWER_CUT_VID_WRITE)) 1073 return -EROFS; 1074 1075 err = ubi_io_write(ubi, p, pnum, ubi->vid_hdr_aloffset, 1076 ubi->vid_hdr_alsize); 1077 return err; 1078} 1079 1080/** 1081 * self_check_not_bad - ensure that a physical eraseblock is not bad. 1082 * @ubi: UBI device description object 1083 * @pnum: physical eraseblock number to check 1084 * 1085 * This function returns zero if the physical eraseblock is good, %-EINVAL if 1086 * it is bad and a negative error code if an error occurred. 1087 */ 1088static int self_check_not_bad(const struct ubi_device *ubi, int pnum) 1089{ 1090 int err; 1091 1092 if (!ubi_dbg_chk_io(ubi)) 1093 return 0; 1094 1095 err = ubi_io_is_bad(ubi, pnum); 1096 if (!err) 1097 return err; 1098 1099 ubi_err(ubi, "self-check failed for PEB %d", pnum); 1100 dump_stack(); 1101 return err > 0 ? -EINVAL : err; 1102} 1103 1104/** 1105 * self_check_ec_hdr - check if an erase counter header is all right. 1106 * @ubi: UBI device description object 1107 * @pnum: physical eraseblock number the erase counter header belongs to 1108 * @ec_hdr: the erase counter header to check 1109 * 1110 * This function returns zero if the erase counter header contains valid 1111 * values, and %-EINVAL if not. 1112 */ 1113static int self_check_ec_hdr(const struct ubi_device *ubi, int pnum, 1114 const struct ubi_ec_hdr *ec_hdr) 1115{ 1116 int err; 1117 uint32_t magic; 1118 1119 if (!ubi_dbg_chk_io(ubi)) 1120 return 0; 1121 1122 magic = be32_to_cpu(ec_hdr->magic); 1123 if (magic != UBI_EC_HDR_MAGIC) { 1124 ubi_err(ubi, "bad magic %#08x, must be %#08x", 1125 magic, UBI_EC_HDR_MAGIC); 1126 goto fail; 1127 } 1128 1129 err = validate_ec_hdr(ubi, ec_hdr); 1130 if (err) { 1131 ubi_err(ubi, "self-check failed for PEB %d", pnum); 1132 goto fail; 1133 } 1134 1135 return 0; 1136 1137fail: 1138 ubi_dump_ec_hdr(ec_hdr); 1139 dump_stack(); 1140 return -EINVAL; 1141} 1142 1143/** 1144 * self_check_peb_ec_hdr - check erase counter header. 1145 * @ubi: UBI device description object 1146 * @pnum: the physical eraseblock number to check 1147 * 1148 * This function returns zero if the erase counter header is all right and and 1149 * a negative error code if not or if an error occurred. 1150 */ 1151static int self_check_peb_ec_hdr(const struct ubi_device *ubi, int pnum) 1152{ 1153 int err; 1154 uint32_t crc, hdr_crc; 1155 struct ubi_ec_hdr *ec_hdr; 1156 1157 if (!ubi_dbg_chk_io(ubi)) 1158 return 0; 1159 1160 ec_hdr = kzalloc(ubi->ec_hdr_alsize, GFP_NOFS); 1161 if (!ec_hdr) 1162 return -ENOMEM; 1163 1164 err = ubi_io_read(ubi, ec_hdr, pnum, 0, UBI_EC_HDR_SIZE); 1165 if (err && err != UBI_IO_BITFLIPS && !mtd_is_eccerr(err)) 1166 goto exit; 1167 1168 crc = crc32(UBI_CRC32_INIT, ec_hdr, UBI_EC_HDR_SIZE_CRC); 1169 hdr_crc = be32_to_cpu(ec_hdr->hdr_crc); 1170 if (hdr_crc != crc) { 1171 ubi_err(ubi, "bad CRC, calculated %#08x, read %#08x", 1172 crc, hdr_crc); 1173 ubi_err(ubi, "self-check failed for PEB %d", pnum); 1174 ubi_dump_ec_hdr(ec_hdr); 1175 dump_stack(); 1176 err = -EINVAL; 1177 goto exit; 1178 } 1179 1180 err = self_check_ec_hdr(ubi, pnum, ec_hdr); 1181 1182exit: 1183 kfree(ec_hdr); 1184 return err; 1185} 1186 1187/** 1188 * self_check_vid_hdr - check that a volume identifier header is all right. 1189 * @ubi: UBI device description object 1190 * @pnum: physical eraseblock number the volume identifier header belongs to 1191 * @vid_hdr: the volume identifier header to check 1192 * 1193 * This function returns zero if the volume identifier header is all right, and 1194 * %-EINVAL if not. 1195 */ 1196static int self_check_vid_hdr(const struct ubi_device *ubi, int pnum, 1197 const struct ubi_vid_hdr *vid_hdr) 1198{ 1199 int err; 1200 uint32_t magic; 1201 1202 if (!ubi_dbg_chk_io(ubi)) 1203 return 0; 1204 1205 magic = be32_to_cpu(vid_hdr->magic); 1206 if (magic != UBI_VID_HDR_MAGIC) { 1207 ubi_err(ubi, "bad VID header magic %#08x at PEB %d, must be %#08x", 1208 magic, pnum, UBI_VID_HDR_MAGIC); 1209 goto fail; 1210 } 1211 1212 err = validate_vid_hdr(ubi, vid_hdr); 1213 if (err) { 1214 ubi_err(ubi, "self-check failed for PEB %d", pnum); 1215 goto fail; 1216 } 1217 1218 return err; 1219 1220fail: 1221 ubi_err(ubi, "self-check failed for PEB %d", pnum); 1222 ubi_dump_vid_hdr(vid_hdr); 1223 dump_stack(); 1224 return -EINVAL; 1225 1226} 1227 1228/** 1229 * self_check_peb_vid_hdr - check volume identifier header. 1230 * @ubi: UBI device description object 1231 * @pnum: the physical eraseblock number to check 1232 * 1233 * This function returns zero if the volume identifier header is all right, 1234 * and a negative error code if not or if an error occurred. 1235 */ 1236static int self_check_peb_vid_hdr(const struct ubi_device *ubi, int pnum) 1237{ 1238 int err; 1239 uint32_t crc, hdr_crc; 1240 struct ubi_vid_io_buf *vidb; 1241 struct ubi_vid_hdr *vid_hdr; 1242 void *p; 1243 1244 if (!ubi_dbg_chk_io(ubi)) 1245 return 0; 1246 1247 vidb = ubi_alloc_vid_buf(ubi, GFP_NOFS); 1248 if (!vidb) 1249 return -ENOMEM; 1250 1251 vid_hdr = ubi_get_vid_hdr(vidb); 1252 p = vidb->buffer; 1253 err = ubi_io_read(ubi, p, pnum, ubi->vid_hdr_aloffset, 1254 ubi->vid_hdr_alsize); 1255 if (err && err != UBI_IO_BITFLIPS && !mtd_is_eccerr(err)) 1256 goto exit; 1257 1258 crc = crc32(UBI_CRC32_INIT, vid_hdr, UBI_VID_HDR_SIZE_CRC); 1259 hdr_crc = be32_to_cpu(vid_hdr->hdr_crc); 1260 if (hdr_crc != crc) { 1261 ubi_err(ubi, "bad VID header CRC at PEB %d, calculated %#08x, read %#08x", 1262 pnum, crc, hdr_crc); 1263 ubi_err(ubi, "self-check failed for PEB %d", pnum); 1264 ubi_dump_vid_hdr(vid_hdr); 1265 dump_stack(); 1266 err = -EINVAL; 1267 goto exit; 1268 } 1269 1270 err = self_check_vid_hdr(ubi, pnum, vid_hdr); 1271 1272exit: 1273 ubi_free_vid_buf(vidb); 1274 return err; 1275} 1276 1277/** 1278 * self_check_write - make sure write succeeded. 1279 * @ubi: UBI device description object 1280 * @buf: buffer with data which were written 1281 * @pnum: physical eraseblock number the data were written to 1282 * @offset: offset within the physical eraseblock the data were written to 1283 * @len: how many bytes were written 1284 * 1285 * This functions reads data which were recently written and compares it with 1286 * the original data buffer - the data have to match. Returns zero if the data 1287 * match and a negative error code if not or in case of failure. 1288 */ 1289static int self_check_write(struct ubi_device *ubi, const void *buf, int pnum, 1290 int offset, int len) 1291{ 1292 int err, i; 1293 size_t read; 1294 void *buf1; 1295 loff_t addr = (loff_t)pnum * ubi->peb_size + offset; 1296 1297 if (!ubi_dbg_chk_io(ubi)) 1298 return 0; 1299 1300 buf1 = __vmalloc(len, GFP_NOFS); 1301 if (!buf1) { 1302 ubi_err(ubi, "cannot allocate memory to check writes"); 1303 return 0; 1304 } 1305 1306 err = mtd_read(ubi->mtd, addr, len, &read, buf1); 1307 if (err && !mtd_is_bitflip(err)) 1308 goto out_free; 1309 1310 for (i = 0; i < len; i++) { 1311 uint8_t c = ((uint8_t *)buf)[i]; 1312 uint8_t c1 = ((uint8_t *)buf1)[i]; 1313 int dump_len; 1314 1315 if (c == c1) 1316 continue; 1317 1318 ubi_err(ubi, "self-check failed for PEB %d:%d, len %d", 1319 pnum, offset, len); 1320 ubi_msg(ubi, "data differ at position %d", i); 1321 dump_len = max_t(int, 128, len - i); 1322 ubi_msg(ubi, "hex dump of the original buffer from %d to %d", 1323 i, i + dump_len); 1324 print_hex_dump(KERN_DEBUG, "", DUMP_PREFIX_OFFSET, 32, 1, 1325 buf + i, dump_len, 1); 1326 ubi_msg(ubi, "hex dump of the read buffer from %d to %d", 1327 i, i + dump_len); 1328 print_hex_dump(KERN_DEBUG, "", DUMP_PREFIX_OFFSET, 32, 1, 1329 buf1 + i, dump_len, 1); 1330 dump_stack(); 1331 err = -EINVAL; 1332 goto out_free; 1333 } 1334 1335 vfree(buf1); 1336 return 0; 1337 1338out_free: 1339 vfree(buf1); 1340 return err; 1341} 1342 1343/** 1344 * ubi_self_check_all_ff - check that a region of flash is empty. 1345 * @ubi: UBI device description object 1346 * @pnum: the physical eraseblock number to check 1347 * @offset: the starting offset within the physical eraseblock to check 1348 * @len: the length of the region to check 1349 * 1350 * This function returns zero if only 0xFF bytes are present at offset 1351 * @offset of the physical eraseblock @pnum, and a negative error code if not 1352 * or if an error occurred. 1353 */ 1354int ubi_self_check_all_ff(struct ubi_device *ubi, int pnum, int offset, int len) 1355{ 1356 size_t read; 1357 int err; 1358 void *buf; 1359 loff_t addr = (loff_t)pnum * ubi->peb_size + offset; 1360 1361 if (!ubi_dbg_chk_io(ubi)) 1362 return 0; 1363 1364 buf = __vmalloc(len, GFP_NOFS); 1365 if (!buf) { 1366 ubi_err(ubi, "cannot allocate memory to check for 0xFFs"); 1367 return 0; 1368 } 1369 1370 err = mtd_read(ubi->mtd, addr, len, &read, buf); 1371 if (err && !mtd_is_bitflip(err)) { 1372 ubi_err(ubi, "err %d while reading %d bytes from PEB %d:%d, read %zd bytes", 1373 err, len, pnum, offset, read); 1374 goto error; 1375 } 1376 1377 err = ubi_check_pattern(buf, 0xFF, len); 1378 if (err == 0) { 1379 ubi_err(ubi, "flash region at PEB %d:%d, length %d does not contain all 0xFF bytes", 1380 pnum, offset, len); 1381 goto fail; 1382 } 1383 1384 vfree(buf); 1385 return 0; 1386 1387fail: 1388 ubi_err(ubi, "self-check failed for PEB %d", pnum); 1389 ubi_msg(ubi, "hex dump of the %d-%d region", offset, offset + len); 1390 print_hex_dump(KERN_DEBUG, "", DUMP_PREFIX_OFFSET, 32, 1, buf, len, 1); 1391 err = -EINVAL; 1392error: 1393 dump_stack(); 1394 vfree(buf); 1395 return err; 1396} 1397