1*4882a593Smuzhiyun // SPDX-License-Identifier: GPL-2.0-or-later
2*4882a593Smuzhiyun /*
3*4882a593Smuzhiyun * Copyright (c) International Business Machines Corp., 2006
4*4882a593Smuzhiyun *
5*4882a593Smuzhiyun * Author: Artem Bityutskiy (Битюцкий Артём)
6*4882a593Smuzhiyun */
7*4882a593Smuzhiyun
8*4882a593Smuzhiyun /*
9*4882a593Smuzhiyun * UBI attaching sub-system.
10*4882a593Smuzhiyun *
11*4882a593Smuzhiyun * This sub-system is responsible for attaching MTD devices and it also
12*4882a593Smuzhiyun * implements flash media scanning.
13*4882a593Smuzhiyun *
14*4882a593Smuzhiyun * The attaching information is represented by a &struct ubi_attach_info'
15*4882a593Smuzhiyun * object. Information about volumes is represented by &struct ubi_ainf_volume
16*4882a593Smuzhiyun * objects which are kept in volume RB-tree with root at the @volumes field.
17*4882a593Smuzhiyun * The RB-tree is indexed by the volume ID.
18*4882a593Smuzhiyun *
19*4882a593Smuzhiyun * Logical eraseblocks are represented by &struct ubi_ainf_peb objects. These
20*4882a593Smuzhiyun * objects are kept in per-volume RB-trees with the root at the corresponding
21*4882a593Smuzhiyun * &struct ubi_ainf_volume object. To put it differently, we keep an RB-tree of
22*4882a593Smuzhiyun * per-volume objects and each of these objects is the root of RB-tree of
23*4882a593Smuzhiyun * per-LEB objects.
24*4882a593Smuzhiyun *
25*4882a593Smuzhiyun * Corrupted physical eraseblocks are put to the @corr list, free physical
26*4882a593Smuzhiyun * eraseblocks are put to the @free list and the physical eraseblock to be
27*4882a593Smuzhiyun * erased are put to the @erase list.
28*4882a593Smuzhiyun *
29*4882a593Smuzhiyun * About corruptions
30*4882a593Smuzhiyun * ~~~~~~~~~~~~~~~~~
31*4882a593Smuzhiyun *
32*4882a593Smuzhiyun * UBI protects EC and VID headers with CRC-32 checksums, so it can detect
33*4882a593Smuzhiyun * whether the headers are corrupted or not. Sometimes UBI also protects the
34*4882a593Smuzhiyun * data with CRC-32, e.g., when it executes the atomic LEB change operation, or
35*4882a593Smuzhiyun * when it moves the contents of a PEB for wear-leveling purposes.
36*4882a593Smuzhiyun *
37*4882a593Smuzhiyun * UBI tries to distinguish between 2 types of corruptions.
38*4882a593Smuzhiyun *
39*4882a593Smuzhiyun * 1. Corruptions caused by power cuts. These are expected corruptions and UBI
40*4882a593Smuzhiyun * tries to handle them gracefully, without printing too many warnings and
41*4882a593Smuzhiyun * error messages. The idea is that we do not lose important data in these
42*4882a593Smuzhiyun * cases - we may lose only the data which were being written to the media just
43*4882a593Smuzhiyun * before the power cut happened, and the upper layers (e.g., UBIFS) are
44*4882a593Smuzhiyun * supposed to handle such data losses (e.g., by using the FS journal).
45*4882a593Smuzhiyun *
46*4882a593Smuzhiyun * When UBI detects a corruption (CRC-32 mismatch) in a PEB, and it looks like
47*4882a593Smuzhiyun * the reason is a power cut, UBI puts this PEB to the @erase list, and all
48*4882a593Smuzhiyun * PEBs in the @erase list are scheduled for erasure later.
49*4882a593Smuzhiyun *
50*4882a593Smuzhiyun * 2. Unexpected corruptions which are not caused by power cuts. During
51*4882a593Smuzhiyun * attaching, such PEBs are put to the @corr list and UBI preserves them.
52*4882a593Smuzhiyun * Obviously, this lessens the amount of available PEBs, and if at some point
53*4882a593Smuzhiyun * UBI runs out of free PEBs, it switches to R/O mode. UBI also loudly informs
54*4882a593Smuzhiyun * about such PEBs every time the MTD device is attached.
55*4882a593Smuzhiyun *
56*4882a593Smuzhiyun * However, it is difficult to reliably distinguish between these types of
57*4882a593Smuzhiyun * corruptions and UBI's strategy is as follows (in case of attaching by
58*4882a593Smuzhiyun * scanning). UBI assumes corruption type 2 if the VID header is corrupted and
59*4882a593Smuzhiyun * the data area does not contain all 0xFFs, and there were no bit-flips or
60*4882a593Smuzhiyun * integrity errors (e.g., ECC errors in case of NAND) while reading the data
61*4882a593Smuzhiyun * area. Otherwise UBI assumes corruption type 1. So the decision criteria
62*4882a593Smuzhiyun * are as follows.
63*4882a593Smuzhiyun * o If the data area contains only 0xFFs, there are no data, and it is safe
64*4882a593Smuzhiyun * to just erase this PEB - this is corruption type 1.
65*4882a593Smuzhiyun * o If the data area has bit-flips or data integrity errors (ECC errors on
66*4882a593Smuzhiyun * NAND), it is probably a PEB which was being erased when power cut
67*4882a593Smuzhiyun * happened, so this is corruption type 1. However, this is just a guess,
68*4882a593Smuzhiyun * which might be wrong.
69*4882a593Smuzhiyun * o Otherwise this is corruption type 2.
70*4882a593Smuzhiyun */
71*4882a593Smuzhiyun
72*4882a593Smuzhiyun #include <linux/err.h>
73*4882a593Smuzhiyun #include <linux/slab.h>
74*4882a593Smuzhiyun #include <linux/crc32.h>
75*4882a593Smuzhiyun #include <linux/math64.h>
76*4882a593Smuzhiyun #include <linux/random.h>
77*4882a593Smuzhiyun #include "ubi.h"
78*4882a593Smuzhiyun
79*4882a593Smuzhiyun static int self_check_ai(struct ubi_device *ubi, struct ubi_attach_info *ai);
80*4882a593Smuzhiyun
81*4882a593Smuzhiyun #define AV_FIND BIT(0)
82*4882a593Smuzhiyun #define AV_ADD BIT(1)
83*4882a593Smuzhiyun #define AV_FIND_OR_ADD (AV_FIND | AV_ADD)
84*4882a593Smuzhiyun
85*4882a593Smuzhiyun /**
86*4882a593Smuzhiyun * find_or_add_av - internal function to find a volume, add a volume or do
87*4882a593Smuzhiyun * both (find and add if missing).
88*4882a593Smuzhiyun * @ai: attaching information
89*4882a593Smuzhiyun * @vol_id: the requested volume ID
90*4882a593Smuzhiyun * @flags: a combination of the %AV_FIND and %AV_ADD flags describing the
91*4882a593Smuzhiyun * expected operation. If only %AV_ADD is set, -EEXIST is returned
92*4882a593Smuzhiyun * if the volume already exists. If only %AV_FIND is set, NULL is
93*4882a593Smuzhiyun * returned if the volume does not exist. And if both flags are
94*4882a593Smuzhiyun * set, the helper first tries to find an existing volume, and if
95*4882a593Smuzhiyun * it does not exist it creates a new one.
96*4882a593Smuzhiyun * @created: in value used to inform the caller whether it"s a newly created
97*4882a593Smuzhiyun * volume or not.
98*4882a593Smuzhiyun *
99*4882a593Smuzhiyun * This function returns a pointer to a volume description or an ERR_PTR if
100*4882a593Smuzhiyun * the operation failed. It can also return NULL if only %AV_FIND is set and
101*4882a593Smuzhiyun * the volume does not exist.
102*4882a593Smuzhiyun */
find_or_add_av(struct ubi_attach_info * ai,int vol_id,unsigned int flags,bool * created)103*4882a593Smuzhiyun static struct ubi_ainf_volume *find_or_add_av(struct ubi_attach_info *ai,
104*4882a593Smuzhiyun int vol_id, unsigned int flags,
105*4882a593Smuzhiyun bool *created)
106*4882a593Smuzhiyun {
107*4882a593Smuzhiyun struct ubi_ainf_volume *av;
108*4882a593Smuzhiyun struct rb_node **p = &ai->volumes.rb_node, *parent = NULL;
109*4882a593Smuzhiyun
110*4882a593Smuzhiyun /* Walk the volume RB-tree to look if this volume is already present */
111*4882a593Smuzhiyun while (*p) {
112*4882a593Smuzhiyun parent = *p;
113*4882a593Smuzhiyun av = rb_entry(parent, struct ubi_ainf_volume, rb);
114*4882a593Smuzhiyun
115*4882a593Smuzhiyun if (vol_id == av->vol_id) {
116*4882a593Smuzhiyun *created = false;
117*4882a593Smuzhiyun
118*4882a593Smuzhiyun if (!(flags & AV_FIND))
119*4882a593Smuzhiyun return ERR_PTR(-EEXIST);
120*4882a593Smuzhiyun
121*4882a593Smuzhiyun return av;
122*4882a593Smuzhiyun }
123*4882a593Smuzhiyun
124*4882a593Smuzhiyun if (vol_id > av->vol_id)
125*4882a593Smuzhiyun p = &(*p)->rb_left;
126*4882a593Smuzhiyun else
127*4882a593Smuzhiyun p = &(*p)->rb_right;
128*4882a593Smuzhiyun }
129*4882a593Smuzhiyun
130*4882a593Smuzhiyun if (!(flags & AV_ADD))
131*4882a593Smuzhiyun return NULL;
132*4882a593Smuzhiyun
133*4882a593Smuzhiyun /* The volume is absent - add it */
134*4882a593Smuzhiyun av = kzalloc(sizeof(*av), GFP_KERNEL);
135*4882a593Smuzhiyun if (!av)
136*4882a593Smuzhiyun return ERR_PTR(-ENOMEM);
137*4882a593Smuzhiyun
138*4882a593Smuzhiyun av->vol_id = vol_id;
139*4882a593Smuzhiyun
140*4882a593Smuzhiyun if (vol_id > ai->highest_vol_id)
141*4882a593Smuzhiyun ai->highest_vol_id = vol_id;
142*4882a593Smuzhiyun
143*4882a593Smuzhiyun rb_link_node(&av->rb, parent, p);
144*4882a593Smuzhiyun rb_insert_color(&av->rb, &ai->volumes);
145*4882a593Smuzhiyun ai->vols_found += 1;
146*4882a593Smuzhiyun *created = true;
147*4882a593Smuzhiyun dbg_bld("added volume %d", vol_id);
148*4882a593Smuzhiyun return av;
149*4882a593Smuzhiyun }
150*4882a593Smuzhiyun
151*4882a593Smuzhiyun /**
152*4882a593Smuzhiyun * ubi_find_or_add_av - search for a volume in the attaching information and
153*4882a593Smuzhiyun * add one if it does not exist.
154*4882a593Smuzhiyun * @ai: attaching information
155*4882a593Smuzhiyun * @vol_id: the requested volume ID
156*4882a593Smuzhiyun * @created: whether the volume has been created or not
157*4882a593Smuzhiyun *
158*4882a593Smuzhiyun * This function returns a pointer to the new volume description or an
159*4882a593Smuzhiyun * ERR_PTR if the operation failed.
160*4882a593Smuzhiyun */
ubi_find_or_add_av(struct ubi_attach_info * ai,int vol_id,bool * created)161*4882a593Smuzhiyun static struct ubi_ainf_volume *ubi_find_or_add_av(struct ubi_attach_info *ai,
162*4882a593Smuzhiyun int vol_id, bool *created)
163*4882a593Smuzhiyun {
164*4882a593Smuzhiyun return find_or_add_av(ai, vol_id, AV_FIND_OR_ADD, created);
165*4882a593Smuzhiyun }
166*4882a593Smuzhiyun
167*4882a593Smuzhiyun /**
168*4882a593Smuzhiyun * ubi_alloc_aeb - allocate an aeb element
169*4882a593Smuzhiyun * @ai: attaching information
170*4882a593Smuzhiyun * @pnum: physical eraseblock number
171*4882a593Smuzhiyun * @ec: erase counter of the physical eraseblock
172*4882a593Smuzhiyun *
173*4882a593Smuzhiyun * Allocate an aeb object and initialize the pnum and ec information.
174*4882a593Smuzhiyun * vol_id and lnum are set to UBI_UNKNOWN, and the other fields are
175*4882a593Smuzhiyun * initialized to zero.
176*4882a593Smuzhiyun * Note that the element is not added in any list or RB tree.
177*4882a593Smuzhiyun */
ubi_alloc_aeb(struct ubi_attach_info * ai,int pnum,int ec)178*4882a593Smuzhiyun struct ubi_ainf_peb *ubi_alloc_aeb(struct ubi_attach_info *ai, int pnum,
179*4882a593Smuzhiyun int ec)
180*4882a593Smuzhiyun {
181*4882a593Smuzhiyun struct ubi_ainf_peb *aeb;
182*4882a593Smuzhiyun
183*4882a593Smuzhiyun aeb = kmem_cache_zalloc(ai->aeb_slab_cache, GFP_KERNEL);
184*4882a593Smuzhiyun if (!aeb)
185*4882a593Smuzhiyun return NULL;
186*4882a593Smuzhiyun
187*4882a593Smuzhiyun aeb->pnum = pnum;
188*4882a593Smuzhiyun aeb->ec = ec;
189*4882a593Smuzhiyun aeb->vol_id = UBI_UNKNOWN;
190*4882a593Smuzhiyun aeb->lnum = UBI_UNKNOWN;
191*4882a593Smuzhiyun
192*4882a593Smuzhiyun return aeb;
193*4882a593Smuzhiyun }
194*4882a593Smuzhiyun
195*4882a593Smuzhiyun /**
196*4882a593Smuzhiyun * ubi_free_aeb - free an aeb element
197*4882a593Smuzhiyun * @ai: attaching information
198*4882a593Smuzhiyun * @aeb: the element to free
199*4882a593Smuzhiyun *
200*4882a593Smuzhiyun * Free an aeb object. The caller must have removed the element from any list
201*4882a593Smuzhiyun * or RB tree.
202*4882a593Smuzhiyun */
ubi_free_aeb(struct ubi_attach_info * ai,struct ubi_ainf_peb * aeb)203*4882a593Smuzhiyun void ubi_free_aeb(struct ubi_attach_info *ai, struct ubi_ainf_peb *aeb)
204*4882a593Smuzhiyun {
205*4882a593Smuzhiyun kmem_cache_free(ai->aeb_slab_cache, aeb);
206*4882a593Smuzhiyun }
207*4882a593Smuzhiyun
208*4882a593Smuzhiyun /**
209*4882a593Smuzhiyun * add_to_list - add physical eraseblock to a list.
210*4882a593Smuzhiyun * @ai: attaching information
211*4882a593Smuzhiyun * @pnum: physical eraseblock number to add
212*4882a593Smuzhiyun * @vol_id: the last used volume id for the PEB
213*4882a593Smuzhiyun * @lnum: the last used LEB number for the PEB
214*4882a593Smuzhiyun * @ec: erase counter of the physical eraseblock
215*4882a593Smuzhiyun * @to_head: if not zero, add to the head of the list
216*4882a593Smuzhiyun * @list: the list to add to
217*4882a593Smuzhiyun *
218*4882a593Smuzhiyun * This function allocates a 'struct ubi_ainf_peb' object for physical
219*4882a593Smuzhiyun * eraseblock @pnum and adds it to the "free", "erase", or "alien" lists.
220*4882a593Smuzhiyun * It stores the @lnum and @vol_id alongside, which can both be
221*4882a593Smuzhiyun * %UBI_UNKNOWN if they are not available, not readable, or not assigned.
222*4882a593Smuzhiyun * If @to_head is not zero, PEB will be added to the head of the list, which
223*4882a593Smuzhiyun * basically means it will be processed first later. E.g., we add corrupted
224*4882a593Smuzhiyun * PEBs (corrupted due to power cuts) to the head of the erase list to make
225*4882a593Smuzhiyun * sure we erase them first and get rid of corruptions ASAP. This function
226*4882a593Smuzhiyun * returns zero in case of success and a negative error code in case of
227*4882a593Smuzhiyun * failure.
228*4882a593Smuzhiyun */
add_to_list(struct ubi_attach_info * ai,int pnum,int vol_id,int lnum,int ec,int to_head,struct list_head * list)229*4882a593Smuzhiyun static int add_to_list(struct ubi_attach_info *ai, int pnum, int vol_id,
230*4882a593Smuzhiyun int lnum, int ec, int to_head, struct list_head *list)
231*4882a593Smuzhiyun {
232*4882a593Smuzhiyun struct ubi_ainf_peb *aeb;
233*4882a593Smuzhiyun
234*4882a593Smuzhiyun if (list == &ai->free) {
235*4882a593Smuzhiyun dbg_bld("add to free: PEB %d, EC %d", pnum, ec);
236*4882a593Smuzhiyun } else if (list == &ai->erase) {
237*4882a593Smuzhiyun dbg_bld("add to erase: PEB %d, EC %d", pnum, ec);
238*4882a593Smuzhiyun } else if (list == &ai->alien) {
239*4882a593Smuzhiyun dbg_bld("add to alien: PEB %d, EC %d", pnum, ec);
240*4882a593Smuzhiyun ai->alien_peb_count += 1;
241*4882a593Smuzhiyun } else
242*4882a593Smuzhiyun BUG();
243*4882a593Smuzhiyun
244*4882a593Smuzhiyun aeb = ubi_alloc_aeb(ai, pnum, ec);
245*4882a593Smuzhiyun if (!aeb)
246*4882a593Smuzhiyun return -ENOMEM;
247*4882a593Smuzhiyun
248*4882a593Smuzhiyun aeb->vol_id = vol_id;
249*4882a593Smuzhiyun aeb->lnum = lnum;
250*4882a593Smuzhiyun if (to_head)
251*4882a593Smuzhiyun list_add(&aeb->u.list, list);
252*4882a593Smuzhiyun else
253*4882a593Smuzhiyun list_add_tail(&aeb->u.list, list);
254*4882a593Smuzhiyun return 0;
255*4882a593Smuzhiyun }
256*4882a593Smuzhiyun
257*4882a593Smuzhiyun /**
258*4882a593Smuzhiyun * add_corrupted - add a corrupted physical eraseblock.
259*4882a593Smuzhiyun * @ai: attaching information
260*4882a593Smuzhiyun * @pnum: physical eraseblock number to add
261*4882a593Smuzhiyun * @ec: erase counter of the physical eraseblock
262*4882a593Smuzhiyun *
263*4882a593Smuzhiyun * This function allocates a 'struct ubi_ainf_peb' object for a corrupted
264*4882a593Smuzhiyun * physical eraseblock @pnum and adds it to the 'corr' list. The corruption
265*4882a593Smuzhiyun * was presumably not caused by a power cut. Returns zero in case of success
266*4882a593Smuzhiyun * and a negative error code in case of failure.
267*4882a593Smuzhiyun */
add_corrupted(struct ubi_attach_info * ai,int pnum,int ec)268*4882a593Smuzhiyun static int add_corrupted(struct ubi_attach_info *ai, int pnum, int ec)
269*4882a593Smuzhiyun {
270*4882a593Smuzhiyun struct ubi_ainf_peb *aeb;
271*4882a593Smuzhiyun
272*4882a593Smuzhiyun dbg_bld("add to corrupted: PEB %d, EC %d", pnum, ec);
273*4882a593Smuzhiyun
274*4882a593Smuzhiyun aeb = ubi_alloc_aeb(ai, pnum, ec);
275*4882a593Smuzhiyun if (!aeb)
276*4882a593Smuzhiyun return -ENOMEM;
277*4882a593Smuzhiyun
278*4882a593Smuzhiyun ai->corr_peb_count += 1;
279*4882a593Smuzhiyun list_add(&aeb->u.list, &ai->corr);
280*4882a593Smuzhiyun return 0;
281*4882a593Smuzhiyun }
282*4882a593Smuzhiyun
283*4882a593Smuzhiyun /**
284*4882a593Smuzhiyun * add_fastmap - add a Fastmap related physical eraseblock.
285*4882a593Smuzhiyun * @ai: attaching information
286*4882a593Smuzhiyun * @pnum: physical eraseblock number the VID header came from
287*4882a593Smuzhiyun * @vid_hdr: the volume identifier header
288*4882a593Smuzhiyun * @ec: erase counter of the physical eraseblock
289*4882a593Smuzhiyun *
290*4882a593Smuzhiyun * This function allocates a 'struct ubi_ainf_peb' object for a Fastamp
291*4882a593Smuzhiyun * physical eraseblock @pnum and adds it to the 'fastmap' list.
292*4882a593Smuzhiyun * Such blocks can be Fastmap super and data blocks from both the most
293*4882a593Smuzhiyun * recent Fastmap we're attaching from or from old Fastmaps which will
294*4882a593Smuzhiyun * be erased.
295*4882a593Smuzhiyun */
add_fastmap(struct ubi_attach_info * ai,int pnum,struct ubi_vid_hdr * vid_hdr,int ec)296*4882a593Smuzhiyun static int add_fastmap(struct ubi_attach_info *ai, int pnum,
297*4882a593Smuzhiyun struct ubi_vid_hdr *vid_hdr, int ec)
298*4882a593Smuzhiyun {
299*4882a593Smuzhiyun struct ubi_ainf_peb *aeb;
300*4882a593Smuzhiyun
301*4882a593Smuzhiyun aeb = ubi_alloc_aeb(ai, pnum, ec);
302*4882a593Smuzhiyun if (!aeb)
303*4882a593Smuzhiyun return -ENOMEM;
304*4882a593Smuzhiyun
305*4882a593Smuzhiyun aeb->vol_id = be32_to_cpu(vid_hdr->vol_id);
306*4882a593Smuzhiyun aeb->sqnum = be64_to_cpu(vid_hdr->sqnum);
307*4882a593Smuzhiyun list_add(&aeb->u.list, &ai->fastmap);
308*4882a593Smuzhiyun
309*4882a593Smuzhiyun dbg_bld("add to fastmap list: PEB %d, vol_id %d, sqnum: %llu", pnum,
310*4882a593Smuzhiyun aeb->vol_id, aeb->sqnum);
311*4882a593Smuzhiyun
312*4882a593Smuzhiyun return 0;
313*4882a593Smuzhiyun }
314*4882a593Smuzhiyun
315*4882a593Smuzhiyun /**
316*4882a593Smuzhiyun * validate_vid_hdr - check volume identifier header.
317*4882a593Smuzhiyun * @ubi: UBI device description object
318*4882a593Smuzhiyun * @vid_hdr: the volume identifier header to check
319*4882a593Smuzhiyun * @av: information about the volume this logical eraseblock belongs to
320*4882a593Smuzhiyun * @pnum: physical eraseblock number the VID header came from
321*4882a593Smuzhiyun *
322*4882a593Smuzhiyun * This function checks that data stored in @vid_hdr is consistent. Returns
323*4882a593Smuzhiyun * non-zero if an inconsistency was found and zero if not.
324*4882a593Smuzhiyun *
325*4882a593Smuzhiyun * Note, UBI does sanity check of everything it reads from the flash media.
326*4882a593Smuzhiyun * Most of the checks are done in the I/O sub-system. Here we check that the
327*4882a593Smuzhiyun * information in the VID header is consistent to the information in other VID
328*4882a593Smuzhiyun * headers of the same volume.
329*4882a593Smuzhiyun */
validate_vid_hdr(const struct ubi_device * ubi,const struct ubi_vid_hdr * vid_hdr,const struct ubi_ainf_volume * av,int pnum)330*4882a593Smuzhiyun static int validate_vid_hdr(const struct ubi_device *ubi,
331*4882a593Smuzhiyun const struct ubi_vid_hdr *vid_hdr,
332*4882a593Smuzhiyun const struct ubi_ainf_volume *av, int pnum)
333*4882a593Smuzhiyun {
334*4882a593Smuzhiyun int vol_type = vid_hdr->vol_type;
335*4882a593Smuzhiyun int vol_id = be32_to_cpu(vid_hdr->vol_id);
336*4882a593Smuzhiyun int used_ebs = be32_to_cpu(vid_hdr->used_ebs);
337*4882a593Smuzhiyun int data_pad = be32_to_cpu(vid_hdr->data_pad);
338*4882a593Smuzhiyun
339*4882a593Smuzhiyun if (av->leb_count != 0) {
340*4882a593Smuzhiyun int av_vol_type;
341*4882a593Smuzhiyun
342*4882a593Smuzhiyun /*
343*4882a593Smuzhiyun * This is not the first logical eraseblock belonging to this
344*4882a593Smuzhiyun * volume. Ensure that the data in its VID header is consistent
345*4882a593Smuzhiyun * to the data in previous logical eraseblock headers.
346*4882a593Smuzhiyun */
347*4882a593Smuzhiyun
348*4882a593Smuzhiyun if (vol_id != av->vol_id) {
349*4882a593Smuzhiyun ubi_err(ubi, "inconsistent vol_id");
350*4882a593Smuzhiyun goto bad;
351*4882a593Smuzhiyun }
352*4882a593Smuzhiyun
353*4882a593Smuzhiyun if (av->vol_type == UBI_STATIC_VOLUME)
354*4882a593Smuzhiyun av_vol_type = UBI_VID_STATIC;
355*4882a593Smuzhiyun else
356*4882a593Smuzhiyun av_vol_type = UBI_VID_DYNAMIC;
357*4882a593Smuzhiyun
358*4882a593Smuzhiyun if (vol_type != av_vol_type) {
359*4882a593Smuzhiyun ubi_err(ubi, "inconsistent vol_type");
360*4882a593Smuzhiyun goto bad;
361*4882a593Smuzhiyun }
362*4882a593Smuzhiyun
363*4882a593Smuzhiyun if (used_ebs != av->used_ebs) {
364*4882a593Smuzhiyun ubi_err(ubi, "inconsistent used_ebs");
365*4882a593Smuzhiyun goto bad;
366*4882a593Smuzhiyun }
367*4882a593Smuzhiyun
368*4882a593Smuzhiyun if (data_pad != av->data_pad) {
369*4882a593Smuzhiyun ubi_err(ubi, "inconsistent data_pad");
370*4882a593Smuzhiyun goto bad;
371*4882a593Smuzhiyun }
372*4882a593Smuzhiyun }
373*4882a593Smuzhiyun
374*4882a593Smuzhiyun return 0;
375*4882a593Smuzhiyun
376*4882a593Smuzhiyun bad:
377*4882a593Smuzhiyun ubi_err(ubi, "inconsistent VID header at PEB %d", pnum);
378*4882a593Smuzhiyun ubi_dump_vid_hdr(vid_hdr);
379*4882a593Smuzhiyun ubi_dump_av(av);
380*4882a593Smuzhiyun return -EINVAL;
381*4882a593Smuzhiyun }
382*4882a593Smuzhiyun
383*4882a593Smuzhiyun /**
384*4882a593Smuzhiyun * add_volume - add volume to the attaching information.
385*4882a593Smuzhiyun * @ai: attaching information
386*4882a593Smuzhiyun * @vol_id: ID of the volume to add
387*4882a593Smuzhiyun * @pnum: physical eraseblock number
388*4882a593Smuzhiyun * @vid_hdr: volume identifier header
389*4882a593Smuzhiyun *
390*4882a593Smuzhiyun * If the volume corresponding to the @vid_hdr logical eraseblock is already
391*4882a593Smuzhiyun * present in the attaching information, this function does nothing. Otherwise
392*4882a593Smuzhiyun * it adds corresponding volume to the attaching information. Returns a pointer
393*4882a593Smuzhiyun * to the allocated "av" object in case of success and a negative error code in
394*4882a593Smuzhiyun * case of failure.
395*4882a593Smuzhiyun */
add_volume(struct ubi_attach_info * ai,int vol_id,int pnum,const struct ubi_vid_hdr * vid_hdr)396*4882a593Smuzhiyun static struct ubi_ainf_volume *add_volume(struct ubi_attach_info *ai,
397*4882a593Smuzhiyun int vol_id, int pnum,
398*4882a593Smuzhiyun const struct ubi_vid_hdr *vid_hdr)
399*4882a593Smuzhiyun {
400*4882a593Smuzhiyun struct ubi_ainf_volume *av;
401*4882a593Smuzhiyun bool created;
402*4882a593Smuzhiyun
403*4882a593Smuzhiyun ubi_assert(vol_id == be32_to_cpu(vid_hdr->vol_id));
404*4882a593Smuzhiyun
405*4882a593Smuzhiyun av = ubi_find_or_add_av(ai, vol_id, &created);
406*4882a593Smuzhiyun if (IS_ERR(av) || !created)
407*4882a593Smuzhiyun return av;
408*4882a593Smuzhiyun
409*4882a593Smuzhiyun av->used_ebs = be32_to_cpu(vid_hdr->used_ebs);
410*4882a593Smuzhiyun av->data_pad = be32_to_cpu(vid_hdr->data_pad);
411*4882a593Smuzhiyun av->compat = vid_hdr->compat;
412*4882a593Smuzhiyun av->vol_type = vid_hdr->vol_type == UBI_VID_DYNAMIC ? UBI_DYNAMIC_VOLUME
413*4882a593Smuzhiyun : UBI_STATIC_VOLUME;
414*4882a593Smuzhiyun
415*4882a593Smuzhiyun return av;
416*4882a593Smuzhiyun }
417*4882a593Smuzhiyun
418*4882a593Smuzhiyun /**
419*4882a593Smuzhiyun * ubi_compare_lebs - find out which logical eraseblock is newer.
420*4882a593Smuzhiyun * @ubi: UBI device description object
421*4882a593Smuzhiyun * @aeb: first logical eraseblock to compare
422*4882a593Smuzhiyun * @pnum: physical eraseblock number of the second logical eraseblock to
423*4882a593Smuzhiyun * compare
424*4882a593Smuzhiyun * @vid_hdr: volume identifier header of the second logical eraseblock
425*4882a593Smuzhiyun *
426*4882a593Smuzhiyun * This function compares 2 copies of a LEB and informs which one is newer. In
427*4882a593Smuzhiyun * case of success this function returns a positive value, in case of failure, a
428*4882a593Smuzhiyun * negative error code is returned. The success return codes use the following
429*4882a593Smuzhiyun * bits:
430*4882a593Smuzhiyun * o bit 0 is cleared: the first PEB (described by @aeb) is newer than the
431*4882a593Smuzhiyun * second PEB (described by @pnum and @vid_hdr);
432*4882a593Smuzhiyun * o bit 0 is set: the second PEB is newer;
433*4882a593Smuzhiyun * o bit 1 is cleared: no bit-flips were detected in the newer LEB;
434*4882a593Smuzhiyun * o bit 1 is set: bit-flips were detected in the newer LEB;
435*4882a593Smuzhiyun * o bit 2 is cleared: the older LEB is not corrupted;
436*4882a593Smuzhiyun * o bit 2 is set: the older LEB is corrupted.
437*4882a593Smuzhiyun */
ubi_compare_lebs(struct ubi_device * ubi,const struct ubi_ainf_peb * aeb,int pnum,const struct ubi_vid_hdr * vid_hdr)438*4882a593Smuzhiyun int ubi_compare_lebs(struct ubi_device *ubi, const struct ubi_ainf_peb *aeb,
439*4882a593Smuzhiyun int pnum, const struct ubi_vid_hdr *vid_hdr)
440*4882a593Smuzhiyun {
441*4882a593Smuzhiyun int len, err, second_is_newer, bitflips = 0, corrupted = 0;
442*4882a593Smuzhiyun uint32_t data_crc, crc;
443*4882a593Smuzhiyun struct ubi_vid_io_buf *vidb = NULL;
444*4882a593Smuzhiyun unsigned long long sqnum2 = be64_to_cpu(vid_hdr->sqnum);
445*4882a593Smuzhiyun
446*4882a593Smuzhiyun if (sqnum2 == aeb->sqnum) {
447*4882a593Smuzhiyun /*
448*4882a593Smuzhiyun * This must be a really ancient UBI image which has been
449*4882a593Smuzhiyun * created before sequence numbers support has been added. At
450*4882a593Smuzhiyun * that times we used 32-bit LEB versions stored in logical
451*4882a593Smuzhiyun * eraseblocks. That was before UBI got into mainline. We do not
452*4882a593Smuzhiyun * support these images anymore. Well, those images still work,
453*4882a593Smuzhiyun * but only if no unclean reboots happened.
454*4882a593Smuzhiyun */
455*4882a593Smuzhiyun ubi_err(ubi, "unsupported on-flash UBI format");
456*4882a593Smuzhiyun return -EINVAL;
457*4882a593Smuzhiyun }
458*4882a593Smuzhiyun
459*4882a593Smuzhiyun /* Obviously the LEB with lower sequence counter is older */
460*4882a593Smuzhiyun second_is_newer = (sqnum2 > aeb->sqnum);
461*4882a593Smuzhiyun
462*4882a593Smuzhiyun /*
463*4882a593Smuzhiyun * Now we know which copy is newer. If the copy flag of the PEB with
464*4882a593Smuzhiyun * newer version is not set, then we just return, otherwise we have to
465*4882a593Smuzhiyun * check data CRC. For the second PEB we already have the VID header,
466*4882a593Smuzhiyun * for the first one - we'll need to re-read it from flash.
467*4882a593Smuzhiyun *
468*4882a593Smuzhiyun * Note: this may be optimized so that we wouldn't read twice.
469*4882a593Smuzhiyun */
470*4882a593Smuzhiyun
471*4882a593Smuzhiyun if (second_is_newer) {
472*4882a593Smuzhiyun if (!vid_hdr->copy_flag) {
473*4882a593Smuzhiyun /* It is not a copy, so it is newer */
474*4882a593Smuzhiyun dbg_bld("second PEB %d is newer, copy_flag is unset",
475*4882a593Smuzhiyun pnum);
476*4882a593Smuzhiyun return 1;
477*4882a593Smuzhiyun }
478*4882a593Smuzhiyun } else {
479*4882a593Smuzhiyun if (!aeb->copy_flag) {
480*4882a593Smuzhiyun /* It is not a copy, so it is newer */
481*4882a593Smuzhiyun dbg_bld("first PEB %d is newer, copy_flag is unset",
482*4882a593Smuzhiyun pnum);
483*4882a593Smuzhiyun return bitflips << 1;
484*4882a593Smuzhiyun }
485*4882a593Smuzhiyun
486*4882a593Smuzhiyun vidb = ubi_alloc_vid_buf(ubi, GFP_KERNEL);
487*4882a593Smuzhiyun if (!vidb)
488*4882a593Smuzhiyun return -ENOMEM;
489*4882a593Smuzhiyun
490*4882a593Smuzhiyun pnum = aeb->pnum;
491*4882a593Smuzhiyun err = ubi_io_read_vid_hdr(ubi, pnum, vidb, 0);
492*4882a593Smuzhiyun if (err) {
493*4882a593Smuzhiyun if (err == UBI_IO_BITFLIPS)
494*4882a593Smuzhiyun bitflips = 1;
495*4882a593Smuzhiyun else {
496*4882a593Smuzhiyun ubi_err(ubi, "VID of PEB %d header is bad, but it was OK earlier, err %d",
497*4882a593Smuzhiyun pnum, err);
498*4882a593Smuzhiyun if (err > 0)
499*4882a593Smuzhiyun err = -EIO;
500*4882a593Smuzhiyun
501*4882a593Smuzhiyun goto out_free_vidh;
502*4882a593Smuzhiyun }
503*4882a593Smuzhiyun }
504*4882a593Smuzhiyun
505*4882a593Smuzhiyun vid_hdr = ubi_get_vid_hdr(vidb);
506*4882a593Smuzhiyun }
507*4882a593Smuzhiyun
508*4882a593Smuzhiyun /* Read the data of the copy and check the CRC */
509*4882a593Smuzhiyun
510*4882a593Smuzhiyun len = be32_to_cpu(vid_hdr->data_size);
511*4882a593Smuzhiyun
512*4882a593Smuzhiyun mutex_lock(&ubi->buf_mutex);
513*4882a593Smuzhiyun err = ubi_io_read_data(ubi, ubi->peb_buf, pnum, 0, len);
514*4882a593Smuzhiyun if (err && err != UBI_IO_BITFLIPS && !mtd_is_eccerr(err))
515*4882a593Smuzhiyun goto out_unlock;
516*4882a593Smuzhiyun
517*4882a593Smuzhiyun data_crc = be32_to_cpu(vid_hdr->data_crc);
518*4882a593Smuzhiyun crc = crc32(UBI_CRC32_INIT, ubi->peb_buf, len);
519*4882a593Smuzhiyun if (crc != data_crc) {
520*4882a593Smuzhiyun dbg_bld("PEB %d CRC error: calculated %#08x, must be %#08x",
521*4882a593Smuzhiyun pnum, crc, data_crc);
522*4882a593Smuzhiyun corrupted = 1;
523*4882a593Smuzhiyun bitflips = 0;
524*4882a593Smuzhiyun second_is_newer = !second_is_newer;
525*4882a593Smuzhiyun } else {
526*4882a593Smuzhiyun dbg_bld("PEB %d CRC is OK", pnum);
527*4882a593Smuzhiyun bitflips |= !!err;
528*4882a593Smuzhiyun }
529*4882a593Smuzhiyun mutex_unlock(&ubi->buf_mutex);
530*4882a593Smuzhiyun
531*4882a593Smuzhiyun ubi_free_vid_buf(vidb);
532*4882a593Smuzhiyun
533*4882a593Smuzhiyun if (second_is_newer)
534*4882a593Smuzhiyun dbg_bld("second PEB %d is newer, copy_flag is set", pnum);
535*4882a593Smuzhiyun else
536*4882a593Smuzhiyun dbg_bld("first PEB %d is newer, copy_flag is set", pnum);
537*4882a593Smuzhiyun
538*4882a593Smuzhiyun return second_is_newer | (bitflips << 1) | (corrupted << 2);
539*4882a593Smuzhiyun
540*4882a593Smuzhiyun out_unlock:
541*4882a593Smuzhiyun mutex_unlock(&ubi->buf_mutex);
542*4882a593Smuzhiyun out_free_vidh:
543*4882a593Smuzhiyun ubi_free_vid_buf(vidb);
544*4882a593Smuzhiyun return err;
545*4882a593Smuzhiyun }
546*4882a593Smuzhiyun
547*4882a593Smuzhiyun /**
548*4882a593Smuzhiyun * ubi_add_to_av - add used physical eraseblock to the attaching information.
549*4882a593Smuzhiyun * @ubi: UBI device description object
550*4882a593Smuzhiyun * @ai: attaching information
551*4882a593Smuzhiyun * @pnum: the physical eraseblock number
552*4882a593Smuzhiyun * @ec: erase counter
553*4882a593Smuzhiyun * @vid_hdr: the volume identifier header
554*4882a593Smuzhiyun * @bitflips: if bit-flips were detected when this physical eraseblock was read
555*4882a593Smuzhiyun *
556*4882a593Smuzhiyun * This function adds information about a used physical eraseblock to the
557*4882a593Smuzhiyun * 'used' tree of the corresponding volume. The function is rather complex
558*4882a593Smuzhiyun * because it has to handle cases when this is not the first physical
559*4882a593Smuzhiyun * eraseblock belonging to the same logical eraseblock, and the newer one has
560*4882a593Smuzhiyun * to be picked, while the older one has to be dropped. This function returns
561*4882a593Smuzhiyun * zero in case of success and a negative error code in case of failure.
562*4882a593Smuzhiyun */
ubi_add_to_av(struct ubi_device * ubi,struct ubi_attach_info * ai,int pnum,int ec,const struct ubi_vid_hdr * vid_hdr,int bitflips)563*4882a593Smuzhiyun int ubi_add_to_av(struct ubi_device *ubi, struct ubi_attach_info *ai, int pnum,
564*4882a593Smuzhiyun int ec, const struct ubi_vid_hdr *vid_hdr, int bitflips)
565*4882a593Smuzhiyun {
566*4882a593Smuzhiyun int err, vol_id, lnum;
567*4882a593Smuzhiyun unsigned long long sqnum;
568*4882a593Smuzhiyun struct ubi_ainf_volume *av;
569*4882a593Smuzhiyun struct ubi_ainf_peb *aeb;
570*4882a593Smuzhiyun struct rb_node **p, *parent = NULL;
571*4882a593Smuzhiyun
572*4882a593Smuzhiyun vol_id = be32_to_cpu(vid_hdr->vol_id);
573*4882a593Smuzhiyun lnum = be32_to_cpu(vid_hdr->lnum);
574*4882a593Smuzhiyun sqnum = be64_to_cpu(vid_hdr->sqnum);
575*4882a593Smuzhiyun
576*4882a593Smuzhiyun dbg_bld("PEB %d, LEB %d:%d, EC %d, sqnum %llu, bitflips %d",
577*4882a593Smuzhiyun pnum, vol_id, lnum, ec, sqnum, bitflips);
578*4882a593Smuzhiyun
579*4882a593Smuzhiyun av = add_volume(ai, vol_id, pnum, vid_hdr);
580*4882a593Smuzhiyun if (IS_ERR(av))
581*4882a593Smuzhiyun return PTR_ERR(av);
582*4882a593Smuzhiyun
583*4882a593Smuzhiyun if (ai->max_sqnum < sqnum)
584*4882a593Smuzhiyun ai->max_sqnum = sqnum;
585*4882a593Smuzhiyun
586*4882a593Smuzhiyun /*
587*4882a593Smuzhiyun * Walk the RB-tree of logical eraseblocks of volume @vol_id to look
588*4882a593Smuzhiyun * if this is the first instance of this logical eraseblock or not.
589*4882a593Smuzhiyun */
590*4882a593Smuzhiyun p = &av->root.rb_node;
591*4882a593Smuzhiyun while (*p) {
592*4882a593Smuzhiyun int cmp_res;
593*4882a593Smuzhiyun
594*4882a593Smuzhiyun parent = *p;
595*4882a593Smuzhiyun aeb = rb_entry(parent, struct ubi_ainf_peb, u.rb);
596*4882a593Smuzhiyun if (lnum != aeb->lnum) {
597*4882a593Smuzhiyun if (lnum < aeb->lnum)
598*4882a593Smuzhiyun p = &(*p)->rb_left;
599*4882a593Smuzhiyun else
600*4882a593Smuzhiyun p = &(*p)->rb_right;
601*4882a593Smuzhiyun continue;
602*4882a593Smuzhiyun }
603*4882a593Smuzhiyun
604*4882a593Smuzhiyun /*
605*4882a593Smuzhiyun * There is already a physical eraseblock describing the same
606*4882a593Smuzhiyun * logical eraseblock present.
607*4882a593Smuzhiyun */
608*4882a593Smuzhiyun
609*4882a593Smuzhiyun dbg_bld("this LEB already exists: PEB %d, sqnum %llu, EC %d",
610*4882a593Smuzhiyun aeb->pnum, aeb->sqnum, aeb->ec);
611*4882a593Smuzhiyun
612*4882a593Smuzhiyun /*
613*4882a593Smuzhiyun * Make sure that the logical eraseblocks have different
614*4882a593Smuzhiyun * sequence numbers. Otherwise the image is bad.
615*4882a593Smuzhiyun *
616*4882a593Smuzhiyun * However, if the sequence number is zero, we assume it must
617*4882a593Smuzhiyun * be an ancient UBI image from the era when UBI did not have
618*4882a593Smuzhiyun * sequence numbers. We still can attach these images, unless
619*4882a593Smuzhiyun * there is a need to distinguish between old and new
620*4882a593Smuzhiyun * eraseblocks, in which case we'll refuse the image in
621*4882a593Smuzhiyun * 'ubi_compare_lebs()'. In other words, we attach old clean
622*4882a593Smuzhiyun * images, but refuse attaching old images with duplicated
623*4882a593Smuzhiyun * logical eraseblocks because there was an unclean reboot.
624*4882a593Smuzhiyun */
625*4882a593Smuzhiyun if (aeb->sqnum == sqnum && sqnum != 0) {
626*4882a593Smuzhiyun ubi_err(ubi, "two LEBs with same sequence number %llu",
627*4882a593Smuzhiyun sqnum);
628*4882a593Smuzhiyun ubi_dump_aeb(aeb, 0);
629*4882a593Smuzhiyun ubi_dump_vid_hdr(vid_hdr);
630*4882a593Smuzhiyun return -EINVAL;
631*4882a593Smuzhiyun }
632*4882a593Smuzhiyun
633*4882a593Smuzhiyun /*
634*4882a593Smuzhiyun * Now we have to drop the older one and preserve the newer
635*4882a593Smuzhiyun * one.
636*4882a593Smuzhiyun */
637*4882a593Smuzhiyun cmp_res = ubi_compare_lebs(ubi, aeb, pnum, vid_hdr);
638*4882a593Smuzhiyun if (cmp_res < 0)
639*4882a593Smuzhiyun return cmp_res;
640*4882a593Smuzhiyun
641*4882a593Smuzhiyun if (cmp_res & 1) {
642*4882a593Smuzhiyun /*
643*4882a593Smuzhiyun * This logical eraseblock is newer than the one
644*4882a593Smuzhiyun * found earlier.
645*4882a593Smuzhiyun */
646*4882a593Smuzhiyun err = validate_vid_hdr(ubi, vid_hdr, av, pnum);
647*4882a593Smuzhiyun if (err)
648*4882a593Smuzhiyun return err;
649*4882a593Smuzhiyun
650*4882a593Smuzhiyun err = add_to_list(ai, aeb->pnum, aeb->vol_id,
651*4882a593Smuzhiyun aeb->lnum, aeb->ec, cmp_res & 4,
652*4882a593Smuzhiyun &ai->erase);
653*4882a593Smuzhiyun if (err)
654*4882a593Smuzhiyun return err;
655*4882a593Smuzhiyun
656*4882a593Smuzhiyun aeb->ec = ec;
657*4882a593Smuzhiyun aeb->pnum = pnum;
658*4882a593Smuzhiyun aeb->vol_id = vol_id;
659*4882a593Smuzhiyun aeb->lnum = lnum;
660*4882a593Smuzhiyun aeb->scrub = ((cmp_res & 2) || bitflips);
661*4882a593Smuzhiyun aeb->copy_flag = vid_hdr->copy_flag;
662*4882a593Smuzhiyun aeb->sqnum = sqnum;
663*4882a593Smuzhiyun
664*4882a593Smuzhiyun if (av->highest_lnum == lnum)
665*4882a593Smuzhiyun av->last_data_size =
666*4882a593Smuzhiyun be32_to_cpu(vid_hdr->data_size);
667*4882a593Smuzhiyun
668*4882a593Smuzhiyun return 0;
669*4882a593Smuzhiyun } else {
670*4882a593Smuzhiyun /*
671*4882a593Smuzhiyun * This logical eraseblock is older than the one found
672*4882a593Smuzhiyun * previously.
673*4882a593Smuzhiyun */
674*4882a593Smuzhiyun return add_to_list(ai, pnum, vol_id, lnum, ec,
675*4882a593Smuzhiyun cmp_res & 4, &ai->erase);
676*4882a593Smuzhiyun }
677*4882a593Smuzhiyun }
678*4882a593Smuzhiyun
679*4882a593Smuzhiyun /*
680*4882a593Smuzhiyun * We've met this logical eraseblock for the first time, add it to the
681*4882a593Smuzhiyun * attaching information.
682*4882a593Smuzhiyun */
683*4882a593Smuzhiyun
684*4882a593Smuzhiyun err = validate_vid_hdr(ubi, vid_hdr, av, pnum);
685*4882a593Smuzhiyun if (err)
686*4882a593Smuzhiyun return err;
687*4882a593Smuzhiyun
688*4882a593Smuzhiyun aeb = ubi_alloc_aeb(ai, pnum, ec);
689*4882a593Smuzhiyun if (!aeb)
690*4882a593Smuzhiyun return -ENOMEM;
691*4882a593Smuzhiyun
692*4882a593Smuzhiyun aeb->vol_id = vol_id;
693*4882a593Smuzhiyun aeb->lnum = lnum;
694*4882a593Smuzhiyun aeb->scrub = bitflips;
695*4882a593Smuzhiyun aeb->copy_flag = vid_hdr->copy_flag;
696*4882a593Smuzhiyun aeb->sqnum = sqnum;
697*4882a593Smuzhiyun
698*4882a593Smuzhiyun if (av->highest_lnum <= lnum) {
699*4882a593Smuzhiyun av->highest_lnum = lnum;
700*4882a593Smuzhiyun av->last_data_size = be32_to_cpu(vid_hdr->data_size);
701*4882a593Smuzhiyun }
702*4882a593Smuzhiyun
703*4882a593Smuzhiyun av->leb_count += 1;
704*4882a593Smuzhiyun rb_link_node(&aeb->u.rb, parent, p);
705*4882a593Smuzhiyun rb_insert_color(&aeb->u.rb, &av->root);
706*4882a593Smuzhiyun return 0;
707*4882a593Smuzhiyun }
708*4882a593Smuzhiyun
709*4882a593Smuzhiyun /**
710*4882a593Smuzhiyun * ubi_add_av - add volume to the attaching information.
711*4882a593Smuzhiyun * @ai: attaching information
712*4882a593Smuzhiyun * @vol_id: the requested volume ID
713*4882a593Smuzhiyun *
714*4882a593Smuzhiyun * This function returns a pointer to the new volume description or an
715*4882a593Smuzhiyun * ERR_PTR if the operation failed.
716*4882a593Smuzhiyun */
ubi_add_av(struct ubi_attach_info * ai,int vol_id)717*4882a593Smuzhiyun struct ubi_ainf_volume *ubi_add_av(struct ubi_attach_info *ai, int vol_id)
718*4882a593Smuzhiyun {
719*4882a593Smuzhiyun bool created;
720*4882a593Smuzhiyun
721*4882a593Smuzhiyun return find_or_add_av(ai, vol_id, AV_ADD, &created);
722*4882a593Smuzhiyun }
723*4882a593Smuzhiyun
724*4882a593Smuzhiyun /**
725*4882a593Smuzhiyun * ubi_find_av - find volume in the attaching information.
726*4882a593Smuzhiyun * @ai: attaching information
727*4882a593Smuzhiyun * @vol_id: the requested volume ID
728*4882a593Smuzhiyun *
729*4882a593Smuzhiyun * This function returns a pointer to the volume description or %NULL if there
730*4882a593Smuzhiyun * are no data about this volume in the attaching information.
731*4882a593Smuzhiyun */
ubi_find_av(const struct ubi_attach_info * ai,int vol_id)732*4882a593Smuzhiyun struct ubi_ainf_volume *ubi_find_av(const struct ubi_attach_info *ai,
733*4882a593Smuzhiyun int vol_id)
734*4882a593Smuzhiyun {
735*4882a593Smuzhiyun bool created;
736*4882a593Smuzhiyun
737*4882a593Smuzhiyun return find_or_add_av((struct ubi_attach_info *)ai, vol_id, AV_FIND,
738*4882a593Smuzhiyun &created);
739*4882a593Smuzhiyun }
740*4882a593Smuzhiyun
741*4882a593Smuzhiyun static void destroy_av(struct ubi_attach_info *ai, struct ubi_ainf_volume *av,
742*4882a593Smuzhiyun struct list_head *list);
743*4882a593Smuzhiyun
744*4882a593Smuzhiyun /**
745*4882a593Smuzhiyun * ubi_remove_av - delete attaching information about a volume.
746*4882a593Smuzhiyun * @ai: attaching information
747*4882a593Smuzhiyun * @av: the volume attaching information to delete
748*4882a593Smuzhiyun */
ubi_remove_av(struct ubi_attach_info * ai,struct ubi_ainf_volume * av)749*4882a593Smuzhiyun void ubi_remove_av(struct ubi_attach_info *ai, struct ubi_ainf_volume *av)
750*4882a593Smuzhiyun {
751*4882a593Smuzhiyun dbg_bld("remove attaching information about volume %d", av->vol_id);
752*4882a593Smuzhiyun
753*4882a593Smuzhiyun rb_erase(&av->rb, &ai->volumes);
754*4882a593Smuzhiyun destroy_av(ai, av, &ai->erase);
755*4882a593Smuzhiyun ai->vols_found -= 1;
756*4882a593Smuzhiyun }
757*4882a593Smuzhiyun
758*4882a593Smuzhiyun /**
759*4882a593Smuzhiyun * early_erase_peb - erase a physical eraseblock.
760*4882a593Smuzhiyun * @ubi: UBI device description object
761*4882a593Smuzhiyun * @ai: attaching information
762*4882a593Smuzhiyun * @pnum: physical eraseblock number to erase;
763*4882a593Smuzhiyun * @ec: erase counter value to write (%UBI_UNKNOWN if it is unknown)
764*4882a593Smuzhiyun *
765*4882a593Smuzhiyun * This function erases physical eraseblock 'pnum', and writes the erase
766*4882a593Smuzhiyun * counter header to it. This function should only be used on UBI device
767*4882a593Smuzhiyun * initialization stages, when the EBA sub-system had not been yet initialized.
768*4882a593Smuzhiyun * This function returns zero in case of success and a negative error code in
769*4882a593Smuzhiyun * case of failure.
770*4882a593Smuzhiyun */
early_erase_peb(struct ubi_device * ubi,const struct ubi_attach_info * ai,int pnum,int ec)771*4882a593Smuzhiyun static int early_erase_peb(struct ubi_device *ubi,
772*4882a593Smuzhiyun const struct ubi_attach_info *ai, int pnum, int ec)
773*4882a593Smuzhiyun {
774*4882a593Smuzhiyun int err;
775*4882a593Smuzhiyun struct ubi_ec_hdr *ec_hdr;
776*4882a593Smuzhiyun
777*4882a593Smuzhiyun if ((long long)ec >= UBI_MAX_ERASECOUNTER) {
778*4882a593Smuzhiyun /*
779*4882a593Smuzhiyun * Erase counter overflow. Upgrade UBI and use 64-bit
780*4882a593Smuzhiyun * erase counters internally.
781*4882a593Smuzhiyun */
782*4882a593Smuzhiyun ubi_err(ubi, "erase counter overflow at PEB %d, EC %d",
783*4882a593Smuzhiyun pnum, ec);
784*4882a593Smuzhiyun return -EINVAL;
785*4882a593Smuzhiyun }
786*4882a593Smuzhiyun
787*4882a593Smuzhiyun ec_hdr = kzalloc(ubi->ec_hdr_alsize, GFP_KERNEL);
788*4882a593Smuzhiyun if (!ec_hdr)
789*4882a593Smuzhiyun return -ENOMEM;
790*4882a593Smuzhiyun
791*4882a593Smuzhiyun ec_hdr->ec = cpu_to_be64(ec);
792*4882a593Smuzhiyun
793*4882a593Smuzhiyun err = ubi_io_sync_erase(ubi, pnum, 0);
794*4882a593Smuzhiyun if (err < 0)
795*4882a593Smuzhiyun goto out_free;
796*4882a593Smuzhiyun
797*4882a593Smuzhiyun err = ubi_io_write_ec_hdr(ubi, pnum, ec_hdr);
798*4882a593Smuzhiyun
799*4882a593Smuzhiyun out_free:
800*4882a593Smuzhiyun kfree(ec_hdr);
801*4882a593Smuzhiyun return err;
802*4882a593Smuzhiyun }
803*4882a593Smuzhiyun
804*4882a593Smuzhiyun /**
805*4882a593Smuzhiyun * ubi_early_get_peb - get a free physical eraseblock.
806*4882a593Smuzhiyun * @ubi: UBI device description object
807*4882a593Smuzhiyun * @ai: attaching information
808*4882a593Smuzhiyun *
809*4882a593Smuzhiyun * This function returns a free physical eraseblock. It is supposed to be
810*4882a593Smuzhiyun * called on the UBI initialization stages when the wear-leveling sub-system is
811*4882a593Smuzhiyun * not initialized yet. This function picks a physical eraseblocks from one of
812*4882a593Smuzhiyun * the lists, writes the EC header if it is needed, and removes it from the
813*4882a593Smuzhiyun * list.
814*4882a593Smuzhiyun *
815*4882a593Smuzhiyun * This function returns a pointer to the "aeb" of the found free PEB in case
816*4882a593Smuzhiyun * of success and an error code in case of failure.
817*4882a593Smuzhiyun */
ubi_early_get_peb(struct ubi_device * ubi,struct ubi_attach_info * ai)818*4882a593Smuzhiyun struct ubi_ainf_peb *ubi_early_get_peb(struct ubi_device *ubi,
819*4882a593Smuzhiyun struct ubi_attach_info *ai)
820*4882a593Smuzhiyun {
821*4882a593Smuzhiyun int err = 0;
822*4882a593Smuzhiyun struct ubi_ainf_peb *aeb, *tmp_aeb;
823*4882a593Smuzhiyun
824*4882a593Smuzhiyun if (!list_empty(&ai->free)) {
825*4882a593Smuzhiyun aeb = list_entry(ai->free.next, struct ubi_ainf_peb, u.list);
826*4882a593Smuzhiyun list_del(&aeb->u.list);
827*4882a593Smuzhiyun dbg_bld("return free PEB %d, EC %d", aeb->pnum, aeb->ec);
828*4882a593Smuzhiyun return aeb;
829*4882a593Smuzhiyun }
830*4882a593Smuzhiyun
831*4882a593Smuzhiyun /*
832*4882a593Smuzhiyun * We try to erase the first physical eraseblock from the erase list
833*4882a593Smuzhiyun * and pick it if we succeed, or try to erase the next one if not. And
834*4882a593Smuzhiyun * so forth. We don't want to take care about bad eraseblocks here -
835*4882a593Smuzhiyun * they'll be handled later.
836*4882a593Smuzhiyun */
837*4882a593Smuzhiyun list_for_each_entry_safe(aeb, tmp_aeb, &ai->erase, u.list) {
838*4882a593Smuzhiyun if (aeb->ec == UBI_UNKNOWN)
839*4882a593Smuzhiyun aeb->ec = ai->mean_ec;
840*4882a593Smuzhiyun
841*4882a593Smuzhiyun err = early_erase_peb(ubi, ai, aeb->pnum, aeb->ec+1);
842*4882a593Smuzhiyun if (err)
843*4882a593Smuzhiyun continue;
844*4882a593Smuzhiyun
845*4882a593Smuzhiyun aeb->ec += 1;
846*4882a593Smuzhiyun list_del(&aeb->u.list);
847*4882a593Smuzhiyun dbg_bld("return PEB %d, EC %d", aeb->pnum, aeb->ec);
848*4882a593Smuzhiyun return aeb;
849*4882a593Smuzhiyun }
850*4882a593Smuzhiyun
851*4882a593Smuzhiyun ubi_err(ubi, "no free eraseblocks");
852*4882a593Smuzhiyun return ERR_PTR(-ENOSPC);
853*4882a593Smuzhiyun }
854*4882a593Smuzhiyun
855*4882a593Smuzhiyun /**
856*4882a593Smuzhiyun * check_corruption - check the data area of PEB.
857*4882a593Smuzhiyun * @ubi: UBI device description object
858*4882a593Smuzhiyun * @vid_hdr: the (corrupted) VID header of this PEB
859*4882a593Smuzhiyun * @pnum: the physical eraseblock number to check
860*4882a593Smuzhiyun *
861*4882a593Smuzhiyun * This is a helper function which is used to distinguish between VID header
862*4882a593Smuzhiyun * corruptions caused by power cuts and other reasons. If the PEB contains only
863*4882a593Smuzhiyun * 0xFF bytes in the data area, the VID header is most probably corrupted
864*4882a593Smuzhiyun * because of a power cut (%0 is returned in this case). Otherwise, it was
865*4882a593Smuzhiyun * probably corrupted for some other reasons (%1 is returned in this case). A
866*4882a593Smuzhiyun * negative error code is returned if a read error occurred.
867*4882a593Smuzhiyun *
868*4882a593Smuzhiyun * If the corruption reason was a power cut, UBI can safely erase this PEB.
869*4882a593Smuzhiyun * Otherwise, it should preserve it to avoid possibly destroying important
870*4882a593Smuzhiyun * information.
871*4882a593Smuzhiyun */
check_corruption(struct ubi_device * ubi,struct ubi_vid_hdr * vid_hdr,int pnum)872*4882a593Smuzhiyun static int check_corruption(struct ubi_device *ubi, struct ubi_vid_hdr *vid_hdr,
873*4882a593Smuzhiyun int pnum)
874*4882a593Smuzhiyun {
875*4882a593Smuzhiyun int err;
876*4882a593Smuzhiyun
877*4882a593Smuzhiyun mutex_lock(&ubi->buf_mutex);
878*4882a593Smuzhiyun memset(ubi->peb_buf, 0x00, ubi->leb_size);
879*4882a593Smuzhiyun
880*4882a593Smuzhiyun err = ubi_io_read(ubi, ubi->peb_buf, pnum, ubi->leb_start,
881*4882a593Smuzhiyun ubi->leb_size);
882*4882a593Smuzhiyun if (err == UBI_IO_BITFLIPS || mtd_is_eccerr(err)) {
883*4882a593Smuzhiyun /*
884*4882a593Smuzhiyun * Bit-flips or integrity errors while reading the data area.
885*4882a593Smuzhiyun * It is difficult to say for sure what type of corruption is
886*4882a593Smuzhiyun * this, but presumably a power cut happened while this PEB was
887*4882a593Smuzhiyun * erased, so it became unstable and corrupted, and should be
888*4882a593Smuzhiyun * erased.
889*4882a593Smuzhiyun */
890*4882a593Smuzhiyun err = 0;
891*4882a593Smuzhiyun goto out_unlock;
892*4882a593Smuzhiyun }
893*4882a593Smuzhiyun
894*4882a593Smuzhiyun if (err)
895*4882a593Smuzhiyun goto out_unlock;
896*4882a593Smuzhiyun
897*4882a593Smuzhiyun if (ubi_check_pattern(ubi->peb_buf, 0xFF, ubi->leb_size))
898*4882a593Smuzhiyun goto out_unlock;
899*4882a593Smuzhiyun
900*4882a593Smuzhiyun ubi_err(ubi, "PEB %d contains corrupted VID header, and the data does not contain all 0xFF",
901*4882a593Smuzhiyun pnum);
902*4882a593Smuzhiyun ubi_err(ubi, "this may be a non-UBI PEB or a severe VID header corruption which requires manual inspection");
903*4882a593Smuzhiyun ubi_dump_vid_hdr(vid_hdr);
904*4882a593Smuzhiyun pr_err("hexdump of PEB %d offset %d, length %d",
905*4882a593Smuzhiyun pnum, ubi->leb_start, ubi->leb_size);
906*4882a593Smuzhiyun ubi_dbg_print_hex_dump(KERN_DEBUG, "", DUMP_PREFIX_OFFSET, 32, 1,
907*4882a593Smuzhiyun ubi->peb_buf, ubi->leb_size, 1);
908*4882a593Smuzhiyun err = 1;
909*4882a593Smuzhiyun
910*4882a593Smuzhiyun out_unlock:
911*4882a593Smuzhiyun mutex_unlock(&ubi->buf_mutex);
912*4882a593Smuzhiyun return err;
913*4882a593Smuzhiyun }
914*4882a593Smuzhiyun
vol_ignored(int vol_id)915*4882a593Smuzhiyun static bool vol_ignored(int vol_id)
916*4882a593Smuzhiyun {
917*4882a593Smuzhiyun switch (vol_id) {
918*4882a593Smuzhiyun case UBI_LAYOUT_VOLUME_ID:
919*4882a593Smuzhiyun return true;
920*4882a593Smuzhiyun }
921*4882a593Smuzhiyun
922*4882a593Smuzhiyun #ifdef CONFIG_MTD_UBI_FASTMAP
923*4882a593Smuzhiyun return ubi_is_fm_vol(vol_id);
924*4882a593Smuzhiyun #else
925*4882a593Smuzhiyun return false;
926*4882a593Smuzhiyun #endif
927*4882a593Smuzhiyun }
928*4882a593Smuzhiyun
929*4882a593Smuzhiyun /**
930*4882a593Smuzhiyun * scan_peb - scan and process UBI headers of a PEB.
931*4882a593Smuzhiyun * @ubi: UBI device description object
932*4882a593Smuzhiyun * @ai: attaching information
933*4882a593Smuzhiyun * @pnum: the physical eraseblock number
934*4882a593Smuzhiyun * @fast: true if we're scanning for a Fastmap
935*4882a593Smuzhiyun *
936*4882a593Smuzhiyun * This function reads UBI headers of PEB @pnum, checks them, and adds
937*4882a593Smuzhiyun * information about this PEB to the corresponding list or RB-tree in the
938*4882a593Smuzhiyun * "attaching info" structure. Returns zero if the physical eraseblock was
939*4882a593Smuzhiyun * successfully handled and a negative error code in case of failure.
940*4882a593Smuzhiyun */
scan_peb(struct ubi_device * ubi,struct ubi_attach_info * ai,int pnum,bool fast)941*4882a593Smuzhiyun static int scan_peb(struct ubi_device *ubi, struct ubi_attach_info *ai,
942*4882a593Smuzhiyun int pnum, bool fast)
943*4882a593Smuzhiyun {
944*4882a593Smuzhiyun struct ubi_ec_hdr *ech = ai->ech;
945*4882a593Smuzhiyun struct ubi_vid_io_buf *vidb = ai->vidb;
946*4882a593Smuzhiyun struct ubi_vid_hdr *vidh = ubi_get_vid_hdr(vidb);
947*4882a593Smuzhiyun long long ec;
948*4882a593Smuzhiyun int err, bitflips = 0, vol_id = -1, ec_err = 0;
949*4882a593Smuzhiyun
950*4882a593Smuzhiyun dbg_bld("scan PEB %d", pnum);
951*4882a593Smuzhiyun
952*4882a593Smuzhiyun /* Skip bad physical eraseblocks */
953*4882a593Smuzhiyun err = ubi_io_is_bad(ubi, pnum);
954*4882a593Smuzhiyun if (err < 0)
955*4882a593Smuzhiyun return err;
956*4882a593Smuzhiyun else if (err) {
957*4882a593Smuzhiyun ai->bad_peb_count += 1;
958*4882a593Smuzhiyun return 0;
959*4882a593Smuzhiyun }
960*4882a593Smuzhiyun
961*4882a593Smuzhiyun err = ubi_io_read_ec_hdr(ubi, pnum, ech, 0);
962*4882a593Smuzhiyun if (err < 0)
963*4882a593Smuzhiyun return err;
964*4882a593Smuzhiyun switch (err) {
965*4882a593Smuzhiyun case 0:
966*4882a593Smuzhiyun break;
967*4882a593Smuzhiyun case UBI_IO_BITFLIPS:
968*4882a593Smuzhiyun bitflips = 1;
969*4882a593Smuzhiyun break;
970*4882a593Smuzhiyun case UBI_IO_FF:
971*4882a593Smuzhiyun ai->empty_peb_count += 1;
972*4882a593Smuzhiyun return add_to_list(ai, pnum, UBI_UNKNOWN, UBI_UNKNOWN,
973*4882a593Smuzhiyun UBI_UNKNOWN, 0, &ai->erase);
974*4882a593Smuzhiyun case UBI_IO_FF_BITFLIPS:
975*4882a593Smuzhiyun ai->empty_peb_count += 1;
976*4882a593Smuzhiyun return add_to_list(ai, pnum, UBI_UNKNOWN, UBI_UNKNOWN,
977*4882a593Smuzhiyun UBI_UNKNOWN, 1, &ai->erase);
978*4882a593Smuzhiyun case UBI_IO_BAD_HDR_EBADMSG:
979*4882a593Smuzhiyun case UBI_IO_BAD_HDR:
980*4882a593Smuzhiyun /*
981*4882a593Smuzhiyun * We have to also look at the VID header, possibly it is not
982*4882a593Smuzhiyun * corrupted. Set %bitflips flag in order to make this PEB be
983*4882a593Smuzhiyun * moved and EC be re-created.
984*4882a593Smuzhiyun */
985*4882a593Smuzhiyun ec_err = err;
986*4882a593Smuzhiyun ec = UBI_UNKNOWN;
987*4882a593Smuzhiyun bitflips = 1;
988*4882a593Smuzhiyun break;
989*4882a593Smuzhiyun default:
990*4882a593Smuzhiyun ubi_err(ubi, "'ubi_io_read_ec_hdr()' returned unknown code %d",
991*4882a593Smuzhiyun err);
992*4882a593Smuzhiyun return -EINVAL;
993*4882a593Smuzhiyun }
994*4882a593Smuzhiyun
995*4882a593Smuzhiyun if (!ec_err) {
996*4882a593Smuzhiyun int image_seq;
997*4882a593Smuzhiyun
998*4882a593Smuzhiyun /* Make sure UBI version is OK */
999*4882a593Smuzhiyun if (ech->version != UBI_VERSION) {
1000*4882a593Smuzhiyun ubi_err(ubi, "this UBI version is %d, image version is %d",
1001*4882a593Smuzhiyun UBI_VERSION, (int)ech->version);
1002*4882a593Smuzhiyun return -EINVAL;
1003*4882a593Smuzhiyun }
1004*4882a593Smuzhiyun
1005*4882a593Smuzhiyun ec = be64_to_cpu(ech->ec);
1006*4882a593Smuzhiyun if (ec > UBI_MAX_ERASECOUNTER) {
1007*4882a593Smuzhiyun /*
1008*4882a593Smuzhiyun * Erase counter overflow. The EC headers have 64 bits
1009*4882a593Smuzhiyun * reserved, but we anyway make use of only 31 bit
1010*4882a593Smuzhiyun * values, as this seems to be enough for any existing
1011*4882a593Smuzhiyun * flash. Upgrade UBI and use 64-bit erase counters
1012*4882a593Smuzhiyun * internally.
1013*4882a593Smuzhiyun */
1014*4882a593Smuzhiyun ubi_err(ubi, "erase counter overflow, max is %d",
1015*4882a593Smuzhiyun UBI_MAX_ERASECOUNTER);
1016*4882a593Smuzhiyun ubi_dump_ec_hdr(ech);
1017*4882a593Smuzhiyun return -EINVAL;
1018*4882a593Smuzhiyun }
1019*4882a593Smuzhiyun
1020*4882a593Smuzhiyun /*
1021*4882a593Smuzhiyun * Make sure that all PEBs have the same image sequence number.
1022*4882a593Smuzhiyun * This allows us to detect situations when users flash UBI
1023*4882a593Smuzhiyun * images incorrectly, so that the flash has the new UBI image
1024*4882a593Smuzhiyun * and leftovers from the old one. This feature was added
1025*4882a593Smuzhiyun * relatively recently, and the sequence number was always
1026*4882a593Smuzhiyun * zero, because old UBI implementations always set it to zero.
1027*4882a593Smuzhiyun * For this reasons, we do not panic if some PEBs have zero
1028*4882a593Smuzhiyun * sequence number, while other PEBs have non-zero sequence
1029*4882a593Smuzhiyun * number.
1030*4882a593Smuzhiyun */
1031*4882a593Smuzhiyun image_seq = be32_to_cpu(ech->image_seq);
1032*4882a593Smuzhiyun if (!ubi->image_seq)
1033*4882a593Smuzhiyun ubi->image_seq = image_seq;
1034*4882a593Smuzhiyun if (image_seq && ubi->image_seq != image_seq) {
1035*4882a593Smuzhiyun ubi_err(ubi, "bad image sequence number %d in PEB %d, expected %d",
1036*4882a593Smuzhiyun image_seq, pnum, ubi->image_seq);
1037*4882a593Smuzhiyun ubi_dump_ec_hdr(ech);
1038*4882a593Smuzhiyun return -EINVAL;
1039*4882a593Smuzhiyun }
1040*4882a593Smuzhiyun }
1041*4882a593Smuzhiyun
1042*4882a593Smuzhiyun /* OK, we've done with the EC header, let's look at the VID header */
1043*4882a593Smuzhiyun
1044*4882a593Smuzhiyun err = ubi_io_read_vid_hdr(ubi, pnum, vidb, 0);
1045*4882a593Smuzhiyun if (err < 0)
1046*4882a593Smuzhiyun return err;
1047*4882a593Smuzhiyun switch (err) {
1048*4882a593Smuzhiyun case 0:
1049*4882a593Smuzhiyun break;
1050*4882a593Smuzhiyun case UBI_IO_BITFLIPS:
1051*4882a593Smuzhiyun bitflips = 1;
1052*4882a593Smuzhiyun break;
1053*4882a593Smuzhiyun case UBI_IO_BAD_HDR_EBADMSG:
1054*4882a593Smuzhiyun if (ec_err == UBI_IO_BAD_HDR_EBADMSG)
1055*4882a593Smuzhiyun /*
1056*4882a593Smuzhiyun * Both EC and VID headers are corrupted and were read
1057*4882a593Smuzhiyun * with data integrity error, probably this is a bad
1058*4882a593Smuzhiyun * PEB, bit it is not marked as bad yet. This may also
1059*4882a593Smuzhiyun * be a result of power cut during erasure.
1060*4882a593Smuzhiyun */
1061*4882a593Smuzhiyun ai->maybe_bad_peb_count += 1;
1062*4882a593Smuzhiyun fallthrough;
1063*4882a593Smuzhiyun case UBI_IO_BAD_HDR:
1064*4882a593Smuzhiyun /*
1065*4882a593Smuzhiyun * If we're facing a bad VID header we have to drop *all*
1066*4882a593Smuzhiyun * Fastmap data structures we find. The most recent Fastmap
1067*4882a593Smuzhiyun * could be bad and therefore there is a chance that we attach
1068*4882a593Smuzhiyun * from an old one. On a fine MTD stack a PEB must not render
1069*4882a593Smuzhiyun * bad all of a sudden, but the reality is different.
1070*4882a593Smuzhiyun * So, let's be paranoid and help finding the root cause by
1071*4882a593Smuzhiyun * falling back to scanning mode instead of attaching with a
1072*4882a593Smuzhiyun * bad EBA table and cause data corruption which is hard to
1073*4882a593Smuzhiyun * analyze.
1074*4882a593Smuzhiyun */
1075*4882a593Smuzhiyun if (fast)
1076*4882a593Smuzhiyun ai->force_full_scan = 1;
1077*4882a593Smuzhiyun
1078*4882a593Smuzhiyun if (ec_err)
1079*4882a593Smuzhiyun /*
1080*4882a593Smuzhiyun * Both headers are corrupted. There is a possibility
1081*4882a593Smuzhiyun * that this a valid UBI PEB which has corresponding
1082*4882a593Smuzhiyun * LEB, but the headers are corrupted. However, it is
1083*4882a593Smuzhiyun * impossible to distinguish it from a PEB which just
1084*4882a593Smuzhiyun * contains garbage because of a power cut during erase
1085*4882a593Smuzhiyun * operation. So we just schedule this PEB for erasure.
1086*4882a593Smuzhiyun *
1087*4882a593Smuzhiyun * Besides, in case of NOR flash, we deliberately
1088*4882a593Smuzhiyun * corrupt both headers because NOR flash erasure is
1089*4882a593Smuzhiyun * slow and can start from the end.
1090*4882a593Smuzhiyun */
1091*4882a593Smuzhiyun err = 0;
1092*4882a593Smuzhiyun else
1093*4882a593Smuzhiyun /*
1094*4882a593Smuzhiyun * The EC was OK, but the VID header is corrupted. We
1095*4882a593Smuzhiyun * have to check what is in the data area.
1096*4882a593Smuzhiyun */
1097*4882a593Smuzhiyun err = check_corruption(ubi, vidh, pnum);
1098*4882a593Smuzhiyun
1099*4882a593Smuzhiyun if (err < 0)
1100*4882a593Smuzhiyun return err;
1101*4882a593Smuzhiyun else if (!err)
1102*4882a593Smuzhiyun /* This corruption is caused by a power cut */
1103*4882a593Smuzhiyun err = add_to_list(ai, pnum, UBI_UNKNOWN,
1104*4882a593Smuzhiyun UBI_UNKNOWN, ec, 1, &ai->erase);
1105*4882a593Smuzhiyun else
1106*4882a593Smuzhiyun /* This is an unexpected corruption */
1107*4882a593Smuzhiyun err = add_corrupted(ai, pnum, ec);
1108*4882a593Smuzhiyun if (err)
1109*4882a593Smuzhiyun return err;
1110*4882a593Smuzhiyun goto adjust_mean_ec;
1111*4882a593Smuzhiyun case UBI_IO_FF_BITFLIPS:
1112*4882a593Smuzhiyun err = add_to_list(ai, pnum, UBI_UNKNOWN, UBI_UNKNOWN,
1113*4882a593Smuzhiyun ec, 1, &ai->erase);
1114*4882a593Smuzhiyun if (err)
1115*4882a593Smuzhiyun return err;
1116*4882a593Smuzhiyun goto adjust_mean_ec;
1117*4882a593Smuzhiyun case UBI_IO_FF:
1118*4882a593Smuzhiyun if (ec_err || bitflips)
1119*4882a593Smuzhiyun err = add_to_list(ai, pnum, UBI_UNKNOWN,
1120*4882a593Smuzhiyun UBI_UNKNOWN, ec, 1, &ai->erase);
1121*4882a593Smuzhiyun else
1122*4882a593Smuzhiyun err = add_to_list(ai, pnum, UBI_UNKNOWN,
1123*4882a593Smuzhiyun UBI_UNKNOWN, ec, 0, &ai->free);
1124*4882a593Smuzhiyun if (err)
1125*4882a593Smuzhiyun return err;
1126*4882a593Smuzhiyun goto adjust_mean_ec;
1127*4882a593Smuzhiyun default:
1128*4882a593Smuzhiyun ubi_err(ubi, "'ubi_io_read_vid_hdr()' returned unknown code %d",
1129*4882a593Smuzhiyun err);
1130*4882a593Smuzhiyun return -EINVAL;
1131*4882a593Smuzhiyun }
1132*4882a593Smuzhiyun
1133*4882a593Smuzhiyun vol_id = be32_to_cpu(vidh->vol_id);
1134*4882a593Smuzhiyun if (vol_id > UBI_MAX_VOLUMES && !vol_ignored(vol_id)) {
1135*4882a593Smuzhiyun int lnum = be32_to_cpu(vidh->lnum);
1136*4882a593Smuzhiyun
1137*4882a593Smuzhiyun /* Unsupported internal volume */
1138*4882a593Smuzhiyun switch (vidh->compat) {
1139*4882a593Smuzhiyun case UBI_COMPAT_DELETE:
1140*4882a593Smuzhiyun ubi_msg(ubi, "\"delete\" compatible internal volume %d:%d found, will remove it",
1141*4882a593Smuzhiyun vol_id, lnum);
1142*4882a593Smuzhiyun
1143*4882a593Smuzhiyun err = add_to_list(ai, pnum, vol_id, lnum,
1144*4882a593Smuzhiyun ec, 1, &ai->erase);
1145*4882a593Smuzhiyun if (err)
1146*4882a593Smuzhiyun return err;
1147*4882a593Smuzhiyun return 0;
1148*4882a593Smuzhiyun
1149*4882a593Smuzhiyun case UBI_COMPAT_RO:
1150*4882a593Smuzhiyun ubi_msg(ubi, "read-only compatible internal volume %d:%d found, switch to read-only mode",
1151*4882a593Smuzhiyun vol_id, lnum);
1152*4882a593Smuzhiyun ubi->ro_mode = 1;
1153*4882a593Smuzhiyun break;
1154*4882a593Smuzhiyun
1155*4882a593Smuzhiyun case UBI_COMPAT_PRESERVE:
1156*4882a593Smuzhiyun ubi_msg(ubi, "\"preserve\" compatible internal volume %d:%d found",
1157*4882a593Smuzhiyun vol_id, lnum);
1158*4882a593Smuzhiyun err = add_to_list(ai, pnum, vol_id, lnum,
1159*4882a593Smuzhiyun ec, 0, &ai->alien);
1160*4882a593Smuzhiyun if (err)
1161*4882a593Smuzhiyun return err;
1162*4882a593Smuzhiyun return 0;
1163*4882a593Smuzhiyun
1164*4882a593Smuzhiyun case UBI_COMPAT_REJECT:
1165*4882a593Smuzhiyun ubi_err(ubi, "incompatible internal volume %d:%d found",
1166*4882a593Smuzhiyun vol_id, lnum);
1167*4882a593Smuzhiyun return -EINVAL;
1168*4882a593Smuzhiyun }
1169*4882a593Smuzhiyun }
1170*4882a593Smuzhiyun
1171*4882a593Smuzhiyun if (ec_err)
1172*4882a593Smuzhiyun ubi_warn(ubi, "valid VID header but corrupted EC header at PEB %d",
1173*4882a593Smuzhiyun pnum);
1174*4882a593Smuzhiyun
1175*4882a593Smuzhiyun if (ubi_is_fm_vol(vol_id))
1176*4882a593Smuzhiyun err = add_fastmap(ai, pnum, vidh, ec);
1177*4882a593Smuzhiyun else
1178*4882a593Smuzhiyun err = ubi_add_to_av(ubi, ai, pnum, ec, vidh, bitflips);
1179*4882a593Smuzhiyun
1180*4882a593Smuzhiyun if (err)
1181*4882a593Smuzhiyun return err;
1182*4882a593Smuzhiyun
1183*4882a593Smuzhiyun adjust_mean_ec:
1184*4882a593Smuzhiyun if (!ec_err) {
1185*4882a593Smuzhiyun ai->ec_sum += ec;
1186*4882a593Smuzhiyun ai->ec_count += 1;
1187*4882a593Smuzhiyun if (ec > ai->max_ec)
1188*4882a593Smuzhiyun ai->max_ec = ec;
1189*4882a593Smuzhiyun if (ec < ai->min_ec)
1190*4882a593Smuzhiyun ai->min_ec = ec;
1191*4882a593Smuzhiyun }
1192*4882a593Smuzhiyun
1193*4882a593Smuzhiyun return 0;
1194*4882a593Smuzhiyun }
1195*4882a593Smuzhiyun
1196*4882a593Smuzhiyun /**
1197*4882a593Smuzhiyun * late_analysis - analyze the overall situation with PEB.
1198*4882a593Smuzhiyun * @ubi: UBI device description object
1199*4882a593Smuzhiyun * @ai: attaching information
1200*4882a593Smuzhiyun *
1201*4882a593Smuzhiyun * This is a helper function which takes a look what PEBs we have after we
1202*4882a593Smuzhiyun * gather information about all of them ("ai" is compete). It decides whether
1203*4882a593Smuzhiyun * the flash is empty and should be formatted of whether there are too many
1204*4882a593Smuzhiyun * corrupted PEBs and we should not attach this MTD device. Returns zero if we
1205*4882a593Smuzhiyun * should proceed with attaching the MTD device, and %-EINVAL if we should not.
1206*4882a593Smuzhiyun */
late_analysis(struct ubi_device * ubi,struct ubi_attach_info * ai)1207*4882a593Smuzhiyun static int late_analysis(struct ubi_device *ubi, struct ubi_attach_info *ai)
1208*4882a593Smuzhiyun {
1209*4882a593Smuzhiyun struct ubi_ainf_peb *aeb;
1210*4882a593Smuzhiyun int max_corr, peb_count;
1211*4882a593Smuzhiyun
1212*4882a593Smuzhiyun peb_count = ubi->peb_count - ai->bad_peb_count - ai->alien_peb_count;
1213*4882a593Smuzhiyun max_corr = peb_count / 20 ?: 8;
1214*4882a593Smuzhiyun
1215*4882a593Smuzhiyun /*
1216*4882a593Smuzhiyun * Few corrupted PEBs is not a problem and may be just a result of
1217*4882a593Smuzhiyun * unclean reboots. However, many of them may indicate some problems
1218*4882a593Smuzhiyun * with the flash HW or driver.
1219*4882a593Smuzhiyun */
1220*4882a593Smuzhiyun if (ai->corr_peb_count) {
1221*4882a593Smuzhiyun ubi_err(ubi, "%d PEBs are corrupted and preserved",
1222*4882a593Smuzhiyun ai->corr_peb_count);
1223*4882a593Smuzhiyun pr_err("Corrupted PEBs are:");
1224*4882a593Smuzhiyun list_for_each_entry(aeb, &ai->corr, u.list)
1225*4882a593Smuzhiyun pr_cont(" %d", aeb->pnum);
1226*4882a593Smuzhiyun pr_cont("\n");
1227*4882a593Smuzhiyun
1228*4882a593Smuzhiyun /*
1229*4882a593Smuzhiyun * If too many PEBs are corrupted, we refuse attaching,
1230*4882a593Smuzhiyun * otherwise, only print a warning.
1231*4882a593Smuzhiyun */
1232*4882a593Smuzhiyun if (ai->corr_peb_count >= max_corr) {
1233*4882a593Smuzhiyun ubi_err(ubi, "too many corrupted PEBs, refusing");
1234*4882a593Smuzhiyun return -EINVAL;
1235*4882a593Smuzhiyun }
1236*4882a593Smuzhiyun }
1237*4882a593Smuzhiyun
1238*4882a593Smuzhiyun if (ai->empty_peb_count + ai->maybe_bad_peb_count == peb_count) {
1239*4882a593Smuzhiyun /*
1240*4882a593Smuzhiyun * All PEBs are empty, or almost all - a couple PEBs look like
1241*4882a593Smuzhiyun * they may be bad PEBs which were not marked as bad yet.
1242*4882a593Smuzhiyun *
1243*4882a593Smuzhiyun * This piece of code basically tries to distinguish between
1244*4882a593Smuzhiyun * the following situations:
1245*4882a593Smuzhiyun *
1246*4882a593Smuzhiyun * 1. Flash is empty, but there are few bad PEBs, which are not
1247*4882a593Smuzhiyun * marked as bad so far, and which were read with error. We
1248*4882a593Smuzhiyun * want to go ahead and format this flash. While formatting,
1249*4882a593Smuzhiyun * the faulty PEBs will probably be marked as bad.
1250*4882a593Smuzhiyun *
1251*4882a593Smuzhiyun * 2. Flash contains non-UBI data and we do not want to format
1252*4882a593Smuzhiyun * it and destroy possibly important information.
1253*4882a593Smuzhiyun */
1254*4882a593Smuzhiyun if (ai->maybe_bad_peb_count <= 2) {
1255*4882a593Smuzhiyun ai->is_empty = 1;
1256*4882a593Smuzhiyun ubi_msg(ubi, "empty MTD device detected");
1257*4882a593Smuzhiyun get_random_bytes(&ubi->image_seq,
1258*4882a593Smuzhiyun sizeof(ubi->image_seq));
1259*4882a593Smuzhiyun } else {
1260*4882a593Smuzhiyun ubi_err(ubi, "MTD device is not UBI-formatted and possibly contains non-UBI data - refusing it");
1261*4882a593Smuzhiyun return -EINVAL;
1262*4882a593Smuzhiyun }
1263*4882a593Smuzhiyun
1264*4882a593Smuzhiyun }
1265*4882a593Smuzhiyun
1266*4882a593Smuzhiyun return 0;
1267*4882a593Smuzhiyun }
1268*4882a593Smuzhiyun
1269*4882a593Smuzhiyun /**
1270*4882a593Smuzhiyun * destroy_av - free volume attaching information.
1271*4882a593Smuzhiyun * @av: volume attaching information
1272*4882a593Smuzhiyun * @ai: attaching information
1273*4882a593Smuzhiyun * @list: put the aeb elements in there if !NULL, otherwise free them
1274*4882a593Smuzhiyun *
1275*4882a593Smuzhiyun * This function destroys the volume attaching information.
1276*4882a593Smuzhiyun */
destroy_av(struct ubi_attach_info * ai,struct ubi_ainf_volume * av,struct list_head * list)1277*4882a593Smuzhiyun static void destroy_av(struct ubi_attach_info *ai, struct ubi_ainf_volume *av,
1278*4882a593Smuzhiyun struct list_head *list)
1279*4882a593Smuzhiyun {
1280*4882a593Smuzhiyun struct ubi_ainf_peb *aeb;
1281*4882a593Smuzhiyun struct rb_node *this = av->root.rb_node;
1282*4882a593Smuzhiyun
1283*4882a593Smuzhiyun while (this) {
1284*4882a593Smuzhiyun if (this->rb_left)
1285*4882a593Smuzhiyun this = this->rb_left;
1286*4882a593Smuzhiyun else if (this->rb_right)
1287*4882a593Smuzhiyun this = this->rb_right;
1288*4882a593Smuzhiyun else {
1289*4882a593Smuzhiyun aeb = rb_entry(this, struct ubi_ainf_peb, u.rb);
1290*4882a593Smuzhiyun this = rb_parent(this);
1291*4882a593Smuzhiyun if (this) {
1292*4882a593Smuzhiyun if (this->rb_left == &aeb->u.rb)
1293*4882a593Smuzhiyun this->rb_left = NULL;
1294*4882a593Smuzhiyun else
1295*4882a593Smuzhiyun this->rb_right = NULL;
1296*4882a593Smuzhiyun }
1297*4882a593Smuzhiyun
1298*4882a593Smuzhiyun if (list)
1299*4882a593Smuzhiyun list_add_tail(&aeb->u.list, list);
1300*4882a593Smuzhiyun else
1301*4882a593Smuzhiyun ubi_free_aeb(ai, aeb);
1302*4882a593Smuzhiyun }
1303*4882a593Smuzhiyun }
1304*4882a593Smuzhiyun kfree(av);
1305*4882a593Smuzhiyun }
1306*4882a593Smuzhiyun
1307*4882a593Smuzhiyun /**
1308*4882a593Smuzhiyun * destroy_ai - destroy attaching information.
1309*4882a593Smuzhiyun * @ai: attaching information
1310*4882a593Smuzhiyun */
destroy_ai(struct ubi_attach_info * ai)1311*4882a593Smuzhiyun static void destroy_ai(struct ubi_attach_info *ai)
1312*4882a593Smuzhiyun {
1313*4882a593Smuzhiyun struct ubi_ainf_peb *aeb, *aeb_tmp;
1314*4882a593Smuzhiyun struct ubi_ainf_volume *av;
1315*4882a593Smuzhiyun struct rb_node *rb;
1316*4882a593Smuzhiyun
1317*4882a593Smuzhiyun list_for_each_entry_safe(aeb, aeb_tmp, &ai->alien, u.list) {
1318*4882a593Smuzhiyun list_del(&aeb->u.list);
1319*4882a593Smuzhiyun ubi_free_aeb(ai, aeb);
1320*4882a593Smuzhiyun }
1321*4882a593Smuzhiyun list_for_each_entry_safe(aeb, aeb_tmp, &ai->erase, u.list) {
1322*4882a593Smuzhiyun list_del(&aeb->u.list);
1323*4882a593Smuzhiyun ubi_free_aeb(ai, aeb);
1324*4882a593Smuzhiyun }
1325*4882a593Smuzhiyun list_for_each_entry_safe(aeb, aeb_tmp, &ai->corr, u.list) {
1326*4882a593Smuzhiyun list_del(&aeb->u.list);
1327*4882a593Smuzhiyun ubi_free_aeb(ai, aeb);
1328*4882a593Smuzhiyun }
1329*4882a593Smuzhiyun list_for_each_entry_safe(aeb, aeb_tmp, &ai->free, u.list) {
1330*4882a593Smuzhiyun list_del(&aeb->u.list);
1331*4882a593Smuzhiyun ubi_free_aeb(ai, aeb);
1332*4882a593Smuzhiyun }
1333*4882a593Smuzhiyun list_for_each_entry_safe(aeb, aeb_tmp, &ai->fastmap, u.list) {
1334*4882a593Smuzhiyun list_del(&aeb->u.list);
1335*4882a593Smuzhiyun ubi_free_aeb(ai, aeb);
1336*4882a593Smuzhiyun }
1337*4882a593Smuzhiyun
1338*4882a593Smuzhiyun /* Destroy the volume RB-tree */
1339*4882a593Smuzhiyun rb = ai->volumes.rb_node;
1340*4882a593Smuzhiyun while (rb) {
1341*4882a593Smuzhiyun if (rb->rb_left)
1342*4882a593Smuzhiyun rb = rb->rb_left;
1343*4882a593Smuzhiyun else if (rb->rb_right)
1344*4882a593Smuzhiyun rb = rb->rb_right;
1345*4882a593Smuzhiyun else {
1346*4882a593Smuzhiyun av = rb_entry(rb, struct ubi_ainf_volume, rb);
1347*4882a593Smuzhiyun
1348*4882a593Smuzhiyun rb = rb_parent(rb);
1349*4882a593Smuzhiyun if (rb) {
1350*4882a593Smuzhiyun if (rb->rb_left == &av->rb)
1351*4882a593Smuzhiyun rb->rb_left = NULL;
1352*4882a593Smuzhiyun else
1353*4882a593Smuzhiyun rb->rb_right = NULL;
1354*4882a593Smuzhiyun }
1355*4882a593Smuzhiyun
1356*4882a593Smuzhiyun destroy_av(ai, av, NULL);
1357*4882a593Smuzhiyun }
1358*4882a593Smuzhiyun }
1359*4882a593Smuzhiyun
1360*4882a593Smuzhiyun kmem_cache_destroy(ai->aeb_slab_cache);
1361*4882a593Smuzhiyun kfree(ai);
1362*4882a593Smuzhiyun }
1363*4882a593Smuzhiyun
1364*4882a593Smuzhiyun /**
1365*4882a593Smuzhiyun * scan_all - scan entire MTD device.
1366*4882a593Smuzhiyun * @ubi: UBI device description object
1367*4882a593Smuzhiyun * @ai: attach info object
1368*4882a593Smuzhiyun * @start: start scanning at this PEB
1369*4882a593Smuzhiyun *
1370*4882a593Smuzhiyun * This function does full scanning of an MTD device and returns complete
1371*4882a593Smuzhiyun * information about it in form of a "struct ubi_attach_info" object. In case
1372*4882a593Smuzhiyun * of failure, an error code is returned.
1373*4882a593Smuzhiyun */
scan_all(struct ubi_device * ubi,struct ubi_attach_info * ai,int start)1374*4882a593Smuzhiyun static int scan_all(struct ubi_device *ubi, struct ubi_attach_info *ai,
1375*4882a593Smuzhiyun int start)
1376*4882a593Smuzhiyun {
1377*4882a593Smuzhiyun int err, pnum;
1378*4882a593Smuzhiyun struct rb_node *rb1, *rb2;
1379*4882a593Smuzhiyun struct ubi_ainf_volume *av;
1380*4882a593Smuzhiyun struct ubi_ainf_peb *aeb;
1381*4882a593Smuzhiyun
1382*4882a593Smuzhiyun err = -ENOMEM;
1383*4882a593Smuzhiyun
1384*4882a593Smuzhiyun ai->ech = kzalloc(ubi->ec_hdr_alsize, GFP_KERNEL);
1385*4882a593Smuzhiyun if (!ai->ech)
1386*4882a593Smuzhiyun return err;
1387*4882a593Smuzhiyun
1388*4882a593Smuzhiyun ai->vidb = ubi_alloc_vid_buf(ubi, GFP_KERNEL);
1389*4882a593Smuzhiyun if (!ai->vidb)
1390*4882a593Smuzhiyun goto out_ech;
1391*4882a593Smuzhiyun
1392*4882a593Smuzhiyun for (pnum = start; pnum < ubi->peb_count; pnum++) {
1393*4882a593Smuzhiyun cond_resched();
1394*4882a593Smuzhiyun
1395*4882a593Smuzhiyun dbg_gen("process PEB %d", pnum);
1396*4882a593Smuzhiyun err = scan_peb(ubi, ai, pnum, false);
1397*4882a593Smuzhiyun if (err < 0)
1398*4882a593Smuzhiyun goto out_vidh;
1399*4882a593Smuzhiyun }
1400*4882a593Smuzhiyun
1401*4882a593Smuzhiyun ubi_msg(ubi, "scanning is finished");
1402*4882a593Smuzhiyun
1403*4882a593Smuzhiyun /* Calculate mean erase counter */
1404*4882a593Smuzhiyun if (ai->ec_count)
1405*4882a593Smuzhiyun ai->mean_ec = div_u64(ai->ec_sum, ai->ec_count);
1406*4882a593Smuzhiyun
1407*4882a593Smuzhiyun err = late_analysis(ubi, ai);
1408*4882a593Smuzhiyun if (err)
1409*4882a593Smuzhiyun goto out_vidh;
1410*4882a593Smuzhiyun
1411*4882a593Smuzhiyun /*
1412*4882a593Smuzhiyun * In case of unknown erase counter we use the mean erase counter
1413*4882a593Smuzhiyun * value.
1414*4882a593Smuzhiyun */
1415*4882a593Smuzhiyun ubi_rb_for_each_entry(rb1, av, &ai->volumes, rb) {
1416*4882a593Smuzhiyun ubi_rb_for_each_entry(rb2, aeb, &av->root, u.rb)
1417*4882a593Smuzhiyun if (aeb->ec == UBI_UNKNOWN)
1418*4882a593Smuzhiyun aeb->ec = ai->mean_ec;
1419*4882a593Smuzhiyun }
1420*4882a593Smuzhiyun
1421*4882a593Smuzhiyun list_for_each_entry(aeb, &ai->free, u.list) {
1422*4882a593Smuzhiyun if (aeb->ec == UBI_UNKNOWN)
1423*4882a593Smuzhiyun aeb->ec = ai->mean_ec;
1424*4882a593Smuzhiyun }
1425*4882a593Smuzhiyun
1426*4882a593Smuzhiyun list_for_each_entry(aeb, &ai->corr, u.list)
1427*4882a593Smuzhiyun if (aeb->ec == UBI_UNKNOWN)
1428*4882a593Smuzhiyun aeb->ec = ai->mean_ec;
1429*4882a593Smuzhiyun
1430*4882a593Smuzhiyun list_for_each_entry(aeb, &ai->erase, u.list)
1431*4882a593Smuzhiyun if (aeb->ec == UBI_UNKNOWN)
1432*4882a593Smuzhiyun aeb->ec = ai->mean_ec;
1433*4882a593Smuzhiyun
1434*4882a593Smuzhiyun err = self_check_ai(ubi, ai);
1435*4882a593Smuzhiyun if (err)
1436*4882a593Smuzhiyun goto out_vidh;
1437*4882a593Smuzhiyun
1438*4882a593Smuzhiyun ubi_free_vid_buf(ai->vidb);
1439*4882a593Smuzhiyun kfree(ai->ech);
1440*4882a593Smuzhiyun
1441*4882a593Smuzhiyun return 0;
1442*4882a593Smuzhiyun
1443*4882a593Smuzhiyun out_vidh:
1444*4882a593Smuzhiyun ubi_free_vid_buf(ai->vidb);
1445*4882a593Smuzhiyun out_ech:
1446*4882a593Smuzhiyun kfree(ai->ech);
1447*4882a593Smuzhiyun return err;
1448*4882a593Smuzhiyun }
1449*4882a593Smuzhiyun
alloc_ai(void)1450*4882a593Smuzhiyun static struct ubi_attach_info *alloc_ai(void)
1451*4882a593Smuzhiyun {
1452*4882a593Smuzhiyun struct ubi_attach_info *ai;
1453*4882a593Smuzhiyun
1454*4882a593Smuzhiyun ai = kzalloc(sizeof(struct ubi_attach_info), GFP_KERNEL);
1455*4882a593Smuzhiyun if (!ai)
1456*4882a593Smuzhiyun return ai;
1457*4882a593Smuzhiyun
1458*4882a593Smuzhiyun INIT_LIST_HEAD(&ai->corr);
1459*4882a593Smuzhiyun INIT_LIST_HEAD(&ai->free);
1460*4882a593Smuzhiyun INIT_LIST_HEAD(&ai->erase);
1461*4882a593Smuzhiyun INIT_LIST_HEAD(&ai->alien);
1462*4882a593Smuzhiyun INIT_LIST_HEAD(&ai->fastmap);
1463*4882a593Smuzhiyun ai->volumes = RB_ROOT;
1464*4882a593Smuzhiyun ai->aeb_slab_cache = kmem_cache_create("ubi_aeb_slab_cache",
1465*4882a593Smuzhiyun sizeof(struct ubi_ainf_peb),
1466*4882a593Smuzhiyun 0, 0, NULL);
1467*4882a593Smuzhiyun if (!ai->aeb_slab_cache) {
1468*4882a593Smuzhiyun kfree(ai);
1469*4882a593Smuzhiyun ai = NULL;
1470*4882a593Smuzhiyun }
1471*4882a593Smuzhiyun
1472*4882a593Smuzhiyun return ai;
1473*4882a593Smuzhiyun }
1474*4882a593Smuzhiyun
1475*4882a593Smuzhiyun #ifdef CONFIG_MTD_UBI_FASTMAP
1476*4882a593Smuzhiyun
1477*4882a593Smuzhiyun /**
1478*4882a593Smuzhiyun * scan_fast - try to find a fastmap and attach from it.
1479*4882a593Smuzhiyun * @ubi: UBI device description object
1480*4882a593Smuzhiyun * @ai: attach info object
1481*4882a593Smuzhiyun *
1482*4882a593Smuzhiyun * Returns 0 on success, negative return values indicate an internal
1483*4882a593Smuzhiyun * error.
1484*4882a593Smuzhiyun * UBI_NO_FASTMAP denotes that no fastmap was found.
1485*4882a593Smuzhiyun * UBI_BAD_FASTMAP denotes that the found fastmap was invalid.
1486*4882a593Smuzhiyun */
scan_fast(struct ubi_device * ubi,struct ubi_attach_info ** ai)1487*4882a593Smuzhiyun static int scan_fast(struct ubi_device *ubi, struct ubi_attach_info **ai)
1488*4882a593Smuzhiyun {
1489*4882a593Smuzhiyun int err, pnum;
1490*4882a593Smuzhiyun struct ubi_attach_info *scan_ai;
1491*4882a593Smuzhiyun
1492*4882a593Smuzhiyun err = -ENOMEM;
1493*4882a593Smuzhiyun
1494*4882a593Smuzhiyun scan_ai = alloc_ai();
1495*4882a593Smuzhiyun if (!scan_ai)
1496*4882a593Smuzhiyun goto out;
1497*4882a593Smuzhiyun
1498*4882a593Smuzhiyun scan_ai->ech = kzalloc(ubi->ec_hdr_alsize, GFP_KERNEL);
1499*4882a593Smuzhiyun if (!scan_ai->ech)
1500*4882a593Smuzhiyun goto out_ai;
1501*4882a593Smuzhiyun
1502*4882a593Smuzhiyun scan_ai->vidb = ubi_alloc_vid_buf(ubi, GFP_KERNEL);
1503*4882a593Smuzhiyun if (!scan_ai->vidb)
1504*4882a593Smuzhiyun goto out_ech;
1505*4882a593Smuzhiyun
1506*4882a593Smuzhiyun for (pnum = 0; pnum < UBI_FM_MAX_START; pnum++) {
1507*4882a593Smuzhiyun cond_resched();
1508*4882a593Smuzhiyun
1509*4882a593Smuzhiyun dbg_gen("process PEB %d", pnum);
1510*4882a593Smuzhiyun err = scan_peb(ubi, scan_ai, pnum, true);
1511*4882a593Smuzhiyun if (err < 0)
1512*4882a593Smuzhiyun goto out_vidh;
1513*4882a593Smuzhiyun }
1514*4882a593Smuzhiyun
1515*4882a593Smuzhiyun ubi_free_vid_buf(scan_ai->vidb);
1516*4882a593Smuzhiyun kfree(scan_ai->ech);
1517*4882a593Smuzhiyun
1518*4882a593Smuzhiyun if (scan_ai->force_full_scan)
1519*4882a593Smuzhiyun err = UBI_NO_FASTMAP;
1520*4882a593Smuzhiyun else
1521*4882a593Smuzhiyun err = ubi_scan_fastmap(ubi, *ai, scan_ai);
1522*4882a593Smuzhiyun
1523*4882a593Smuzhiyun if (err) {
1524*4882a593Smuzhiyun /*
1525*4882a593Smuzhiyun * Didn't attach via fastmap, do a full scan but reuse what
1526*4882a593Smuzhiyun * we've aready scanned.
1527*4882a593Smuzhiyun */
1528*4882a593Smuzhiyun destroy_ai(*ai);
1529*4882a593Smuzhiyun *ai = scan_ai;
1530*4882a593Smuzhiyun } else
1531*4882a593Smuzhiyun destroy_ai(scan_ai);
1532*4882a593Smuzhiyun
1533*4882a593Smuzhiyun return err;
1534*4882a593Smuzhiyun
1535*4882a593Smuzhiyun out_vidh:
1536*4882a593Smuzhiyun ubi_free_vid_buf(scan_ai->vidb);
1537*4882a593Smuzhiyun out_ech:
1538*4882a593Smuzhiyun kfree(scan_ai->ech);
1539*4882a593Smuzhiyun out_ai:
1540*4882a593Smuzhiyun destroy_ai(scan_ai);
1541*4882a593Smuzhiyun out:
1542*4882a593Smuzhiyun return err;
1543*4882a593Smuzhiyun }
1544*4882a593Smuzhiyun
1545*4882a593Smuzhiyun #endif
1546*4882a593Smuzhiyun
1547*4882a593Smuzhiyun /**
1548*4882a593Smuzhiyun * ubi_attach - attach an MTD device.
1549*4882a593Smuzhiyun * @ubi: UBI device descriptor
1550*4882a593Smuzhiyun * @force_scan: if set to non-zero attach by scanning
1551*4882a593Smuzhiyun *
1552*4882a593Smuzhiyun * This function returns zero in case of success and a negative error code in
1553*4882a593Smuzhiyun * case of failure.
1554*4882a593Smuzhiyun */
ubi_attach(struct ubi_device * ubi,int force_scan)1555*4882a593Smuzhiyun int ubi_attach(struct ubi_device *ubi, int force_scan)
1556*4882a593Smuzhiyun {
1557*4882a593Smuzhiyun int err;
1558*4882a593Smuzhiyun struct ubi_attach_info *ai;
1559*4882a593Smuzhiyun
1560*4882a593Smuzhiyun ai = alloc_ai();
1561*4882a593Smuzhiyun if (!ai)
1562*4882a593Smuzhiyun return -ENOMEM;
1563*4882a593Smuzhiyun
1564*4882a593Smuzhiyun #ifdef CONFIG_MTD_UBI_FASTMAP
1565*4882a593Smuzhiyun /* On small flash devices we disable fastmap in any case. */
1566*4882a593Smuzhiyun if ((int)mtd_div_by_eb(ubi->mtd->size, ubi->mtd) <= UBI_FM_MAX_START) {
1567*4882a593Smuzhiyun ubi->fm_disabled = 1;
1568*4882a593Smuzhiyun force_scan = 1;
1569*4882a593Smuzhiyun }
1570*4882a593Smuzhiyun
1571*4882a593Smuzhiyun if (force_scan)
1572*4882a593Smuzhiyun err = scan_all(ubi, ai, 0);
1573*4882a593Smuzhiyun else {
1574*4882a593Smuzhiyun err = scan_fast(ubi, &ai);
1575*4882a593Smuzhiyun if (err > 0 || mtd_is_eccerr(err)) {
1576*4882a593Smuzhiyun if (err != UBI_NO_FASTMAP) {
1577*4882a593Smuzhiyun destroy_ai(ai);
1578*4882a593Smuzhiyun ai = alloc_ai();
1579*4882a593Smuzhiyun if (!ai)
1580*4882a593Smuzhiyun return -ENOMEM;
1581*4882a593Smuzhiyun
1582*4882a593Smuzhiyun err = scan_all(ubi, ai, 0);
1583*4882a593Smuzhiyun } else {
1584*4882a593Smuzhiyun err = scan_all(ubi, ai, UBI_FM_MAX_START);
1585*4882a593Smuzhiyun }
1586*4882a593Smuzhiyun }
1587*4882a593Smuzhiyun }
1588*4882a593Smuzhiyun #else
1589*4882a593Smuzhiyun err = scan_all(ubi, ai, 0);
1590*4882a593Smuzhiyun #endif
1591*4882a593Smuzhiyun if (err)
1592*4882a593Smuzhiyun goto out_ai;
1593*4882a593Smuzhiyun
1594*4882a593Smuzhiyun ubi->bad_peb_count = ai->bad_peb_count;
1595*4882a593Smuzhiyun ubi->good_peb_count = ubi->peb_count - ubi->bad_peb_count;
1596*4882a593Smuzhiyun ubi->corr_peb_count = ai->corr_peb_count;
1597*4882a593Smuzhiyun ubi->max_ec = ai->max_ec;
1598*4882a593Smuzhiyun ubi->mean_ec = ai->mean_ec;
1599*4882a593Smuzhiyun dbg_gen("max. sequence number: %llu", ai->max_sqnum);
1600*4882a593Smuzhiyun
1601*4882a593Smuzhiyun err = ubi_read_volume_table(ubi, ai);
1602*4882a593Smuzhiyun if (err)
1603*4882a593Smuzhiyun goto out_ai;
1604*4882a593Smuzhiyun
1605*4882a593Smuzhiyun err = ubi_wl_init(ubi, ai);
1606*4882a593Smuzhiyun if (err)
1607*4882a593Smuzhiyun goto out_vtbl;
1608*4882a593Smuzhiyun
1609*4882a593Smuzhiyun err = ubi_eba_init(ubi, ai);
1610*4882a593Smuzhiyun if (err)
1611*4882a593Smuzhiyun goto out_wl;
1612*4882a593Smuzhiyun
1613*4882a593Smuzhiyun #ifdef CONFIG_MTD_UBI_FASTMAP
1614*4882a593Smuzhiyun if (ubi->fm && ubi_dbg_chk_fastmap(ubi)) {
1615*4882a593Smuzhiyun struct ubi_attach_info *scan_ai;
1616*4882a593Smuzhiyun
1617*4882a593Smuzhiyun scan_ai = alloc_ai();
1618*4882a593Smuzhiyun if (!scan_ai) {
1619*4882a593Smuzhiyun err = -ENOMEM;
1620*4882a593Smuzhiyun goto out_wl;
1621*4882a593Smuzhiyun }
1622*4882a593Smuzhiyun
1623*4882a593Smuzhiyun err = scan_all(ubi, scan_ai, 0);
1624*4882a593Smuzhiyun if (err) {
1625*4882a593Smuzhiyun destroy_ai(scan_ai);
1626*4882a593Smuzhiyun goto out_wl;
1627*4882a593Smuzhiyun }
1628*4882a593Smuzhiyun
1629*4882a593Smuzhiyun err = self_check_eba(ubi, ai, scan_ai);
1630*4882a593Smuzhiyun destroy_ai(scan_ai);
1631*4882a593Smuzhiyun
1632*4882a593Smuzhiyun if (err)
1633*4882a593Smuzhiyun goto out_wl;
1634*4882a593Smuzhiyun }
1635*4882a593Smuzhiyun #endif
1636*4882a593Smuzhiyun
1637*4882a593Smuzhiyun destroy_ai(ai);
1638*4882a593Smuzhiyun return 0;
1639*4882a593Smuzhiyun
1640*4882a593Smuzhiyun out_wl:
1641*4882a593Smuzhiyun ubi_wl_close(ubi);
1642*4882a593Smuzhiyun out_vtbl:
1643*4882a593Smuzhiyun ubi_free_all_volumes(ubi);
1644*4882a593Smuzhiyun vfree(ubi->vtbl);
1645*4882a593Smuzhiyun out_ai:
1646*4882a593Smuzhiyun destroy_ai(ai);
1647*4882a593Smuzhiyun return err;
1648*4882a593Smuzhiyun }
1649*4882a593Smuzhiyun
1650*4882a593Smuzhiyun /**
1651*4882a593Smuzhiyun * self_check_ai - check the attaching information.
1652*4882a593Smuzhiyun * @ubi: UBI device description object
1653*4882a593Smuzhiyun * @ai: attaching information
1654*4882a593Smuzhiyun *
1655*4882a593Smuzhiyun * This function returns zero if the attaching information is all right, and a
1656*4882a593Smuzhiyun * negative error code if not or if an error occurred.
1657*4882a593Smuzhiyun */
self_check_ai(struct ubi_device * ubi,struct ubi_attach_info * ai)1658*4882a593Smuzhiyun static int self_check_ai(struct ubi_device *ubi, struct ubi_attach_info *ai)
1659*4882a593Smuzhiyun {
1660*4882a593Smuzhiyun struct ubi_vid_io_buf *vidb = ai->vidb;
1661*4882a593Smuzhiyun struct ubi_vid_hdr *vidh = ubi_get_vid_hdr(vidb);
1662*4882a593Smuzhiyun int pnum, err, vols_found = 0;
1663*4882a593Smuzhiyun struct rb_node *rb1, *rb2;
1664*4882a593Smuzhiyun struct ubi_ainf_volume *av;
1665*4882a593Smuzhiyun struct ubi_ainf_peb *aeb, *last_aeb;
1666*4882a593Smuzhiyun uint8_t *buf;
1667*4882a593Smuzhiyun
1668*4882a593Smuzhiyun if (!ubi_dbg_chk_gen(ubi))
1669*4882a593Smuzhiyun return 0;
1670*4882a593Smuzhiyun
1671*4882a593Smuzhiyun /*
1672*4882a593Smuzhiyun * At first, check that attaching information is OK.
1673*4882a593Smuzhiyun */
1674*4882a593Smuzhiyun ubi_rb_for_each_entry(rb1, av, &ai->volumes, rb) {
1675*4882a593Smuzhiyun int leb_count = 0;
1676*4882a593Smuzhiyun
1677*4882a593Smuzhiyun cond_resched();
1678*4882a593Smuzhiyun
1679*4882a593Smuzhiyun vols_found += 1;
1680*4882a593Smuzhiyun
1681*4882a593Smuzhiyun if (ai->is_empty) {
1682*4882a593Smuzhiyun ubi_err(ubi, "bad is_empty flag");
1683*4882a593Smuzhiyun goto bad_av;
1684*4882a593Smuzhiyun }
1685*4882a593Smuzhiyun
1686*4882a593Smuzhiyun if (av->vol_id < 0 || av->highest_lnum < 0 ||
1687*4882a593Smuzhiyun av->leb_count < 0 || av->vol_type < 0 || av->used_ebs < 0 ||
1688*4882a593Smuzhiyun av->data_pad < 0 || av->last_data_size < 0) {
1689*4882a593Smuzhiyun ubi_err(ubi, "negative values");
1690*4882a593Smuzhiyun goto bad_av;
1691*4882a593Smuzhiyun }
1692*4882a593Smuzhiyun
1693*4882a593Smuzhiyun if (av->vol_id >= UBI_MAX_VOLUMES &&
1694*4882a593Smuzhiyun av->vol_id < UBI_INTERNAL_VOL_START) {
1695*4882a593Smuzhiyun ubi_err(ubi, "bad vol_id");
1696*4882a593Smuzhiyun goto bad_av;
1697*4882a593Smuzhiyun }
1698*4882a593Smuzhiyun
1699*4882a593Smuzhiyun if (av->vol_id > ai->highest_vol_id) {
1700*4882a593Smuzhiyun ubi_err(ubi, "highest_vol_id is %d, but vol_id %d is there",
1701*4882a593Smuzhiyun ai->highest_vol_id, av->vol_id);
1702*4882a593Smuzhiyun goto out;
1703*4882a593Smuzhiyun }
1704*4882a593Smuzhiyun
1705*4882a593Smuzhiyun if (av->vol_type != UBI_DYNAMIC_VOLUME &&
1706*4882a593Smuzhiyun av->vol_type != UBI_STATIC_VOLUME) {
1707*4882a593Smuzhiyun ubi_err(ubi, "bad vol_type");
1708*4882a593Smuzhiyun goto bad_av;
1709*4882a593Smuzhiyun }
1710*4882a593Smuzhiyun
1711*4882a593Smuzhiyun if (av->data_pad > ubi->leb_size / 2) {
1712*4882a593Smuzhiyun ubi_err(ubi, "bad data_pad");
1713*4882a593Smuzhiyun goto bad_av;
1714*4882a593Smuzhiyun }
1715*4882a593Smuzhiyun
1716*4882a593Smuzhiyun last_aeb = NULL;
1717*4882a593Smuzhiyun ubi_rb_for_each_entry(rb2, aeb, &av->root, u.rb) {
1718*4882a593Smuzhiyun cond_resched();
1719*4882a593Smuzhiyun
1720*4882a593Smuzhiyun last_aeb = aeb;
1721*4882a593Smuzhiyun leb_count += 1;
1722*4882a593Smuzhiyun
1723*4882a593Smuzhiyun if (aeb->pnum < 0 || aeb->ec < 0) {
1724*4882a593Smuzhiyun ubi_err(ubi, "negative values");
1725*4882a593Smuzhiyun goto bad_aeb;
1726*4882a593Smuzhiyun }
1727*4882a593Smuzhiyun
1728*4882a593Smuzhiyun if (aeb->ec < ai->min_ec) {
1729*4882a593Smuzhiyun ubi_err(ubi, "bad ai->min_ec (%d), %d found",
1730*4882a593Smuzhiyun ai->min_ec, aeb->ec);
1731*4882a593Smuzhiyun goto bad_aeb;
1732*4882a593Smuzhiyun }
1733*4882a593Smuzhiyun
1734*4882a593Smuzhiyun if (aeb->ec > ai->max_ec) {
1735*4882a593Smuzhiyun ubi_err(ubi, "bad ai->max_ec (%d), %d found",
1736*4882a593Smuzhiyun ai->max_ec, aeb->ec);
1737*4882a593Smuzhiyun goto bad_aeb;
1738*4882a593Smuzhiyun }
1739*4882a593Smuzhiyun
1740*4882a593Smuzhiyun if (aeb->pnum >= ubi->peb_count) {
1741*4882a593Smuzhiyun ubi_err(ubi, "too high PEB number %d, total PEBs %d",
1742*4882a593Smuzhiyun aeb->pnum, ubi->peb_count);
1743*4882a593Smuzhiyun goto bad_aeb;
1744*4882a593Smuzhiyun }
1745*4882a593Smuzhiyun
1746*4882a593Smuzhiyun if (av->vol_type == UBI_STATIC_VOLUME) {
1747*4882a593Smuzhiyun if (aeb->lnum >= av->used_ebs) {
1748*4882a593Smuzhiyun ubi_err(ubi, "bad lnum or used_ebs");
1749*4882a593Smuzhiyun goto bad_aeb;
1750*4882a593Smuzhiyun }
1751*4882a593Smuzhiyun } else {
1752*4882a593Smuzhiyun if (av->used_ebs != 0) {
1753*4882a593Smuzhiyun ubi_err(ubi, "non-zero used_ebs");
1754*4882a593Smuzhiyun goto bad_aeb;
1755*4882a593Smuzhiyun }
1756*4882a593Smuzhiyun }
1757*4882a593Smuzhiyun
1758*4882a593Smuzhiyun if (aeb->lnum > av->highest_lnum) {
1759*4882a593Smuzhiyun ubi_err(ubi, "incorrect highest_lnum or lnum");
1760*4882a593Smuzhiyun goto bad_aeb;
1761*4882a593Smuzhiyun }
1762*4882a593Smuzhiyun }
1763*4882a593Smuzhiyun
1764*4882a593Smuzhiyun if (av->leb_count != leb_count) {
1765*4882a593Smuzhiyun ubi_err(ubi, "bad leb_count, %d objects in the tree",
1766*4882a593Smuzhiyun leb_count);
1767*4882a593Smuzhiyun goto bad_av;
1768*4882a593Smuzhiyun }
1769*4882a593Smuzhiyun
1770*4882a593Smuzhiyun if (!last_aeb)
1771*4882a593Smuzhiyun continue;
1772*4882a593Smuzhiyun
1773*4882a593Smuzhiyun aeb = last_aeb;
1774*4882a593Smuzhiyun
1775*4882a593Smuzhiyun if (aeb->lnum != av->highest_lnum) {
1776*4882a593Smuzhiyun ubi_err(ubi, "bad highest_lnum");
1777*4882a593Smuzhiyun goto bad_aeb;
1778*4882a593Smuzhiyun }
1779*4882a593Smuzhiyun }
1780*4882a593Smuzhiyun
1781*4882a593Smuzhiyun if (vols_found != ai->vols_found) {
1782*4882a593Smuzhiyun ubi_err(ubi, "bad ai->vols_found %d, should be %d",
1783*4882a593Smuzhiyun ai->vols_found, vols_found);
1784*4882a593Smuzhiyun goto out;
1785*4882a593Smuzhiyun }
1786*4882a593Smuzhiyun
1787*4882a593Smuzhiyun /* Check that attaching information is correct */
1788*4882a593Smuzhiyun ubi_rb_for_each_entry(rb1, av, &ai->volumes, rb) {
1789*4882a593Smuzhiyun last_aeb = NULL;
1790*4882a593Smuzhiyun ubi_rb_for_each_entry(rb2, aeb, &av->root, u.rb) {
1791*4882a593Smuzhiyun int vol_type;
1792*4882a593Smuzhiyun
1793*4882a593Smuzhiyun cond_resched();
1794*4882a593Smuzhiyun
1795*4882a593Smuzhiyun last_aeb = aeb;
1796*4882a593Smuzhiyun
1797*4882a593Smuzhiyun err = ubi_io_read_vid_hdr(ubi, aeb->pnum, vidb, 1);
1798*4882a593Smuzhiyun if (err && err != UBI_IO_BITFLIPS) {
1799*4882a593Smuzhiyun ubi_err(ubi, "VID header is not OK (%d)",
1800*4882a593Smuzhiyun err);
1801*4882a593Smuzhiyun if (err > 0)
1802*4882a593Smuzhiyun err = -EIO;
1803*4882a593Smuzhiyun return err;
1804*4882a593Smuzhiyun }
1805*4882a593Smuzhiyun
1806*4882a593Smuzhiyun vol_type = vidh->vol_type == UBI_VID_DYNAMIC ?
1807*4882a593Smuzhiyun UBI_DYNAMIC_VOLUME : UBI_STATIC_VOLUME;
1808*4882a593Smuzhiyun if (av->vol_type != vol_type) {
1809*4882a593Smuzhiyun ubi_err(ubi, "bad vol_type");
1810*4882a593Smuzhiyun goto bad_vid_hdr;
1811*4882a593Smuzhiyun }
1812*4882a593Smuzhiyun
1813*4882a593Smuzhiyun if (aeb->sqnum != be64_to_cpu(vidh->sqnum)) {
1814*4882a593Smuzhiyun ubi_err(ubi, "bad sqnum %llu", aeb->sqnum);
1815*4882a593Smuzhiyun goto bad_vid_hdr;
1816*4882a593Smuzhiyun }
1817*4882a593Smuzhiyun
1818*4882a593Smuzhiyun if (av->vol_id != be32_to_cpu(vidh->vol_id)) {
1819*4882a593Smuzhiyun ubi_err(ubi, "bad vol_id %d", av->vol_id);
1820*4882a593Smuzhiyun goto bad_vid_hdr;
1821*4882a593Smuzhiyun }
1822*4882a593Smuzhiyun
1823*4882a593Smuzhiyun if (av->compat != vidh->compat) {
1824*4882a593Smuzhiyun ubi_err(ubi, "bad compat %d", vidh->compat);
1825*4882a593Smuzhiyun goto bad_vid_hdr;
1826*4882a593Smuzhiyun }
1827*4882a593Smuzhiyun
1828*4882a593Smuzhiyun if (aeb->lnum != be32_to_cpu(vidh->lnum)) {
1829*4882a593Smuzhiyun ubi_err(ubi, "bad lnum %d", aeb->lnum);
1830*4882a593Smuzhiyun goto bad_vid_hdr;
1831*4882a593Smuzhiyun }
1832*4882a593Smuzhiyun
1833*4882a593Smuzhiyun if (av->used_ebs != be32_to_cpu(vidh->used_ebs)) {
1834*4882a593Smuzhiyun ubi_err(ubi, "bad used_ebs %d", av->used_ebs);
1835*4882a593Smuzhiyun goto bad_vid_hdr;
1836*4882a593Smuzhiyun }
1837*4882a593Smuzhiyun
1838*4882a593Smuzhiyun if (av->data_pad != be32_to_cpu(vidh->data_pad)) {
1839*4882a593Smuzhiyun ubi_err(ubi, "bad data_pad %d", av->data_pad);
1840*4882a593Smuzhiyun goto bad_vid_hdr;
1841*4882a593Smuzhiyun }
1842*4882a593Smuzhiyun }
1843*4882a593Smuzhiyun
1844*4882a593Smuzhiyun if (!last_aeb)
1845*4882a593Smuzhiyun continue;
1846*4882a593Smuzhiyun
1847*4882a593Smuzhiyun if (av->highest_lnum != be32_to_cpu(vidh->lnum)) {
1848*4882a593Smuzhiyun ubi_err(ubi, "bad highest_lnum %d", av->highest_lnum);
1849*4882a593Smuzhiyun goto bad_vid_hdr;
1850*4882a593Smuzhiyun }
1851*4882a593Smuzhiyun
1852*4882a593Smuzhiyun if (av->last_data_size != be32_to_cpu(vidh->data_size)) {
1853*4882a593Smuzhiyun ubi_err(ubi, "bad last_data_size %d",
1854*4882a593Smuzhiyun av->last_data_size);
1855*4882a593Smuzhiyun goto bad_vid_hdr;
1856*4882a593Smuzhiyun }
1857*4882a593Smuzhiyun }
1858*4882a593Smuzhiyun
1859*4882a593Smuzhiyun /*
1860*4882a593Smuzhiyun * Make sure that all the physical eraseblocks are in one of the lists
1861*4882a593Smuzhiyun * or trees.
1862*4882a593Smuzhiyun */
1863*4882a593Smuzhiyun buf = kzalloc(ubi->peb_count, GFP_KERNEL);
1864*4882a593Smuzhiyun if (!buf)
1865*4882a593Smuzhiyun return -ENOMEM;
1866*4882a593Smuzhiyun
1867*4882a593Smuzhiyun for (pnum = 0; pnum < ubi->peb_count; pnum++) {
1868*4882a593Smuzhiyun err = ubi_io_is_bad(ubi, pnum);
1869*4882a593Smuzhiyun if (err < 0) {
1870*4882a593Smuzhiyun kfree(buf);
1871*4882a593Smuzhiyun return err;
1872*4882a593Smuzhiyun } else if (err)
1873*4882a593Smuzhiyun buf[pnum] = 1;
1874*4882a593Smuzhiyun }
1875*4882a593Smuzhiyun
1876*4882a593Smuzhiyun ubi_rb_for_each_entry(rb1, av, &ai->volumes, rb)
1877*4882a593Smuzhiyun ubi_rb_for_each_entry(rb2, aeb, &av->root, u.rb)
1878*4882a593Smuzhiyun buf[aeb->pnum] = 1;
1879*4882a593Smuzhiyun
1880*4882a593Smuzhiyun list_for_each_entry(aeb, &ai->free, u.list)
1881*4882a593Smuzhiyun buf[aeb->pnum] = 1;
1882*4882a593Smuzhiyun
1883*4882a593Smuzhiyun list_for_each_entry(aeb, &ai->corr, u.list)
1884*4882a593Smuzhiyun buf[aeb->pnum] = 1;
1885*4882a593Smuzhiyun
1886*4882a593Smuzhiyun list_for_each_entry(aeb, &ai->erase, u.list)
1887*4882a593Smuzhiyun buf[aeb->pnum] = 1;
1888*4882a593Smuzhiyun
1889*4882a593Smuzhiyun list_for_each_entry(aeb, &ai->alien, u.list)
1890*4882a593Smuzhiyun buf[aeb->pnum] = 1;
1891*4882a593Smuzhiyun
1892*4882a593Smuzhiyun err = 0;
1893*4882a593Smuzhiyun for (pnum = 0; pnum < ubi->peb_count; pnum++)
1894*4882a593Smuzhiyun if (!buf[pnum]) {
1895*4882a593Smuzhiyun ubi_err(ubi, "PEB %d is not referred", pnum);
1896*4882a593Smuzhiyun err = 1;
1897*4882a593Smuzhiyun }
1898*4882a593Smuzhiyun
1899*4882a593Smuzhiyun kfree(buf);
1900*4882a593Smuzhiyun if (err)
1901*4882a593Smuzhiyun goto out;
1902*4882a593Smuzhiyun return 0;
1903*4882a593Smuzhiyun
1904*4882a593Smuzhiyun bad_aeb:
1905*4882a593Smuzhiyun ubi_err(ubi, "bad attaching information about LEB %d", aeb->lnum);
1906*4882a593Smuzhiyun ubi_dump_aeb(aeb, 0);
1907*4882a593Smuzhiyun ubi_dump_av(av);
1908*4882a593Smuzhiyun goto out;
1909*4882a593Smuzhiyun
1910*4882a593Smuzhiyun bad_av:
1911*4882a593Smuzhiyun ubi_err(ubi, "bad attaching information about volume %d", av->vol_id);
1912*4882a593Smuzhiyun ubi_dump_av(av);
1913*4882a593Smuzhiyun goto out;
1914*4882a593Smuzhiyun
1915*4882a593Smuzhiyun bad_vid_hdr:
1916*4882a593Smuzhiyun ubi_err(ubi, "bad attaching information about volume %d", av->vol_id);
1917*4882a593Smuzhiyun ubi_dump_av(av);
1918*4882a593Smuzhiyun ubi_dump_vid_hdr(vidh);
1919*4882a593Smuzhiyun
1920*4882a593Smuzhiyun out:
1921*4882a593Smuzhiyun dump_stack();
1922*4882a593Smuzhiyun return -EINVAL;
1923*4882a593Smuzhiyun }
1924